𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Information Security Management Principles

✍ Scribed by Andy Taylor, David Alexander, Amanda Finch, David Sutton

Publisher
BCS, The Chartered Institute for IT
Year
2020
Tongue
English
Leaves
271
Edition
3
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

In today’s technology-driven environment there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. The third edition has been updated to reflect changes in the IT security landscape and updates to the BCS Certification in Information Security Management Principles, which the book supports.

✦ Table of Contents

Cover
Copyright page
CONTENTS
FIGURES AND TABLES
AUTHORS
ACKNOWLEDGEMENTS
ABBREVIATIONS
PREFACE
1 INFORMATION SECURITY PRINCIPLES
CONCEPTS AND DEFINITIONS
THE NEED FOR, AND BENEFITS OF, INFORMATION SECURITY
SAMPLE QUESTIONS
2 INFORMATION RISK
THREATS TO, AND VULNERABILITIES OF, INFORMATION SYSTEMS
RISK MANAGEMENT
SAMPLE QUESTIONS
REFERENCES AND FURTHER READING
3 INFORMATION SECURITY FRAMEWORK
ORGANISATION AND RESPONSIBILITIES
ORGANISATIONAL POLICY, STANDARDS AND PROCEDURES
INFORMATION SECURITY GOVERNANCE
INFORMATION ASSURANCE PROGRAMME IMPLEMENTATION
SECURITY INCIDENT MANAGEMENT
LEGAL FRAMEWORK
SECURITY STANDARDS AND PROCEDURES
SAMPLE QUESTIONS
REFERENCES
4 SECURITY LIFE CYCLES
THE INFORMATION LIFE CYCLE
TESTING, AUDIT AND REVIEW
SYSTEMS DEVELOPMENT AND SUPPORT
SAMPLE QUESTIONS
REFERENCE
5 PROCEDURAL AND PEOPLE SECURITY CONTROLS
GENERAL CONTROLS
PEOPLE SECURITY
USER ACCESS CONTROLS
TRAINING AND AWARENESS
SAMPLE QUESTIONS
6 TECHNICAL SECURITY CONTROLS
TECHNICAL SECURITY
PROTECTION FROM MALICIOUS SOFTWARE
NETWORKS AND COMMUNICATIONS
OPERATIONAL TECHNOLOGY
EXTERNAL SERVICES
CLOUD COMPUTING
IT INFRASTRUCTURE
SAMPLE QUESTIONS
7 PHYSICAL AND ENVIRONMENTAL SECURITY
PHYSICAL SECURITY
DIFFERENT USES OF CONTROLS
SAMPLE QUESTIONS
8 DISASTER RECOVERY AND BUSINESS CONTINUITY MANAGEMENT
RELATIONSHIP BETWEEN DR/BCP, RISK ASSESSMENT AND IMPACT ANALYSIS
RESILIENCE AND REDUNDANCY
APPROACHES TO WRITING PLANS AND IMPLEMENTING PLANS
THE NEED FOR DOCUMENTATION, MAINTENANCE AND TESTING
NEED FOR LINKS TO MANAGED SERVICE PROVISION AND OUTSOURCING
NEED FOR SECURE OFF-SITE STORAGE OF VITAL MATERIAL
NEED TO INVOLVE PERSONNEL, SUPPLIERS AND IT SYSTEMS PROVIDERS
RELATIONSHIP WITH SECURITY INCIDENT MANAGEMENT
COMPLIANCE WITH STANDARDS
SAMPLE QUESTIONS
9 OTHER TECHNICAL ASPECTS
INVESTIGATIONS AND FORENSICS
ROLE OF CRYPTOGRAPHY
THREAT INTELLIGENCE
CONCLUSION
SAMPLE QUESTIONS
REFERENCES AND FURTHER READING
APPENDIX A
ACTIVITY SOLUTION POINTERS
SAMPLE QUESTION ANSWERS
GLOSSARY
INDEX
Back Cover

πŸ“œ SIMILAR VOLUMES

Information Security Management Principl
πŸ“ Information Security Management Principles - Second edition
✍ Alexander, David; Finch, Amanda; Sutton, David; Taylor, Andy πŸ“‚ Library πŸ“… 2013 πŸ› BCS Learning & Development Ltd 🌐 English

Commercial, personal and sensitive information is very hard to keep secure, and technological solutions are not the only answer. In todays technology-driven environment, there is an ever-increasing demand for information delivery on various devices in the office, at home and in public places. A comp

Principles of Information Security
πŸ“ Principles of Information Security
✍ Michael E. Whitman, Herbert J. Mattord πŸ“‚ Library πŸ“… 2011 πŸ› Course Technology 🌐 English

The fourth edition of Principles of Information Security explores the field of information security and assurance with updated content including new innovations in technology and methodologies. Readers will revel in the comprehensive coverage that includes a historical overview of information securi