| Description |
1 online resource (1 volume) : illustrations |
| Bibliography |
Includes bibliographical references and index. |
| Summary |
"Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning and IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small business and global enterprises alike"-- Provided by publisher |
| Contents |
Cover -- Title -- Copyright Page -- Dedication -- Contents -- Foreword -- Acknowledgments -- Introduction -- Part I Information Assurance Basics -- Chapter 1 Developing an Information Assurance Strategy -- Comprehensive -- Independent -- Legal and Regulatory Requirements -- Living Document -- Long Life Span -- Customizable and Pragmatic -- Risk-Based Approach -- Organizationally Significant -- Strategic, Tactical, and Operational -- Concise, Well-Structured, and Extensible -- Critical Thinking Exercises -- Chapter 2 The Need for Information Assurance |
|
Protection of Critical and Sensitive Assets -- Compliance to Regulations and Circulars/Laws -- Meeting Audit and Compliance Requirements -- Providing Competitive Advantage -- Critical Thinking Exercises -- Chapter 3 Information Assurance Principles -- The MSR Model of Information Assurance -- Information Assurance -- Information Security -- Information Protection -- Cybersecurity -- Information Assurance: Business Enabler -- Information Assurance: Protects the Fabric of an Organization's Systems -- Information Assurance: Cost Effective and Cost Beneficial |
|
Information Assurance: Shared Responsibilities -- Information Assurance: Robust Approach -- Information Assurance: Reassessed Periodically -- Information Assurance: Restricted by Social Obligations -- Implications from Lack of Information Assurance -- Penalties from a Legal/Regulatory Authorities -- Loss of Information Assets -- Operational Losses and Operational Risk Management -- Customer Losses -- Loss of Image and Reputation -- Further Reading -- Critical Thinking Exercises -- Chapter 4 Information Assurance Concepts -- Defense in Depth -- Confidentiality, Integrity, and Availability |
|
Confidentiality -- Integrity -- Availability -- CIA Balance -- Nonrepudiation and Authentication -- Nonrepudiation -- Identification, Authentication, Authorization, and Accountability -- Identification -- Authentication -- Authorization -- Accountability -- Privacy's Relationship to Information Assurance -- Assets, Threats, Vulnerabilities, Risks, and Controls -- Common Threats -- Vulnerabilities -- Controls -- Cryptology -- Codes and Ciphers -- Further Reading -- Critical Thinking Exercises -- Chapter 5 Organizations Providing Resources for Professionals |
|
Organizations Providing Resources for Professionals -- (ISC)2 International Information System Security Certification Consortium -- Computing Technology Industry Association -- Information System Audit and Control Association -- Information System Security Association -- SANS Institute -- Disaster Recovery Institute, International -- Business Continuity Institute -- Deciding Among Certifications -- Codes of Ethics -- Further Reading -- Critical Thinking Exercises -- Chapter 6 Information Assurance Management System -- Security Considerations for the Information Asset Life Cycle |
| Subject |
Computer networks -- Security measures -- Handbooks, manuals, etc.
|
|
Computer security -- Handbooks, manuals, etc.
|
|
Data protection -- Handbooks, manuals, etc.
|
|
Information storage and retrieval systems -- Security measures -- Handbooks, manuals, etc.
|
|
Réseaux d'ordinateurs -- Sécurité -- Mesures -- Guides, manuels, etc. |
|
Sécurité informatique -- Guides, manuels, etc. |
|
Protection de l'information (Informatique) -- Guides, manuels, etc. |
|
Systèmes d'information -- Sécurité -- Mesures -- Guides, manuels, etc. |
|
Computer networks -- Security measures |
|
Computer security |
|
Data protection |
|
Information storage and retrieval systems -- Security measures |
| Genre |
handbooks.
|
|
Handbooks and manuals
|
|
Handbooks and manuals.
|
|
Guides et manuels.
|
| Added Author |
Hernandez, Steven.
|
| Added Title |
Effective computer security and risk management strategies |
| Other Form: |
Print version: Schou, Corey. Information Assurance Handbook: Effective Computer Security and Risk Management Strategies. : McGraw-Hill Education, ©2014 |
| ISBN |
9780071826310 |
|
0071826319 |
|
More Resources