The Basics of Information Security

The Basics of Information Security

Understanding the Fundamentals of InfoSec in Theory and Practice

2nd Edition - May 20, 2014

Write a review

  • Author: Jason Andress
  • Paperback ISBN: 9780128007440
  • eBook ISBN: 9780128008126

Purchase options

Purchase options
Available
DRM-free (Mobi, EPub, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. Author Jason Andress gives you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, and then dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security. The Basics of Information Security gives you clear-non-technical explanations of how infosec works and how to apply these principles whether you're in the IT field or want to understand how it affects your career and business. The new Second Edition has been updated for the latest trends and threats, including new material on many infosec subjects.

Key Features

  • Learn about information security without wading through a huge textbook
  • Covers both theoretical and practical aspects of information security
  • Provides a broad view of the information security field in a concise manner
  • All-new Second Edition updated for the latest information security trends and threats, including material on incident response, social engineering, security awareness, risk management, and legal/regulatory issues

Readership

Information security professionals and enthusiasts; entry-level network, security, and system administrators; an academic audience of intro-level students.

Table of Contents

  • Cover image
  • Title page
  • Table of Contents
  • Copyright
  • Dedication
  • Author Biography
  • Introduction
  • Book overview and key learning points
  • Book audience
  • How this book is organized
  • Conclusion
  • Chapter 1. What is Information Security?
  • Introduction
  • What is security?
  • Alert!
  • Models for discussing security
  • More advanced
  • Alert!
  • Attacks
  • Defense in depth
  • Information security in the real world
  • Summary
  • Exercises
  • References
  • Chapter 2. Identification and Authentication
  • Introduction
  • Identification
  • Authentication
  • More advanced
  • Additional resources
  • Alert!
  • Identification and authentication in the real world
  • Summary
  • Exercises
  • References
  • Chapter 3. Authorization and Access Control
  • Introduction
  • Authorization
  • Access control
  • More advanced
  • More advanced
  • Alert!
  • More advanced
  • Alert!
  • Access control methodologies
  • More advanced
  • Authorization and access control in the real world
  • Summary
  • Exercises
  • References
  • Chapter 4. Auditing and Accountability
  • Introduction
  • Accountability
  • More advanced
  • Auditing
  • Alert!
  • Accountability and auditing in the real world
  • More advanced
  • Summary
  • Exercises
  • References
  • Chapter 5. Cryptography
  • Introduction
  • History
  • More advanced
  • Additional resources
  • Modern cryptographic tools
  • More advanced
  • Protecting data at rest, in motion, and in use
  • Alert!
  • Cryptography in the real world
  • Summary
  • Exercises
  • References
  • Chapter 6. Laws and Regulations
  • Introduction
  • Laws and regulations
  • Compliance
  • Privacy
  • Summary
  • Questions
  • References
  • Chapter 7. Operations Security
  • Introduction
  • Alert!
  • Origins of operations security
  • Additional resources
  • The operations security process
  • Haas’ Laws of operations security
  • More advanced
  • Operations security in our personal lives
  • Alert!
  • Operations security in the real world
  • Summary
  • Exercises
  • References
  • Chapter 8. Human Element Security
  • Introduction
  • Humans: the weak link
  • Security awareness
  • The security awareness and training program
  • Summary
  • Exercises
  • References
  • Chapter 9. Physical Security
  • Introduction
  • Alert!
  • Additional resources
  • Physical security controls
  • Protecting people
  • Protecting data
  • More advanced
  • Protecting equipment
  • Note
  • Physical security in the real world
  • Summary
  • Exercises
  • References
  • Chapter 10. Network Security
  • Introduction
  • Protecting networks
  • Protecting network traffic
  • Mobile device security
  • Network security tools
  • More advanced
  • Additional resources
  • Network security in the real world
  • Summary
  • Exercises
  • References
  • Chapter 11. Operating System Security
  • Introduction
  • Operating system hardening
  • Protecting against malware
  • Additional resources
  • More advanced
  • Software firewalls and host intrusion detection
  • Operating system security tools
  • Alert!
  • Operating system security in the real world
  • Summary
  • Exercises
  • References
  • Chapter 12. Application Security
  • Introduction
  • The TJX breach
  • Software development vulnerabilities
  • Additional resources
  • Web security
  • Alert!
  • More advanced
  • Database security
  • Additional resources
  • Application security tools
  • More advanced
  • Application security in the real world
  • Summary
  • Exercises
  • References
  • Index

Product details

  • No. of pages: 240
  • Language: English
  • Copyright: © Syngress 2014
  • Published: May 20, 2014
  • Imprint: Syngress
  • Paperback ISBN: 9780128007440
  • eBook ISBN: 9780128008126

About the Author

Jason Andress

Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.

Affiliations and Expertise

CISSP, ISSAP, CISM, GPEN

Ratings and Reviews

Write a review

There are currently no reviews for "The Basics of Information Security"