Principles of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning EMEA

ISBN: 9781423901778

Category: Computers

Page: 598

View: 2690

DOWNLOAD NOW »

Incorporating both the managerial and technical aspects of this discipline, the authors address knowledge areas of Certified Information Systems Security Professional certification throughout and include many examples of issues faced by today's businesses.

Principles and Practice of Information Security

Protecting Computers from Hackers and Lawyers

Author: Linda Volonino,Stephen R. Robinson

Publisher: Prentice Hall

ISBN: N.A

Category: Computers

Page: 232

View: 477

DOWNLOAD NOW »

This book provides professionals with the necessary managerial, technical, and legal background to support investment decisions in security technology. It discusses security from the perspective of hackers (i.e., technology issues and defenses) and lawyers (i.e., legal issues and defenses). This cross-disciplinary book is designed to help users quickly become current on what has become a fundamental business issue. This book covers the entire range of best security practices—obtaining senior management commitment, defining information security goals and policies, transforming those goals into a strategy for monitoring intrusions and compliance, and understanding legal implications. Topics also include computer crime, electronic evidence, cyber terrorism, and computer forensics. For professionals in information systems, financial accounting, human resources, health care, legal policy, and law. Because neither technical nor legal expertise is necessary to understand the concepts and issues presented, this book can be required reading for everyone as part of an enterprise-wide computer security awareness program.

Management of Information Security

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 130550125X

Category: Computers

Page: 592

View: 1895

DOWNLOAD NOW »

Readers discover a managerially-focused overview of information security with a thorough treatment of how to most effectively administer it with MANAGEMENT OF INFORMATION SECURITY, 5E. Information throughout helps readers become information security management practitioners able to secure systems and networks in a world where continuously emerging threats, ever-present attacks, and the success of criminals illustrate the weaknesses in current information technologies. Current and future professional managers complete this book with the exceptional blend of skills and experiences to develop and manage the more secure computing environments that today’s organizations need. This edition offers a tightened focus on key executive and managerial aspects of information security while still emphasizing the important foundational material to reinforce key concepts. Updated content reflects the most recent developments in the field, including NIST, ISO, and security governance. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Information Security

Principles and Practices

Author: Mark S. Merkow,Jim Breithaupt

Publisher: Pearson IT Certification

ISBN: 0133589633

Category: Computers

Page: 368

View: 8064

DOWNLOAD NOW »

Information Security: Principles and Practices, Second Edition Everything You Need to Know About Modern Computer Security, in One Book Clearly explains all facets of information security in all 10 domains of the latest Information Security Common Body of Knowledge [(ISC)² CBK]. Thoroughly updated for today’s challenges, technologies, procedures, and best practices. The perfect resource for anyone pursuing an IT security career. Fully updated for the newest technologies and best practices, Information Security: Principles and Practices, Second Edition thoroughly covers all 10 domains of today’s Information Security Common Body of Knowledge. Two highly experienced security practitioners have brought together all the foundational knowledge you need to succeed in today’s IT and business environments. They offer easy-to-understand, practical coverage of topics ranging from security management and physical security to cryptography and application development security. This edition fully addresses new trends that are transforming security, from cloud services to mobile applications, “Bring Your Own Device” (BYOD) strategies to today’s increasingly rigorous compliance requirements. Throughout, you’ll find updated case studies, review questions, and exercises–all designed to reveal today’s real-world IT security challenges and help you overcome them. Learn how to -- Recognize the evolving role of IT security -- Identify the best new opportunities in the field -- Discover today’s core information security principles of success -- Understand certification programs and the CBK -- Master today’s best practices for governance and risk management -- Architect and design systems to maximize security -- Plan for business continuity -- Understand the legal, investigatory, and ethical requirements associated with IT security -- Improve physical and operational security -- Implement effective access control systems -- Effectively utilize cryptography -- Improve network and Internet security -- Build more secure software -- Define more effective security policies and standards -- Preview the future of information security

Principles of Information Security, Loose-Leaf Version

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: N.A

ISBN: 9781337685757

Category: Computers

Page: N.A

View: 554

DOWNLOAD NOW »

Master the latest technology and developments from the field with the book specifically oriented to the needs of information systems students like you -- PRINCIPLES OF INFORMATION SECURITY, 6E. Taking a managerial approach, this bestseller emphasizes all aspects of information security, rather than just a technical control perspective. You receive a broad overview of the entire field of information security and related elements with the detail to ensure understanding. You review terms used in the field and a history of the discipline as you learn how to manage an information security program. Current and relevant, this edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, Cloud Computing, and DevOps. Updates address technical security controls, emerging legislative issues, digital forensics, and ethical issues in IS security, making this the ideal IS resource for business decision makers.

Information Security

Principles and Practice

Author: Mark Stamp

Publisher: John Wiley & Sons

ISBN: 9781118027967

Category: Computers

Page: 606

View: 7116

DOWNLOAD NOW »

Now updated—your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a practical approach to information security by focusing on real-world examples, this book is organized around four major themes: Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel security and compartments, covert channels and inference control, security models such as BLP and Biba's model, firewalls, and intrusion detection systems Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSH, SSL, IPSec, Kerberos, WEP, and GSM Software: flaws and malware, buffer overflows, viruses and worms, malware detection, software reverse engineering, digital rights management, secure software development, and operating systems security This Second Edition features new discussions of relevant security topics such as the SSH and WEP protocols, practical RSA timing attacks, botnets, and security certification. New background material has been added, including a section on the Enigma cipher and coverage of the classic "orange book" view of security. Also featured are a greatly expanded and upgraded set of homework problems and many new figures, tables, and graphs to illustrate and clarify complex topics and problems. A comprehensive solutions manual is available to assist in course development. Minimizing theory while providing clear, accessible content, Information Security remains the premier text for students and instructors in information technology, computer science, and engineering, as well as for professionals working in these fields.

Roadmap to Information Security: For IT and Infosec Managers

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1435480309

Category: Computers

Page: 400

View: 1115

DOWNLOAD NOW »

ROADMAP TO INFORMATION SECURITY: FOR IT AND INFOSEC MANAGERS provides a solid overview of information security and its relationship to the information needs of an organization. Content is tailored to the unique needs of information systems professionals who find themselves brought in to the intricacies of information security responsibilities. The book is written for a wide variety of audiences looking to step up to emerging security challenges, ranging from students to experienced professionals. This book is designed to guide the information technology manager in dealing with the challenges associated with the security aspects of their role, providing concise guidance on assessing and improving an organization's security. The content helps IT managers to handle an assignment to an information security role in ways that conform to expectations and requirements, while supporting the goals of the manager in building and maintaining a solid information security program. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Principles of information systems security

text and cases

Author: Gurpreet Dhillon

Publisher: Wiley

ISBN: 9780471450566

Category: Computers

Page: 451

View: 679

DOWNLOAD NOW »

No one ever arrested a computer for computer crime. The real threat to information systems security comes from people, not computers. That's why students need to understand both the technical implementation of security controls, as well as the softer human behavioral and managerial factors that contribute to the theft and sabotage of proprietary data. Addressing both the technical and human side of information systems security, Dhillon's "Principles of Information Systems Security" helps future managers understand the broad range of technical, managerial, ethical, and legal issues related to IS security, and equips them with specific tools and techniques to support effective IS security management. Key Features Balanced coverage addresses the social and technical nature of IS security. Takes a managerial orientation, presenting key security challenges that information technology managers commonly face. Provides an analytical framework to conceptualize IS security problems. Draws on a range of disciplines, such as computer science, sociology, law, anthropology, and behavioral science. Cases put the theoretical material in real-life context. Gurpreet Dhillon is a Professor of Information Systems in the School of Business, Virginia Commonwealth University, Richmond, USA. He is the Editor-in-Chief of the "Journal of Information System Security," is the North American Regional Editor of the "International Journal of Information Management, " and sits on the editorial board of "MISQ Executive."

Readings & Cases in Information Security: Law & Ethics

Author: Michael E. Whitman,Herbert J. Mattord

Publisher: Cengage Learning

ISBN: 1435441575

Category: Computers

Page: 352

View: 6099

DOWNLOAD NOW »

Readings and Cases in Information Security: Law and Ethics provides a depth of content and analytical viewpoint not found in many other books. Designed for use with any Cengage Learning security text, this resource offers readers a real-life view of information security management, including the ethical and legal issues associated with various on-the-job experiences. Included are a wide selection of foundational readings and scenarios from a variety of experts to give the reader the most realistic perspective of a career in information security. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

Information Security Intelligence

Cryptographic Principles and Applications

Author: Thomas Calabrese

Publisher: Cengage Learning

ISBN: 9781401837273

Category: Computers

Page: 555

View: 1951

DOWNLOAD NOW »

Safeguarding the confidentiality, authenticity, integrity, and non-repudiation of information is paramount to organizational stability and success. This new book provides an understanding of information security, potential threats to our information, and effective countermeasures to proactively combat those threats. A comprehensive review of cryptographic techniques is presented and explained in simple mathematical terms. The text covers symmetrical and asymmetrical encryption, digital signatures, Kerberos, creation/deployment of strong keys and passwords, Virtual Private Networks, SET, SSL, SSH, IPSec, and authentication techniques. A detailed examination of Tiny Encryption Algorithm (TEA) exposes readers to the inner workings of encryption. CD-ROM experiments help solidify the learning experience. Emphasis throughout is on the application of the cryptographic methods and support structures needed to effectively apply the principles to create a secure business setting.

Hands-On Information Security Lab Manual

Author: Michael E. Whitman,Herbert J. Mattord,Andrew Green

Publisher: Cengage Learning

ISBN: 1285167570

Category: Computers

Page: 592

View: 1198

DOWNLOAD NOW »

HANDS-ON INFORMATION SECURITY LAB MANUAL, Fourth Edition, helps you hone essential information security skills by applying your knowledge to detailed, realistic exercises using Microsoft Windows 2000, Windows XP, Windows 7, and Linux. This wide-ranging, non-certification-based lab manual includes coverage of scanning, OS vulnerability analysis and resolution, firewalls, security maintenance, forensics, and more. The Fourth Edition includes new introductory labs focused on virtualization techniques and images, giving you valuable experience with some of the most important trends and practices in information security and networking today. All software necessary to complete the labs are available online as a free download. An ideal resource for introductory, technical, and managerial courses or self-study, this versatile manual is a perfect supplement to the PRINCIPLES OF INFORMATION SECURITY, SECURITY FUNDAMENTALS, and MANAGEMENT OF INFORMATION SECURITY books. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.

INFORMATION SECURITY

Theory and Practice

Author: DHIREN R. PATEL

Publisher: PHI Learning Pvt. Ltd.

ISBN: 9788120333512

Category: Computers

Page: 312

View: 2280

DOWNLOAD NOW »

This book offers a comprehensive introduction to the fundamental aspects of Information Security (including Web, Networked World, Systems, Applications, and Communication Channels). Security is also an essential part of e-business strategy (including protecting critical infrastructures that depend on information systems) and hence information security in the enterprise (Government, Industry, Academia, and Society) and over networks has become the primary concern. The book provides the readers with a thorough understanding of how information can be protected throughout computer networks. The concepts related to the main objectives of computer and information security systems, namely confidentiality, data integrity, authentication (entity and data origin), access control, and non-repudiation have been elucidated, providing a sound foundation in the principles of cryptography and network security. The book provides a detailed treatment of design principles of classical and modern cryptosystems through an elaborate study of cryptographic techniques, algorithms, and protocols. It covers all areas of security—using Symmetric key and Public key cryptography, hash functions, authentication techniques, biometric techniques, and stegano-graphy. Besides, techniques such as Secure Socket Layer (SSL), Firewalls, IPSec for Web security and network security are addressed as well to complete the security framework of the Internet. Finally, the author demons-trates how an online voting system can be built, showcasing information security techniques, for societal benefits. Information Security: Theory and Practice is intended as a textbook for a one-semester course in Information Security/Network Security and Crypto-graphy for B.E./B.Tech students of Computer Science and Engineering and Information Technology.

Information Security

Policy, Processes, and Practices

Author: Detmar W. Straub,Seymour E. Goodman,Richard Baskerville

Publisher: M.E. Sharpe

ISBN: 0765623730

Category: Business

Page: 286

View: 9306

DOWNLOAD NOW »

This volume in the Advances in Management Information Systems series covers the managerial landscape of information security.

Information Security

Principles and New Concepts

Author: Fiona Hobbs

Publisher: N.A

ISBN: 9781632403087

Category: Computers

Page: 214

View: 726

DOWNLOAD NOW »

This is the era of information. We can read up about everything on the internet. The data is freely available, thus the important data needs to be secured. Hence, the need for information security has risen in the past few years. This book includes specialised researches on topics related to information security, along with new concepts and theories in this field.

MARK STAMP'S INFORMATION SECURITY: PRINCIPLES AND PRACTICE

Author: Deven N. Shah

Publisher: N.A

ISBN: 9788126519873

Category: Computer security

Page: 468

View: 338

DOWNLOAD NOW »

Special Features: "Includes a new chapter on network security "Elaborates design principles for cryptography"Covers topics on various types of malware"Discusses about hackers perspective of security assessments"Provides practical aspects of operating system security"Presents numerous figures and tables, simplifying key concepts"Includes problems ranging from basic to complex"Suggests countermeasure for various network vulnerabilities" The book initially covered topics on Crypto, but with the addition of a chapter on network security, its becomes complete and can be referred to as a text globally."Strictly as per the latest syllabus of Mumbai University About The Book: Stamp s Information Security: Principles and Practice is a must-have book, designed for undergraduate students of computer science and information technology of Indian universities. The book presents information and network security concepts and practice in an easy and reader-friendly style. This comprehensive text takes a practical approach to information security by focusing on real-world examples. Academics, researchers and professionals working in the field of information and network security will also find the text very useful.

CRYPTOGRAPHY AND INFORMATION SECURITY

Author: V. K. PACHGHARE

Publisher: PHI Learning Pvt. Ltd.

ISBN: 8120350820

Category: Computers

Page: 416

View: 4743

DOWNLOAD NOW »

This thoroughly revised and well-organised book is in its second edition, continues to present the principles, techniques, design and implementation of cryptography and information security algorithms, with a perfect balance in the presentation of theoretical and practical aspects. To provide the mathematical background required to understand the principles of cryptography and information security, the text explains all the relevant theorems such as Fermat’s theorem and Euler’s theorem. The book gives a clear analysis of various encryption methods and cipher techniques. In addition, various security measures, for example, firewalls and virtual private network, and web security, are also discussed. This edition includes the topics with new innovations and improvements in the field of cryptography and information security in a substantial and comprehensive way. In this edition, the effort is taken to improve the pedagogy and user friendliness. It incorporates many solved numerical problems to clarify the various concepts and different algorithms and also includes MCQs with their answers in each chapter. The book is intended for the undergraduate and postgraduate students of computer science and engineering (B.Tech./M.Tech.), undergraduate and postgraduate students of computer science (B.Sc./M.Sc. Computer Science), and information technology (B.Sc./M.Sc. IT) and the students of Master of Computer Applications (MCA). KEY FEATURES Covers the latest topic of computer forensics and the areas in which they can be applied. Gives algorithms with numerical explanations. Provides a large number of solved problems.

Network Security Principles and Practices

Author: Saadat Malik

Publisher: Cisco Press

ISBN: 9781587050251

Category: Computers

Page: 774

View: 1557

DOWNLOAD NOW »

Expert solutions for securing network infrastructures and VPNs Build security into the network by defining zones, implementing secure routing protocol designs, and building safe LAN switching environments Understand the inner workings of the Cisco PIX Firewall and analyze in-depth Cisco PIX Firewall and Cisco IOS Firewall features and concepts Understand what VPNs are and how they are implemented with protocols such as GRE, L2TP, and IPSec Gain a packet-level understanding of the IPSec suite of protocols, its associated encryption and hashing functions, and authentication techniques Learn how network attacks can be categorized and how the Cisco IDS is designed and can be set upto protect against them Control network access by learning how AAA fits into the Cisco security model and by implementing RADIUS and TACACS+ protocols Provision service provider security using ACLs, NBAR, and CAR to identify and control attacks Identify and resolve common implementation failures by evaluating real-world troubleshooting scenarios As organizations increase their dependence on networks for core business processes and increase access to remote sites and mobile workers via virtual private networks (VPNs), network security becomes more and more critical. In today's networked era, information is an organization's most valuable resource. Lack of customer, partner, and employee access to e-commerce and data servers can impact both revenue and productivity. Even so, most networks do not have the proper degree of security. Network Security Principles and Practices provides an in-depth understanding of the policies, products, and expertise that brings organization to this extremely complex topic and boosts your confidence in the performance and integrity of your network systems and services. Written by the CCIE engineer who wrote the CCIE Security lab exam and who helped develop the CCIE Security written exam, Network Security Principles and Practices is the first book to help prepare candidates for the CCIE Security exams. Network Security Principles and Practices is a comprehensive guide to network security threats and the policies and tools developed specifically to combat those threats. Taking a practical, applied approach to building security into networks, the book shows you how to build secure network architectures from the ground up. Security aspects of routing protocols, Layer 2 threats, and switch security features are all analyzed. A comprehensive treatment of VPNs and IPSec is presented in extensive packet-by-packet detail. The book takes a behind-the-scenes look at how the Cisco PIX(r) Firewall actually works, presenting many difficult-to-understand and new Cisco PIX Firewall and Cisco IOS(r) Firewall concepts. The book launches into a discussion of intrusion detection systems (IDS) by analyzing and breaking down modern-day network attacks, describing how an IDS deals with those threats in general, and elaborating on the Cisco implementation of IDS. The book also discusses AAA, RADIUS, and TACACS+ and their usage with some of the newer security implementations such as VPNs and proxy authentication. A complete section devoted to service provider techniques for enhancing customer security and providing support in the event of an attack is also included. Finally, the book concludes with a section dedicated to discussing tried-and-tested troubleshooting tools and techniques that are not only invaluable to candidates working toward their CCIE Security lab exam but also to the security network administrator running the operations of a network on a daily basis.