Enterprise Architecture and Information Assurance: Developing a Secure Foundation (Hardcover)

James A. Scholz

  • 出版商: Auerbach Publication
  • 出版日期: 2013-07-29
  • 售價: $2,430
  • 貴賓價: 9.5$2,309
  • 語言: 英文
  • 頁數: 266
  • 裝訂: Hardcover
  • ISBN: 1439841594
  • ISBN-13: 9781439841594
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Securing against operational interruptions and the theft of your data is much too important to leave to chance. By planning for the worst, you can ensure your organization is prepared for the unexpected. Enterprise Architecture and Information Assurance: Developing a Secure Foundation explains how to design complex, highly available, and secure enterprise architectures that integrate the most critical aspects of your organization's business processes.

Filled with time-tested guidance, the book describes how to document and map the security policies and procedures needed to ensure cost-effective organizational and system security controls across your entire enterprise. It also demonstrates how to evaluate your network and business model to determine if they fit well together. The book’s comprehensive coverage includes:

  • Infrastructure security model components
  • Systems security categorization
  • Business impact analysis
  • Risk management and mitigation
  • Security configuration management
  • Contingency planning
  • Physical security
  • The certification and accreditation process

Facilitating the understanding you need to reduce and even mitigate security liabilities, the book provides sample rules of engagement, lists of NIST and FIPS references, and a sample certification statement. Coverage includes network and application vulnerability assessments, intrusion detection, penetration testing, incident response planning, risk mitigation audits/reviews, and business continuity and disaster recovery planning.

Reading this book will give you the reasoning behind why security is foremost. By following the procedures it outlines, you will gain an understanding of your infrastructure and what requires further attention.

商品描述(中文翻譯)

保護免受運營中斷和數據被盜的風險是非常重要的,不能靠運氣。通過為最壞情況做好準備,您可以確保組織能夠應對意外情況。《企業架構與信息保護:建立安全基礎》解釋了如何設計複雜、高可用性和安全的企業架構,並將組織業務流程的最關鍵方面整合在一起。

這本書充滿了經過時間考驗的指導,描述了如何記錄和映射所需的安全政策和程序,以確保整個企業範圍內的成本效益組織和系統安全控制。它還演示了如何評估您的網絡和業務模型是否相互匹配。該書的全面內容包括:

- 基礎設施安全模型組件
- 系統安全分類
- 業務影響分析
- 風險管理和緩解
- 安全配置管理
- 緊急計劃
- 實體安全
- 認證和審批過程

該書還提供了幫助您理解並減少甚至緩解安全責任的樣本參考、NIST和FIPS參考列表以及樣本認證聲明。內容包括網絡和應用程序漏洞評估、入侵檢測、滲透測試、事件響應計劃、風險緩解審計/審查以及業務連續性和災難恢復計劃。

閱讀這本書將使您明白為什麼安全是首要的。通過遵循書中概述的程序,您將對基礎設施有更深入的了解,並了解哪些方面需要進一步關注。