Information Assurance Handbook: Effective Computer Security and Risk Management Strategies (Paperback)

Corey Schou, Steven Hernandez

  • 出版商: McGraw-Hill Education
  • 出版日期: 2014-09-16
  • 定價: $1,960
  • 售價: 6.0$1,176
  • 語言: 英文
  • 頁數: 480
  • 裝訂: Paperback
  • ISBN: 0071821651
  • ISBN-13: 9780071821650
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 4)

買這商品的人也買了...

商品描述

Best practices for protecting critical data and systems

Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning in a non-technical manner. It leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike.

Common threats and vulnerabilities are described and applicable controls based on risk profiles are provided. Practical information assurance application examples are presented for select industries, including healthcare, retail, and industrial control systems. Chapter-ending critical thinking exercises reinforce the material covered. An extensive list of scholarly works and international government standards is also provided in this detailed guide.

Comprehensive coverage includes:

  • Basic information assurance principles and concepts
  • Information assurance management system
  • Current practices, regulations, and plans
  • Impact of organizational structure
  • Asset management
  • Risk management and mitigation
  • Human resource assurance
  • Advantages of certification, accreditation, and assurance
  • Information assurance in system development and acquisition
  • Physical and environmental security controls
  • Information assurance awareness, training, and education
  • Access control
  • Information security monitoring tools and methods
  • Information assurance measurements and metrics
  • Incident handling and computer forensics
  • Business continuity management
  • Backup and restoration
  • Cloud computing and outsourcing strategies
  • Information assurance big data concerns

商品描述(中文翻譯)

保護關鍵資料和系統的最佳實踐

《信息保障手冊:有效的計算機安全和風險管理策略》討論了預防、檢測、控制、修正和恢復安全漏洞和其他信息保障失敗所需的工具和技術。這本實用資源以非技術方式解釋了如何將信息保障整合到企業計劃中。它引導您制定IT策略,並提供了一種組織方法,以確定、實施和控制小型企業和全球企業的信息保障計劃。

該書描述了常見的威脅和漏洞,並根據風險概況提供了相應的控制措施。它還提供了適用於特定行業(包括醫療保健、零售和工業控制系統)的實際信息保障應用示例。每章結束時都有批判性思考練習來強化所講授的內容。詳細指南中還提供了大量的學術著作和國際政府標準。

全面的內容包括:
- 基本的信息保障原則和概念
- 信息保障管理系統
- 當前的實踐、法規和計劃
- 組織結構的影響
- 資產管理
- 風險管理和緩解
- 人力資源保障
- 認證、授權和保障的優勢
- 系統開發和採購中的信息保障
- 物理和環境安全控制
- 信息保障意識、培訓和教育
- 存取控制
- 信息安全監控工具和方法
- 信息保障測量和指標
- 事件處理和計算機取證
- 業務連續性管理
- 備份和恢復
- 雲計算和外包策略
- 信息保障大數據問題