How to cheat at managing information security
This is the only book that covers all the topics that any budding security manager needs to know! This book is written for managers responsible for IT/Security departments from mall office environments up to enterprise networks. These individuals do not need to know about every last bit and byte, bu...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Rockland, MA :
Syngress Publishing
2006.
|
| Edición: | 1st edition |
| Colección: | How to Cheat
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009626863306719 |
Tabla de Contenidos:
- Front Cover; How to Cheat at Managing Information Security; Copyright Page; Contents; Security Policy Revisited; Preface; Introduction; Chapter 1. The Security Organization; Anecdote; Introduction; Where Should Security Sit? Below the CEO, CTO, or CFO; Your Mission: If You Choose to Accept It; Role of the Security Function: What's in a Job?; The Hybrid Security Team: Back to Organizational Studies; What Makes a Good CISO?; Summary; Chapter 2. The Information Security Policy; Anecdote; Introduction; Policy, Strategy, and Standards: Business Theory; Back to Security
- The Security Strategy and the Security Planning ProcessSecurity Standards Revisited; Compliance and Enforcement; Summary; Chapter 3. Jargon, Principles, and Concepts; Anecdote; Introduction; CIA: Confidentiality, Integrity, and Availability; The Vulnerability Cycle; Types of Controls; Risk Analysis; AAA; Other Concepts You Need to Know; Generic Types of Attack; Summary; Chapter 4. Information Security Laws and Regulations; Anecdote; Introduction; U.K. Legislation; U.S. Legislation; Summary; Chapter 5. Information Security Standards and Audits; Anecdote; Introduction
- ISO/IEC 27001:2005: What Now for BS 7799?PAS 56; FIPS 140-2; Common Criteria Certification; Types of Audit; Summary; Chapter 6. Interviews, Bosses, and Staff; Anecdote; Introduction; Bosses; Worst Employees; Summary; Chapter 7. Infrastructure Security; Anecdote; Introduction; E-commerce; Just Checking; Summary; Chapter 8. Firewalls; Anecdote; Introduction; Firewall Structure and Design; Other Types of Firewalls; Commercial Firewalls; Summary; Chapter 9. Intrusion Detection Systems: Theory; Anecdote; Introduction; Why Bother with an IDS?; NIDS in Your Hair; For the Technically Minded; Summary
- Chapter 10. Intrusion Detection Systems: In PracticeAnecdote; Introduction: Tricks, Tips, and Techniques; IDS Deployment Methodology; Selection; Deployment; Information Management; Incident Response and Crisis Management; Test and Tune; Summary; Chapter 11. Intrusion Prevention and Protection; Anecdote; Introduction; What Is an IPS?; Active Response: What Can an IPS Do?; A Quick Tour of IPS Implementations; Example Deployments; Summary; Chapter 12. Network Penetration Testing; Anecdote; Introduction; Types of Penetration Testing; Network Penetration Testing
- Controls and the Paperwork You NeedWhat's the Difference between a Pen Test and Hacking?; Summary; Chapter 13. Application Security Flaws and Application Testing; Anecdote; Introduction; Configuration Management; Unvalidated Input; Bad Identity Control; Fixing Things; For the More Technically Minded; Summary; Index
