The InfoSec Handbook

The InfoSec Handbook offers the reader an organized layout of information that is easily read and understood. Allowing beginners to enter the field and understand the key concepts and ideas, while still keeping the experienced readers updated on topics and concepts. It is intended mainly for beginners to the field of information security, written in a way that makes it easy for them to understand the detailed content of the book. The book offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security. It helps the reader build a strong foundation of information, allowing them to move forward from the book with a larger knowledge base. Security is a constantly growing concern that everyone must deal with. Whether its an average computer user or a highly skilled computer user, they are always confronted with different security risks. These risks range in danger and should always be dealt with accordingly. Unfortunately, not everyone is aware of the dangers or how to prevent them and this is where most of the issues arise in information technology (IT). When computer users do not take security into account many issues can arise from that like system compromises or loss of data and information. This is an obvious issue that is present with all computer users. This book is intended to educate the average and experienced user of what kinds of different security practices and standards exist. It will also cover how to manage security software and updates in order to be as protected as possible from all of the threats that they face.

Lots of use cases to facilitate discussion and understanding Different types of tool examples have been used in cases to develop broader view Lends itself very easily as a ready reference Easy to read style for quick understanding of the concepts

Autorentext
Umesha Nayak is a director and principal consultant of MUSA software engineering pvt. Ltd. which is into systems / process / management consulting. He has 32 years experience, of which 11 years are in providing consultancy to IT / manufacturing for other organizations from across the globe. He is a master of science in software systems; master of arts in economics; CAIIB; certified information systems auditor (CISA) and certified risk and information systems control (CRISC) professional from ISACA, US; PGDFM; certified lead auditor for many of the standards, among others. He has worked extensively in banking, software development, product design and development, project management, program management, information technology audits, information application audits, quality assurance, coaching, product reliability, human resource management, consultancy, etc. He was vice president and corporate executive council member at Polaris software lab, Chennai prior to his current assignment. He also held various roles like head of quality, head of SEPG and head of strategic practice unit risks & treasury at Polaris software lab. He started his journey with computers in 1981 with ICL mainframes and continued further with minis, pcs etc. He was one of the founding members of the information systems auditing in the banking industry in India. He has effectively guided many organizations through successful ISO 9001/ISO 27001/CMMI certifications and process improvements.

Zusammenfassung
It is intended mainly for beginners to the field of information security, written in a way that makes it easy for them to understand the detailed content of the book. The book offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security.

Inhalt

1: Introduction to Security

2: History of Computer Security

3: Key Concepts and Principles

4: Access Controls

5: Information Systems Management

6:Application and Web Security

7: Malicious Software and Anti-Virus Software

8: Cryptography

9: Understanding Networks

10: Firewalls

11: Intrusion Detection and Prevention Systems

12: Virtual Private Networks

13: Data Backups & Cloud Computing

14: Physical Security and Biometrics

15: Social Engineering

16. Current Trends in Information Security

17. Bibliography