Information assurance handbook effective computer security and risk management strategies

"Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to inte...

Full description

Bibliographic Details
Main Author: Schou, Corey
Other Authors: Hernandez, Steven
Format: eBook
Language:English
Published: New York McGraw-Hill Education 2015
Subjects:
Online Access:
Collection: O'Reilly - Collection details see MPG.ReNa
Table of Contents:
  • Confidentiality
  • Integrity
  • Availability
  • CIA Balance
  • Nonrepudiation and Authentication
  • Nonrepudiation
  • Identification, Authentication, Authorization, and Accountability
  • Identification
  • Authentication
  • Authorization
  • Accountability
  • Privacy's Relationship to Information Assurance
  • Assets, Threats, Vulnerabilities, Risks, and Controls
  • Common Threats
  • Vulnerabilities
  • Controls
  • Cryptology
  • Codes and Ciphers
  • Further Reading
  • Critical Thinking Exercises
  • Chapter 5 Organizations Providing Resources for Professionals
  • Information Assurance: Shared Responsibilities
  • Information Assurance: Robust Approach
  • Information Assurance: Reassessed Periodically
  • Information Assurance: Restricted by Social Obligations
  • Implications from Lack of Information Assurance
  • Penalties from a Legal/Regulatory Authorities
  • Loss of Information Assets
  • Operational Losses and Operational Risk Management
  • Customer Losses
  • Loss of Image and Reputation
  • Further Reading
  • Critical Thinking Exercises
  • Chapter 4 Information Assurance Concepts
  • Defense in Depth
  • Confidentiality, Integrity, and Availability
  • Includes bibliographical references and index
  • Cover
  • Title
  • Copyright Page
  • Dedication
  • Contents
  • Foreword
  • Acknowledgments
  • Introduction
  • Part I Information Assurance Basics
  • Chapter 1 Developing an Information Assurance Strategy
  • Comprehensive
  • Independent
  • Legal and Regulatory Requirements
  • Living Document
  • Long Life Span
  • Customizable and Pragmatic
  • Risk-Based Approach
  • Organizationally Significant
  • Strategic, Tactical, and Operational
  • Concise, Well-Structured, and Extensible
  • Critical Thinking Exercises
  • Chapter 2 The Need for Information Assurance
  • Protection of Critical and Sensitive Assets
  • Compliance to Regulations and Circulars/Laws
  • Meeting Audit and Compliance Requirements
  • Providing Competitive Advantage
  • Critical Thinking Exercises
  • Chapter 3 Information Assurance Principles
  • The MSR Model of Information Assurance
  • Information Assurance
  • Information Security
  • Information Protection
  • Cybersecurity
  • Information Assurance: Business Enabler
  • Information Assurance: Protects the Fabric of an Organization's Systems
  • Information Assurance: Cost Effective and Cost Beneficial
  • Organizations Providing Resources for Professionals
  • (ISC)2 International Information System Security Certification Consortium
  • Computing Technology Industry Association
  • Information System Audit and Control Association
  • Information System Security Association
  • SANS Institute
  • Disaster Recovery Institute, International
  • Business Continuity Institute
  • Deciding Among Certifications
  • Codes of Ethics
  • Further Reading
  • Critical Thinking Exercises
  • Chapter 6 Information Assurance Management System
  • Security Considerations for the Information Asset Life Cycle