book

Fundamentals of Information Systems Security, 4th Edition

by David Kim, Michael G. Solomon

December 2021

Beginner

550 pages

20h 48m

English

Jones & Bartlett Learning

Read now

Unlock full access

Risks, Threats, and VulnerabilitiesWhat Is Information Systems Security?Compliance Laws and Regulations Drive the Need for Information Systems Security
ConfidentialityIntegrityAvailability
User DomainWorkstation DomainLAN DomainLAN-to-WAN DomainWAN DomainRemote Access DomainSystem/Application Domain
Ethics and the Internet
DefinitionsFoundational IT Security Policies
How People Like to CommunicateIoT Applications That Impact Our Lives
Mobile Users and Bring Your Own Device
IP Mobile Communications
SecurityPrivacyInteroperability and StandardsLegal and Regulatory IssuesE-Commerce and Economic Development Issues
Risk TerminologyElements of RiskPurpose of Risk Management
Identify RisksAssess and Prioritize RisksPlan a Risk Response StrategyImplement the Risk Response PlanMonitor and Control Risk Response
Intellectual PropertyFinances and Financial DataService Availability and ProductivityReputation
Threat TargetsThreat Types
Birthday AttacksBrute-Force Password AttacksCredential Harvesting and StuffingDictionary Password AttacksIP Address SpoofingHijackingReplay AttacksMan-in-the-Middle AttacksMasqueradingEavesdroppingSocial EngineeringPhreakingPhishingPharming
Social Engineering AttacksWireless Network AttacksWeb Application Attacks
Business Impact Analysis (BIA)Business Continuity Plan (BCP)Disaster Recovery Plan (DRP)
BYOD ConcernsEndpoint and Device Security
Wide Area NetworksLocal Area Networks
TCP/IP OverviewIP AddressingCommon PortsCommon ProtocolsInternet Control Message Protocol
Categories of Risk
FirewallsVirtual Private Networks and Remote AccessNetwork Access ControlVoice and Video in an IP Network
Wireless Access PointsWireless Network Security Controls
Physical Access ControlLogical Access Control
Identification MethodsIdentification Guidelines
Authentication TypesSingle Sign-On
Log FilesMonitoring and ReviewingData Retention, Media Disposal, and Compliance Requirements
Discretionary Access ControlOperating Systems–Based DACMandatory Access ControlNondiscretionary Access ControlRule-Based Access ControlAccess Control ListsRole-Based Access ControlContent-Dependent Access ControlConstrained User InterfaceOther Access Control Models
Types of AAA ServersDecentralized Access ControlPrivacy
Basic Cryptographic PrinciplesA Brief History of CryptographyCryptography’s Role in Information Security
Internal SecuritySecurity in Business RelationshipsSecurity Measures That Benefit Everyone
Cryptographic Functions and Ciphers
Transposition CiphersSubstitution CiphersProduct and Exponentiation Ciphers
Symmetric Key CiphersAsymmetric Key CiphersCryptanalysis and Public Versus Private Keys
Cryptographic Keys and KeyspaceKey ManagementKey DistributionKey Distribution Centers
Hash FunctionsDigital Signatures
Other Cryptographic Tools and ResourcesSymmetric Key StandardsAsymmetric Key SolutionsHash Function and IntegrityDigital Signatures and Nonrepudiation
Modern Key Management Techniques
VirusesSpamWormsTrojan HorsesLogic BombsActive Content VulnerabilitiesMalicious Add-OnsInjectionBotnetsDenial of Service AttacksSpywareAdwarePhishingKeystroke LoggersHoaxes and MythsHomepage HijackingWebpage Defacements
1970s and Early 1980s: Academic Research and UNIX1980s: Early PC Viruses1990s: Early LAN VirusesMid-1990s: Smart Applications and the Internet2000 to the Present
Types of ThreatsInternal Threats from Employees
What Motivates Attackers?The Purpose of an AttackTypes of AttacksPhases of an Attack
Application DefensesOperating System DefensesNetwork Infrastructure DefensesSafe Recovery Techniques and PracticesImplementing Effective Software Best Practices
Antivirus Scanning SoftwareNetwork Monitors and AnalyzersContent/Context Filtering and Logging SoftwareHoneypots and Honeynets
Controlling AccessDocumentation, Procedures, and GuidelinesDisaster Assessment and RecoverySecurity Outsourcing
Event LogsCompliance LiaisonRemediation
Common Fallacies About EthicsCodes of EthicsPersonnel Security Principles
PoliciesStandardsProceduresBaselinesGuidelines
Information Classification ObjectivesExamples of ClassificationClassification ProceduresAssurance
Hardware Inventory and Configuration Chart
Change Control ManagementChange Control CommitteesChange Control ProceduresChange Control Issues
The System Life CycleTesting Application Software
Software Development Models
Security Controls Address RiskDetermining What Is AcceptablePermission LevelsAreas of Security AuditsPurpose of AuditsCustomer Confidence
Defining the Scope of the Plan
Areas of Security AuditsControl Checks and Identity Management
Exit InterviewData AnalysisGeneration of Audit ReportPresentation of Findings
Security Monitoring for Computer SystemsMonitoring IssuesLogging AnomaliesLog Management
Intrusion Detection SystemAnalysis MethodsHIDSLayered Defense: Network Access ControlControl Checks: Intrusion DetectionHost IsolationSystem Hardening
MonitoringTesting
Emerging ThreatsStatic EnvironmentsTerminologyAssessing Maximum Tolerable DowntimeBusiness Impact AnalysisPlan ReviewTesting the Plan
Types of Backups
PreparationIdentificationNotificationResponseRecoveryFollow-UpDocumentation and Reporting
Activating the Disaster Recovery PlanOperating in a Reduced/Modified EnvironmentRestoring Damaged SystemsDisaster Recovery IssuesRecovery AlternativesInterim or Alternate Processing Strategies
Understanding Digital ForensicsKnowledge That Is Needed for Forensic Analysis
Types of Computer CrimeThe Impact of Computer Crime on Forensics
Forensic MethodologiesSetting Up a Forensic Lab
The Importance of Proper Evidence HandlingImaging Original Evidence
Undeleting DataRecovering Data from Damaged Media
Internals and StorageCommand-Line Interface and Scripting
Mobile Device EvidenceSeizing Evidence from a Mobile Device
National Institute of Standards and TechnologyInternational Organization for StandardizationInternational Electrotechnical CommissionWorld Wide Web ConsortiumInternet Engineering Task ForceInstitute of Electrical and Electronics EngineersInternational Telecommunication Union Telecommunication SectorAmerican National Standards InstituteEuropean Telecommunications Standards Institute Cyber Security Technical Committee
ISO/IEC 27002Payment Card Industry Data Security Standard
U.S. DoD/Military Directive 8140U.S. DoD Training Framework
International Information Systems Security Certification Consortium, Inc.Global Information Assurance Certification/SANS InstituteCertified Internet Web ProfessionalCompTIAISACA®Other Information Systems Security Certifications
Cisco SystemsJuniper NetworksRSASymantecCheck Point
The Federal Information Security Management Act of 2002The Federal Information Security Modernization Act of 2014The Role of the National Institute of Standards and TechnologyNational Security Systems
Purpose and ScopeMain Requirements of the HIPAA Privacy RuleMain Requirements of the HIPAA Security RuleOversightOmnibus Regulations
Purpose and ScopeMain Requirements of the GLBA Privacy RuleMain Requirements of the GLBA Safeguards RuleOversight
Purpose and ScopeSOX Control Certification RequirementsSOX Records Retention RequirementsOversight
Purpose and ScopeMain RequirementsOversight
Purpose and ScopeMain RequirementsOversight
Purpose and ScopeSelf-Assessment Questionnaire

Content preview from Fundamentals of Information Systems Security, 4th Edition

Types of Log Information to Capture

An organization might need a large number of logs to record all the activity on its systems, networks, and applications. The four main types of logs that you need to keep to support security auditing include the following:

Event logs—General operating system and application software events
Access logs—Access requests to resources
Security logs—Security-related events
Audit logs—Defined events that provide additional input to audit activities

As shown in FIGURE 10-3, you should record all suspicious activity, errors, unauthorized access attempts, and access to sensitive information. As a result, you will not only track incidents, but you will also keep users accountable for their activities.

FIGURE 10-3 ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Fundamentals of Information Systems Security, 3rd Edition

David Kim, Michael G. Solomon

Fundamentals of Information Systems Security

David Kim, Michael G. Solomon

CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide, Second Edition, 2nd Edition

Peter H. Gregory, Bobby E. Rogers, Dawn Dunkerley

(ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide, 3rd Edition

Mike Wills

Publisher Resources

ISBN: 9781284220742