Every year, in response to advancements in technology and new laws in different countries and regions, there are many changes and updates to the body of knowledge required of IT security professionals. Updated annually to keep up with the increasingly fast pace of change in the field, the Information Security Management Handbook is the single most comprehensive and up-to-date resource on information security and assurance.
Providing an up-to-date compilation of the fundamental skills, techniques, tools, and understanding required of IT security professionals, the Information Security Management Handbook, Sixth Edition, Volume 4 reflects the latest changes to information security and the CISSP (R) Common Body of Knowledge (CBK (R)). This edition updates the benchmark Volume 1 with a wealth of new information on mobile device security, adaptive threat defense, Web 2.0, virtualization, data leakage, and governance. New material also addresses risk management, business continuity planning, disaster recovery planning, and cryptography.
As the risks that threaten the security of our systems continue to evolve, it is imperative that those charged with protecting that information stay ahead of the curve. Also available in a fully searchable CD-ROM format, this comprehensive resource provides the up-to-date understanding required to keep you abreast of the latest developments, new vulnerabilities, and possible threats.
Rezensionen / Stimmen
As a compendium of knowledge from recognized experts on information security, this book contains a wealth of information for security practitioners. It is a compilation of several important topics that are relevant to information security. As practitioner references go, this book is one that an information security practitioner should take notice of, since it touches on a number of timely information security topics and blends the practices of security with business. The book organizes the information security topics into ten domains, which various authors then cover. As the publisher's site states, the collection as a whole provides a 'compilation of the fundamental knowledge, skills, techniques, and tools required of information technology (IT) security professionals.' The ten domains are: Domain 1: Access Control Domain 2: Telecommunications and Network Security Domain 3: Information Security and Risk Management Domain 4: Application Security Domain 5: Cryptography Domain 6: Security Architecture and Design Domain 7: Operations Security Domain 8: Business Continuity Planning and Disaster Recovery Planning Domain 9: Law, Regulations, Compliance, and Investigation Domain 10: Physical Security Though all of the topics are interesting, from the perspective of emerging trends and technologies, the most interesting chapters are 'Managing Mobile Device Security,' 'Best Practices in Virtualization Security,' 'A Brief Summary of Warfare and Commercial Entities,' and 'Cyberstalking.' These four chapters resonate most with information security practitioners because each of these topics takes the form of a trend that occurs increasingly in both the news and in trade journals. I recommend this book, not only to information security practitioners but also to managers, executives, attorneys, risk managers, and technology operators. The book covers a significant number of important topics that are both timely and relevant to the contemporary practices one finds in daily life when performing a security duty within the discipline of information security. -Eric W. Yocam in Computing Reviews, July 2011
Auflage
Sprache
Verlagsort
Zielgruppe
Für Beruf und Forschung
Academic and Professional Practice & Development
Illustrationen
126 b/w images and 8 tables
Maße
Höhe: 254 mm
Breite: 178 mm
Gewicht
ISBN-13
978-1-4398-1902-9 (9781439819029)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Klassifikation
Harold F. Tipton, HFT Associates, Villa Park, California, USA
Micki Krause Nozaki, Pacific Life Insurance Company, Newport Beach, California, USA
Access Control. Access Control Techniques. Access Control Administration. Methods of Attack. Telecommunications & Network Security. Communications & Network Security. Internet, Intranet, Extranet Security. Network Attacks & Countermeasures. Information Security & Risk Management. Security Management Concepts & Principles. Policies, Standards, Procedures & Guidelines. Risk Management. Security Management Planning. Employment Policies & Practices. Application Security. Application Issues. System Development Controls. Malicious Code. Methods of Attack. Cryptography. Crypto Concepts, Methodologies & Practices. Security Architecture & Design. Principles of Computer & Network Organizations, Architectures & Designs. Operations Security. Operations Controls. Resource Protection Requirements. Business Continuity Planning & Disaster Recovery Planning. Business Continuity Planning. Disaster Recovery Planning. Legal, Regulations, Compliance & Investigation. Information Law. Major Categories of Computer Crime. Incident Handling. Physical Security. Elements of Physical Security.
