Official (ISC)2 Guide to the CAP CBK, 2/e (Hardcover)
暫譯: 官方 (ISC)² CAP CBK 指南，第 2 版 (精裝本)

Name: Official (ISC)2 Guide to the CAP CBK, 2/e (Hardcover)
Price: 3173 TWD
Availability: InStock
Author: Patrick D. Howard
ISBN: 1439820759

Patrick D. Howard

出版商: Auerbach Publication
出版日期: 2012-07-24
售價: $3,340
貴賓價: 9.5 折 $3,173
語言: 英文
頁數: 462
裝訂: Hardcover
ISBN: 1439820759
ISBN-13: 9781439820759
相關分類: 資訊安全、資訊科學

立即出貨 (庫存=1)

買這商品的人也買了...

~~$588~~ $559

雲安全 CCSP 認證官方指南, 2/e
$500

CCSP 雲安全專家認證 All-in-One, 2/e

商品描述

Significant developments since the publication of its bestselling predecessor, Building and Implementing a Security Certification and Accreditation Program, warrant an updated text as well as an updated title. Reflecting recent updates to the Certified Authorization Professional (CAP^®) Common Body of Knowledge (CBK^®) and NIST SP 800-37, the Official (ISC)^2® Guide to the CAP^® CBK^®, Second Edition provides readers with the tools to effectively secure their IT systems via standard, repeatable processes.

Derived from the author’s decades of experience, including time as the CISO for the Nuclear Regulatory Commission, the Department of Housing and Urban Development, and the National Science Foundation’s Antarctic Support Contract, the book describes what it takes to build a system security authorization program at the organizational level in both public and private organizations. It analyzes the full range of system security authorization (formerly C&A) processes and explains how they interrelate. Outlining a user-friendly approach for top-down implementation of IT security, the book:

Details an approach that simplifies the authorization process, yet still satisfies current federal government criteria
Explains how to combine disparate processes into a unified risk management methodology
Covers all the topics included in the Certified Authorization Professional (CAP^®) Common Body of Knowledge (CBK^®)
Examines U.S. federal polices, including DITSCAP, NIACAP, CNSS, NIAP, DoD 8500.1 and 8500.2, and NIST FIPS
Reviews the tasks involved in certifying and accrediting U.S. government information systems

Chapters 1 through 7 describe each of the domains of the (ISC)^2® CAP^®CBK^®. This is followed by a case study on the establishment of a successful system authorization program in a major U.S. government department. The final chapter considers the future of system authorization. The book’s appendices include a collection of helpful samples and additional information to provide you with the tools to effectively secure your IT systems.

商品描述(中文翻譯)

自其暢銷前作《建立與實施安全認證與授權計畫》（Building and Implementing a Security Certification and Accreditation Program）出版以來，發生了重大進展，因此需要更新的文本和標題。本書《官方 (ISC)²® CAP® CBK® 指南，第二版》（Official (ISC)²® Guide to the CAP® CBK®, Second Edition）反映了對認證授權專業人員 (CAP®) 共同知識體 (CBK®) 和 NIST SP 800-37 的最新更新，為讀者提供有效保護其 IT 系統的工具，透過標準化、可重複的流程。

本書源自作者數十年的經驗，包括擔任核能監管委員會 (Nuclear Regulatory Commission)、住房與城市發展部 (Department of Housing and Urban Development) 及國家科學基金會 (National Science Foundation) 南極支援合約的首席資訊安全官 (CISO) 的經歷，描述了在公共和私營組織層面建立系統安全授權計畫所需的要素。它分析了系統安全授權（前稱 C&A）流程的全範圍，並解釋了它們之間的相互關係。本書概述了一種用戶友好的自上而下的 IT 安全實施方法，具體包括：

- 詳細說明簡化授權流程的方法，同時滿足當前聯邦政府的標準
- 解釋如何將不同的流程結合成統一的風險管理方法論
- 涵蓋所有認證授權專業人員 (CAP®) 共同知識體 (CBK®) 中包含的主題
- 檢視美國聯邦政策，包括 DITSCAP、NIACAP、CNSS、NIAP、DoD 8500.1 和 8500.2 以及 NIST FIPS
- 回顧美國政府資訊系統的認證與授權所涉及的任務

第 1 章至第 7 章描述了 (ISC)²® CAP® CBK® 的每個領域。接下來是一個案例研究，探討在美國主要政府部門建立成功的系統授權計畫。最後一章考慮了系統授權的未來。本書的附錄包括一系列有用的範本和額外資訊，為您提供有效保護 IT 系統的工具。