|
Midwest Leaders Winter Session
downloads and links: http://www.stsc.hill.af.mil/crosstalk/2008/01/0801MeadShoemakerIngalsbe.html
Software Assuarnce CBK: http://buildsecurityin.us-cert.gov/daisy/bsi/resources/dhs/927.html
NSA Centers of Academic Excellance link: http://www.nsa.gov/ia/academia/acade00001.cfm By Corey Schou, Daniel Paul
Shoemaker
ISBN 0072255242 /
9780072255249
Affiliations University
of Detroit Mercy, Audience College/higher
education
Imprint Career
Education
Publisher
McGraw-Hill
Country United
States
Copyright 2007
Date September 13, 2006 Paperback, 504
pages
Overview
Going beyond the technical coverage of
computer and systems security measures, Information Assurance for
the Enterprise provides readers an overarching model for information
assurance for businesses, government agencies, and other enterprises
needing to establish a comprehensive plan. All the components of
security and how they relate are featured, and readers will also be
shown how an effective security policy can be developed. Topics like
asset identification, human factors, compliance with regulations,
personnel security, risk assessment and ethical considerations are
covered, as well as computer and network security tools and methods.
This is one of the only texts on the market
that provides an up-to-date look at the whole range of security and
IA topics. In post-9/11 times, managers and IT professionals need to
address a wide range of security-related issues, and develop
security systems that take all these diverse factors into account.
As someone who has worked extensively with the U.S. State Department
and other governmental agencies, Corey Schou is uniquely positioned
to write the definitive book on the subject; and Daniel Shoemaker is
a professor and consultant to the Department of Homeland Security in
matters of Information Assurance policy.
Table of contents
Part I
The Organizational/Policy Domain
1 Organizational Security
Policy and Planning
2 Defined and Documented Infrastructure
3 Education and Awareness
4 Asset Management
5 Business
Continuity
6 Legal and Regulatory Compliance
Part II The
Managerial/Administrative Domain
7 Building Security Functions
Into Development
8 Personnel Security
9 Physical Security
Part III The Operational/Technical Domain
10 Access Control
11 Operations Security
12 Network Security
13
Application and System Software Security
14 Operational Risk
Assessment and Audit
Part IV The Community/Contextual Domain
15 Ethics
16 A Standard Implementation Model
Glossary
Index
| 
