IT Security Controls

Name: IT Security Controls
Brand: Springer, Berlin, APress
SKU: 150280635
Price: 77.00 CHF
Availability: PreOrder

A Guide to Corporate Standards and Frameworks (Sprache: Englisch)

Autoren: Virgilio Viegas , Oben Kuyucu

Schreiben Sie einen Kommentar zu "IT Security Controls".

IT Security Controls, Virgilio Viegas, Oben Kuyucu

Merken

Intermediate-Advanced user level

Mehr zum Inhalt Inhaltsverzeichnis Presse-Zitate Autorenporträt Video

Buch (Kartoniert) Fr. 77.00

eBook (pdf) Fr. 77.00

Voraussichtlich lieferbar in 3 Tag(en)

versandkostenfrei

Bestellnummer: 150280635

Buch (Kartoniert) Fr. 77.00

inkl. MwSt.

Jetzt vorbestellen

Kreditkarte, Paypal, Rechnungskauf
30 Tage Widerrufsrecht

Produktdetails

Produktbeschreibung
Inhaltsverzeichnis
Autorenporträt
Biblio. Angaben / Produktdetails
Pressezitat

Produktinformationen zu „IT Security Controls “

Intermediate-Advanced user level

Klappentext zu „IT Security Controls “

Use this reference for IT security practitioners to get an overview of the major standards and frameworks, and a proposed architecture to meet them. The book identifies and describes the necessary controls and processes that must be implemented in order to secure your organization's infrastructure.

The book proposes a comprehensive approach to the implementation of IT security controls with an easily understandable graphic implementation proposal to comply with the most relevant market standards (ISO 27001, NIST, PCI-DSS, and COBIT) and a significant number of regulatory frameworks from central banks across the World (European Union, Switzerland, UK, Singapore, Hong Kong, India, Qatar, Kuwait, Saudi Arabia, Oman, etc.).

To connect the book with the real world, a number of well-known case studies are featured to explain what went wrong with the biggest hacks of the decade, and which controls should have been in place to prevent them. The book also describes a set of well-known security tools available to support you.

What You Will Learn

Understand corporate IT security controls, including governance, policies, procedures, and security awareness
Know cybersecurity and risk assessment techniques such as penetration testing, red teaming, compliance scans, firewall assurance, and vulnerability scans
Understand technical IT security controls for unmanaged and managed devices, and perimeter controls
Implement security testing tools such as steganography, vulnerability scanners, session hijacking, intrusion detection, and more

Who This Book Is ForIT security managers, chief information security officers, information security practitioners, and IT auditors will use the book as a reference and support guide to conduct gap analyses and audits of their organizations' IT security controls implementations.

Inhaltsverzeichnis zu „IT Security Controls “

About the authors

Introduction

Chapter 1. Standards and frameworks

ISO 27001

ISO 27002

ISO 27018 n17

NIST sp 800-53

NIST sp 800-160

PCI DSS

Cloud standards

ISO 17789

NIST sp 500-292

Cobit for it security

CIS controls

Chapter 2. Corporate security controls

Information security processes and services

Security governanceGovernance of information security (ISO 27014:2013)

Security metrics

Policies and procedures

Cyber security and risk assessmentPenetration testing

Red teaming

Owasp code review

Compliance scans

Vulnerability scans

Firewall assurance

Risk assessments

Security awareness

Security awareness trainingSimulated attacks

Security operations center

Incident response and recovery

Threat hunting

Ediscovery/forensics

Threat intelligence

Cyber crisis management plan

Security engineering

Asset managementConfiguration management and security baselines

Security architecture and design

It security technical controls

Off premises unmanaged devicesSecure connections

Clean pipes

DDOS protection

Ipsec / tls encryption

EMM - enterprise mobility management (mdm, mam, mcm)

NAC - network access control

Multi factor authentication

Managed devices

Active directory integrationSCCM - system center configuration manager

TPM - trusted platform module

VPN client

NAC - network access control (agent)

Data classification

UAM - user activity monitoring

... mehr

Phishing reporting tool

Endpoint protection

Host ips / edr

Desktop firewall

Antivirus

Antispyware

Full disk encryption

App-control / white-listing

Perimeter controls

Firewall

IDS / IPS

Proxy and content filteringDLP - data leakage/loss protection

Honeypot

WAF - web application firewall

Ssl / vpn

Dns

Message security

Adfs

Sandbox

File integrity

Encrypted email

On premises controls

Mandatory requirements

Vlan segmentation

CriticalityNature

Type

Security baselines

Redundancy

Load balancing

Production traffic encryption

Multilayer implementation

Tls decryption

Static routingDisaster recovery

Time synchronization

Redundancy

Physical network segmentation

Distinct heartbeat interfaces

Centralized management

Default gateways

Sinkhole

Public key infrastructureSecurity monitoring and enforcement

Privileged access management

Log concentrator

Identity and access management

Vulnerability management and penetration testing

Security information and event management

Database activity monitoring

Risk register

Single sign-on

Chapter 3. It security technical control matrix

Chapter 4. It security processes maturity level matrix

Chapter 5. More about cloud

ISO 17789 and NIST sp500-292 developedIaaS

SaaS & secaas

Chapter 6. Security testing tools

Web applications attacks

Passive online password hacking

Steganography

Windows log tools

Vulnerability scanner

SQL injectionWireless attacks

Session hijacking

Bluetooth attacks

Arp poisoning

Website mirroring

Intrusion detection

Mobile devices

Social engineering

IoT (internet of things)Cloud security and tools

Chapter 7. Case StudiesChapter 8. Acronyms

... weniger

Autoren-Porträt von Virgilio Viegas, Oben Kuyucu

Virgilio Viegas, CISSP, CCSP, CISM, CISA, CRISC, CEH, has more than 25 years of experience in the banking sector, having worked in Europe, Asia and the Middle East. Currently he is the Group Head of International IT Security in one of the largest financial institutions in the Middle East and Africa with a strong presence across Europe, Africa and Asia.

Virgilio previously worked for more than 20 years for a major Portuguese financial institution, where he participated in the design and implementation of a Internet services reference platform and later developed an information security reference architecture.

While working in Asia, Virgilio developed projects related to information security, compliance, and retail such as Internet banking, ATM and POS network implementation, issuing and acquiring international card schemes, anti-money laundering, customer fingerprint authentication, amongst others. He also supported projects with significant impact in the Timor-Leste financial sector such as the definition of the country International Bank Account Number (IBAN) standard, the implementation of the Real Time Gross Settlement System (RTGS), and the national ATM and POS switch.

Bibliographische Angaben

Autoren: Virgilio Viegas , Oben Kuyucu
2022, 1st ed., XXI, 354 Seiten, 3 farbige Abbildungen, Masse: 17,8 x 25,4 cm, Kartoniert (TB), Englisch
Verlag: Springer, Berlin
ISBN-10: 1484277988
ISBN-13: 9781484277980

Sprache:

Englisch

Pressezitat

"The book includes a detailed table of contents and good index, and the chapters conclude with succinct summaries. ... This is an excellent reference for anyone working in the area of ICT security, summarizing the major standards and frameworks in one publication with useful case studies as examples to explain how things can go wrong and what steps can be taken to protect and minimize the impact of attacks." (David B. Henderson, Computing Reviews, November 14, 2022)

Kommentar zu "IT Security Controls"

Schreiben Sie einen Kommentar zu "IT Security Controls".

0 Gebrauchte Artikel zu „IT Security Controls“

Zustand	Preis	Porto	Zahlung	Verkäufer	Rating