Explore a preview version of Fundamentals of Information Systems Security, 3rd Edition right now.

You are watching: Fundamentals of information systems security 3rd edition

O’Reilly members get unlimited access to live online training experiences, plus books, videos, and digital content from 200+ publishers.

Book description

Revised and updated with the latest data in the field, Fundamentals of Information Systems Security, Third Edition provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of the new risks, threats, and vulnerabilities associated with the transition to a digital world. Part 2 presents a high level overview of the Security+ Exam and provides students with information as they move toward this certification.

Table of contents

PART I The Need for Information Security CHAPTER 1 Information Systems Security Information Systems Security Tenets of Information Systems Security The Seven Domains of a Typical IT Infrastructure Weakest Link in the Security of an IT Infrastructure IT Security Policy Framework CHAPTER 2 The Internet of Things Is Changing How We Live IoT’s Impact on Human and Business Life IP Mobility Mobile Applications New Challenges Created by the IoT CHAPTER 3 Malicious Attacks, Threats, and Vulnerabilities What Are You Trying to Protect? Attack Tools What Is a Security Breach? What Are Risks, Threats, and Vulnerabilities? What Is a Malicious Attack? What Is Malicious Software? What Are Common Types of Attacks? What Is a Countermeasure? CHAPTER 4 The Drivers of the Information Security Business Implementing a BIA, a BCP, and a DRP Mobile Workers and Use of Personally Owned Devices PART II Securing Today’s Information Systems CHAPTER 5 Access Controls Two Types of Access Controls Methods and Guidelines for Identification Processes and Requirements for Authentication Policies and Procedures for Accountability Formal Models of Access Control Centralized and Decentralized Access Control CHAPTER 6 Security Operations and Administration Security Administration Compliance Professional Ethics The Infrastructure for an IT Security Policy Data Classification Standards Configuration Management The Change Management Process Application Software Security Software Development and Security CHAPTER 7 Auditing, Testing, and Monitoring Security Auditing and Analysis Defining Your Audit Plan Audit Data Collection Methods Post-Audit Activities Security Monitoring How to Verify Security Controls Monitoring and Testing Security Systems CHAPTER 8 Risk, Response, and Recovery Risk Management and Information Security The Risk Management Process Business Continuity Management Backing Up Data and Applications Incident Handling Recovery from a Disaster CHAPTER 9 Cryptography What Is Cryptography? Business and Security Requirements for Cryptography Cryptographic Principles, Concepts, and Terminology Types of Ciphers Symmetric and Asymmetric Key Cryptography Keys, Keyspace, and Key Management Digital Signatures and Hash Functions Cryptographic Applications and Uses in Information System Security Principles of Certificates and Key Management CHAPTER 10 Networks and Telecommunications The Main Types of Networks TCP/IP and How It Works Network Security Risks Basic Network Security Defense Tools Wireless Networks CHAPTER 11 Malicious Code and Activity The Main Types of Malware A Brief History of Malicious Code Threats Threats to Business Organizations Anatomy of an Attack Attack Prevention Tools and Techniques Intrusion Detection Tools and Techniques PART III Information Security Standards, Education, Certifications, and Laws CHAPTER 12 Information Security Standards Standards Organizations ISO 17799(Withdrawn) CHAPTER 13 Information Systems Security Education and Training Instructor-Led Programs Postsecondary Degree Programs Information Security Training Programs CHAPTER 14 Information Security Professional Certifications U.S. Department of Defense/Military Directive 8570.01 Vendor-Neutral Professional Certifications Vendor-Specific Professional Certifications Juniper Networks CHAPTER 15 U.S. Compliance Laws Federal Information Security The Health Insurance Portability and Accountability Act The Gramm-Leach-Bliley Act The Sarbanes-Oxley Act The Family Educational Rights and Privacy Act The Children’s Internet Protection Act Payment Card Industry Data Security Standard

Product information

Title: Fundamentals of Information Systems Security, 3rd Edition Author(s): Kim Release date: October 2016 Publisher(s): Jones & Bartlett Learning ISBN: 9781284116465


CompTIA Cybersecurity Analyst CySA+ (CS0-001)

by Aamir Lakhan, Joseph Muniz

Over 21 hours of deep-dive training covering every objective in the CompTIA Cybersecurity Analyst CySA+ (CS0-001) …


CompTIA Security+ SY0-201 Video Course Domain 2 - Network Infrastructure

by Shon L. Harris

Network Infrastructure Shon Harris The fast, powerful way to prepare for your CompTIA Security+ exam! Get …


Network Security Assessment, 3rd Edition

by Chris McNab

How secure is your network? The best way to find out is to attack it, using …


Kafka: The Definitive Guide, 2nd Edition

by Gwen Shapira, Todd Palino, Rajini Sivaram, Neha Narkhede

Every enterprise application creates data, whether it consists of log messages, metrics, user activity, outgoing messages, …

Download the O’Reilly App

Take O’Reilly with you and learn anywhere, anytime on your phone and tablet.

See more: Deus Ex Mankind Divided Exo Suit Dudes, :: Deus Ex


Watch on your big screen

View all O’Reilly videos, Superstream events, and Meet the Expert sessions on your home TV.