Search Images Maps Play YouTube News Gmail Drive More »
My library | Help | Advanced Book Search | Web History | Sign in

Books

Fundamentals of Information Systems Security

Front Cover
1 Review
Jones & Bartlett Learning, Nov 17, 2010 - Computers - 514 pages
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES! Fundamentals of Information System Security provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of the new risks, threats, and vulnerabilities associated with the transformation to a digital world, including a look at how business, government, and individuals operate today. Part 2 is adapted from the Official (ISC)2 SSCP Certified Body of Knowledge and presents a high-level overview of each of the seven domains within the System Security Certified Practitioner certification. The book closes with a resource for readers who desire additional material on information security standards, education, professional certifications, and compliance laws. With its practical, conversational writing style and step-by-step examples, this text is a must-have resource for those entering the world of information systems security. Instructor Materials for Fundamentals of Information System Security include: PowerPoint Lecture Slides Exam Questions Case Scenarios/Handouts .
  

What people are saying - Write a review

User Review - Flag as inappropriate

Chapter 7 has testing recommendations. The goal is mitigation of risks due to threats and vulnerabilities. Security testing paths include reconnaissance, network mapping, and testing of vulnerability and penetration. Scans show vulnerable services that requre a patch. Configuration hardening turns off unnecesary services. Covert testers act like hostiles. Intrusion detection systems may be network or host-based. A Security Information and Event Management system organizes log files. Benchmarks include ISO 27002, NIST SP 800, ITIL, COBIT, COSO. The Disaster Recovery Plan can be tested using checklist, structured walkthrough, simulation, parallel or full-interruption. A security gap analysis compares what the system has and what it needs. The book has 3 parts, 15 chapters having quizzes, and 4 appendices. There is a comprehensive glossary of key terms, and a list of references. The rest of the book has preparation for the Systems Security Certified Practitioner. 

Related books

Fundamentals of Information Systems Security
Fundamentals of Information Systems Security
David Kim,Michael G. Solomon
Limited preview - 2010
Fundamentals of Information Systems Security
Fundamentals of Information Systems Security
Jones & Bartlett Learning
Limited preview - 2011
Security Policies and Implementation Issues
Security Policies and Implementation Issues
Robert Johnson,Mark Merkow
Limited preview - 2010
All related books »

Selected pages

Contents

The Need for Information Security
1
The Systems Security Certified Practitioner SSCP Professional Certification from ISC
141
Information Security Standards Education Certifications and Laws
381
Answer Key
465
Standard Acronyms
467
Become an SSCP
469
SSCP Practice Exam
473
Glossary of Key Terms
477
References
493
Index
497
Copyright

Other editions - View all

Fundamentals of Information Systems Security
Fundamentals of Information Systems Security
David Kim,Michael G. Solomon
Limited preview - 2010
Fundamentals of Information Systems Security
Fundamentals of Information Systems Security
David Kim,Michael G. Solomon
Limited preview - 2010

Common terms and phrases

access control activity administration algorithm applications assessment assets attack audit authentication business continuity plan certification chapter cipher ciphertext CISSP communications compliance confidentiality configuration connection countermeasures covered entity create credentials cryptography customers decrypt defines detect devices digital signature disaster documents Domain e-mail employees encryption ensure example federal Figure files firewall FISMA GLBA hacker hardware hash HIPAA ICMP identify IETF incident include the following information security Information Systems Security infrastructure integrity Internet layer learned malware monitoring operating system organization organization’s OSI reference model packets password PCI DSS phishing protect Protocol recovery Remote Access requirements response risk analysis rootkit router security controls security policy security professionals server specific spyware SSCP standards switch TCP/IP threats traffic unauthorized user’s users vendors virus voice VoIP vulnerabilities wireless workstation

About the author (2010)

David Kim is president of Security Evolutions, LLC, located in Tarpon Springs, Florida. Mr. Kim's IT and IT security experience encompasses more than 25 years of network engineering hands-on IP network design and implementation, and telecom/broadband sales and marketing. He has developed solutions-selling programs for technology companies that sell products and solution.
Michael G. Solomon (CISSP, PMP, CISM, GSEC) is a full-time security speaker, consultant, and author who specializes in achieving and maintaining secure IT environments. As an IT professional and consultant since 1987, he has worked on projects for more than 100 major organizations and has authored and contributed to numerous books and training courses. Mr. Solomon is currently working on a PhD in computer science and informatics at Emory University in Atlanta, Georgia.

Bibliographic information

QR code for Fundamentals of Information Systems Security
TitleFundamentals of Information Systems Security
Information Systems Security & Assurance Series
Jones & bartlett Learning information systems & security series
AuthorsDavid Kim, Michael Solomon
PublisherJones & Bartlett Learning, 2010
ISBN0763790257, 9780763790257
Length514 pages
Subjects ›  › 

Computers / Security / General
Computers / Security / Networking
  
Export CitationBiBTeX EndNote RefMan