Freshly Printed - allow 10 days lead
Couldn't load pickup availability
Introduction to Information Security
A Strategic-Based Approach
A strategy-based introduction to information security methods and techniques
Timothy Shimeall (Author), Jonathan Spring (Author)
9781597499699, Elsevier Science
Paperback / softback, published 27 November 2013
382 pages, 20 illustrations
23.5 x 19 x 2.4 cm, 0.77 kg
"...this is a top-down approach to securing an organisation, helping you to understand how all the pieces fit together...The people most likely to benefit...are IT staff who don’t necessarily have a great deal of experience in security." --Network Security,December 1 2013 This work can best serve as a supplemental general resource to accompany a more-technical work on information security (IS)…overall, the text is well-written and engaging...Summing Up: Recommended" --CHOICE,August 1 2014 "If you want to roll your sleeves up and do the computer equivalent of getting your hands greasy under the bonnet, this book will take you through hosts, firewalls, passwords, phishing and the like. Thanks partly to case studies and profiles, the authors never forget that infosec is about people, both the good guys and the fraudsters and hackers." --Professional Security Magazine Online, May 28, 2014 "The book provides a good balance between the broad aspects of information security, privacy and risk management; without overwhelming the novice with far too much minutiae…For those looking for an introduction to the topic, that nonetheless provides a comprehensive overview of the relevant areas, Introduction to Information Security: A Strategic-Based Approach is an excellent reference." --RSAConference.com, May 7, 2014 "As an American book, it covers US law on the subject…If you want to roll your sleeves up and do the computer equivalent of getting your hands greasy under the bonnet, this book will take you through hosts, firewalls, passwords, phishing and the like. Thanks partly to case studies and profiles, the authors never forget that infosec is about people, both the good guys and the fraudsters and hackers." --Professional Security Magazine Online, March 31, 2014 "Along with being an excellent discussion for the security professional, this book is ideally suited for use as a textbook at the undergraduate or graduate level,…For professionals and students alike, the book offers two outstanding features throughout the text: profiles of individuals who made important contributions to the field, and descriptions of real-world attacks that led to many of the technologies and methods discussed." --ComputingReviews.com, February 25, 2014
Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information.
Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.
1. Introduction & Definitions
2. Strategies and Security
3. Deception Strategies: Network Organization
4. Deception Strategies: Defensive technologies
5. Frustration Strategies: Footprint Minimization
6. Frustration Strategies: Formal verification
7. Resistance Strategies: Authentication & Permissions
8. Resistance Strategies: Encryption
9. Resistance Strategies: Partitioning & Need-to-Know
10. Resistance Strategies: Change management
11. Recognition Strategies: Network Analysis
12. Recognition Strategies: Intrusion Detection and Prevention
13. Recognition Strategies: Host-based recognition & Forensics
14. Recognition Strategies: Integrity detection
15. Recovery of Security
16. Summary: Certifications and Conclusions
Subject Areas: Computer security [UR]
