| 000 | 04340nam a2200241Ia 4500 | ||
|---|---|---|---|
| 003 | NULRC | ||
| 005 | 20250520102923.0 | ||
| 008 | 250520s9999 xx 000 0 und d | ||
| 020 | _a9780128007440 | ||
| 040 | _cNULRC | ||
| 050 | _aQA 76.9 .A53 2014 | ||
| 100 |
_aAndress, Jason _eauthor |
||
| 245 | 4 |
_aThe basics of information security : _bunderstanding the fundamentals of InfoSec in theory and practice / _cJason Andress |
|
| 250 | _aSecond edition. | ||
| 260 |
_aWaltham, MA : _bElsevier/Syngress, _cc2014 |
||
| 300 |
_axxi, 217 pages : _billustrations ; _c24 cm. |
||
| 365 | _bUSD24.27 | ||
| 504 | _aIncludes index. | ||
| 505 | _aFront Cover; The Basics of Information Security; Copyright Page; Dedication; Contents; Author Biography; Introduction; Book overview and key learning points; Book audience; How this book is organized; Chapter 1: What is information security?; Chapter 2: Identification and authentication; Chapter 3: Authorization and access control; Chapter 4: Auditing and accountability; Chapter 5: Cryptography; Chapter 6: Laws and regulations; Chapter 7: Operations security; Chapter 8: Human element security; Chapter 9: Physical security; Chapter 10: Network security; Chapter 11: Operating system security. Chapter 12: Application securityConclusion; 1 What is Information Security?; Introduction; What is security?; When are we secure?; Alert!; Models for discussing security; The confidentiality, integrity, and availability triad; More advanced; Confidentiality; Integrity; Availability; Relating the CIA triad to security; The Parkerian hexad; Alert!; Confidentiality, integrity, and availability; Possession or control; Authenticity; Utility; Attacks; Types of attack payloads; Interception; Interruption; Modification; Fabrication; Threats, vulnerabilities, and risk; Threats; Vulnerabilities; Risk. ImpactRisk management; Identify assets; Identify threats; Assess vulnerabilities; Assess risks; Mitigating risks; Physical; Logical and technical controls; Administrative; Incident response; Preparation; Detection and analysis; Containment, eradication, and recovery; Post incident activity; Defense in depth; Layers; Information security in the real world; Summary; Exercises; References; 2 Identification and Authentication; Introduction; Identification; Who we claim to be; Identity verification; Falsifying identification; Authentication; Factors; Multifactor authentication. Mutual authenticationPasswords; More advanced; Biometrics; Additional resources; Characteristics; Measuring performance; Issues; Hardware tokens; Alert!; Identification and authentication in the real world; Summary; Exercises; References; 3 Authorization and Access Control; Introduction; Authorization; Principle of least privilege; Access control; More advanced; Access control lists; File system ACLs; More advanced; Network ACLs; Alert!; More advanced; Capabilities; Confused deputy problem; Alert!; Access control methodologies; Access control models; Discretionary access control. Mandatory access controlMore advanced; Role-based access control; Attribute-based access control; Multilevel access control; Physical access controls; Authorization and access control in the real world; Summary; Exercises; References; 4 Auditing and Accountability; Introduction; Accountability; More advanced; Security benefits of accountability; Nonrepudiation; Deterrence; More advanced; Intrusion detection and prevention; Admissibility of records; How we accomplish accountability; Auditing; What do we audit?; Alert!; Logging; Monitoring; Assessments. | ||
| 520 | _aAs part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. It covers the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability. Then it dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.Learn about information security without wading through huge manualsCovers both theoretical and practical aspects of information securityGives a broad view of the information security field for practitioners, students, and enthusiasts. | ||
| 650 | _aCOMPUTER NETWORKS -- SECURITY MEASURES | ||
| 942 |
_2lcc _cBK |
||
| 999 |
_c18781 _d18781 |
||