Security Controls Evaluation, Testing, and Assessment Handbook (Paperback)
暫譯: 安全控制評估、測試與評估手冊 (平裝本)

Leighton Johnson

Security Controls Evaluation, Testing, and Assessment Handbook (Paperback)
  • 出版商: Syngress Media
  • 出版日期: 2016-01-06
  • 定價: $2,600
  • 售價: 8.5$2,210
  • 語言: 英文
  • 頁數: 678
  • 裝訂: Paperback
  • ISBN: 0128023244
  • ISBN-13: 9780128023242
  • 相關分類: 資訊安全

    • 立即出貨 (庫存 < 3)

相關主題

商品描述

Security Controls Evaluation, Testing, and Assessment Handbook provides a current and well-developed approach to evaluation and testing of security controls to prove they are functioning correctly in today's IT systems. This handbook shows you how to evaluate, examine, and test installed security controls in the world of threats and potential breach actions surrounding all industries and systems. If a system is subject to external or internal threats and vulnerabilities - which most are - then this book will provide a useful handbook for how to evaluate the effectiveness of the security controls that are in place.

Security Controls Evaluation, Testing, and Assessment Handbook shows you what your security controls are doing and how they are standing up to various inside and outside threats. This handbook provides guidance and techniques for evaluating and testing various computer security controls in IT systems.

Author Leighton Johnson shows you how to take FISMA, NIST Guidance, and DOD actions and provide a detailed, hands-on guide to performing assessment events for information security professionals who work with US federal agencies. As of March 2014, all agencies are following the same guidelines under the NIST-based Risk Management Framework. This handbook uses the DOD Knowledge Service and the NIST Families assessment guides as the basis for needs assessment, requirements, and evaluation efforts for all of the security controls. Each of the controls can and should be evaluated in its own unique way, through testing, examination, and key personnel interviews. Each of these methods is discussed.

  • Provides direction on how to use SP800-53A, SP800-115, DOD Knowledge Service, and the NIST Families assessment guides to implement thorough evaluation efforts for the security controls in your organization.
  • Learn how to implement proper evaluation, testing, and assessment procedures and methodologies with step-by-step walkthroughs of all key concepts.
  • Shows you how to implement assessment techniques for each type of control, provide evidence of assessment, and proper reporting techniques.

商品描述(中文翻譯)

《安全控制評估、測試與評估手冊》提供了一種當前且完善的方法來評估和測試安全控制,以證明它們在當今的IT系統中運作正常。本手冊向您展示如何在各行各業和系統中,面對威脅和潛在違規行為的環境下,評估、檢查和測試已安裝的安全控制。如果一個系統面臨外部或內部的威脅和漏洞——大多數系統都是如此——那麼這本書將為您提供一個有用的手冊,幫助您評估現有安全控制的有效性。

《安全控制評估、測試與評估手冊》向您展示您的安全控制正在做什麼,以及它們如何抵禦各種內部和外部威脅。本手冊提供了在IT系統中評估和測試各種計算機安全控制的指導和技術。

作者Leighton Johnson向您展示如何利用FISMA、NIST指導和DOD行動,為與美國聯邦機構合作的信息安全專業人員提供詳細的實用指南,以執行評估事件。截至2014年3月,所有機構都遵循基於NIST的風險管理框架下的相同指導方針。本手冊使用DOD知識服務和NIST家庭評估指南作為所有安全控制需求評估、要求和評估工作的基礎。每個控制都可以並應該以其獨特的方式進行評估,通過測試、檢查和關鍵人員訪談來進行。這些方法都將進行討論。

- 提供如何使用SP800-53A、SP800-115、DOD知識服務和NIST家庭評估指南來實施徹底評估工作的指導。
- 學習如何實施正確的評估、測試和評估程序及方法,並逐步講解所有關鍵概念。
- 向您展示如何為每種類型的控制實施評估技術,提供評估證據和正確的報告技術。

類似商品