The Basics of Information Security, 2nd Edition

The Basics of Information Security, 2nd Edition

by Jason Andress
Released May 2014
Publisher(s): Syngress
ISBN: 9780128008126

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. Author Jason Andress gives you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, and then dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security.

The Basics of Information Security gives you clear-non-technical explanations of how infosec works and how to apply these principles whether you're in the IT field or want to understand how it affects your career and business. The new Second Edition has been updated for the latest trends and threats, including new material on many infosec subjects.

  • Learn about information security without wading through a huge textbook
  • Covers both theoretical and practical aspects of information security
  • Provides a broad view of the information security field in a concise manner
  • All-new Second Edition updated for the latest information security trends and threats, including material on incident response, social engineering, security awareness, risk management, and legal/regulatory issues

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Author Biography
  7. Introduction
    1. Book overview and key learning points
    2. Book audience
    3. How this book is organized
    4. Conclusion
  8. Chapter 1. What is Information Security?
    1. Introduction
    2. What is security?
    3. Alert!
    4. Models for discussing security
    5. More advanced
    6. Alert!
    7. Attacks
    8. Defense in depth
    9. Information security in the real world
    10. Summary
    11. Exercises
    12. References
  9. Chapter 2. Identification and Authentication
    1. Introduction
    2. Identification
    3. Authentication
    4. More advanced
    5. Additional resources
    6. Alert!
    7. Identification and authentication in the real world
    8. Summary
    9. Exercises
    10. References
  10. Chapter 3. Authorization and Access Control
    1. Introduction
    2. Authorization
    3. Access control
    4. More advanced
    5. More advanced
    6. Alert!
    7. More advanced
    8. Alert!
    9. Access control methodologies
    10. More advanced
    11. Authorization and access control in the real world
    12. Summary
    13. Exercises
    14. References
  11. Chapter 4. Auditing and Accountability
    1. Introduction
    2. Accountability
    3. More advanced
    4. Auditing
    5. Alert!
    6. Accountability and auditing in the real world
    7. More advanced
    8. Summary
    9. Exercises
    10. References
  12. Chapter 5. Cryptography
    1. Introduction
    2. History
    3. More advanced
    4. Additional resources
    5. Modern cryptographic tools
    6. More advanced
    7. Protecting data at rest, in motion, and in use
    8. Alert!
    9. Cryptography in the real world
    10. Summary
    11. Exercises
    12. References
  13. Chapter 6. Laws and Regulations
    1. Introduction
    2. Laws and regulations
    3. Compliance
    4. Privacy
    5. Summary
    6. Questions
    7. References
  14. Chapter 7. Operations Security
    1. Introduction
    2. Alert!
    3. Origins of operations security
    4. Additional resources
    5. The operations security process
    6. Haas’ Laws of operations security
    7. More advanced
    8. Operations security in our personal lives
    9. Alert!
    10. Operations security in the real world
    11. Summary
    12. Exercises
    13. References
  15. Chapter 8. Human Element Security
    1. Introduction
    2. Humans: the weak link
    3. Security awareness
    4. The security awareness and training program
    5. Summary
    6. Exercises
    7. References
  16. Chapter 9. Physical Security
    1. Introduction
    2. Alert!
    3. Additional resources
    4. Physical security controls
    5. Protecting people
    6. Protecting data
    7. More advanced
    8. Protecting equipment
    9. Note
    10. Physical security in the real world
    11. Summary
    12. Exercises
    13. References
  17. Chapter 10. Network Security
    1. Introduction
    2. Protecting networks
    3. Protecting network traffic
    4. Mobile device security
    5. Network security tools
    6. More advanced
    7. Additional resources
    8. Network security in the real world
    9. Summary
    10. Exercises
    11. References
  18. Chapter 11. Operating System Security
    1. Introduction
    2. Operating system hardening
    3. Protecting against malware
    4. Additional resources
    5. More advanced
    6. Software firewalls and host intrusion detection
    7. Operating system security tools
    8. Alert!
    9. Operating system security in the real world
    10. Summary
    11. Exercises
    12. References
  19. Chapter 12. Application Security
    1. Introduction
    2. The TJX breach
    3. Software development vulnerabilities
    4. Additional resources
    5. Web security
    6. Alert!
    7. More advanced
    8. Database security
    9. Additional resources
    10. Application security tools
    11. More advanced
    12. Application security in the real world
    13. Summary
    14. Exercises
    15. References
  20. Index

Product information

  • Title: The Basics of Information Security, 2nd Edition
  • Author(s): Jason Andress
  • Release date: May 2014
  • Publisher(s): Syngress
  • ISBN: 9780128008126