Produktbild: Trinckes, J: The Executive MBA in Information Security

Trinckes, J: The Executive MBA in Information Security

Fr. 239.00

inkl. gesetzl. MwSt., Versandkostenfrei


Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

09.10.2009

Abbildungen

29 Tables, black and white 25 Illustrations, black and white

Verlag

Taylor and Francis

Seitenzahl

352

Maße (L/B/H)

24.3/16.6/2.3 cm

Gewicht

612 g

Sprache

Englisch

ISBN

978-1-4398-1007-1

Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

09.10.2009

Abbildungen

29 Tables, black and white 25 Illustrations, black and white

Verlag

Taylor and Francis

Seitenzahl

352

Maße (L/B/H)

24.3/16.6/2.3 cm

Gewicht

612 g

Sprache

Englisch

ISBN

978-1-4398-1007-1

Noch keine Bewertungen vorhanden

Verfassen Sie die erste Bewertung zu diesem Artikel

Helfen Sie anderen Kundinnen und Kunden durch Ihre Meinung.

Kundinnen und Kunden meinen

Bewertungen (0)

  • Produktbild: Trinckes, J: The Executive MBA in Information Security
  • Preface Acknowledgments The Author Contributors Information Security Overview Information Security Management What Is Information Security? Responsibilities Organization Functions Ideal Traits of an Information Security Professional Certification Requirements Recruiting Screening Interviewing Reference Checks Retention Trust and Loyalty Why Is Information Security Important? Information Security Concepts Laws of Security Information Security Requirements Interrelationship of Regulations, Policies, Standards, Procedures, and Guidelines Regulations Sarbanes-Oxley Act Gramm-Leach-Bliley Act Health Insurance Portability and Accountability Act Federal Financial Institutions Examination Council Payment Card Industry (PCI) Data Security Standard Common Elements of Compliance Security Controls Industry Best Practice Guidelines Standards Measurement Techniques Control Objectives for Information and Related Technology (COBIT) ISO 27002 Overview Capability Maturity Model (CMM) Generally Accepted Information Security Principles (GAISP) Common Pitfalls of an Effective Information Security Program Defense in Depth Managing Risks Risk Management System Characterization Threat Identification Vulnerability Identification and Categorization Control Analysis Likelihood Rating Impact Rating (Premitigation) Risk Determination Recommendations Technical Evaluation Plan (TEP) Methodology Overview Role of Common Vulnerabilities and Exposures (CVE) Executive Summary Follow-Up Tracking Conflict Resolution Test Plans Physical Security Access Control Systems and Methods Discretionary Access Controls (DACs) Mandatory Access Controls (MACs) Nondiscretionary Access Controls Administrative Access Controls Physical Access Controls Technical Access Controls Logical Access Controls Common Access Control Practices Auditing Physical Security Social Engineering Phishing Pharming Vishing Passive Information Gathering Active Information Gathering Covert Testing Clean Desk Policy Dumpster Diving Business Continuity Plans and Disaster Recovery Business Continuity Phase 1-Project Management and Initiation Phase 2-Business Impact Analysis Phase 3-Recovery Strategies Phase 4-Plan, Design, and Develop Phase 5-Testing, Maintenance, and Awareness Training Complications to Consider in BCP Disaster Recovery Business Facilities and Supplies Users Technology Data Event Stages Disaster Recovery Testing Business Continuity Planning and Disaster Recovery Training Administrative Controls Change Management Request Phase Process Phase Release Phase Change Management Steps Computer Forensics Computer Investigation Model Incident Management Reporting Information Steps Notification Incident Details Incident Handler Actions to Date Recommended Actions Laws, Investigations, and Ethics Laws Investigations Ethics Operations Security OPSEC Controls Separation of Duties Job Rotation Least Privileges Records Retention Federal Rules of Civil Procedure Security Awareness Training A Cracker's Story Security Management Practices Security Countermeasures Service Providers, Service-Level Agreements, and Vendor Reviews Vendor Relationship Policy Service-Level Agreements Vendor Reviews Managing Security Risks in Vendor Relationships Due Diligence: The First Tool Key Contractual Protections: The Second Tool Information Security Requirements Exhibit: The Third Tool Technical Controls Host Security System Hardening Checklist Host Services Other Host Security Controls Malware Protection Viruses, Worms, and Backdoors DAT Signatures Multimedia Devices Network Security Seven Layers of the OSI Model Other Layers Protocol Data Units TCP/IP Model Decimal, Binary, and Hexadecimal Compared Network Addressing Network Security Controls Passwords Patch or Vulnerability Management Application Controls Application and System Development e-Mail Encryption Private Key Encryption (Symmetric Key Encryption) Choosing a Symmetric Key Cryptography Method Public Key Encryption (Asymmetric Key Encryption) Choosing an Asymmetric Key Cryptography Method Digital Signature One-Way Encryption e-Mail Encryption Choosing e-Mail Encryption Internet Encryption Choosing an Internet Security Method Encrypting Hard Drives Encryption Attacks Multifactor Authentication Perimeter Controls Security Architecture Internal Controls External Controls Telecommunications Security Voice over IP Security Virtual Private Network Wireless Security Web Filtering Audit and Compliance Audit and Compliance Information Security Governance Metrics Testing-Vulnerability Assessment Appendix A: Information Security Policy Appendix B: Technology Resource Policy Appendix C: Log-on Warning Banner Appendix D: Penetration Test Waiver Appendix E: Tools Appendix F: How to Report Internet Crime Acronyms MyISAT Web References Index