TY - BOOK AU - Kim,David AU - Solomon,Michael TI - Fundamentals of information systems security SN - 9781284220735 U1 - 005.8 23 PY - 2023/// CY - Burlington, Massachusetts PB - Jones & Bartlett Learning KW - Computer security KW - Computer networks KW - Information storage and retrieval systems N1 - Table of Contents Part I : The need for information security Chapter 1. Information systems security Tenets of information systems security The seven domains of a typical IT infrastructure Weakest link in the security of an IT infrastructure IT security policy framework Data classification stanards Chapter 2. Emerging technologyes are changing how we live Evolution pf the internate of things Converting to a TCP/IP World IoT's impact on human and Business life Evo;lution from brick and mortar to E-commerce Why businesses must have an internet and IoT marketing strategyy IP Mobility Mobile Applications New Challenges created by the IoT Chapter 3. Risk Threats, and Vulnerabilities Risk Management and information security The risk managent process IT and network infrastructure Who are the perpetrators? Etc. Chapter 4. Business Drivers of Information Security Risk management's importance to the organization Understanding the relationship between a BIA and BCP, and a DRP Assessing risks, threats and vulnerabilities Closing the information security gap Adhering to compliance laws Etc. Part II : Securing today's information systems Chapter 5. Networks and telecommunications The open systems interconnection reference model The main types of networks TCP/IP and how it works Network security risks Basic network security defense tools Etc. Chapter 6. Access Controls Four-part access controls Two types of access controls Authorization policies Methods and guidelines for identification Processes and requirements for authentication Etc. Chapter 7. Cryptography What is cryptography? Business and security requirements for cryptography Cryptographic principles, concepts, and terminoloy Types of ciphers Symmetric and asymmetric key cryptography Etc. Chapter 8. Malicious software and atack vectors Characteristics, architecture, and operations of malicious software The main types of malware A brief history of malicious code threats Threats to business organizations Anatomy of an attack Etc. Chapter 9. Security operations and administration Security administration Compliance Professional ethics The infrastructure of an IT security policy Data classification standards Etc. Chapter 10. Auditing, testing and monitoring Security auditing and analysis Defining the audit plan Auditing benchmarks Audit data collection methods Post-audit activities Etc. Chapter 11. Contingency planning Business continuity management Backing up data and applications Incident handling Recovery from a disaster Chapter 12. Digital Forensics Introduction to digital forensics Overview of computer crime Forensic methods and labs Collecting, seizing and protecting evidence Recovering data Etc. Part IIII : Information security standards, certifications and laws Chapter 13. Information security satndards Standards organizations ISO 17799 (Withdrawn) Payment card industry data security standard Chapter 14. Information security certifications U.S Department of defense/Military directive 8570.01 Vendor-Neutral Professional certification Vendor-specific professional certifications Chapter 15. Compliance laws Compliance is the law Federal information security The health insurance portability and accountability act (HIPAA) The Gramm-Leach- Bliley Act The Sarbanes- Oxley Act Etc. ; Includes bibliographical references p. 525-530 and index p. 531-550 ER -