Format:
1 online resource (345 pages)
Edition:
1st ed.
ISBN:
9780080508283
Series Statement:
How to Cheat Ser
Content:
This is the only book that covers all the topics that any budding security manager needs to know! This book is written for managers responsible for IT/Security departments from mall office environments up to enterprise networks. These individuals do not need to know about every last bit and byte, but they need to have a solid understanding of all major, IT security issues to effectively manage their departments. This book is designed to cover both the basic concepts of security, non - technical principle and practices of security and provides basic information about the technical details of many of the products - real products, not just theory. Written by a well known Chief Information Security Officer, this book gives the information security manager all the working knowledge needed to: Design the organization chart of his new security organization Design and implement policies and strategies Navigate his way through jargon filled meetings Understand the design flaws of his E-commerce and DMZ infrastructure * A clearly defined guide to designing the organization chart of a new security organization and how to implement policies and strategies * Navigate through jargon filled meetings with this handy aid * Provides information on understanding the design flaws of E-commerce and DMZ infrastructure.
Content:
Front Cover -- How to Cheat at Managing Information Security -- Copyright Page -- Contents -- Preface -- Introduction -- Chapter 1. The Security Organization -- Anecdote -- Introduction -- Where Should Security Sit? Below the CEO, CTO, or CFO -- Your Mission: If You Choose to Accept It -- Role of the Security Function: What's in a Job? -- The Hybrid Security Team: Back to Organizational Studies -- What Makes a Good CISO? -- Summary -- Chapter 2. The Information Security Policy -- Anecdote -- Introduction -- Policy, Strategy, and Standards: Business Theory -- Back to Security -- The Security Strategy and the Security Planning Process -- Security Policy Revisited -- Security Standards Revisited -- Compliance and Enforcement -- Summary -- Chapter 3. Jargon, Principles, and Concepts -- Anecdote -- Introduction -- CIA: Confidentiality, Integrity, and Availability -- The Vulnerability Cycle -- Types of Controls -- Risk Analysis -- AAA -- Other Concepts You Need to Know -- Generic Types of Attack -- Summary -- Chapter 4. Information Security Laws and Regulations -- Anecdote -- Introduction -- U.K. Legislation -- U.S. Legislation -- Summary -- Chapter 5. Information Security Standards and Audits -- Anecdote -- Introduction -- ISO/IEC 27001:2005: What Now for BS 7799? -- PAS 56 -- FIPS 140-2 -- Common Criteria Certification -- Types of Audit -- Summary -- Chapter 6. Interviews, Bosses, and Staff -- Anecdote -- Introduction -- Bosses -- Worst Employees -- Summary -- Chapter 7. Infrastructure Security -- Anecdote -- Introduction -- E-commerce -- Just Checking -- Summary -- Chapter 8. Firewalls -- Anecdote -- Introduction -- Firewall Structure and Design -- Other Types of Firewalls -- Commercial Firewalls -- Summary -- Chapter 9. Intrusion Detection Systems: Theory -- Anecdote -- Introduction -- Why Bother with an IDS? -- NIDS in Your Hair.
Note:
Description based on publisher supplied metadata and other sources
Additional Edition:
9781597491105
Additional Edition:
Erscheint auch als Druck-Ausgabe 9781597491105
Language:
English
URL:
Volltext
(lizenzpflichtig)
Bookmarklink