Information Security Management Handbook, Volume 7

Inbunden, Engelska, 2013

AvRichard O'Hanley,James S. Tiller,New York) O'Hanley, Richard (Auerbach Publications, New York,USA) Tiller, James S. (Raleigh, North Carolina

2 759 kr

Beställningsvara. Skickas inom 10-15 vardagar. Fri frakt för medlemmar vid köp för minst 249 kr.

Updated annually, the Information Security Management Handbook, Sixth Edition is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations.Reporting on the latest developments in information security and recent changes to the (ISC)2® CISSP Common Body of Knowledge (CBK®), Volume 7 features 27 new chapters on topics such as BYOD, IT consumerization, smart grids, security, and privacy.Covers the fundamental knowledge, skills, techniques, and tools required by IT security professionalsUpdates its bestselling predecessors with new developments in information security and the (ISC)2® CISSP® CBK® Provides valuable insights from leaders in the field on the theory and practice of computer security technologyFacilitates the comprehensive and up-to-date understanding you need to stay fully informedThe ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.

Produktinformation

Utgivningsdatum2013-08-29
Mått178 x 254 x 30 mm
Vikt960 g
FormatInbunden
SpråkEngelska
Antal sidor434
Upplaga6
FörlagTaylor & Francis Ltd
ISBN9781466567498

Tillhör följande kategorier

Informationsteknik: allmänt inom Data och IT
Nätverk och kommunikation inom Data och IT
IT-säkerhet inom Data och IT

James S. Tiller, CISM, CISA, CISSP, is the Head of Security Consulting, Americas, HP Enterprise Security Services, Hewlett-Packard Company. Formerly Vice President of Security North America for BT Global Services, Jim has provided security solutions for global organizations for the past 20 years. He is the author of the following books published by Auerbach: CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits; Adaptive Security Management Architecture; and A Technical Guide to IPSec Virtual Private Networks. Richard O'Hanley is the Publisher for Information and Communications Technology, Business, and Security at CRC Press. Mr. O'Hanley can be reached at rich.ohanley@taylorandfrancis.com

DOMAIN 1: ACCESS CONTROL Access Control Administration What Business Associates Need to Know About Protected Health Information Under HIPAA and HITECH; Rebecca Herold DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY Internet, Intranet, Extranet Security E-mail Security; Terence Fernandes DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT Security Management Concepts and Principles Appreciating Organizational Behavior and Institutions to Solidify Your Information Security Program; Robert Pittman Risk Management The Information Security Auditors Have Arrived, Now What?; Todd Fitzgerald Continuous Monitoring: Extremely Valuable to Deploy Within Reason; Foster J. Henderson and Mark A. Podracky Social Networking; Sandy Bacik Insider Threat Defense; Sandy Bacik Risk Management in Public Key Certificate Applications; Alex Golod Server Virtualization: Information Security Considerations; Thomas A. Johnson Security Management Planning Security Requirements Analysis; Sean M. Price CERT Resilience Management Model: An Overview; Bonnie A. Goins Pilewski and Christopher Pilewski Managing Bluetooth Security; E. Eugene Schultz, Matthew W. A. Pemble, and Wendy Goucher Employment Policies and Practices Slash and Burn: In Times of Recession, Do Not Let Emotions Drive Business Decisions; Seth Kinnett A "Zero Trust" Model for Security; Ken Shaurette and Thomas J. Schleppenbach DOMAIN 4: APPLICATION DEVELOPMENT SECURITY System Development Controls Application Whitelisting; Georges Jahchan Design of Information Security for Large System Development Projects; James C. Murphy Building Application Security Testing into the Software Development Life Cycle; Sandy Bacik Malicious Code Twenty-Five (or Forty) Years of Malware History; Robert M. Slade DOMAIN 5: CRYPTOGRAPHY Cryptographic Concepts, Methodologies, and Practices Format Preserving Encryption; Ralph Spencer Poore Elliptic Curve Cryptosystems; Jeff Stapleton Pirating the Ultimate Killer APP: Hacking Military Unmanned Aerial Vehicles; Sean P. Mcbride DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN Principles of Computer and Network Organizations, Architectures, and Designs Service-Oriented Architecture; Walter B. Williams Cloud Security; Terry Komperda Enterprise Zones of Trust; Sandy Bacik DOMAIN 7: OPERATIONS SECURITY: OPERATIONS CONTROLS Complex Event Processing for Automated Security Event Analysis; Rob Shein Records Management; Sandy Bacik DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Business Continuity Planning Data Backup Strategies: Traditional Versus Cloud: Carl B. Jackson DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS Major Categories of Computer Crime Managing Advanced Persistent Threats; Eugene Schultz and Cuc Du Incident Handling Virtualization Forensics; Paul A. Henry DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY Elements of Physical Security Terrorism: An Overview; Frank Bolz, Kenneth J. Dudonis, and David P. Schulz Technical Controls Countermeasure Goals and Strategies; Thomas L. Norman Index