Description : Incorporating both the managerial and technical aspects of this discipline, the authors address knowledge areas of Certified Information Systems Security Professional certification throughout and include many examples of issues faced by today's businesses.
Description : The real threat to information system security comes from people, not computers. That's why students need to understand both the technical implementation of security controls, as well as the softer human behavioral and managerial factors that contribute to the theft and sabotage proprietary data. Addressing both the technical and human side of IS security, Dhillon's Princliples of Information Systems Security: Texts and Cases equips managers (and those training to be managers) with an understanding of a broad range issues related to information system security management, and specific tools and techniques to support this managerial orientation. Coverage goes well beyond the technical aspects of information system security to address formal controls (the rules and procedures that need to be established for bringing about success of technical controls), as well as informal controls that deal with the normative structures that exist within organizations.
Description : Management of Information Security, Third Edition focuses on the managerial aspects of information security and assurance. Topics covered include access control models, information security governance, and information security program assessment and metrics. Coverage on the foundational and technical components of information security is included to reinforce key concepts. This new edition includes up-to-date information on changes in the field such as revised sections on national and international laws and international standards like the ISO 27000 series. With these updates, Management of Information Security continues to offer a unique overview of information security from a management perspective while maintaining a finger on the pulse of industry changes and academic relevance. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
Description : Now updated—your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a practical approach to information security by focusing on real-world examples, this book is organized around four major themes: Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel security and compartments, covert channels and inference control, security models such as BLP and Biba's model, firewalls, and intrusion detection systems Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSH, SSL, IPSec, Kerberos, WEP, and GSM Software: flaws and malware, buffer overflows, viruses and worms, malware detection, software reverse engineering, digital rights management, secure software development, and operating systems security This Second Edition features new discussions of relevant security topics such as the SSH and WEP protocols, practical RSA timing attacks, botnets, and security certification. New background material has been added, including a section on the Enigma cipher and coverage of the classic "orange book" view of security. Also featured are a greatly expanded and upgraded set of homework problems and many new figures, tables, and graphs to illustrate and clarify complex topics and problems. A comprehensive solutions manual is available to assist in course development. Minimizing theory while providing clear, accessible content, Information Security remains the premier text for students and instructors in information technology, computer science, and engineering, as well as for professionals working in these fields.
Description : ROADMAP TO INFORMATION SECURITY: FOR IT AND INFOSEC MANAGERS provides a solid overview of information security and its relationship to the information needs of an organization. Content is tailored to the unique needs of information systems professionals who find themselves brought in to the intricacies of information security responsibilities. The book is written for a wide variety of audiences looking to step up to emerging security challenges, ranging from students to experienced professionals. This book is designed to guide the information technology manager in dealing with the challenges associated with the security aspects of their role, providing concise guidance on assessing and improving an organization's security. The content helps IT managers to handle an assignment to an information security role in ways that conform to expectations and requirements, while supporting the goals of the manager in building and maintaining a solid information security program. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
Description : Information Security: Principles and Practices, Second Edition Everything You Need to Know About Modern Computer Security, in One Book Clearly explains all facets of information security in all 10 domains of the latest Information Security Common Body of Knowledge [(ISC)² CBK]. Thoroughly updated for today's challenges, technologies, procedures, and best practices. The perfect resource for anyone pursuing an IT security career. Fully updated for the newest technologies and best practices, Information Security: Principles and Practices, Second Edition thoroughly covers all 10 domains of today's Information Security Common Body of Knowledge. Two highly experienced security practitioners have brought together all the foundational knowledge you need to succeed in today's IT and business environments. They offer easy-to-understand, practical coverage of topics ranging from security management and physical security to cryptography and application development security. This edition fully addresses new trends that are transforming security, from cloud services to mobile applications, “Bring Your Own Device” (BYOD) strategies to today's increasingly rigorous compliance requirements. Throughout, you'll find updated case studies, review questions, and exercises–all designed to reveal today's real-world IT security challenges and help you overcome them. Learn how to -- Recognize the evolving role of IT security -- Identify the best new opportunities in the field -- Discover today's core information security principles of success -- Understand certification programs and the CBK -- Master today's best practices for governance and risk management -- Architect and design systems to maximize security -- Plan for business continuity -- Understand the legal, investigatory, and ethical requirements associated with IT security -- Improve physical and operational security -- Implement effective access control systems -- Effectively utilize cryptography -- Improve network and Internet security -- Build more secure software -- Define more effective security policies and standards -- Preview the future of information security
Description : Readings and Cases in Information Security: Law and Ethics provides a depth of content and analytical viewpoint not found in many other books. Designed for use with any Cengage Learning security text, this resource offers readers a real-life view of information security management, including the ethical and legal issues associated with various on-the-job experiences. Included are a wide selection of foundational readings and scenarios from a variety of experts to give the reader the most realistic perspective of a career in information security. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.
Description : Safeguarding the confidentiality, authenticity, integrity, and non-repudiation of information is paramount to organizational stability and success. This new book provides an understanding of information security, potential threats to our information, and effective countermeasures to proactively combat those threats. A comprehensive review of cryptographic techniques is presented and explained in simple mathematical terms. The text covers symmetrical and asymmetrical encryption, digital signatures, Kerberos, creation/deployment of strong keys and passwords, Virtual Private Networks, SET, SSL, SSH, IPSec, and authentication techniques. A detailed examination of Tiny Encryption Algorithm (TEA) exposes readers to the inner workings of encryption. CD-ROM experiments help solidify the learning experience. Emphasis throughout is on the application of the cryptographic methods and support structures needed to effectively apply the principles to create a secure business setting.
Description : HANDS-ON INFORMATION SECURITY LAB MANUAL, Fourth Edition, helps you hone essential information security skills by applying your knowledge to detailed, realistic exercises using Microsoft Windows 2000, Windows XP, Windows 7, and Linux. This wide-ranging, non-certification-based lab manual includes coverage of scanning, OS vulnerability analysis and resolution, firewalls, security maintenance, forensics, and more. The Fourth Edition includes new introductory labs focused on virtualization techniques and images, giving you valuable experience with some of the most important trends and practices in information security and networking today. All software necessary to complete the labs are available online as a free download. An ideal resource for introductory, technical, and managerial courses or self-study, this versatile manual is a perfect supplement to the PRINCIPLES OF INFORMATION SECURITY, SECURITY FUNDAMENTALS, and MANAGEMENT OF INFORMATION SECURITY books. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.