Автор: Mark Talabis Название: Information Security Risk Assessment Toolkit, ISBN: 1597497355 ISBN-13(EAN): 9781597497350 Издательство: Elsevier Science Рейтинг: Цена: 4441 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: In order to protect company’s information assets such as sensitive customer records, health care records, etc., the security practitioner first needs to find out: what needs protected, what risks those assets are exposed to, what controls are in place to offset those risks, and where to focus attention for risk treatment. This is the true value and purpose of information security risk assessments. Effective risk assessments are meant to provide a defendable analysis of residual risk associated with your key assets so that risk treatment options can be explored. Information Security Risk Assessment Toolkitgives you the tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders.
Автор: Scherling Название: Practical Risk Management for the CIO ISBN: 1439856532 ISBN-13(EAN): 9781439856536 Издательство: Taylor&Francis Рейтинг: Цена: 8026 р. Наличие на складе: Поставка под заказ.
Описание: Detailing procedures that will help your team perform better risk assessments and aggregate results into more meaningful metrics, Practical Risk Management for the CIO approaches information risk management through improvements to information management and information security. It provides easy-to-follow guidance on how to effectively manage the flow of information and incorporate both service delivery and reliability. Clarifying common misunderstandings about the risks in cyberspace, this book provides the foundation required to make more informed decisions and effectively manage, protect, and deliver information to your organization and its constituents.
Автор: Pompon Название: IT Security Risk Control Management ISBN: 1484221397 ISBN-13(EAN): 9781484221396 Издательство: Springer Рейтинг: Цена: 4701 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book explains how to construct an information security program, from inception to audit, with enduring, practical, hands-on advice and actionable behavior for IT professionals. Information security is more than configuring firewalls, removing viruses, hacking machines, or setting passwords. Creating and promoting a successful security program requires skills in organizational consulting, diplomacy, change management, risk analysis, and out-of-the-box thinking.IT Security Risk Control Management provides step-by-step guidance on how to craft a security program that will fit neatly into an organization and change dynamically to suit both the needs of the organization and survive constant changing threats. Readers will understand the paradoxes of information security and discover handy tools that hook security controls into business processes. With this book, you will be able to equip your security program to prepare for and pass such common audits as PCI, SSAE-16 and ISO 27001. In addition, you will learn the depth and breadth of the expertise necessary to become an adaptive and effective security professional. This book:Starts at the beginning of how to approach, scope, and customize a security program to fit an organization.Walks you through how to implement the most challenging processes, pointing out common pitfalls and distractions.Teaches you how to frame security and risk issues to be clear and actionable to decision makers, technical personnel, and users. What you’ll learnHow to organically grow a useful, functional security program appropriate to an organization's culture and requirementsHow to inform, advise, and influence executives, IT staff, and users on information securityHow to think like a seasoned security professional, understanding how cyber-criminals subvert systems with subtle and insidious tricks.How to analyze, select, implement, and monitor security controls such as change control, vulnerability management, incident response, and access controls.How to prepare an organization to pass external formal audits such as PCI, SSAE-16 or ISO 27001How to write clear, easy to follow, comprehensive security policies and proceduresWho This Book Is ForIT professionals moving into the security field; new security managers, directors, project heads, and would-be CISOs; and security specialists from other disciplines moving into information security (e.g., former military security professionals, law enforcement professionals, and physical security professionals).
Описание: Addresses ASP.NET 3.5, AJAX, and IIS 7 security from the developer`s point of view. This book looks at the fresh features of IIS 7.0 and focuses on IIS 7.0 and ASP.NET 3.5 integration. It gives a detailed explanation of the request life cycle for an ASP.NET application running on IIS 7.
Автор: Collette Название: CISO Soft Skills ISBN: 1420089102 ISBN-13(EAN): 9781420089103 Издательство: Taylor&Francis Рейтинг: Цена: 8084 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: A companion volume to the highly touted CISO Handbook, this book presents tools to empower organizations to identify the intangible negative influences on security that plague most organizations, and provides further techniques for security professionals to identify, minimize, and overcome these pitfalls within their own customized situations. The book also discusses some proactive techniques that CISOs can utilize in order to effectively secure challenging work environments. Reflecting the experience and solutions of those that are in the trenches of modern organizations, this volume provides practical ideas that can make a difference in the daily lives of security practitioners.
Название: Port Security Management ISBN: 142006892X ISBN-13(EAN): 9781420068924 Издательство: Taylor&Francis Рейтинг: Цена: 6351 р. Наличие на складе: Поставка под заказ.
Описание: Focusing on organizational structure and operations oversight, this book explores security management in the port facility environment. It begins with a historical perspective on maritime and port security and presents the management of risk assessment within the context of the unique vulnerabilities within the maritime and port sector.
Описание: Access Control Systems: Security, Identity Management and Trust Models provides a thorough introduction to the foundations of programming systems security, delving into identity management, trust models, and the theory behind access control models. The book details access control mechanisms that are emerging with the latest Internet programming technologies, and explores all models employed and how they work. The latest role-based access control (RBAC) standard is also highlighted.This unique technical reference is designed for security software developers and other security professionals as a resource for setting scopes of implementations with respect to the formal models of access control systems. The book is also suitable for advanced-level students in security programming and system design.
Описание: A compilation of the fundamental knowledge, skills, techniques, and tools required by all security professionals, this work forms the basis on which all IT
security programs and certifications are created. Considered the gold-standard reference of Information Security, the 2009 CD-Rom edition includes coverage of each domain of the
Common Body of Knowledge, the standard of knowledge required by IT security professionals worldwide. In step with the lightening-quick, increasingly fast pace of change in the
technology field, this CD is revised annually, keeping IT professionals updated and current in their field and on the job.
Описание: The security field evolves rapidly becoming broader and more complex each year. The common thread tying the field together is the discipline of management. The Best Damn Security Manager's Handbook Period has comprehensive coverage of all management issues facing IT and security professionals and is an ideal resource for those dealing with a changing daily workload.Coverage includes Business Continuity, Disaster Recovery, Risk Assessment, Protection Assets, Project Management, Security Operations, and Security Management, and Security Design & Integration.Compiled from the best of the Syngress and Butterworth Heinemann libraries and authored by business continuity expert Susan Snedaker, this volume is an indispensable addition to a serious security professional's toolkit.
Автор: Jacob Babbin Название: Security Log Management, ISBN: 1597490423 ISBN-13(EAN): 9781597490429 Издательство: Elsevier Science Рейтинг: Цена: 4488 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be used
to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the 'Top 10' security logs that every IT professional should be
regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts.
The book then goes
on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various
network devices to the 'Top 10' list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance.
the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection
system, mail server, Web server, and database produces some type of 'log file'. This is true of both open source tools and commercial software and hardware from every IT
Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a
result, almost everyone involved in the IT industry works with log files in some capacity. Thi
book provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network.
of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. This will save system administrators countless hours by
scripting and automating the most common to the most complex log analysis tasks.
Автор: Peltier Название: Information Security Policies and Procedures ISBN: 0849319587 ISBN-13(EAN): 9780849319587 Издательство: Taylor&Francis Рейтинг: Цена: 13860 р. Наличие на складе: Есть у поставщика Поставка под заказ.
Описание: This book illustrates how policies and procedures support the efficient running of an organization. It points out how security documents and standards are key elements in the business process, but should never be undertaken to satisfy a perceived audit or security requirement. Instead, policies, standards, and procedures should exist only to support business objectives or mission requirements. The authors emphasize how information security must be integrated into all business processes. The book examines Tier 1, Tier 2, and Tier 3 policies.
Описание: Implement SIEM to efficiently analyze and report data, respond to inside and outside threats, and follow compliance regulations
"Security Information and Event Management (SIEM) Implementation" shows how to take advantage of SIEM technology for real-time analysis of security alerts generated by network hardware and applications. The book explains how to implement multiple SIEM products from different vendors, and also discusses the strengths, weaknesses, and advanced tuning of these various systems.
This comprehensive guide covers everything from basic concepts and components to high-level configuration, risk and threat analysis, interpretation, and response. The separate pieces that make up a complete SIEM system are outlined, and techniques for deploying an integrated collection of discrete SIEM pieces to meet your requirements are presented. You will also learn how to extend SIEM tools to develop business intelligence solutions.
"Security Information and Event Management (SIEM) Implementation" Includes a Smartbook--a knowledge base of real-world business use cases illustrating successfully deployed, finely-tuned SIEM systems Covers the top SIEM products/vendors: ArcSight, Q1 QRadar, and Cisco MARS Is written by security, SIEM, and compliance experts Includes product feature summaries and analyses and trending examples Covers regulatory compliance issues and provides Incident Response solutions
All-inclusive coverage: Introduction to Threat Intelligence For IT Systems; Business Models; Threat Models; Compliance; SIEM Concepts - Components for small and medium size businesses; The Anatomy of SIEM Systems; Incident Response; SIEM for Business Intelligence; SIEM Tools; Open Systems SIEM Implementation; Open Systems SIEM Advanced Techniques; Cisco Security-MARS Implementation; Cisco Security-MARS Advanced Techniques; Q1 Labs QRadar Implementation; Q1 Labs Advanced Techniques; ArcSight Implementation; ArcSight Advanced Techniques
ООО "Логосфера " Тел:+7(495) 980-12-10 www.logobook.ru