Information Security The Complete Reference, 2/e (Paperback)

Mark Rhodes-Ousley

買這商品的人也買了...

商品描述

Develop and implement an effective end-to-end security program

Today’s complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security—from concepts to details—this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional.

Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You’ll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike.

  • Understand security concepts and building blocks
  • Identify vulnerabilities and mitigate risk
  • Optimize authentication and authorization
  • Use IRM and encryption to protect unstructured data
  • Defend storage devices, databases, and software
  • Protect network routers, switches, and firewalls
  • Secure VPN, wireless, VoIP, and PBX infrastructure
  • Design intrusion detection and prevention systems
  • Develop secure Windows, Java, and mobile applications
  • Perform incident response and forensic analysis

商品描述(中文翻譯)

發展並實施一個有效的端到端安全計劃

如今,移動平台、雲計算和無所不在的數據訪問使每個IT專業人員面臨新的安全需求。《信息安全:完整參考手冊,第二版》(前稱《網絡安全:完整參考手冊》)是唯一一本提供關於信息保護各個方面的供應商中立細節的綜合性書籍,並關注不斷變化的威脅環境。本版經過全面修訂和擴充,涵蓋現代信息安全的所有方面,從概念到細節,為初學者和經驗豐富的專業人士提供一站式參考。

了解如何基於成熟的方法論、風險分析、合規性和業務需求來建立一個全面的安全計劃。您將學習如何成功保護數據、網絡、計算機和應用程序。深入的章節涵蓋數據保護、加密、信息權限管理、網絡安全、入侵檢測和預防、Unix和Windows安全、虛擬和雲安全、安全應用程序開發、災難恢復、取證以及現實世界的攻擊和對策。書中還包括了一個廣泛的安全詞彙表,以及基於標準的參考資料。這是一個對專業人士和學生都非常有價值的資源。

- 理解安全概念和構建模塊
- 確定漏洞並減輕風險
- 優化身份驗證和授權
- 使用IRM和加密保護非結構化數據
- 保護存儲設備、數據庫和軟件
- 保護網絡路由器、交換機和防火牆
- 安全VPN、無線、VoIP和PBX基礎設施
- 設計入侵檢測和預防系統
- 開發安全的Windows、Java和移動應用程序
- 執行事件響應和取證分析