Information assurance for the enterprise: a roadmap to information security
Going beyond the technical coverage of computer and systems security measures, Information Assurance for the Enterprise provides readers an overarching model for information assurance for businesses, government agencies, and other enterprises needing to establish a comprehensive plan. All the components of security and how they relate are featured, and readers will also be shown how an effective security policy can be developed. Topics like asset identification, human factors, compliance with regulations, personnel security, risk assessment and ethical considerations are covered, as well as computer and network security tools and methods. This is one of the only texts on the market that provides an up-to-date look at the whole range of security and IA topics. In post-9/11 times, managers and IT professionals need to address a wide range of security-related issues, and develop security systems that take all these diverse factors into account. As someone who has worked extensively with the U.S. State Department and other governmental agencies, Corey Schou is uniquely positioned to write the definitive book on the subject; and Daniel Shoemaker is a professor and consultant to the Department of Homeland Security in matters of Information Assurance policy.
70 pages matching defined in this book
Results 1-3 of 70
What people are saying - Write a review
We haven't found any reviews in the usual places.
Knowing What to Secure I
Knowing What to Secure I
26 other sections not shown
access control access rights accountability activities analysis application asset baseline assigned assurance and security attacks audit authentication authorized behavior certification Chapter common Common Criteria compliance confidentiality configuration management countermeasures criteria critical cryptanalysis decision decrypt defined digital signature disaster discretionary access control documentation effective electronic employee encryption enforce ensure environment established ethical evaluation execution factors formal identified implemented important individual information assurance process infrastructure integrity Internet involved Logic bombs maintained malicious monitoring object operating system organization organization's organizational overall password performance perimeter physical security plaintext policies practice problem problem-resolution procedures protection protection profile public key Recovery Recovery Point Objectives Recovery Time Objectives reference monitor response risk assessment role secret key security function security of operations software assurance specific standard testing threats tion types unauthorized understanding valid vulnerabilities