A Practical Guide to Security Engineering and Information AssuranceToday the vast majority of the world's information resides in, is derived from, and is exchanged among multiple automated systems. Critical decisions are made, and critical action is taken based on information from these systems. Therefore, the information must be accurate, correct, and timely, and be manipulated, stored, retrieved, and exchanged s |
Contents
1 | |
7 | |
Chapter 3 Historical Approaches to Information Security and Information Assurance | 27 |
Chapter 4 Define the System Boundaries | 67 |
Chapter 5 Perform Vulnerability and Threat Analyses | 83 |
Chapter 6 Implement Threat Control Measures | 127 |
Chapter 7 Verify Effectiveness of Threat Control Measures | 207 |
Chapter 8 Conduct AccidentIncident Investigations | 229 |
Other editions - View all
A Practical Guide to Security Engineering and Information Assurance Debra S. Herrmann No preview available - 2001 |
A Practical Guide to Security Engineering and Information Assurance Debra S Herrmann,Taylor & Francis Group No preview available - 2019 |
Common terms and phrases
access control accident accident/incident accidental action activities algorithm analysis application approach assessment Assurance attack authentication Benefits block cause Chapter combination communications components compromise Computer consequences contingency correct critical damage Defense Defense in depth defined dependent Description detection determine developed Digital effectiveness Electronic encryption engineering entity environment errors evaluated evidence example execution Exhibit fail failure fault formal functions hardware hazards human IA integrity identify IEEE implemented Information Technology initial intentional internal ISO/IEC layer Limitations logic loss Maintainability Management method mode models occur operational operational procedures organization paths performed physical plans possible potential prevent profiles protection protocol provides records recovery References reliability reports requirements response risk safety scenarios severity specific Standards step System Safety techniques testing threat control measures transaction verify vulnerabilities
Popular passages
Page ii - A Technical Guide to IPSec Virtual Private Networks James S. Tiller ISBN: 0-8493-0876-3 Building an Information Security Awareness Program Mark B. Desman ISBN: 0-8493-01 16-5 Computer Telephony Integration William Yarberry, Jr.
References to this book
Testing Web Security: Assessing the Security of Web Sites and Applications Steven Splaine No preview available - 2002 |