How to Cheat at Managing Information Security
This is the only book that covers all the topics that any budding security manager needs to know! This book is written for managers responsible for IT/Security departments from mall office environments up to enterprise networks.
These individuals do not need to know about every last bit and byte, but they need to have a solid understanding of all major, IT security issues to effectively manage their departments. This book is designed to cover both the basic concepts of security, non – technical principle and practices of security and provides basic information about the technical details of many of the products - real products, not just theory.
Written by a well known Chief Information Security Officer, this book gives the information security manager all the working knowledge needed to: • Design the organization chart of his new security organization • Design and implement policies and strategies • Navigate his way through jargon filled meetings • Understand the design flaws of his E-commerce and DMZ infrastructure
* A clearly defined guide to designing the organization chart of a new security organization and how to implement policies and strategies
* Navigate through jargon filled meetings with this handy aid
* Provides information on understanding the design flaws of E-commerce and DMZ infrastructure
What people are saying - Write a review
We haven't found any reviews in the usual places.
Chapter 3 Jargon Principles and Concepts
Chapter 4 Information Security Laws and Regulations
Chapter 5 Information Security Standards and Audits
Chapter 6 Interviews Bosses and Staff
Chapter 7 Infrastructure Security
Chapter 8 Firewalls
access controls access lists active alert allow analysis assessment assets attack audit auditor authentication bank baseline buffer overflow chapter Cisco Cisco PIX CISO command config configuration countermeasure cross-site scripting database defined deployed detection device director document e-commerce employees encryption ensure example Fat Bloke Figure firewall FireWall–1 functions hack hacker host IDS/IPS IDSes implemented inline interface internal Internet interview IP address IPSec monitoring NIDS operating system organization packet packet sniffers password pen test penetration testing port scan position problems protocols proxy response risk routers rules scan script security manager security officer security team sensor server session Snort span port spoofing SQL injection standard strategy switch Table technical techniques Telnet tester Threat tion traffic types Typically Unicode UNIX virus vulnerability Web server