Computer and information security handbook /
This comprehensive reference on computer security offers deep coverage of a wide range of issues in computer and cyber security theory, applications, and best practices.--
Saved in:
Corporate Authors: | |
---|---|
Group Author: | |
Published: |
Morgan Kaufmann Publishers,
|
Publisher Address: | Cambridge, MA : |
Publication Dates: |
[2017] ©2017 |
Literature type: | eBook |
Language: | English |
Edition: | Third edition. |
Subjects: | |
Online Access: |
https://www.sciencedirect.com/science/book/9780128038437 |
Summary: |
This comprehensive reference on computer security offers deep coverage of a wide range of issues in computer and cyber security theory, applications, and best practices.-- |
Carrier Form: | 1 online resource |
Bibliography: | Includes bibliographical references and index. |
ISBN: |
9780128039298 0128039299 |
Index Number: | QA76 |
CLC: | TP393.08 |
Contents: |
Front Cover; Computer and Information Security Handbook; Computer and Information Security Handbook; Copyright; Dedication; Contents; Contributors; About the Editor; Foreword; Preface; 1. ORGANIZATION OF THIS BOOK; Part 1: Overview of System and Network Security: A Comprehensive Introduction; Part 2: Managing Information Security; Part 3: Disaster Recovery Security; Part 4: Security Standards and Policies; Part 5: Cyber, Network, and Systems Forensics Security and Assurance; Part 6: Encryption Technology; Part 7: Privacy and Access Management; Part 8: Storage Security; Part 9: Cloud Security. Part 10: Virtual SecurityPart 11: Cyber Physical Security; Part 12: Practical Security; Part 13: Critical Infrastructure Security; Part 14: Advanced Security; 2. SUPPLEMENTAL MATERIALS; Acknowledgments; I -- Overview of System and Network Security: A Comprehensive Introduction; 1 -- Information Security in the Modern Enterprise; 1. INTRODUCTION; Management Matters as Much as Technology; Trade Secrets and ``Reasonable Efforts''; 2. CHALLENGES FACING INFORMATION SECURITY; 3. ASSESSMENT AND PLANNING; Know Where to Begin; Risk Management; Public Standards for Information Security. Creating the Security Plan4. POLICIES AND PROCEDURES; 5. TRAINING; 6. SUMMARY; CHAPTER REVIEW QUESTIONS/EXERCISES; True/False; Multiple Choice; EXERCISE; Problem; Hands-On Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem; 2 -- Building a Secure Organization; 1. OBSTACLES TO SECURITY; Security Is Inconvenient; 2. COMPUTERS ARE POWERFUL AND COMPLEX; Computer Users Are Unsophisticated; Computers Created Without a Thought to Security; 3. CURRENT TREND IS TO SHARE, NOT PROTECT; Data Accessible From Anywhere; 4. SECURITY IS NOT ABOUT HARDWARE AND SOFTWARE. The Bad Guys Are Very SophisticatedManagement Sees Security as a Drain on the Bottom Line; 5. TEN STEPS TO BUILDING A SECURE ORGANIZATION; Evaluate the Risks and Threats; Threats Based on the Infrastructure Model; Threats Based on the Business Itself; Threats Based on Industry; Global Threats; Beware of Common Misconceptions; Provide Security Training for Information Technology Staff: Now and Forever; Think ``Outside the Box''; DOXing; Train Employees: Develop a Culture of Security; Identify and Use Built-in Security Features of the Operating System and Applications; Monitor Systems. Hire a Third Party to Audit SecurityDo Not Forget the Basics; Change Default Account Passwords; Use Robust Passwords; Close Unnecessary Ports; Patch, Patch, Patch; Use Administrator Accounts for Administrative Tasks; Restrict Physical Access; Do Not Forget Paper!; 6. PREPARING FOR THE BUILDING OF SECURITY CONTROL ASSESSMENTS; 7. SUMMARY; CHAPTER REVIEW QUESTIONS/EXERCISES; True/False; Multiple Choice; EXERCISE; Problem; Hands-on Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem; 3 -- A Cryptography Primer; 1. WHAT IS CRYPTOGRAPHY? WHAT IS ENCRYPTION? |