book

Foundations of Information Security

Name: Foundations of Information Security
Author: Jason Andress
ISBN: 9781718500044

by Jason Andress

October 2019

Beginner

248 pages

7h 7m

English

No Starch Press

Read now

Unlock full access

Cover Page
Title Page
Copyright Page
Dedication
About the Author
About the Technical Reviewer
CONTENTS IN DETAIL
ACKNOWLEDGMENTS
INTRODUCTION
Who Should Read This Book?About This Book
1 WHAT IS INFORMATION SECURITY?
Defining Information SecurityWhen Are You Secure?Models for Discussing Security IssuesAttacksDefense in DepthSummaryExercises

2 IDENTIFICATION AND AUTHENTICATION
IdentificationAuthenticationCommon Identification and Authentication MethodsSummaryExercises
3 AUTHORIZATION AND ACCESS CONTROLS
What Are Access Controls?Implementing Access ControlsAccess Control ModelsPhysical Access ControlsSummaryExercises
4 AUDITING AND ACCOUNTABILITY
AccountabilitySecurity Benefits of AccountabilityAuditingSummaryExercises
5 CRYPTOGRAPHY
The History of CryptographyModern Cryptographic ToolsProtecting Data at Rest, in Motion, and in UseSummaryExercises
6 COMPLIANCE, LAWS, AND REGULATIONS
What Is Compliance?Achieving Compliance with ControlsMaintaining ComplianceLaws and Information SecurityAdopting Frameworks for ComplianceCompliance amid Technological ChangesSummaryExercises
7 OPERATIONS SECURITY
The Operations Security ProcessLaws of Operations SecurityOperations Security in Our Personal LivesOrigins of Operations SecuritySummaryExercises
8 HUMAN ELEMENT SECURITY
Gathering Information for Social Engineering AttacksTypes of Social Engineering AttacksBuilding Security Awareness with Security Training ProgramsSummaryExercises
9 PHYSICAL SECURITY
Identifying Physical ThreatsPhysical Security ControlsProtecting PeopleProtecting DataProtecting EquipmentSummaryExercises
10 NETWORK SECURITY
Protecting NetworksProtecting Network TrafficNetwork Security ToolsSummaryExercises
11 OPERATING SYSTEM SECURITY
Operating System HardeningProtecting Against MalwareOperating System Security ToolsSummaryExercises
12 MOBILE, EMBEDDED, AND INTERNET OF THINGS SECURITY
Mobile SecurityEmbedded SecurityInternet of Things SecuritySummaryExercises
13 APPLICATION SECURITY
Software Development VulnerabilitiesWeb SecurityDatabase SecurityApplication Security ToolsSummaryExercises
14 ASSESSING SECURITY
Vulnerability AssessmentPenetration TestingDoes This Really Mean You’re Secure?SummaryExercises
NOTES
INDEX

Overview

In this high-level survey of the information security field, best-selling author Jason Andress covers the basics of a wide variety of topics, from authentication and authorization to maintaining confidentiality and performing penetration testing.

Using real-world security breaches as examples, Foundations of Information Security explores common applications of these concepts, such as operations security, network design, hardening and patching operating systems, securing mobile devices, as well as tools for assessing the security of hosts and applications.

You’ll also learn the basics of topics like:

•Multifactor authentication and how biometrics and hardware tokens can be used to harden the authentication process
•The principles behind modern cryptography, including symmetric and asymmetric algorithms, hashes, and certificates
•The laws and regulations that protect systems and data
•Anti-malware tools, firewalls, and intrusion detection systems
•Vulnerabilities such as buffer overflows and race conditions

A valuable resource for beginning security professionals, network systems administrators, or anyone new to the field, Foundations of Information Security is a great place to start your journey into the dynamic and rewarding field of information security.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

The Basics of Information Security, 2nd Edition

Publisher Resources

ISBN: 9781098122546

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills