Information Assurance Handbook: Effective Computer Security and Risk Management Strategies (Paperback)
暫譯: 資訊保障手冊:有效的電腦安全與風險管理策略 (平裝本)
Corey Schou, Steven Hernandez
- 出版商: McGraw-Hill Education
- 出版日期: 2014-09-16
- 定價: $1,960
- 售價: 6.0 折 $1,176
- 語言: 英文
- 頁數: 480
- 裝訂: Paperback
- ISBN: 0071821651
- ISBN-13: 9780071821650
-
相關分類:
資訊安全
立即出貨 (庫存 < 4)
買這商品的人也買了...
相關主題
商品描述
Best practices for protecting critical data and systems
Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to integrate information assurance into your enterprise planning in a non-technical manner. It leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike.
Common threats and vulnerabilities are described and applicable controls based on risk profiles are provided. Practical information assurance application examples are presented for select industries, including healthcare, retail, and industrial control systems. Chapter-ending critical thinking exercises reinforce the material covered. An extensive list of scholarly works and international government standards is also provided in this detailed guide.
Comprehensive coverage includes:
- Basic information assurance principles and concepts
- Information assurance management system
- Current practices, regulations, and plans
- Impact of organizational structure
- Asset management
- Risk management and mitigation
- Human resource assurance
- Advantages of certification, accreditation, and assurance
- Information assurance in system development and acquisition
- Physical and environmental security controls
- Information assurance awareness, training, and education
- Access control
- Information security monitoring tools and methods
- Information assurance measurements and metrics
- Incident handling and computer forensics
- Business continuity management
- Backup and restoration
- Cloud computing and outsourcing strategies
- Information assurance big data concerns
商品描述(中文翻譯)
最佳實踐以保護關鍵數據和系統
《資訊保障手冊:有效的電腦安全與風險管理策略》討論了防止、檢測、遏制、修正和從安全漏洞及其他資訊保障失敗中恢復所需的工具和技術。這本實用資源以非技術性的方式解釋如何將資訊保障整合到企業規劃中。它引導您建立IT策略,並提供一種組織方法,以識別、實施和控制小型企業及全球企業的資訊保障計劃。
書中描述了常見的威脅和漏洞,並根據風險概況提供適用的控制措施。針對特定行業(包括醫療保健、零售和工業控制系統)提供了實用的資訊保障應用範例。每章結尾的批判性思考練習加強了所涵蓋的材料。此外,這本詳細指南中還提供了廣泛的學術作品和國際政府標準的清單。
全面的內容涵蓋:
- 基本的資訊保障原則和概念
- 資訊保障管理系統
- 當前的實踐、法規和計劃
- 組織結構的影響
- 資產管理
- 風險管理和緩解
- 人力資源保障
- 認證、認可和保障的優勢
- 系統開發和採購中的資訊保障
- 物理和環境安全控制
- 資訊保障意識、培訓和教育
- 存取控制
- 資訊安全監控工具和方法
- 資訊保障的測量和指標
- 事件處理和電腦取證
- 業務持續管理
- 備份和恢復
- 雲計算和外包策略
- 資訊保障中的大數據問題
