Fundamentals of information systems security / David Kim, and Michael G. Solomon.
Series: ISSA- Information systems security and assurance seriesPublisher: Burlington, Massachusetts : Jones & Bartlett Learning, [2023]Edition: Fourth editionDescription: xxii, 550 p. : ill. ; 26cmISBN:- 9781284220735
- 23 005.8 KIM
| Item type | Current library | Call number | Copy number | Status | Date due | Barcode |
|---|---|---|---|---|---|---|
Book Closed Access
|
Science and Education Library | 005.8 KIM 1 (Browse shelf(Opens below)) | 1 | Available | NAGL23120108 | |
|
Book Closed Access
|
Science and Education Library | 005.8 KIM 1 (Browse shelf(Opens below)) | 2 | Available | NAGL23120109 |
Table of Contents
Part I : The need for information security
Chapter 1. Information systems security
Tenets of information systems security
The seven domains of a typical IT infrastructure
Weakest link in the security of an IT infrastructure
IT security policy framework
Data classification stanards
Chapter 2. Emerging technologyes are changing how we live
Evolution pf the internate of things
Converting to a TCP/IP World
IoT's impact on human and Business life
Evo;lution from brick and mortar to E-commerce
Why businesses must have an internet and IoT marketing strategyy
IP Mobility
Mobile Applications
New Challenges created by the IoT
Chapter 3. Risk Threats, and Vulnerabilities
Risk Management and information security
The risk managent process
IT and network infrastructure
Who are the perpetrators?
Etc.
Chapter 4. Business Drivers of Information Security
Risk management's importance to the organization
Understanding the relationship between a BIA and BCP, and a DRP
Assessing risks, threats and vulnerabilities
Closing the information security gap
Adhering to compliance laws
Etc.
Part II : Securing today's information systems
Chapter 5. Networks and telecommunications
The open systems interconnection reference model
The main types of networks
TCP/IP and how it works
Network security risks
Basic network security defense tools
Etc.
Chapter 6. Access Controls
Four-part access controls
Two types of access controls
Authorization policies
Methods and guidelines for identification
Processes and requirements for authentication
Etc.
Chapter 7. Cryptography
What is cryptography?
Business and security requirements for cryptography
Cryptographic principles, concepts, and terminoloy
Types of ciphers
Symmetric and asymmetric key cryptography
Etc.
Chapter 8. Malicious software and atack vectors
Characteristics, architecture, and operations of malicious software
The main types of malware
A brief history of malicious code threats
Threats to business organizations
Anatomy of an attack
Etc.
Chapter 9. Security operations and administration
Security administration
Compliance
Professional ethics
The infrastructure of an IT security policy
Data classification standards
Etc.
Chapter 10. Auditing, testing and monitoring
Security auditing and analysis
Defining the audit plan
Auditing benchmarks
Audit data collection methods
Post-audit activities
Etc.
Chapter 11. Contingency planning
Business continuity management
Backing up data and applications
Incident handling
Recovery from a disaster
Chapter 12. Digital Forensics
Introduction to digital forensics
Overview of computer crime
Forensic methods and labs
Collecting, seizing and protecting evidence
Recovering data
Etc.
Part IIII : Information security standards, certifications and laws
Chapter 13. Information security satndards
Standards organizations
ISO 17799 (Withdrawn)
Payment card industry data security standard
Chapter 14. Information security certifications
U.S Department of defense/Military directive 8570.01
Vendor-Neutral Professional certification
Vendor-specific professional certifications
Chapter 15. Compliance laws
Compliance is the law
Federal information security
The health insurance portability and accountability act (HIPAA)
The Gramm-Leach- Bliley Act
The Sarbanes- Oxley Act
Etc.
Includes bibliographical references p. 525-530 and index p. 531-550
There are no comments on this title.