book

Fundamentals of Information Systems Security, 4th Edition

Name: Fundamentals of Information Systems Security, 4th Edition
ISBN: 9781284220742

by David Kim, Michael G. Solomon

December 2021

Beginner

550 pages

20h 33m

English

Jones & Bartlett Learning

Read now

Unlock full access

Cover
Title Page
Copyright Page
Dedication Page
Contents
Preface
New to This Edition
Acknowledgments
The Authors
CHAPTER 1 Information Systems Security

Information Systems Security
Risks, Threats, and VulnerabilitiesWhat Is Information Systems Security?Compliance Laws and Regulations Drive the Need for Information Systems Security
Tenets of Information Systems Security
ConfidentialityIntegrityAvailability
The Seven Domains of a Typical IT Infrastructure
User DomainWorkstation DomainLAN DomainLAN-to-WAN DomainWAN DomainRemote Access DomainSystem/Application Domain
Weakest Link in the Security of an IT Infrastructure
Ethics and the Internet
IT Security Policy Framework
DefinitionsFoundational IT Security Policies
Data Classification Standards
Chapter Summary
Key Concepts and Terms
Chapter 1 Assessment
CHAPTER 2 Emerging Technologies Are Changing How We Live
Evolution of the Internet of Things
Converting to a Tcp/Ip World
IoT’s Impact on Human and Business Life
How People Like to CommunicateIoT Applications That Impact Our Lives
Evolution from Brick and Mortar to E-Commerce
Why Businesses Must Have an Internet and IoT Marketing Strategy
IP Mobility
Mobile Users and Bring Your Own Device
Mobile Applications
IP Mobile Communications
New Challenges Created by the IoT
SecurityPrivacyInteroperability and StandardsLegal and Regulatory IssuesE-Commerce and Economic Development Issues
Chapter Summary
Key Concepts and Terms
Chapter 2 Assessment
CHAPTER 3 Risks, Threats, and Vulnerabilities
Risk Management and Information Security
Risk TerminologyElements of RiskPurpose of Risk Management
The Risk Management Process
Identify RisksAssess and Prioritize RisksPlan a Risk Response StrategyImplement the Risk Response PlanMonitor and Control Risk Response
IT and Network Infrastructure
Intellectual PropertyFinances and Financial DataService Availability and ProductivityReputation
Who Are the Perpetrators?
Risks, Threats, and Vulnerabilities in an IT Infrastructure
Threat TargetsThreat Types
What Is a Malicious Attack?
Birthday AttacksBrute-Force Password AttacksCredential Harvesting and StuffingDictionary Password AttacksIP Address SpoofingHijackingReplay AttacksMan-in-the-Middle AttacksMasqueradingEavesdroppingSocial EngineeringPhreakingPhishingPharming
What Are Common Attack Vectors?
Social Engineering AttacksWireless Network AttacksWeb Application Attacks
The Importance of Countermeasures
Chapter Summary
Key Concepts and Terms
Chapter 3 Assessment
CHAPTER 4 Business Drivers of Information Security
Risk Management’s Importance to the Organization
Understanding the Relationship between a BIA, a BCP, and a DRP
Business Impact Analysis (BIA)Business Continuity Plan (BCP)Disaster Recovery Plan (DRP)
Assessing Risks, Threats, and Vulnerabilities
Closing the Information Security Gap
Adhering to Compliance Laws
Keeping Private Data Confidential
Mobile Workers and Use of Personally Owned Devices
BYOD ConcernsEndpoint and Device Security
Chapter Summary
Key Concepts and Terms
Chapter 4 Assessment
CHAPTER 5 Networks and Telecommunications
The Open Systems Interconnection Reference Model
The Main Types of Networks
Wide Area NetworksLocal Area Networks
TCP/IP and How It Works
TCP/IP OverviewIP AddressingCommon PortsCommon ProtocolsInternet Control Message Protocol
Network Security Risks
Categories of Risk
Basic Network Security Defense Tools
FirewallsVirtual Private Networks and Remote AccessNetwork Access ControlVoice and Video in an IP Network
Wireless Networks
Wireless Access PointsWireless Network Security Controls
Chapter Summary
Key Concepts and Terms
Chapter 5 Assessment
CHAPTER 6 Access Controls
Four-Part Access Control
Two Types of Access Controls
Physical Access ControlLogical Access Control
Authorization Policies
Methods and Guidelines for Identification
Identification MethodsIdentification Guidelines
Processes and Requirements for Authentication
Authentication TypesSingle Sign-On
Policies and Procedures for Accountability
Log FilesMonitoring and ReviewingData Retention, Media Disposal, and Compliance Requirements
Formal Models of Access Control
Discretionary Access ControlOperating Systems–Based DACMandatory Access ControlNondiscretionary Access ControlRule-Based Access ControlAccess Control ListsRole-Based Access ControlContent-Dependent Access ControlConstrained User InterfaceOther Access Control Models
Effects of Breaches in Access Control
Threats to Access Controls
Effects of Access Control Violations
Credential and Permissions Management
Centralized and Decentralized Access Control
Types of AAA ServersDecentralized Access ControlPrivacy
Chapter Summary
Key Concepts and Terms
Chapter 6 Assessment
CHAPTER 7 Cryptography
What Is Cryptography?
Basic Cryptographic PrinciplesA Brief History of CryptographyCryptography’s Role in Information Security
Business and Security Requirements for Cryptography
Internal SecuritySecurity in Business RelationshipsSecurity Measures That Benefit Everyone
Cryptographic Principles, Concepts, and Terminology
Cryptographic Functions and Ciphers
Types of Ciphers
Transposition CiphersSubstitution CiphersProduct and Exponentiation Ciphers
Symmetric and Asymmetric Key Cryptography
Symmetric Key CiphersAsymmetric Key CiphersCryptanalysis and Public Versus Private Keys
Keys, Keyspace, and Key Management
Cryptographic Keys and KeyspaceKey ManagementKey DistributionKey Distribution Centers
Digital Signatures and Hash Functions
Hash FunctionsDigital Signatures
Cryptographic Applications and Uses in Information System Security
Other Cryptographic Tools and ResourcesSymmetric Key StandardsAsymmetric Key SolutionsHash Function and IntegrityDigital Signatures and Nonrepudiation
Principles of Certificates and Key Management
Modern Key Management Techniques
Chapter Summary
Key Concepts and Terms
Chapter 7 Assessment
CHAPTER 8 Malicious Software and Attack Vectors
Characteristics, Architecture, and Operations of Malicious Software
The Main Types of Malware
VirusesSpamWormsTrojan HorsesLogic BombsActive Content VulnerabilitiesMalicious Add-OnsInjectionBotnetsDenial of Service AttacksSpywareAdwarePhishingKeystroke LoggersHoaxes and MythsHomepage HijackingWebpage Defacements
A Brief History of Malicious Code Threats
1970s and Early 1980s: Academic Research and UNIX1980s: Early PC Viruses1990s: Early LAN VirusesMid-1990s: Smart Applications and the Internet2000 to the Present
Threats to Business Organizations
Types of ThreatsInternal Threats from Employees
Anatomy of an Attack
What Motivates Attackers?The Purpose of an AttackTypes of AttacksPhases of an Attack
Attack Prevention Tools and Techniques
Application DefensesOperating System DefensesNetwork Infrastructure DefensesSafe Recovery Techniques and PracticesImplementing Effective Software Best Practices
Intrusion Detection Tools and Techniques
Antivirus Scanning SoftwareNetwork Monitors and AnalyzersContent/Context Filtering and Logging SoftwareHoneypots and Honeynets
Chapter Summary
Key Concepts and Terms
Chapter 8 Assessment
CHAPTER 9 Security Operations and Administration
Security Administration
Controlling AccessDocumentation, Procedures, and GuidelinesDisaster Assessment and RecoverySecurity Outsourcing
Compliance
Event LogsCompliance LiaisonRemediation
Professional Ethics
Common Fallacies About EthicsCodes of EthicsPersonnel Security Principles
The Infrastructure for an IT Security Policy
PoliciesStandardsProceduresBaselinesGuidelines
Data Classification Standards
Information Classification ObjectivesExamples of ClassificationClassification ProceduresAssurance
Configuration Management
Hardware Inventory and Configuration Chart
The Change Management Process
Change Control ManagementChange Control CommitteesChange Control ProceduresChange Control Issues
Application Software Security
The System Life CycleTesting Application Software
Software Development and Security
Software Development Models
Chapter Summary
Key Concepts and Terms
Chapter 9 Assessment
CHAPTER 10 Auditing, Testing, and Monitoring
Security Auditing and Analysis
Security Controls Address RiskDetermining What Is AcceptablePermission LevelsAreas of Security AuditsPurpose of AuditsCustomer Confidence
Defining the Audit Plan
Defining the Scope of the Plan
Auditing Benchmarks
Audit Data Collection Methods
Areas of Security AuditsControl Checks and Identity Management
Post-Audit Activities
Exit InterviewData AnalysisGeneration of Audit ReportPresentation of Findings
Security Monitoring
Security Monitoring for Computer SystemsMonitoring IssuesLogging AnomaliesLog Management
Types of Log Information to Capture
How to Verify Security Controls
Intrusion Detection SystemAnalysis MethodsHIDSLayered Defense: Network Access ControlControl Checks: Intrusion DetectionHost IsolationSystem Hardening
Monitoring and Testing Security Systems
MonitoringTesting
Chapter Summary
Key Concepts and Terms
Chapter 10 Assessment
CHAPTER 11 Contingency Planning
Business Continuity Management
Emerging ThreatsStatic EnvironmentsTerminologyAssessing Maximum Tolerable DowntimeBusiness Impact AnalysisPlan ReviewTesting the Plan
Backing Up Data and Applications
Types of Backups
Incident Handling
PreparationIdentificationNotificationResponseRecoveryFollow-UpDocumentation and Reporting
Recovery from a Disaster
Activating the Disaster Recovery PlanOperating in a Reduced/Modified EnvironmentRestoring Damaged SystemsDisaster Recovery IssuesRecovery AlternativesInterim or Alternate Processing Strategies
Chapter Summary
Key Concepts and Terms
Chapter 11 Assessment
CHAPTER 12 Digital Forensics
Introduction to Digital Forensics
Understanding Digital ForensicsKnowledge That Is Needed for Forensic Analysis
Overview of Computer Crime
Types of Computer CrimeThe Impact of Computer Crime on Forensics
Forensic Methods and Labs
Forensic MethodologiesSetting Up a Forensic Lab
Collecting, Seizing, and Protecting Evidence
The Importance of Proper Evidence HandlingImaging Original Evidence
Recovering Data
Undeleting DataRecovering Data from Damaged Media
Operating System Forensics
Internals and StorageCommand-Line Interface and Scripting
Mobile Forensics
Mobile Device EvidenceSeizing Evidence from a Mobile Device
Chapter Summary
Key Concepts and Terms
Chapter 12 Assessment
CHAPTER 13 Information Security Standards
Standards Organizations
National Institute of Standards and TechnologyInternational Organization for StandardizationInternational Electrotechnical CommissionWorld Wide Web ConsortiumInternet Engineering Task ForceInstitute of Electrical and Electronics EngineersInternational Telecommunication Union Telecommunication SectorAmerican National Standards InstituteEuropean Telecommunications Standards Institute Cyber Security Technical Committee
ISO 17799 (Withdrawn)
ISO/IEC 27002Payment Card Industry Data Security Standard
Chapter Summary
Key Concepts and Terms
Chapter 13 Assessment
CHAPTER 14 Information Security Certifications
U.S. Department of Defense/Military Directive 8570.01
U.S. DoD/Military Directive 8140U.S. DoD Training Framework
Vendor-Neutral Professional Certifications
International Information Systems Security Certification Consortium, Inc.Global Information Assurance Certification/SANS InstituteCertified Internet Web ProfessionalCompTIAISACA®Other Information Systems Security Certifications
Vendor-Specific Professional Certifications
Cisco SystemsJuniper NetworksRSASymantecCheck Point
Chapter Summary
Key Concepts and Terms
Chapter 14 Assessment
CHAPTER 15 Compliance Laws
Compliance Is the Law
Federal Information Security
The Federal Information Security Management Act of 2002The Federal Information Security Modernization Act of 2014The Role of the National Institute of Standards and TechnologyNational Security Systems
The Health Insurance Portability and Accountability Act (HIPAA)
Purpose and ScopeMain Requirements of the HIPAA Privacy RuleMain Requirements of the HIPAA Security RuleOversightOmnibus Regulations
The Gramm-Leach-Bliley Act
Purpose and ScopeMain Requirements of the GLBA Privacy RuleMain Requirements of the GLBA Safeguards RuleOversight
The Sarbanes-Oxley Act
Purpose and ScopeSOX Control Certification RequirementsSOX Records Retention RequirementsOversight
The Family Educational Rights and Privacy Act
Purpose and ScopeMain RequirementsOversight
The Children’s Online Privacy Protection Act of 1998
The Children’s Internet Protection Act
Purpose and ScopeMain RequirementsOversight
Payment Card Industry Data Security Standard
Purpose and ScopeSelf-Assessment Questionnaire
General Data Protection Regulation
California Consumer Privacy Act
Making Sense of Laws for Information Security Compliance
Chapter Summary
Key Concepts and Terms
Chapter 15 Assessment
APPENDIX A Answer Key
APPENDIX B Standard Acronyms
APPENDIX C Earning the CompTIA Security+ Certification
Glossary of Key Terms
References
Index

Content preview from Fundamentals of Information Systems Security, 4th Edition

Types of Log Information to Capture

An organization might need a large number of logs to record all the activity on its systems, networks, and applications. The four main types of logs that you need to keep to support security auditing include the following:

Event logs—General operating system and application software events
Access logs—Access requests to resources
Security logs—Security-related events
Audit logs—Defined events that provide additional input to audit activities

As shown in FIGURE 10-3, you should record all suspicious activity, errors, unauthorized access attempts, and access to sensitive information. As a result, you will not only track incidents, but you will also keep users accountable for their activities.

FIGURE 10-3 ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Fundamentals of Information Systems Security, 3rd Edition

Publisher Resources

ISBN: 9781284220742

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Fundamentals of Information Systems Security, 4th Edition

by David Kim, Michael G. Solomon

Types of Log Information to Capture

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Addison B.

Amir M.

Mark W.

You might also like

Fundamentals of Information Systems Security, 3rd Edition

Fundamentals of Information Systems Security

(ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide, 3rd Edition

CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide, Second Edition, 2nd Edition

Publisher Resources