SUSTAINABLE DEVELOPMENT
Innovate. Sustain. Transform.
Save up to 30% on top Physical Sciences & Engineering titles!
The Basics of Information Security
Understanding the Fundamentals of InfoSec in Theory and Practice
- 2nd Edition - May 20, 2014
- Author: Jason Andress
- Language: English
- Paperback ISBN:9 7 8 - 0 - 1 2 - 8 0 0 7 4 4 - 0
- eBook ISBN:9 7 8 - 0 - 1 2 - 8 0 0 8 1 2 - 6
As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspect… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteAs part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. Author Jason Andress gives you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, and then dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.
The Basics of Information Security gives you clear-non-technical explanations of how infosec works and how to apply these principles whether you're in the IT field or want to understand how it affects your career and business. The new Second Edition has been updated for the latest trends and threats, including new material on many infosec subjects.
- Learn about information security without wading through a huge textbook
- Covers both theoretical and practical aspects of information security
- Provides a broad view of the information security field in a concise manner
- All-new Second Edition updated for the latest information security trends and threats, including material on incident response, social engineering, security awareness, risk management, and legal/regulatory issues
Information security professionals and enthusiasts; entry-level network, security, and system administrators; an academic audience of intro-level students.
- Cover image
- Title page
- Table of Contents
- Copyright
- Dedication
- Author Biography
- Introduction
- Book overview and key learning points
- Book audience
- How this book is organized
- Conclusion
- Chapter 1. What is Information Security?
- Introduction
- What is security?
- Alert!
- Models for discussing security
- More advanced
- Alert!
- Attacks
- Defense in depth
- Information security in the real world
- Summary
- Exercises
- References
- Chapter 2. Identification and Authentication
- Introduction
- Identification
- Authentication
- More advanced
- Additional resources
- Alert!
- Identification and authentication in the real world
- Summary
- Exercises
- References
- Chapter 3. Authorization and Access Control
- Introduction
- Authorization
- Access control
- More advanced
- More advanced
- Alert!
- More advanced
- Alert!
- Access control methodologies
- More advanced
- Authorization and access control in the real world
- Summary
- Exercises
- References
- Chapter 4. Auditing and Accountability
- Introduction
- Accountability
- More advanced
- Auditing
- Alert!
- Accountability and auditing in the real world
- More advanced
- Summary
- Exercises
- References
- Chapter 5. Cryptography
- Introduction
- History
- More advanced
- Additional resources
- Modern cryptographic tools
- More advanced
- Protecting data at rest, in motion, and in use
- Alert!
- Cryptography in the real world
- Summary
- Exercises
- References
- Chapter 6. Laws and Regulations
- Introduction
- Laws and regulations
- Compliance
- Privacy
- Summary
- Questions
- References
- Chapter 7. Operations Security
- Introduction
- Alert!
- Origins of operations security
- Additional resources
- The operations security process
- Haas’ Laws of operations security
- More advanced
- Operations security in our personal lives
- Alert!
- Operations security in the real world
- Summary
- Exercises
- References
- Chapter 8. Human Element Security
- Introduction
- Humans: the weak link
- Security awareness
- The security awareness and training program
- Summary
- Exercises
- References
- Chapter 9. Physical Security
- Introduction
- Alert!
- Additional resources
- Physical security controls
- Protecting people
- Protecting data
- More advanced
- Protecting equipment
- Note
- Physical security in the real world
- Summary
- Exercises
- References
- Chapter 10. Network Security
- Introduction
- Protecting networks
- Protecting network traffic
- Mobile device security
- Network security tools
- More advanced
- Additional resources
- Network security in the real world
- Summary
- Exercises
- References
- Chapter 11. Operating System Security
- Introduction
- Operating system hardening
- Protecting against malware
- Additional resources
- More advanced
- Software firewalls and host intrusion detection
- Operating system security tools
- Alert!
- Operating system security in the real world
- Summary
- Exercises
- References
- Chapter 12. Application Security
- Introduction
- The TJX breach
- Software development vulnerabilities
- Additional resources
- Web security
- Alert!
- More advanced
- Database security
- Additional resources
- Application security tools
- More advanced
- Application security in the real world
- Summary
- Exercises
- References
- Index
- No. of pages: 240
- Language: English
- Edition: 2
- Published: May 20, 2014
- Imprint: Syngress
- Paperback ISBN: 9780128007440
- eBook ISBN: 9780128008126
JA
Jason Andress
Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.
Affiliations and expertise
CISSP, ISSAP, CISM, GPENRead The Basics of Information Security on ScienceDirect