The basics of information security : understanding the fundamentals of InfoSec in theory and practice /: understanding the fundamentals of InfoSec in theory and practice. (2014)
- Record Type:
- Book
- Title:
- The basics of information security : understanding the fundamentals of InfoSec in theory and practice /: understanding the fundamentals of InfoSec in theory and practice. (2014)
- Main Title:
- The basics of information security : understanding the fundamentals of InfoSec in theory and practice
- Further Information:
- Note: Jason Andress.
- Authors:
- Andress, Jason
- Contents:
- Front Cover; The Basics of Information Security; Copyright Page; Dedication; Contents; Author Biography; Introduction; Book overview and key learning points; Book audience; How this book is organized; Chapter 1: What is information security?; Chapter 2: Identification and authentication; Chapter 3: Authorization and access control; Chapter 4: Auditing and accountability; Chapter 5: Cryptography; Chapter 6: Laws and regulations; Chapter 7: Operations security; Chapter 8: Human element security; Chapter 9: Physical security; Chapter 10: Network security; Chapter 11: Operating system security. Chapter 12: Application securityConclusion; 1 What is Information Security?; Introduction; What is security?; When are we secure?; Alert!; Models for discussing security; The confidentiality, integrity, and availability triad; More advanced; Confidentiality; Integrity; Availability; Relating the CIA triad to security; The Parkerian hexad; Alert!; Confidentiality, integrity, and availability; Possession or control; Authenticity; Utility; Attacks; Types of attack payloads; Interception; Interruption; Modification; Fabrication; Threats, vulnerabilities, and risk; Threats; Vulnerabilities; Risk. ImpactRisk management; Identify assets; Identify threats; Assess vulnerabilities; Assess risks; Mitigating risks; Physical; Logical and technical controls; Administrative; Incident response; Preparation; Detection and analysis; Containment, eradication, and recovery; Post incident activity; Defense inFront Cover; The Basics of Information Security; Copyright Page; Dedication; Contents; Author Biography; Introduction; Book overview and key learning points; Book audience; How this book is organized; Chapter 1: What is information security?; Chapter 2: Identification and authentication; Chapter 3: Authorization and access control; Chapter 4: Auditing and accountability; Chapter 5: Cryptography; Chapter 6: Laws and regulations; Chapter 7: Operations security; Chapter 8: Human element security; Chapter 9: Physical security; Chapter 10: Network security; Chapter 11: Operating system security. Chapter 12: Application securityConclusion; 1 What is Information Security?; Introduction; What is security?; When are we secure?; Alert!; Models for discussing security; The confidentiality, integrity, and availability triad; More advanced; Confidentiality; Integrity; Availability; Relating the CIA triad to security; The Parkerian hexad; Alert!; Confidentiality, integrity, and availability; Possession or control; Authenticity; Utility; Attacks; Types of attack payloads; Interception; Interruption; Modification; Fabrication; Threats, vulnerabilities, and risk; Threats; Vulnerabilities; Risk. ImpactRisk management; Identify assets; Identify threats; Assess vulnerabilities; Assess risks; Mitigating risks; Physical; Logical and technical controls; Administrative; Incident response; Preparation; Detection and analysis; Containment, eradication, and recovery; Post incident activity; Defense in depth; Layers; Information security in the real world; Summary; Exercises; References; 2 Identification and Authentication; Introduction; Identification; Who we claim to be; Identity verification; Falsifying identification; Authentication; Factors; Multifactor authentication. Mutual authenticationPasswords; More advanced; Biometrics; Additional resources; Characteristics; Measuring performance; Issues; Hardware tokens; Alert!; Identification and authentication in the real world; Summary; Exercises; References; 3 Authorization and Access Control; Introduction; Authorization; Principle of least privilege; Access control; More advanced; Access control lists; File system ACLs; More advanced; Network ACLs; Alert!; More advanced; Capabilities; Confused deputy problem; Alert!; Access control methodologies; Access control models; Discretionary access control. Mandatory access controlMore advanced; Role-based access control; Attribute-based access control; Multilevel access control; Physical access controls; Authorization and access control in the real world; Summary; Exercises; References; 4 Auditing and Accountability; Introduction; Accountability; More advanced; Security benefits of accountability; Nonrepudiation; Deterrence; More advanced; Intrusion detection and prevention; Admissibility of records; How we accomplish accountability; Auditing; What do we audit?; Alert!; Logging; Monitoring; Assessments. … (more)
- Edition:
- Second edition
- Publisher Details:
- Waltham, MA : Syngress
- Publication Date:
- 2014
- Extent:
- 1 online resource
- Subjects:
- 005.8
Computer security
Computer networks -- Security measures
Information technology -- Security measures
Information resources management
Computer science
Computer Security
Information Management
COMPUTERS -- Internet -- Security
COMPUTERS -- Networking -- Security
COMPUTERS -- Security -- General
Computer networks -- Security measures
Computer science
Computer security
Information resources management
Information technology -- Security measures
Electronic books - Languages:
- English
- ISBNs:
- 9780128008126
0128008121
0128007443
9780128007440 - Notes:
- Note: Includes bibliographical references and index.
Note: Online resource; title from PDF title page (ScienceDirect, viewed May 30, 2014). - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.661519
- Ingest File:
- 08_009.xml