product iamge

Information security fundamentals

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Download
Search on Amazon

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

Effective security rules and procedures do not exist for their own sake-they are put in place to protect critical assets, thereby supporting overall business objectives. Recognizing security as a business enabler is the first step in building a successful program. Information Security Fundamentals allows future security professionals to gain a solid understanding of the foundations of the field and the entire range of issues that practitioners must address. This book enables students to understand the key elements that comprise a successful information security program and eventually apply these concepts to their own efforts. The book examines the elements of computer security, employee roles and responsibilities, and common threats. It examines the need for management controls, policies and procedures, and risk analysis, and also presents a comprehensive list of tasks and objectives that make up a typical information protection program. The volume discusses organizationwide policies and their documentation, and legal and business requirements. It explains policy format, focusing on global, topic-specific, and application-specific policies. Following a review of asset classification, the book explores access control, the components of physical security, and the foundations and processes of risk analysis and risk management. Information Security Fundamentals concludes by describing business continuity planning, including preventive controls, recovery strategies, and ways to conduct a business impact analysis. • Provides a solid understanding of the foundations of the field and the entire range of issues that practitioners must address • Discusses the legal requirements that impact security policies, including Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act (GLBA) • Details physical security requirements and controls, and offers a sample physical security policy • Examines elements of the risk analysis process such as asset definition, threat identification occurrence probability, and more • Describes components of business continuity planning, outlining how to conduct a business impact analysis, and how to test a plan

Author(s): Thomas R. Peltier, Justin Peltier, John Blackley
Edition: 1
Publisher: Auerbach Publications
Year: 2004

Language: English
Pages: 261
Tags: Информатика и вычислительная техника;Информационная безопасность;Криптология и криптография;