| Edition |
Second edition. |
| Description |
1 online resource |
|
text txt rdacontent |
|
computer c rdamedia |
|
online resource cr rdacarrier |
| Series |
Syngress basics series |
|
Syngress basics series.
|
| Note |
Online resource; title from PDF title page (ScienceDirect, viewed May 30, 2014). |
|
Includes index. |
| Summary |
As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. Author Jason Andress gives you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, and then dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security. The Basics of Information Security gives you clear-non-technical explanations of how infosec works and how to apply these principles whether you're in the IT field or want to understand how it affects your career and business. The new Second Edition has been updated for the latest trends and threats, including new material on many infosec subjects. |
| Bibliography |
Includes bibliographical references and index. |
| Contents |
Front Cover; The Basics of Information Security; Copyright Page; Dedication; Contents; Author Biography; Introduction; Book overview and key learning points; Book audience; How this book is organized; Chapter 1: What is information security?; Chapter 2: Identification and authentication; Chapter 3: Authorization and access control; Chapter 4: Auditing and accountability; Chapter 5: Cryptography; Chapter 6: Laws and regulations; Chapter 7: Operations security; Chapter 8: Human element security; Chapter 9: Physical security; Chapter 10: Network security; Chapter 11: Operating system security. |
|
Chapter 12: Application securityConclusion; 1 What is Information Security?; Introduction; What is security?; When are we secure?; Alert!; Models for discussing security; The confidentiality, integrity, and availability triad; More advanced; Confidentiality; Integrity; Availability; Relating the CIA triad to security; The Parkerian hexad; Alert!; Confidentiality, integrity, and availability; Possession or control; Authenticity; Utility; Attacks; Types of attack payloads; Interception; Interruption; Modification; Fabrication; Threats, vulnerabilities, and risk; Threats; Vulnerabilities; Risk. |
|
ImpactRisk management; Identify assets; Identify threats; Assess vulnerabilities; Assess risks; Mitigating risks; Physical; Logical and technical controls; Administrative; Incident response; Preparation; Detection and analysis; Containment, eradication, and recovery; Post incident activity; Defense in depth; Layers; Information security in the real world; Summary; Exercises; References; 2 Identification and Authentication; Introduction; Identification; Who we claim to be; Identity verification; Falsifying identification; Authentication; Factors; Multifactor authentication. |
|
Mutual authenticationPasswords; More advanced; Biometrics; Additional resources; Characteristics; Measuring performance; Issues; Hardware tokens; Alert!; Identification and authentication in the real world; Summary; Exercises; References; 3 Authorization and Access Control; Introduction; Authorization; Principle of least privilege; Access control; More advanced; Access control lists; File system ACLs; More advanced; Network ACLs; Alert!; More advanced; Capabilities; Confused deputy problem; Alert!; Access control methodologies; Access control models; Discretionary access control. |
|
Mandatory access controlMore advanced; Role-based access control; Attribute-based access control; Multilevel access control; Physical access controls; Authorization and access control in the real world; Summary; Exercises; References; 4 Auditing and Accountability; Introduction; Accountability; More advanced; Security benefits of accountability; Nonrepudiation; Deterrence; More advanced; Intrusion detection and prevention; Admissibility of records; How we accomplish accountability; Auditing; What do we audit?; Alert!; Logging; Monitoring; Assessments. |
| Subject |
Computer security.
|
|
Computer networks -- Security measures.
|
|
Information technology -- Security measures.
|
|
Information resources management.
|
|
Computer science.
|
|
Computer Security |
|
Information Management |
|
Electronic Data Processing |
|
Sécurité informatique.
|
|
Réseaux d'ordinateurs -- Sécurité -- Mesures.
|
|
Technologie de l'information -- Sécurité -- Mesures.
|
|
Gestion de l'information.
|
|
Informatique.
|
|
COMPUTERS -- Internet -- Security.
|
|
COMPUTERS -- Networking -- Security.
|
|
COMPUTERS -- Security -- General.
|
|
Computer networks -- Security measures
|
|
Computer science
|
|
Computer security
|
|
Information resources management
|
|
Information technology -- Security measures
|
| Other Form: |
Print version: 9780128007440 |
| ISBN |
9780128008126 (electronic bk.) |
|
0128008121 (electronic bk.) |
|
0128007443 |
|
9780128007440 |
|
9780128007440 |
| Standard No. |
AU@ 000053138935 |
|
AU@ 000067107778 |
|
CHNEW 000692138 |
|
CHNEW 000692141 |
|
CHNEW 000887795 |
|
CHNEW 001001017 |
|
CHNEW 001026526 |
|
DEBBG BV042031080 |
|
DEBBG BV042300251 |
|
DEBBG BV043610023 |
|
DEBSZ 413890570 |
|
DEBSZ 414186680 |
|
DEBSZ 431696926 |
|
NLGGC 389808814 |
|
DKDLA 820120-katalog:9910110645805765 |
|
