Cover Image

Information security and IT risk management

Agrawal's Information Security and Risk Management , with a technical rather than managerial focus, gives readers the knowledge and skills needed to compete for and succeed in information security roles.

Saved in:
Bibliographic Details
Main Author: Agrawal, Manish
Other Authors: Campoe, Alex, Pierce, Eric
Format: Book
Language:English
Published: Hoboken, NJ Wiley 2014
Subjects:
Computer networks > Security measures.
Computer security.
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • ch. 1 Introduction
  • Overview
  • Professional utility of information security knowledge
  • Brief history
  • Definition of information security
  • Summary
  • Example case
  • Wikileaks, Cablegate, and free reign over classified networks
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • Software Inspector, Steganography
  • Critical thinking exercise: identifying CIA area(s) affected by sample real-life hacking incidents
  • Design case
  • ch. 2 System Administration (Part 1)
  • Overview
  • Introduction
  • What is system administration?
  • System administration and information security
  • Common system administration tasks
  • System administration utilities
  • Summary
  • Example case
  • T. J. Maxx
  • Chapter review questions
  • Example case questions
  • Hands-on Activity
  • Linux system installation
  • Critical thinking exercise
  • Google executives sentenced to prison over video
  • Design case
  • ch. 3 System Administration (Part 2)
  • Overview
  • Operating system structure
  • The command-line interface
  • Files and directories
  • Moving around the filesystem
  • pwd, cd
  • Listing files and directories
  • Shell expansions
  • File management
  • Viewing files
  • Searching for files
  • Access control and user management
  • Access control lists
  • File ownership
  • Editing files
  • Software installation and updates
  • Account management
  • Command-line user administration
  • Example case
  • Northwest Florida State College
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • basic Linux system administration
  • Critical thinking exercise
  • offensive cyber effects operations (OCEO)
  • Design Case
  • ch. 4 The Basic Information Security Model
  • Overview
  • Introduction
  • Components of the basic information security model
  • Common vulnerabilities, threats, and controls
  • Example case
  • ILOVEYOU virus
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • web server security
  • Critical thinking exercise
  • the internet, "American values," and security
  • Design case
  • ch. 5 Asset Identification and Characterization
  • Overview
  • Assets overview
  • Determining assets that are important to the organization
  • Asset types
  • Asset characterization
  • IT asset life cycle and asset identification
  • System profiling
  • Asset ownership and operational responsibilities
  • Example case
  • Stuxnet
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • course asset identification
  • Critical thinking exercise
  • uses of a hacked PC
  • Design case
  • ch. 6 Threats and Vulnerabilities
  • Overview
  • Introduction
  • Threat models
  • Threat agent
  • Threat action
  • Vulnerabilities
  • Example case
  • Gozi
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • Vulnerability scanning
  • Critical thinking exercise
  • Iraq cyberwar plans in 2003
  • Design case
  • ch. 7 Encryption Controls
  • Overview
  • Introduction
  • Encryption basics
  • Encryption types overview
  • Encryption types details
  • Encryption in use
  • Example case
  • Nation technologies
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • encryption
  • Critical thinking exercise
  • encryption keys embed business models
  • Design case
  • ch. 8 Identity and Access Management
  • Overview
  • Identity management
  • Access management
  • Authentication
  • Single sign-on
  • Federation
  • Example case
  • Markus Hess
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • identity match and merge
  • Critical thinking exercise
  • feudalism the security solution for the internet?
  • Design case
  • ch. 9 Hardware and Software Controls
  • Overview
  • Password management
  • Access control
  • Firewalls
  • Intrusion detection/prevention systems
  • Patch management for operating systems and applications
  • End-point protection
  • Example case
  • AirTight networks
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • host-based IDS (OSSEC)
  • Critical thinking exercise
  • extra-human security controls
  • Design case
  • ch. 10 Shell Scripting
  • Overview
  • Introduction
  • Output redirection
  • Text manipulation
  • Variables
  • Conditionals
  • User input
  • Loops
  • Putting it all together
  • Example case
  • Max Butler
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • basic scripting
  • Critical thinking exercise
  • script security
  • Design case
  • ch. 11 Incident Handling
  • Introduction
  • Incidents overview
  • Incident handling
  • The disaster
  • Example case
  • on-campus piracy
  • Summary
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • incident timeline using OSSEC
  • Critical thinking exercise
  • destruction at the EDA
  • Design case
  • ch. 12 Incident Analysis
  • Introduction
  • Log analysis
  • Event criticality
  • General log configuration and maintenance
  • Live incident response
  • Timelines
  • Other forensics topics
  • Example case
  • backup server compromise
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • server log analysis
  • Critical thinking exercise
  • destruction at the EDA
  • Design case
  • ch. 13 Policies, Standards, and Guidelines
  • Introduction
  • Guiding principles
  • Writing a policy
  • Impact assessment and vetting
  • Policy review
  • Compliance
  • Key policy issues
  • Example case
  • HB Gary
  • Summary
  • Reference
  • Chapter review questions
  • Example case questions
  • Hands-on activity
  • create an AUP
  • Critical thinking exercise
  • Aaron Swartz
  • Design case
  • ch. 14 IT Risk Analysis and Risk Management
  • Overview
  • Introduction
  • Risk management as a component of organizational management
  • Risk-management framework
  • The NIST 800-39 framework
  • Risk assessment
  • Other risk-management frameworks
  • IT general controls for Sarbanes--Oxley compliance
  • Compliance versus risk management
  • Selling security
  • Example case
  • online marketplace purchases
  • Summary
  • Chapter review questions
  • Hands-on activity
  • risk assessment using LSOF
  • Critical thinking exercise
  • risk estimation biases
  • Design case.

Similar Items