Beschreibung:
A Practical Guide to Security Engineering and Information Assurance provides insight into the broader realm of information assurance (IA). It explains real-world strategies applicable to all systems, from small systems supporting a home-based business to those of a multinational corporation, government agency, or critical infrastructure system. The author provides step-by-step, in-depth processes for defining information security and assurance goals, performing vulnerability and threat analysis, implementing and verifying the effectiveness of threat control measures, and conducting accident and incident investigations. The guide provides a complete methodology for information integrity and security throughout the life of a system.
Introduction. What is Information Assurance, How Does It Relate to Information Security, and Why Are Both Needed? Historical Approaches to Information Security and Information Assurance. Define the System Boundaries. Perform Vulnerability and Threat Analyses. Implement Threat Control Measures. Verify Effectiveness of Threat Control Measures. Conduct Accident/Incident Investigations. Glossary of Terms. Glossary of Techniques. Additional Resources. Summary of the Components, Activities, and Tasks of an Effective Information Security/IA Program. Index.