Book description
Governments, their agencies, and businesses are perpetually battling to protect valuable, classified, proprietary, or sensitive information but often find that the restrictions imposed upon them by information security policies and procedures have significant, negative impacts on their ability to function. These government and business entities are beginning to realize the value of information assurance (IA) as a tool to ensure that the right information gets to the right people, at the right time, with a reasonable expectation that it is timely, accurate, authentic, and uncompromised. Intended for those interested in the construction and operation of an IA or Information Security (InfoSec) program, Building a Global Information Assurance Program describes the key building blocks of an IA development effort including: Information Attributes, System Attributes, Infrastructure or Architecture, Interoperability, IA Tools, Cognitive Hierarchies, Decision Cycles, Organizational Considerations, Operational Concepts. Because of their extensive and diverse backgrounds, the authors bring a unique perspective to current IT issues. The text presents their proprietary process based on the systems development life cycle (SDLC) methodology specifically tailored for an IA program. This process is a structured, cradle-to-grave approach to IA program development, from program planning and design to implementation, support, and phase out. Building a Global Information Assurance Program provides a proven series of steps and tasks that you can follow to build quality IA programs faster, at lower costs, and with less risk.
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Acknowledgments
- Introduction
- Chapter 1: Introduction to Information Assurance
-
Chapter 2: Basic Concepts
- Attributes
- Information Attributes
- Pure Information Attributes
- Attributes Partially Influenced by the System
- Attributes Directly Influenced by the System
- System Attributes
- The Bottom Line, Revisited
- Information Assurance
- Commercial Capabilities
- Security
- Network Views
- Risk Management
- Information Concepts
- Reasoning
- Types of Logic
- Summary
- Chapter 3: Risk, Threat, and Vulnerability Assessments
-
Chapter 4: Overview of Systems Engineering
- A Systems Engineering Case Study
- Case Study Background
- The Mission
- The Goal
- An Approach Toward a Solution
- CASE Tools: A Means of Managing Architectural Information
- The Current Process
- Maritime Strategy
- The Threat
- Top-Level Warfare Requirements
- Architecture: A System Description
- Assessment: How Well Does it Fulfill Requirements?
- Shortfalls and Overlaps: Identifying Strengths and Weaknesses
- Architectural Options: Making the Right Choices
- The Proposed Process
- Architecture Development
- Architectural Principles
- Functional Analysis
- Operational Functions
- System Functions
- Requirements Allocation
- Assessment of the Current Architecture
- Identification of Shortfalls and Overlaps
- Development of Architectural Options
- Assessment of Options
- Proposed New (Notional) Architecture
- System Synthesis
- The Need for Maintaining Up-To-Date Documentation
- Summary
- Chapter 5: Information Assurance Task Force
- Chapter 6: Requirements
- Chapter 7: Design
- Chapter 8: Implementation and Testing
- Chapter 9: Information Assurance Life-Cycle Support and Operational Considerations
- Chapter 10: The Information Assurance Center
-
Chapter 11: Automated Tools
- Internal Vulnerability Scanning/Auditing Tools
- Patches and Replacements
- Password Enhancing Tools/Authentication and System Security Tools
- Password Breaking Tools
- Access Control Tools
- Logging Tools
- Logging Utilities
- Intrusion Detection Tools/Network Monitoring Tools
- System Status Reporting Tools
- Mail Security Tools
- Packet Filtering Tools
- Firewall Tools
- Real-Time Attack Response Tools
- Encryption Tools
- Host Configuration Tools
- Antivirus Tools
- Cryptographic Checksum Tools
- Miscellaneous Tools
- Visualization Tools
- I’m Going to Break in and Compromise your Information
- A Sampling of Software Tools that Attackers Use
- Summary
- Chapter 12: Summary
- Appendix A: Acronyms
- Appendix B: Glossary
- Appendix C: Links
- Appendix D: References
- About The Authors
Product information
- Title: Building A Global Information Assurance Program
- Author(s):
- Release date: July 2017
- Publisher(s): Auerbach Publications
- ISBN: 9781135511159
You might also like
book
Building an Enterprise-Wide Business Continuity Program
Drawing on over two decades of experience creating continuity plans and using them in actual recoveries, …
book
System Center 2012 Configuration Manager Unleashed
This is the comprehensive reference and technical guide to Microsoft System Center Configuration Manager 2012. A …
book
Security and Privacy in Cyber-Physical Systems
Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this …
book
Configuration Management for Senior Managers
Configuration Management for Senior Managers is written to help managers in product manufacturing and engineering environments …