Foundations of information security, a straightforward introduction, Jason Andress
Type
Label
Foundations of information security, a straightforward introduction, Jason Andress
Language
eng
Bibliography note
Includes bibliographical references and index
Illustrations
illustrations
Index
index present
Literary Form
non fiction
Main title
Foundations of information security
Nature of contents
bibliographydictionaries
Oclc number
11125343415
Responsibility statement
Jason Andress
Sub title
a straightforward introduction
Summary
A valuable resource for beginning security professionals, network systems administrators, or anyone new to the field, this book is a great place to start your journey into the dynamic and rewarding field of information security. --, Edited summary from book
Table Of Contents
Intro -- Title Page -- Copyright Page -- Dedication -- About the Author -- About the Technical Reviewer -- BRIEF CONTENTS -- CONTENTS IN DETAIL -- ACKNOWLEDGMENTS -- INTRODUCTION -- Who Should Read This Book? -- About This Book -- 1 WHAT IS INFORMATION SECURITY? -- Defining Information Security -- When Are You Secure? -- Models for Discussing Security Issues -- Attacks -- Defense in Depth -- Summary -- Exercises -- 2 IDENTIFICATION AND AUTHENTICATION -- Identification -- Authentication -- Common Identification and Authentication Methods -- Summary -- Exercises -- 3 AUTHORIZATION AND ACCESS CONTROLS -- What Are Access Controls? -- Implementing Access Controls -- Access Control Models -- Physical Access Controls -- Summary -- Exercises -- 4 AUDITING AND ACCOUNTABILITY -- Accountability -- Security Benefits of Accountability -- Auditing -- Summary -- Exercises -- 5 CRYPTOGRAPHY -- The History of Cryptography -- Modern Cryptographic Tools -- Protecting Data at Rest, in Motion, and in Use -- Summary -- Exercises -- 6 COMPLIANCE, LAWS, AND REGULATIONS -- What Is Compliance? -- Achieving Compliance with Controls -- Maintaining Compliance -- Laws and Information Security -- Adopting Frameworks for Compliance -- Compliance amid Technological Changes -- Summary -- Exercises -- 7 OPERATIONS SECURITY -- The Operations Security Process -- Laws of Operations Security -- Operations Security in Our Personal Lives -- Origins of Operations Security -- Summary -- Exercises -- 8 HUMAN ELEMENT SECURITY -- Gathering Information for Social Engineering Attacks -- Types of Social Engineering Attacks -- Building Security Awareness with Security Training Programs -- Summary -- Exercises -- 9 PHYSICAL SECURITY -- Identifying Physical Threats -- Physical Security Controls -- Protecting People -- Protecting Data -- Protecting Equipment -- Summary -- Exercises10 NETWORK SECURITY -- Protecting Networks -- Protecting Network Traffic -- Network Security Tools -- Summary -- Exercises -- 11 OPERATING SYSTEM SECURITY -- Operating System Hardening -- Protecting Against Malware -- Operating System Security Tools -- Summary -- Exercises -- 12 MOBILE, EMBEDDED, AND INTERNET OF THINGS SECURITY -- Mobile Security -- Embedded Security -- Internet of Things Security -- Summary -- Exercises -- 13 APPLICATION SECURITY -- Software Development Vulnerabilities -- Web Security -- Database Security -- Application Security Tools -- Summary -- Exercises -- 14 ASSESSING SECURITY -- Vulnerability Assessment -- Penetration Testing -- Does This Really Mean You're Secure? -- Summary -- Exercises -- NOTES -- INDEX