Skip to Main Content
Information Security Management Principles - Third Edition

Information Security Management Principles - Third Edition

SKU: 5522
Authors: David Alexander, Amanda Finch, David Sutton and Andy Taylor
Publishers: BCS
Format: Softcover
ISBN13: 9781780175188
Pages: 298
Published: 31 Jan 2020
Availability: In Stock

This guide from the BCS (British Computer Society (BCS) offers a practical guide to information assurance for both business professionals and technical experts.

The third edition has been updated to reflect changes in the IT security landscape and updates to the BCS Certification in Information Security Management Principles, which this book supports.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

Preis: 43,95 €
Description

The official textbook for the BCS Certificate in Information Security Management Principles (CISMP) qualification.

Information is one of the currencies of today’s society. As access to fast, reliable data at work and at home becomes increasingly essential for day-to-day operations, new risks emerge that threaten the very information that enables businesses and helps society to function.

By focusing on the three main areas of information assurance – confidentiality, integrity and availability – this book gives you the skills to identify information security threats and protect yourself and your business against them.


Why read this book?

  • Understand information threats and vulnerabilities, and implement countermeasures.
  • Manage emerging risks to your data.
  • Learn information assurance best practice from experienced authors.
  • Supports the BCS Certification in Information Security Management Principles.

Contents 

  1. INFORMATION SECURITY PRINCIPLES
    Concepts and definitions
    The need for, and benefits of, information security
    Sample questions

  2. INFORMATION RISK
    Threats to, and vulnerabilities of, information systems
    Risk management
    Sample questions
    References and further reading

  3. INFORMATION SECURITY FRAMEWORK
    Organisation and responsibilities
    Organisational policy, standards and procedures
    Information security governance
    Information assurance programme implementation
    Security incident management
    Legal framework
    Security standards and procedures
    Sample questions
    References

  4. SECURITY LIFECYCLES
    The information lifecycle
    Testing, audit and review
    Systems development and support
    Sample questions
    Reference

  5. PROCEDURAL AND PEOPLE SECURITY CONTROLS
    General controls
    People security
    User access controls
    Training and awareness
    Sample questions

  6. TECHNICAL SECURITY CONTROLS
    Technical security
    Protection from malicious software
    Networks and communications
    Operational technology
    External services
    Cloud computing
    IT infrastructure
    Sample questions

  7. PHYSICAL AND ENVIRONMENTAL SECURITY
    Physical security
    Different uses of controls
    Sample questions

  8. DISASTER RECOVERY AND BUSINESS CONTINUITY MANAGEMENT
    Relationship between DR/BCP, risk assessment and impact analysis
    Resilience and redundancy
    Approaches to writing plans and implementing plans
    The need for documentation, maintenance and testing
    The need for links to managed service provision and outsourcing
    The need for secure off-site storage of vital material
    The need to involve personnel, suppliers and IT systems providers
    Relationship with security incident management
    Compliance with standards
    Sample questions

  9. OTHER TECHNICAL ASPECTS
    Investigations and forensics
    Role of cryptography
    Threat intelligence
    Conclusion
    Sample questions
    References and further reading

    APPENDIX A
    Activity solution pointers
    Sample question answers
    Glossary

Kundenbewertungen

(0# der Bewertungen:)
oben
This website uses cookies. View our cookie policy.
Laden....