| |
|
|
|
|
|
|
|
|
1. |
Record Nr. |
UNINA9911006542203321 |
|
|
Autore |
Alexander David |
|
|
Titolo |
Information security management principles / / Andy Taylor (editor), David Alexander, Amanda Finch, David Sutton |
|
|
|
|
|
|
|
Pubbl/distr/stampa |
|
|
Swindon, U.K., : BCS Learning & Development Ltd., 2013 |
|
|
|
|
|
|
|
ISBN |
|
9781628702590 |
1628702591 |
9781780171760 |
1780171765 |
|
|
|
|
|
|
|
|
Edizione |
[2nd ed.] |
|
|
|
|
|
Descrizione fisica |
|
1 online resource (227 p.) |
|
|
|
|
|
|
Altri autori (Persone) |
|
FinchAmanda |
SuttonDavid |
TaylorAndy |
|
|
|
|
|
|
|
|
Disciplina |
|
|
|
|
|
|
Soggetti |
|
Computer security - Management |
Data protection |
|
|
|
|
|
|
|
|
Lingua di pubblicazione |
|
|
|
|
|
|
Formato |
Materiale a stampa |
|
|
|
|
|
Livello bibliografico |
Monografia |
|
|
|
|
|
Note generali |
|
Description based upon print version of record. |
|
|
|
|
|
|
Nota di bibliografia |
|
Includes bibliographical references and index. |
|
|
|
|
|
|
Nota di contenuto |
|
Copyright; CONTENTS; LIST OF FIGURES AND TABLES; AUTHORS; ACKNOWLEDGEMENTS; ABBREVIATIONS; PREFACE; 1 INFORMATION SECURITY PRINCIPLES; CONCEPTS AND DEFINITIONS; THE NEED FOR, AND BENEFITS OF, INFORMATION SECURITY; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 2 INFORMATION RISK; THREATS TO, AND VULNERABILITIES OF, INFORMATION SYSTEMS; RISK MANAGEMENT; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 3 INFORMATION SECURITY FRAMEWORK; ORGANISATIONS AND RESPONSIBILITIES; ORGANISATIONAL POLICY, STANDARDS AND PROCEDURES; INFORMATION SECURITY GOVERNANCE; INFORMATION SECURITY IMPLEMENTATION |
SECURITY INCIDENT MANAGEMENTLEGAL FRAMEWORK; SECURITY STANDARDS AND PROCEDURES; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 4 PROCEDURAL AND PEOPLE SECURITY CONTROLS; PEOPLE; USER ACCESS CONTROLS; TRAINING AND AWARENESS; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 5 TECHNICAL SECURITY CONTROLS; PROTECTION FROM MALICIOUS SOFTWARE; NETWORKS AND |
|
|
|
|
|
|
|
|
|
|
|
COMMUNICATIONS; EXTERNAL SERVICES; CLOUD COMPUTING; IT INFRASTRUCTURE; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 6 SOFTWARE DEVELOPMENT AND LIFE CYCLE; TESTING, AUDIT AND REVIEW; SYSTEMS DEVELOPMENT AND SUPPORT; POINTERS FOR ACTIVITIES IN THIS CHAPTER |
7 PHYSICAL AND ENVIRONMENTAL SECURITYLEARNING OUTCOMES; GENERAL CONTROLS; PHYSICAL SECURITY; TECHNICAL SECURITY; PROCEDURAL SECURITY; PROTECTION OF EQUIPMENT; PROCESSES TO HANDLE INTRUDER ALERTS; CLEAR SCREEN AND DESK POLICY; MOVING PROPERTY ON AND OFF SITE; PROCEDURES FOR SECURE DISPOSAL; SECURITY REQUIREMENTS IN DELIVERY AND LOADING AREAS; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 8 DISASTER RECOVERY AND BUSINESS CONTINUITY MANAGEMENT; LEARNING OUTCOMES; DR/BCP, RISK ASSESSMENT AND IMPACT ANALYSIS; WRITING AND IMPLEMENTING PLANS; DOCUMENTATION, MAINTENANCE AND TESTING |
LINKS TO MANAGED SERVICE PROVISION AND OUTSOURCINGSECURE OFF-SITE STORAGE OF VITAL MATERIAL; INVOLVEMENT OF PERSONNEL, SUPPLIERS AND IT SYSTEMS PROVIDERS; SECURITY INCIDENT MANAGEMENT; COMPLIANCE WITH STANDARDS; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; 9 OTHER TECHNICAL ASPECTS; INVESTIGATIONS AND FORENSICS; ROLE OF CRYPTOGRAPHY; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; APPENDIX A; GLOSSARY; INDEX; Back Cover |
|
|
|
|
|
|
Sommario/riassunto |
|
In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edition includes the security of cloud-based resources. |
|
|
|
|
|
|
|
| |