Description |
1 online resource (459 p.) |
Contents |
Cover -- Title Page -- Copyright Page -- Dedication -- Contents -- Acknowledgments -- Introduction -- Chapter 1 Governance and Risk Management -- Governance -- Information Security Governance -- Information Security Management Structure -- Sizing -- Management Structure -- Principles of Information Security -- The CIA Triad -- Security Vulnerabilities, Threats, Risks, and Exposures -- Cyberattack Elements -- Defense-In-Depth -- Risk Management -- Risk Management Program -- Best Practice Frameworks for Risk Management -- Management and Technical Information Security Elements |
|
Security Program Plan -- Security Policies, Standards, and Guidelines -- Asset Security -- Identity and Access Management -- Security Engineering -- Physical Security -- Security Operations -- Software Development Security -- Security Assessments and Testing -- Security Training and Awareness -- Business Continuity and Disaster Recovery -- Compliance -- Compliance Team -- Compliance Management -- Privacy -- Privacy Impact Assessment -- Privacy and Security -- Laws and Regulatory Drivers -- Federal Information Security Modernization Act |
|
Defense Federal Acquisition Regulation Supplement 252.204-7012 -- Clinger-Cohen Act -- Payment Card Industry Data Security Standard -- Privacy Act of 1974 -- Gramm-Leach-Bliley Act -- Health Insurance Portability and Accountability Act -- Family Educational Rights and Privacy Act -- Sarbanes-Oxley Act -- General Data Protection Regulation -- North American Electric Reliability Corporation Critical Infrastructure Protection -- Summary of Laws and Regulatory Drivers -- Standards and Frameworks -- ISO/IEC 27000 Series -- ISO/IEC 27001 -- NIST Cybersecurity Framework |
|
Federal Information Processing Standards -- NIST Special Publications -- Privacy Shield -- COBIT -- Information Security Trends and Best Practices -- Open Web Application Security Project -- Cloud Security Alliance -- Center for Internet Security -- Information Security Training and Certifications -- International Information System Security Certification Consortium -- ISACA -- International Council of E-Commerce Consultants -- SANS Institute -- Computing Technology Industry Association -- International Association of Privacy Professionals -- Offensive Security -- Ethics -- Chapter Review |
|
Quick Review -- Questions -- Answers -- Chapter 2 Information Security Controls, Compliance, and Audit Management -- Information Security Controls -- Control Fundamentals -- Control Frameworks -- Information Security Control Life Cycle Frameworks -- NIST Risk Management Framework -- NIST Cybersecurity Framework -- ISO/IEC 27000 -- Information Security Control Life Cycle -- Step 1: Risk Assessment -- Step 2: Design -- Step 3: Implementation -- Step 4: Assessment -- Step 5: Monitoring -- Exploring Information Security Control Frameworks -- NIST SP 800-53 -- NIST Cybersecurity Framework |
Notes |
Description based upon print version of record |
|
ISO/IEC 27002 |
Subject |
Computer security -- Examinations, questions, etc
|
|
Computer networks -- Examinations -- Examinations, questions, etc
|
|
COMPUTERS / Certification Guides / General.
|
|
Computer networks -- Examinations
|
|
Computer security
|
Genre/Form |
Examinations
|
Form |
Electronic book
|
Author |
Genung, Jordan
|
ISBN |
1260463931 |
|
9781260463934 |
|