Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.
Save up to 30% on print and eBooks.
The Basics of Information Security
Understanding the Fundamentals of InfoSec in Theory and Practice
2nd Edition - May 20, 2014
Author: Jason Andress
Language: English
Paperback ISBN:9780128007440
9 7 8 - 0 - 1 2 - 8 0 0 7 4 4 - 0
eBook ISBN:9780128008126
9 7 8 - 0 - 1 2 - 8 0 0 8 1 2 - 6
As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspect…Read more
Purchase options
LIMITED OFFER
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. Author Jason Andress gives you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, and then dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.
The Basics of Information Security gives you clear-non-technical explanations of how infosec works and how to apply these principles whether you're in the IT field or want to understand how it affects your career and business. The new Second Edition has been updated for the latest trends and threats, including new material on many infosec subjects.
Learn about information security without wading through a huge textbook
Covers both theoretical and practical aspects of information security
Provides a broad view of the information security field in a concise manner
All-new Second Edition updated for the latest information security trends and threats, including material on incident response, social engineering, security awareness, risk management, and legal/regulatory issues
Information security professionals and enthusiasts; entry-level network, security, and system administrators; an academic audience of intro-level students.
Cover image
Title page
Table of Contents
Copyright
Dedication
Author Biography
Introduction
Book overview and key learning points
Book audience
How this book is organized
Conclusion
Chapter 1. What is Information Security?
Introduction
What is security?
Alert!
Models for discussing security
More advanced
Alert!
Attacks
Defense in depth
Information security in the real world
Summary
Exercises
References
Chapter 2. Identification and Authentication
Introduction
Identification
Authentication
More advanced
Additional resources
Alert!
Identification and authentication in the real world
Summary
Exercises
References
Chapter 3. Authorization and Access Control
Introduction
Authorization
Access control
More advanced
More advanced
Alert!
More advanced
Alert!
Access control methodologies
More advanced
Authorization and access control in the real world
Summary
Exercises
References
Chapter 4. Auditing and Accountability
Introduction
Accountability
More advanced
Auditing
Alert!
Accountability and auditing in the real world
More advanced
Summary
Exercises
References
Chapter 5. Cryptography
Introduction
History
More advanced
Additional resources
Modern cryptographic tools
More advanced
Protecting data at rest, in motion, and in use
Alert!
Cryptography in the real world
Summary
Exercises
References
Chapter 6. Laws and Regulations
Introduction
Laws and regulations
Compliance
Privacy
Summary
Questions
References
Chapter 7. Operations Security
Introduction
Alert!
Origins of operations security
Additional resources
The operations security process
Haas’ Laws of operations security
More advanced
Operations security in our personal lives
Alert!
Operations security in the real world
Summary
Exercises
References
Chapter 8. Human Element Security
Introduction
Humans: the weak link
Security awareness
The security awareness and training program
Summary
Exercises
References
Chapter 9. Physical Security
Introduction
Alert!
Additional resources
Physical security controls
Protecting people
Protecting data
More advanced
Protecting equipment
Note
Physical security in the real world
Summary
Exercises
References
Chapter 10. Network Security
Introduction
Protecting networks
Protecting network traffic
Mobile device security
Network security tools
More advanced
Additional resources
Network security in the real world
Summary
Exercises
References
Chapter 11. Operating System Security
Introduction
Operating system hardening
Protecting against malware
Additional resources
More advanced
Software firewalls and host intrusion detection
Operating system security tools
Alert!
Operating system security in the real world
Summary
Exercises
References
Chapter 12. Application Security
Introduction
The TJX breach
Software development vulnerabilities
Additional resources
Web security
Alert!
More advanced
Database security
Additional resources
Application security tools
More advanced
Application security in the real world
Summary
Exercises
References
Index
No. of pages: 240
Language: English
Edition: 2
Published: May 20, 2014
Imprint: Syngress
Paperback ISBN: 9780128007440
eBook ISBN: 9780128008126
JA
Jason Andress
Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.
Affiliations and expertise
CISSP, ISSAP, CISM, GPEN
Read The Basics of Information Security on ScienceDirect