A Practical Guide to Security Assessments

A Practical Guide to Security Assessments

by Sudhanshu Kairab
Released September 2004
Publisher(s): Auerbach Publications
ISBN: 9780203507230

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Taking a process-focused approach, A Practical Guide to Security Assessments presents a structured methodology for conducting assessments. The key element of the methodology is an understanding of business goals and processes, and how security measures are aligned with business risks.

Table of contents

  1. Front cover
  2. About the Author
  3. Preface
  4. Table of Contents (1/2)
  5. Table of Contents (2/2)
  6. Chapter 1. Introduction
  7. Chapter 2. Evolution of Information Security (1/8)
  8. Chapter 2. Evolution of Information Security (2/8)
  9. Chapter 2. Evolution of Information Security (3/8)
  10. Chapter 2. Evolution of Information Security (4/8)
  11. Chapter 2. Evolution of Information Security (5/8)
  12. Chapter 2. Evolution of Information Security (6/8)
  13. Chapter 2. Evolution of Information Security (7/8)
  14. Chapter 2. Evolution of Information Security (8/8)
  15. Chapter 3. The Information Security Program and How a Security Assessment Fits In (1/5)
  16. Chapter 3. The Information Security Program and How a Security Assessment Fits In (2/5)
  17. Chapter 3. The Information Security Program and How a Security Assessment Fits In (3/5)
  18. Chapter 3. The Information Security Program and How a Security Assessment Fits In (4/5)
  19. Chapter 3. The Information Security Program and How a Security Assessment Fits In (5/5)
  20. Chapter 4. Planning (1/8)
  21. Chapter 4. Planning (2/8)
  22. Chapter 4. Planning (3/8)
  23. Chapter 4. Planning (4/8)
  24. Chapter 4. Planning (5/8)
  25. Chapter 4. Planning (6/8)
  26. Chapter 4. Planning (7/8)
  27. Chapter 4. Planning (8/8)
  28. Chapter 5. Initial Information Gathering (1/8)
  29. Chapter 5. Initial Information Gathering (2/8)
  30. Chapter 5. Initial Information Gathering (3/8)
  31. Chapter 5. Initial Information Gathering (4/8)
  32. Chapter 5. Initial Information Gathering (5/8)
  33. Chapter 5. Initial Information Gathering (6/8)
  34. Chapter 5. Initial Information Gathering (7/8)
  35. Chapter 5. Initial Information Gathering (8/8)
  36. Chapter 6. Business Process Evaluation (1/6)
  37. Chapter 6. Business Process Evaluation (2/6)
  38. Chapter 6. Business Process Evaluation (3/6)
  39. Chapter 6. Business Process Evaluation (4/6)
  40. Chapter 6. Business Process Evaluation (5/6)
  41. Chapter 6. Business Process Evaluation (6/6)
  42. Chapter 7. Technology Evaluation (1/6)
  43. Chapter 7. Technology Evaluation (2/6)
  44. Chapter 7. Technology Evaluation (3/6)
  45. Chapter 7. Technology Evaluation (4/6)
  46. Chapter 7. Technology Evaluation (5/6)
  47. Chapter 7. Technology Evaluation (6/6)
  48. Chapter 8. Risk Analysis and Final Presentation (1/8)
  49. Chapter 8. Risk Analysis and Final Presentation (2/8)
  50. Chapter 8. Risk Analysis and Final Presentation (3/8)
  51. Chapter 8. Risk Analysis and Final Presentation (4/8)
  52. Chapter 8. Risk Analysis and Final Presentation (5/8)
  53. Chapter 8. Risk Analysis and Final Presentation (6/8)
  54. Chapter 8. Risk Analysis and Final Presentation (7/8)
  55. Chapter 8. Risk Analysis and Final Presentation (8/8)
  56. Chapter 9. Information Security Standards (1/4)
  57. Chapter 9. Information Security Standards (2/4)
  58. Chapter 9. Information Security Standards (3/4)
  59. Chapter 9. Information Security Standards (4/4)
  60. Chapter 10. Information Security Legislation (1/2)
  61. Chapter 10. Information Security Legislation (2/2)
  62. Security Questionnaires and Checklists
  63. Appendices: Security Questionnaires and Checklists
  64. Appendix A: Preliminary Checklist to Gather Information (1/3)
  65. Appendix A: Preliminary Checklist to Gather Information (2/3)
  66. Appendix A: Preliminary Checklist to Gather Information (3/3)
  67. Appendix B: Generic Questionnaire for Meetings with Business Process Owners (1/2)
  68. Appendix B: Generic Questionnaire for Meetings with Business Process Owners (2/2)
  69. Appendix C: Generic Questionnaire for Meetings with Technology Owners (1/2)
  70. Appendix C: Generic Questionnaire for Meetings with Technology Owners (2/2)
  71. Appendix D: Data Classification (1/2)
  72. Appendix D: Data Classification (2/2)
  73. Appendix E: Data Retention (1/2)
  74. Appendix E: Data Retention (2/2)
  75. Appendix F: Backup and Recovery (1/3)
  76. Appendix F: Backup and Recovery (2/3)
  77. Appendix F: Backup and Recovery (3/3)
  78. Appendix G: Externally Hosted Services (1/4)
  79. Appendix G: Externally Hosted Services (2/4)
  80. Appendix G: Externally Hosted Services (3/4)
  81. Appendix G: Externally Hosted Services (4/4)
  82. Appendix H: Physical Security (1/4)
  83. Appendix H: Physical Security (2/4)
  84. Appendix H: Physical Security (3/4)
  85. Appendix H: Physical Security (4/4)
  86. Appendix I: Employee Termination (1/2)
  87. Appendix I: Employee Termination (2/2)
  88. Appendix J: Incident Handling (1/2)
  89. Appendix J: Incident Handling (2/2)
  90. Appendix K: Business to Business (B2B) (1/2)
  91. Appendix K: Business to Business (B2B) (2/2)
  92. Appendix L: Business to Consumer (B2C) (1/3)
  93. Appendix L: Business to Consumer (B2C) (2/3)
  94. Appendix L: Business to Consumer (B2C) (3/3)
  95. Appendix M: Change Management (1/2)
  96. Appendix M: Change Management (2/2)
  97. Appendix N: User ID Administration (1/3)
  98. Appendix N: User ID Administration (2/3)
  99. Appendix N: User ID Administration (3/3)
  100. Appendix O: Managed Security (1/3)
  101. Appendix O: Managed Security (2/3)
  102. Appendix O: Managed Security (3/3)
  103. Appendix P: Media Handling (1/2)
  104. Appendix P: Media Handling (2/2)
  105. Appendix Q: HIPAA Security (1/13)
  106. Appendix Q: HIPAA Security (2/13)
  107. Appendix Q: HIPAA Security (3/13)
  108. Appendix Q: HIPAA Security (4/13)
  109. Appendix Q: HIPAA Security (5/13)
  110. Appendix Q: HIPAA Security (6/13)
  111. Appendix Q: HIPAA Security (7/13)
  112. Appendix Q: HIPAA Security (8/13)
  113. Appendix Q: HIPAA Security (9/13)
  114. Appendix Q: HIPAA Security (10/13)
  115. Appendix Q: HIPAA Security (11/13)
  116. Appendix Q: HIPAA Security (12/13)
  117. Appendix Q: HIPAA Security (13/13)
  118. Index (1/3)
  119. Index (2/3)
  120. Index (3/3)
  121. Back cover

Product information

  • Title: A Practical Guide to Security Assessments
  • Author(s): Sudhanshu Kairab
  • Release date: September 2004
  • Publisher(s): Auerbach Publications
  • ISBN: 9780203507230