Seven secure information technologies are active. Seven Secure Information Technologies Active Approximate Word Search
Seven safe information technologies
The purpose of writing the book is to familiarize readers with foreign approaches in the field of information security.
All sections are prepared on the basis of materials from international certification training courses in the field of information security management. The basic principles, conceptual approaches and information technologies used in multi-level information protection in organizations are outlined. The main attention is paid to the structuring and classification of methods, techniques and means of ensuring the security of information resources of computer systems.
The textbook is primarily intended for specialists who want to fundamentally improve their professional status and prepare for passing international exams in the field of information security. Useful for students majoring in information security and related fields, as well as anyone interested in computer security issues.
SpoilerTarget"> Spoiler: Contents:
Preface on the seven secure information
Technologies........................................................ .................................... 6
Chapter 1. Information security management................... 9
1.1. Basic concepts of information security...................9
1.2. Information security management system.........12
1.3. Risk analysis and management................................................................... .......17
1.4. Classification of information........................................................ .......23
1.5. How to use policies, standards and guidelines......28
1.6. Peculiarities of working with personnel...................................................31
Questions for review......................................................... ........................33
Laboratory work................................................ ............................36
Chapter 2. Ensuring secure access....................................38
2.1. Understanding secure access control...................................38
2.3. Property of accountability and management subsystem
Access................................................... ...................................................41
2.4. Identification and authentication tools...................................43
2.5. Network access protocols................................................................... ..........54
2.6. Access control methods................................................................... .......58
Questions for review......................................................... ........................61
Laboratory work................................................ ............................64
Chapter 3. Ensuring network security....................................65
3.1. The concept of a computer network................................................................... ..........65
3.2. Basic Reference Model for Open Systems Interconnection......74
3.3. TCP/IP protocol stack .................................................... ....................78
3.4. Network Security Tools...................................91
Questions for review......................................................... ...........................101
Chapter 4. Cryptographic information protection.................................. 106
4.1. Basic cryptographic primitives.................................... 106
4.2. Basic encryption................................................... ....... 108
4.3. Symmetric cryptography................................................................ .... 114
4.4. Asymmetric cryptography................................................................ .. 118
4.5. Electronic digital signature and cryptographic
Hash function................................................... ........................................... 123
4.6. Public Key Infrastructure................................................................... 127
Questions for review......................................................... .................... 128
Chapter 5. Designing Secure Programs....................................132
5.1. Software life cycle models........ 132
5.2. Secure software lifecycle
Provisions........................................................ ..................................... 136
5.3. Review of Secure Software Development Measures
Provisions........................................................ ..................................... 143
Questions for review......................................................... .................... 154
Chapter 6. Modeling and conformity assessment......158
6.1. Basic concepts of secure architecture................................... 158
6.2. Conceptual models of access control.................................... 160
6.3. Principles of safe computer architecture................................... 166
6.4. Hidden channels of information transmission...................................170
6.5. Compliance assessment criteria................................................................... ....173
Questions for review......................................................... .................... 184
Chapter 7: Business Continuity
And recovery................................................... ........................187
7.1. Business continuity management
And restoration................................................... ........................... 187
7.2. Business continuity management model.................................... 188
Questions for review......................................................... .................... 198
Literature................................................. ...................................201
Answers to review questions...................................................208
Four Commandments of Professional Conduct (ISC)2....................................214
Seven Rules of Professional Ethics ISACA .................................................214
Appendix 2. Typical computer attacks....................................216
Cryptographic and password attacks...................................................216
Denial of service attacks................................................................... .............217
Attacks on program code and applications.................................................... 218
Social engineering and physical attacks.................................... 219
Network attacks................................................... .................................... 220
Author: Barabanov A.V., Dorofeev A.V., Markov A.S., Tsirlov V.L.
Release date: December 2017
Format: 165 * 235 mm
Paper: offset
Cover: Hardcover
Volume, pages: 224
ISBN: 978-5-97060-494-6
Weight, gr.: 400Editor: Markov A. S.
Publisher: DMK-Press, 2017
Genre: Computer Science
The purpose of writing the book is to familiarize readers with foreign approaches in the field of information security.
All sections are prepared on the basis of materials from international certification training courses in the field of information security management. The basic principles, conceptual approaches and information technologies used in multi-level information protection in organizations are outlined. The main attention is paid to the structuring and classification of methods, techniques and means of ensuring the security of information resources of computer systems.
The textbook is primarily intended for specialists who want to fundamentally improve their professional status and prepare for passing international exams in the field of information security. Useful for students majoring in information security and related fields, as well as anyone interested in computer security issues.User comments:
User Igor Nosov writes:
Good afternoon, dear ones.
Let me start with the fact that the book is small (200 pages), despite the fact that the font in the book is very LARGE. All this speaks to the amount of information received after reading, well, not for that kind of money. The first couple of chapters seemed to try to direct something, but that’s all... The help in passing the exam declared for the book is too exaggerated. I'm not thrilled.I like it. Really helped me immerse myself in the topic until I crammed the cards with questions! The book may not be a superfluous tome for preparing for CISSP for those who are not yet in the subject, but all the basic things: information security management cycle, security and access models, cryptography, business continuity, etc. systematized, which is convenient for memorization. Without lyrics and endless sections like most Western authors of such textbooks. Enjoyed reading the questions and answers, as well as ethics….
I like it. Really helped me immerse myself in the topic until I crammed the cards with questions! The book may not be a superfluous tome for preparing for CISSP for those who are not yet in the subject, but all the basic things: information security management cycle, security and access models, cryptography, business continuity, etc. systematized, which is convenient for memorization. Without lyrics and endless sections like most Western authors of such textbooks. Enjoyed reading the questions and answers as well as ethics. I recommend
The purpose of writing the book is to familiarize readers with foreign approaches in the field of information security. All sections are prepared on the basis of materials from international certification training courses in the field of information security management. The basic principles, conceptual approaches and information technologies used in multi-level information protection in organizations are outlined. The main attention is paid to the structuring and classification of methods, techniques and means of ensuring the security of information resources of computer systems. The textbook is primarily intended for specialists who want to fundamentally improve their professional status and prepare for passing international exams in the field of information security. Useful for students majoring in information security and related fields, as well as anyone interested in computer security issues.
TSelyu napisaniya knigi yavlyaetsya oznakomlenie chitateley s zarubezhnymi podkhodami v oblasti informatsionnoy bezopasnosti. Vse razdely podgotovleny na baze materialov mezhdunarodnykh sertifikatsionnykh uchebnykh kursov v oblasti upravleniya informatsionnoy bezopasnostyu. Izlozheny bazovye printsipy, kontseptualnye podkhody i informatsionnye tekhnologii, primenyaemye pri mnogourovnevoy zashchite informatsii v organizatsiyakh. Osnovnoe vnimanie udeleno strukturizatsii i klassifikatsii metodov, tekhnik i sredstv obespecheniya bezopasnosti informatsionnykh resursov kompyuternykh sistem. Uchebnik v pervuyu ochered prednaznachen dlya spetsialistov, zhelayushchikh printsipialno povysit svoy professionalnyy status i podgotovitsya k sdache mezhdunarodnykh ekzamenov v oblasti informatsionnoy bezopasnosti. Polezen studentam, obuchayushchimsya po spetsialnostyam v oblasti informatsionnoy bezopasnosti i smezhnym spetsialnostyam, a takzhe vsem uvlekayushchimsya voprosami kompyuternoy bezopasnosti.
The purpose of writing this book is to familiarize readers with foreign approaches in the field of information security.All sections prepared on the basis of materials of international certification courses in the field of information security management. Set out the basic principles, conceptual approaches and information technologies for multilevel information security in organizations. The focus is on structuring and classification of methods, techniques and security of information resources of computer systems.The textbook is primarily designed for professionals wishing to fundamentally improve their professional status and prepare for international exams in the field of information security. Useful to students studying on specialties in the field of information security and related disciplines and all interested in computer security issues.
Product specifications may vary.
Specify information when placing an order
from the contact center operator.The purpose of writing the book is to familiarize readers with foreign approaches in the field of information security. All sections are prepared on the basis of materials from international certification training courses in the field of information security management. The basic principles, conceptual approaches and information technologies used in multi-level information protection in organizations are outlined. The main attention is paid to the structuring and classification of methods, techniques and means of ensuring the security of information resources of computer systems. The textbook is primarily intended for specialists who want to fundamentally improve their professional status and prepare for passing international exams in the field of information security. Useful for students majoring in information security and related fields, as well as anyone interested in computer security issues.
The work was published in 2017 by DMK-Press. On our website you can download the book “Seven Safe Information Technologies” in fb2, rtf, epub, pdf, txt format or read online. Here, before reading, you can also turn to reviews from readers who are already familiar with the book and find out their opinion. In our partner's online store you can buy and read the book in paper version.
