A Practical Guide to Security Engineering and Information Assurance
394 pages, parution le 07/03/2002
Résumé
Today the vast majority of the world's information resides
in, is derived from, and is exchanged among multiple
automated systems. Critical decisions are made, and
critical action is taken based on information from these
systems. Therefore, the information must be accurate,
correct, and timely, and be manipulated, stored, retrieved,
and exchanged safely, reliably, and securely. In a time
when information is considered the latest commodity,
information security should be top priority. A Practical
Guide to Security Engineering and Information Assurance
gives you an engineering approach to information security
and information assurance (IA). The book examines the
impact of accidental and malicious intentional action and
inaction on information security and IA. Innovative
long-term vendor, technology, and application-independent
strategies show you how to protect your critical systems
and data from accidental and intentional action and
inaction that could lead to system failure or compromise.
The author presents step-by-step, in-depth processes for
defining information security and assurance goals,
performing vulnerability and threat analysis, implementing
and verifying the effectiveness of threat control measures,
and conducting accident and incident investigations. She
explores real-world strategies applicable to all systems,
from small systems supporting a home-based business to
those of a multinational corporation, government agency, or
critical infrastructure system. The information revolution
has brought its share of risks. Exploring the synergy
between security, safety, and reliability engineering, A
Practical Guide to Security Engineering and Information
Assurance consolidatesand organizes current thinking about
information security/IA techniques, approaches, and best
practices. As this book will show you, there is
considerably more to information security/IA than
firewalls, encryption, and virus protection.
Contents
1 Introduction 1
2 What Is Information Assurance, How Does It Relate To
Information Security, and Why Are Both Needed? 7
3 Historical Approaches To Information Security and
Information Assurance 27
4 Define the System Boundaries 67
5 Perform Vulnerability and Threat Analyses 83
6 Implement Threat Control Measures 127
7 Verify Effectiveness of Threat Control Measures 207
8 Conduct Accident/Incident Investigations 229
Annex A: Glossary of Terms 275
Annex B: Glossary of Techniques 295
Annex C: Additional Resources 353
Annex D Summary of Components, Activities, and Tasks of an
Effective Information Security/IA Program 373
Index
Caractéristiques techniques
| PAPIER | |
| Éditeur(s) | Auerbach |
| Auteur(s) | Debra S. Herrmann |
| Parution | 07/03/2002 |
| Nb. de pages | 394 |
| Format | 18 x 26 |
| Couverture | Broché |
| Poids | 910g |
| Intérieur | Noir et Blanc |
| EAN13 | 9780849311635 |
| ISBN13 | 978-0-8493-1163-5 |
Avantages Eyrolles.com
Livraison à partir de 0,01 € en France métropolitaine
Paiement en ligne SÉCURISÉ
Livraison dans le monde
Retour sous 15 jours
+ d'un million et demi de livres disponibles
Nouveautés "Sécurité internet"
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Informatique d'entreprise Sécurité
- Informatique Réseaux et télecommunications Ouvrages généraux
- Informatique Réseaux et télecommunications Protocoles et standards
- Informatique Réseaux et télecommunications Administration réseau
- Informatique Réseaux et télecommunications Sécurité réseau Sécurité internet
