Infosec Strategies and Best Practices: Gain proficiency in information security using expert-level strategies and best practices
暫譯: 資訊安全策略與最佳實踐:運用專家級策略與最佳實踐提升資訊安全能力
MacMillan, Joseph
- 出版商: Packt Publishing
- 出版日期: 2021-05-21
- 售價: $1,830
- 貴賓價: 9.5 折 $1,739
- 語言: 英文
- 頁數: 272
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1800566352
- ISBN-13: 9781800566354
-
相關分類:
資訊安全
海外代購書籍(需單獨結帳)
相關主題
商品描述
Advance your career as an information security professional by turning theory into robust solutions to secure your organization
Key Features:
- Convert the theory of your security certifications into actionable changes to secure your organization
- Discover how to structure policies and procedures in order to operationalize your organization's information security strategy
- Learn how to achieve security goals in your organization and reduce software risk
Book Description:
Information security and risk management best practices enable professionals to plan, implement, measure, and test their organization's systems and ensure that they're adequately protected against threats.
The book starts by helping you to understand the core principles of information security, why risk management is important, and how you can drive information security governance. You'll then explore methods for implementing security controls to achieve the organization's information security goals. As you make progress, you'll get to grips with design principles that can be utilized along with methods to assess and mitigate architectural vulnerabilities. The book will also help you to discover best practices for designing secure network architectures and controlling and managing third-party identity services. Finally, you will learn about designing and managing security testing processes, along with ways in which you can improve software security.
By the end of this infosec book, you'll have learned how to make your organization less vulnerable to threats and reduce the likelihood and impact of exploitation. As a result, you will be able to make an impactful change in your organization toward a higher level of information security.
What You Will Learn:
- Understand and operationalize risk management concepts and important security operations activities
- Discover how to identify, classify, and maintain information and assets
- Assess and mitigate vulnerabilities in information systems
- Determine how security control testing will be undertaken
- Incorporate security into the SDLC (software development life cycle)
- Improve the security of developed software and mitigate the risks of using unsafe software
Who this book is for:
If you are looking to begin your career in an information security role, then this book is for you. Anyone who is studying to achieve industry-standard certification such as the CISSP or CISM, but looking for a way to convert concepts (and the seemingly endless number of acronyms) from theory into practice and start making a difference in your day-to-day work will find this book useful.
商品描述(中文翻譯)
提升您作為資訊安全專業人士的職業生涯,將理論轉化為堅實的解決方案,以保護您的組織
主要特點:
- 將您的安全認證理論轉化為可行的變更,以保護您的組織
- 探索如何結構化政策和程序,以便將您組織的資訊安全策略落實
- 學習如何在您的組織中實現安全目標並降低軟體風險
書籍描述:
資訊安全和風險管理的最佳實踐使專業人士能夠計劃、實施、測量和測試其組織的系統,並確保它們能夠充分防護威脅。
本書首先幫助您理解資訊安全的核心原則、風險管理的重要性,以及如何推動資訊安全治理。接著,您將探索實施安全控制的方法,以實現組織的資訊安全目標。隨著進展,您將掌握設計原則,這些原則可以與評估和減輕架構漏洞的方法一起使用。本書還將幫助您發現設計安全網路架構和控制及管理第三方身份服務的最佳實踐。最後,您將學習設計和管理安全測試流程,以及改善軟體安全的方法。
在這本資訊安全書籍結束時,您將學會如何使您的組織對威脅的脆弱性降低,並減少利用的可能性和影響。因此,您將能夠在您的組織中實現有影響力的變革,朝向更高水平的資訊安全。
您將學到的內容:
- 理解並落實風險管理概念及重要的安全運作活動
- 探索如何識別、分類和維護資訊和資產
- 評估和減輕資訊系統中的漏洞
- 確定安全控制測試的進行方式
- 將安全納入SDLC(軟體開發生命週期)
- 改善開發軟體的安全性並減輕使用不安全軟體的風險
本書適合對象:
如果您希望開始在資訊安全角色中的職業生涯,那麼這本書適合您。任何正在學習以獲得行業標準認證(如CISSP或CISM),但希望將概念(以及看似無窮無盡的縮寫)從理論轉化為實踐,並開始在日常工作中產生影響的人,都會發現這本書非常有用。
