William Stallings
Effective Cybersecurity
A Guide to Using Best Practices and Standards
E-book Engels 2018 9780134772967
Verwachte levertijd ongeveer 9 werkdagen
Samenvatting
The Practical, Comprehensive Guide to Applying Cybersecurity Best Practices and Standards in Real Environments
In Effective Cybersecurity, William Stallings introduces the technology, operational procedures, and management practices needed for successful cybersecurity. Stallings makes extensive use of standards and best practices documents that are often used to guide or mandate cybersecurity implementation. Going beyond these, he offers in-depth tutorials on the “how” of implementation, integrated into a unified framework and realistic plan of action. Each chapter contains a clear technical overview, as well as a detailed discussion of action items and appropriate policies. Stallings offers many pedagogical features designed to help readers master the material: clear learning objectives, keyword lists, review questions, and QR codes linking to relevant standards documents and web resources.
Effective Cybersecurity aligns with the comprehensive Information Security Forum document “The Standard of Good Practice for Information Security,” extending ISF’s work with extensive insights from ISO, NIST, COBIT, other official standards and guidelines, and modern professional, academic, and industry literature.
• Understand the cybersecurity discipline and the role of standards and best practices
• Define security governance, assess risks, and manage strategy and tactics
• Safeguard information and privacy, and ensure GDPR compliance
• Harden systems across the system development life cycle (SDLC)
• Protect servers, virtualized systems, and storage
• Secure networks and electronic communications, from email to VoIP
• Apply the most appropriate methods for user authentication
• Mitigate security risks in supply chains and cloud environments
This knowledge is indispensable to every cybersecurity professional. Stallings presents it systematically and coherently, making it practical and actionable.
Specificaties
Lezersrecensies
Wees de eerste die een lezersrecensie schrijft!
Inhoudsopgave
Preface xxvii <br> Chapter 1: Best Practices, Standards, and a Plan of Action 2 <br>1.1 Defining Cyberspace and Cybersecurity 3 <br>1.2 The Value of Standards and Best Practices Documents 6 <br>1.3 The Standard of Good Practice for Information Security 7 <br>1.4 The ISO/IEC 27000 Suite of Information Security Standards 12 <br> ISO 27001 15 <br> ISO 27002 17 <br>1.5 Mapping the ISO 27000 Series to the ISF SGP 18 <br>1.6 NIST Cybersecurity Framework and Security Documents 21 <br> NIST Cybersecurity Framework 22 <br> NIST Security Documents 25 <br>1.7 The CIS Critical Security Controls for Effective Cyber Defense 27 <br>1.8 COBIT 5 for Information Security 29 <br>1.9 Payment Card Industry Data Security Standard (PCI DSS) 30 <br>1.10 ITU-T Security Documents 32 <br>1.11 Effective Cybersecurity 34 <br> The Cybersecurity Management Process 34 <br> Using Best Practices and Standards Documents 36 <br>1.12 Key Terms and Review Questions 38 <br> Key Terms 38 <br> Review Questions 38 <br>1.13 References 39 <br> <br> PART I: PLANNING FOR CYBERSECURITY 41<br>Chapter 2: Security Governance 42 <br>2.1 Security Governance and Security Management 43 <br>2.2 Security Governance Principles and Desired Outcomes 45 <br> Principles 45 <br> Desired Outcomes 46 <br>2.3 Security Governance Components 47 <br> Strategic Planning 47 <br> Organizational Structure 51 <br> Roles and Responsibilities 55 <br> Integration with Enterprise Architecture 58 <br> Policies and Guidance 63 <br>2.4 Security Governance Approach 63 <br> Security Governance Framework 63 <br> Security Direction 64 <br> Responsible, Accountable, Consulted, and Informed (RACI) Charts 66 <br>2.5 Security Governance Evaluation 68 <br>2.6 Security Governance Best Practices 69 <br>2.7 Key Terms and Review Questions 70 <br> Key Terms 70 <br> Review Questions 71 <br>2.8 References 71 <br> Chapter 3: Information Risk Assessment 74 <br>3.1 Risk Assessment Concepts 75 <br> Risk Assessment Challenges 78 <br> Risk Management 80 <br> Structure of This 84 <br>3.2 Asset Identification 85 <br> Hardware Assets 85 <br> Software Assets 85 <br> Information Assets 86 <br> Business Assets 87 <br> Asset Register 87 <br>3.3 Threat Identification 89 <br> The STRIDE Threat Model 89 <br> Threat Types 90 <br> Sources of Information 92 <br>3.4 Control Identification 98 <br>3.5 Vulnerability Identification 102 <br> Vulnerability Categories 103 <br> National Vulnerability Database and Common Vulnerability Scoring System 103 <br>3.6 Risk Assessment Approaches 107 <br> Quantitative Versus Qualitative Risk Assessment 107 <br> Simple Risk Analysis Worksheet 113 <br> Factor Analysis of Information Risk 114 <br>3.7 Likelihood Assessment 116 <br> Estimating Threat Event Frequency 118 <br> Estimating Vulnerability 119 <br> Loss Event Frequency 121 <br>3.8 Impact Assessment 122 <br> Estimating the Primary Loss 124 <br> Estimating the Secondary Loss 125 <br> Business Impact Reference Table 126 <br>3.9 Risk Determination 128 <br>3.10 Risk Evaluation 128 <br>3.11 Risk Treatment 129 <br> Risk Reduction 130 <br> Risk Retention 130 <br> Risk Avoidance 130 <br> Risk Transfer 131 <br>3.12 Risk Assessment Best Practices 131 <br>3.13 Key Terms and Review Questions 132 <br> Key Terms 132 <br> Review Questions 133 <br>3.14 References 134 <br> Chapter 4: Security Management 136 <br>4.1 The Security Management Function 137 <br> Security Planning 140 <br> Capital Planning 142 <br>4.2 Security Policy 145 <br> Security Policy Categories 146 <br> Security Policy Document Content 147 <br> Management Guidelines for Security Policies 151 <br> Monitoring the Policy 151 <br>4.3 Acceptable Use Policy 152 <br>4.4 Security Management Best Practices 154 <br>4.5 Key Terms and Review Questions 154 <br> Key Terms 154 <br> Review Questions 155 <br>4.6 References 155 <br> <br> PART II: MANAGING THE CYBERSECURITY FUNCTION 157<br>Chapter 5: People Management 160 <br>5.1 Human Resource Security 161 <br> Security in the Hiring Process 162 <br> During Employment 164 <br> Termination of Employment 165 <br>5.2 Security Awareness and Education 166 <br> Security Awareness 168 <br> Cybersecurity Essentials Program 173 <br> Role-Based Training 173 <br> Education and Certification 174 <br>5.3 People Management Best Practices 175 <br>5.4 Key Terms and Review Questions 176 <br> Key Terms 176 <br> Review Questions 176 <br>5.5 References 177 <br> Chapter 6: Information Management 178 <br>6.1 Information Classification and Handling 179 <br> Information Classification 179 <br> Information Labeling 185 <br> Information Handling 186 <br>6.2 Privacy 186 <br> Privacy Threats 189 <br> Privacy Principles and Policies 191 <br> Privacy Controls 196 <br>6.3 Document and Records Management 198 <br> Document Management 200 <br> Records Management 202 <br>6.4 Sensitive Physical Information 204 <br>6.5 Information Management Best Practices 205 <br>6.6 Key Terms and Review Questions 206 <br> Key Terms 206 <br> Review Questions 207 <br>6.7 References 208 <br> Chapter 7: Physical Asset Management 210 <br>7.1 Hardware Life Cycle Management 211 <br> Planning 213 <br> Acquisition 214 <br> Deployment 214 <br> Management 215 <br> Disposition 216 <br>7.2 Office Equipment 217 <br> Threats and Vulnerabilities 217 <br> Security Controls 219 <br> Equipment Disposal 222 <br>7.3 Industrial Control Systems 223 <br> Differences Between IT Systems and Industrial Control Systems 225 <br> ICS Security 227 <br>7.4 Mobile Device Security 231 <br> Mobile Device Technology 233 <br> Mobile Ecosystem 234 <br> Vulnerabilities 236 <br> Mobile Device Security Strategy 238 <br> Resources for Mobile Device Security 243 <br>7.5 Physical Asset Management Best Practices 244 <br>7.6 Key Terms and Review Questions 245 <br> Key Terms 245 <br> Review Questions 245 <br>7.7 References 246 <br> Chapter 8: System Development 248 <br>8.1 System Development Life Cycle 248 <br> NIST SDLC Model 249 <br> The SGP’s SDLC Model 252 <br> DevOps 254 <br>8.2 Incorporating Security into the SDLC 259 <br> Initiation Phase 260 <br> Development/Acquisition Phase 264 <br> Implementation/Assessment Phase 266 <br> Operations and Maintenance Phase 270 <br> Disposal Phase 272 <br>8.3 System Development Management 273 <br> System Development Methodology 274 <br> System Development Environments 275 <br> Quality Assurance 277 <br>8.4 System Development Best Practices 278 <br>8.5 Key Terms and Review Questions 278 <br> Key Terms 278 <br> Review Questions 279 <br>8.6 References 279 <br> Chapter 9: Business Application Management 280 <br>9.1 Application Management Concepts 281 <br> Application Life Cycle Management 281 <br> Application Portfolio Management 283 <br> Application Performance Management 285 <br>9.2 Corporate Business Application Security 287 <br> Business Application Register 287 <br> Business Application Protection 288 <br> Browser-Based Application Protection 289 <br>9.3 End User-Developed Applications (EUDAs) 295 <br> Benefits of EUDAs 296 <br> Risks of EUDAs 296 <br> EUDA Security Framework 297 <br>9.4 Business Application Management Best Practices 300 <br>9.5 Key Terms and Review Questions 301 <br> Key Terms 301 <br> Review Questions 302 <br>9.6 References 302 <br> Chapter 10: System Access 304 <br>10.1 System Access Concepts 304 <br> Authorization 306 <br>10.2 User Authentication 307 <br> A Model for Electronic User Authentication 307 <br> Means of Authentication 310 <br> Multifactor Authentication 311 <br>10.3 Password-Based Authentication 312 <br> The Vulnerability of Passwords 313 <br> The Use of Hashed Passwords 315 <br> Password Cracking of User-Chosen Passwords 317 <br> Password File Access Control 319 <br> Password Selection 320 <br>10.4 Possession-Based Authentication 322 <br> Memory Cards 322 <br> Smart Cards 323 <br> Electronic Identity Cards 325 <br> One-Time Password Device 328 <br> Threats to Possession-Based Authentication 329 <br> Security Controls for Possession-Based Authentication 330 <br>10.5 Biometric Authentication 330 <br> Criteria for Biometric Characteristics 331 <br> Physical Characteristics Used in Biometric Applications 332 <br> Operation of a Biometric Authentication System 333 <br> Biometric Accuracy 335 <br> Threats to Biometric Authentication 337 <br> Security Controls for Biometric Authentication 339 <br>10.6 Risk Assessment for User Authentication 341 <br> Authenticator Assurance Levels 341 <br> Selecting an AAL 342 <br> Choosing an Authentication Method 345 <br>10.7 Access Control 347 <br> Subjects, Objects, and Access Rights 348 <br> Access Control Policies 349 <br> Discretionary Access Control 350 <br> Role-Based Access Control 351 <br> Attribute-Based Access Control 353 <br> Access Control Metrics 358 <br>10.8 Customer Access 360 <br> Customer Access Arrangements 360 <br> Customer Contracts 361 <br> Customer Connections 361 <br> Protecting Customer Data 361 <br>10.9 System Access Best Practices 362 <br>10.10 Key Terms and Review Questions 363 <br> Key Terms 363 <br> Review Questions 363 <br>10.11 References 364 <br> Chapter 11: System Management 366 <br>11.1 Server Configuration 368 <br> Threats to Servers 368 <br> Requirements for Server Security 368 <br>11.2 Virtual Servers 370 <br> Virtualization Alternatives 371 <br> Virtualization Security Issues 374 <br> Securing Virtualization Systems 376 <br>11.3 Network Storage Systems 377 <br>11.4 Service Level Agreements 379 <br> Network Providers 379 <br> Computer Security Incident Response Team 381 <br> Cloud Service Providers 382 <br>11.5 Performance and Capacity Management 383 <br>11.6 Backup 384 <br>11.7 Change Management 386 <br>11.8 System Management Best Practices 389 <br>11.9 Key Terms and Review Questions 390 <br> Key Terms 390 <br> Review Questions 390 <br>11.10 References 391 <br> Chapter 12: Networks and Communications 392 <br>12.1 Network Management Concepts 393 <br> Network Management Functions 393 <br> Network Management Systems 399 <br> Network Management Architecture 402 <br>12.2 Firewalls 404 <br> Firewall Characteristics 404 <br> Types of Firewalls 406 <br> Next-Generation Firewalls 414 <br> DMZ Networks 414 <br> The Modern IT Perimeter 416 <br>12.3 Virtual Private Networks and IP Security 417 <br> Virtual Private Networks 417 <br> IPsec 418 <br> Firewall-Based VPNs 420 <br>12.4 Security Considerations for Network Management 421 <br> Network Device Configuration 421 <br> Physical Network Management 423 <br> Wireless Access 426 <br> External Network Connections 427 <br> Firewalls 428 <br> Remote Maintenance 429 <br>12.5 Electronic Communications 430 <br> Email 430 <br> Instant Messaging 436 <br> Voice over IP (VoIP) Networks 438 <br> Telephony and Conferencing 444 <br>12.6 Networks and Communications Best Practices 444 <br>12.7 Key Terms and Review Questions 445 <br> Key Terms 445 <br> Review Questions 445 <br>12.8 References 446 <br> Chapter 13: Supply Chain Management and Cloud Security 448 <br>13.1 Supply Chain Management Concepts 449 <br> The Supply Chain 449 <br> Supply Chain Management 451 <br>13.2 Supply Chain Risk Management 453 <br> Supply Chain Threats 456 <br> Supply Chain Vulnerabilities 459 <br> Supply Chain Security Controls 460 <br> SCRM Best Practices 463 <br>13.3 Cloud Computing 466 <br> Cloud Computing Elements 466 <br> Cloud Computing Reference Architecture 470 <br>13.4 Cloud Security 473 <br> Security Considerations for Cloud Computing 473 <br> Threats for Cloud Service Users 474 <br> Risk Evaluation 475 <br> Best Practices 476 <br> Cloud Service Agreement 477 <br>13.5 Supply Chain Best Practices 478 <br>13.6 Key Terms and Review Questions 479 <br> Key Terms 479 <br> Review Questions 479 <br>13.7 References 480 <br> Chapter 14: Technical Security Management 482 <br>14.1 Security Architecture 483 <br>14.2 Malware Protection Activities 487 <br> Types of Malware 487 <br> The Nature of the Malware Threat 490 <br> Practical Malware Protection 490 <br>14.3 Malware Protection Software 494 <br> Capabilities of Malware Protection Software 494 <br> Managing Malware Protection Software 495 <br>14.4 Identity and Access Management 496 <br> IAM Architecture 497 <br> Federated Identity Management 498 <br> IAM Planning 500 <br> IAM Best Practices 501 <br>14.5 Intrusion Detection 502 <br> Basic Principles 503 <br> Approaches to Intrusion Detection 504 <br> Host-Based Intrusion Detection Techniques 505 <br> Network-Based Intrusion Detection Systems 506 <br> IDS Best Practices 508 <br>14.6 Data Loss Prevention 509 <br> Data Classification and Identification 509 <br> Data States 510 <br>14.7 Digital Rights Management 512 <br> DRM Structure and Components 513 <br> DRM Best Practices 515 <br>14.8 Cryptographic Solutions 517 <br> Uses of Cryptography 517 <br> Cryptographic Algorithms 518 <br> Selection of Cryptographic Algorithms and Lengths 525 <br> Cryptography Implementation Considerations 526 <br>14.9 Cryptographic Key Management 528 <br> Key Types 530 <br> Cryptoperiod 532 <br> Key Life Cycle 534 <br>14.10 Public Key Infrastructure 536 <br> Public Key Certificates 536 <br> PKI Architecture 538 <br> Management Issues 540 <br>14.11 Technical Security Management Best Practices 541 <br>14.12 Key Terms and Review Questions 543 <br> Key Terms 543 <br> Review Questions 543 <br>14.13 References 544 <br> Chapter 15: Threat and Incident Management 546 <br>15.1 Technical Vulnerability Management 547 <br> Plan Vulnerability Management 547 <br> Discover Known Vulnerabilities 548 <br> Scan for Vulnerabilities 549 <br> Log and Report 551 <br> Remediate Vulnerabilities 551 <br>15.2 Security Event Logging 554 <br> Security Event Logging Objective 556 <br> Potential Security Log Sources 556 <br> What to Log 557 <br> Protection of Log Data 557 <br> Log Management Policy 558 <br>15.3 Security Event Management 559 <br> SEM Functions 560 <br> SEM Best Practices 561 <br>15.4 Threat Intelligence 563 <br> Threat Taxonomy 564 <br> The Importance of Threat Intelligence 566 <br> Gathering Threat Intelligence 568 <br> Threat Analysis 569 <br>15.5 Cyber Attack Protection 570 <br> Cyber Attack Kill Chain 570 <br> Protection and Response Measures 573 <br> Non-Malware Attacks 576 <br>15.6 Security Incident Management Framework 577 <br> Objectives of Incident Management 579 <br> Relationship to Information Security Management System 579 <br> Incident Management Policy 580 <br> Roles and Responsibilities 581 <br> Incident Management Information 583 <br> Incident Management Tools 583 <br>15.7 Security Incident Management Process 584 <br> Preparing for Incident Response 585 <br> Detection and Analysis 586 <br> Containment, Eradication, and Recovery 587 <br> Post-Incident Activity 588 <br>15.8 Emergency Fixes 590 <br>15.9 Forensic Investigations 592 <br> Prepare 593 <br> Identify 594 <br> Collect 594 <br> Preserve 595 <br> Analyze 595 <br> Report 596 <br>15.10 Threat and Incident Management Best Practices 597 <br>15.11 Key Terms and Review Questions 598 <br> Key Terms 598 <br> Review Questions 599 <br>15.12 References 599 <br> Chapter 16: Local Environment Management 602 <br>16.1 Local Environment Security 602 <br> Local Environment Profile 603 <br> Local Security Coordination 604 <br>16.2 Physical Security 606 <br> Physical Security Threats 606 <br> Physical Security Officer 609 <br> Defense in Depth 610 <br> Physical Security: Prevention and Mitigation Measures 612 <br> Physical Security Controls 615 <br>16.3 Local Environment Management Best Practices 619 <br>16.4 Key Terms and Review Questions 620 <br> Key Terms 620 <br> Review Questions 620 <br>16.5 References 621 <br> Chapter 17: Business Continuity 622 <br>17.1 Business Continuity Concepts 625 <br> Threats 626 <br> Business Continuity in Operation 628 <br> Business Continuity Objectives 629 <br> Essential Components for Maintaining Business Continuity 630 <br>17.2 Business Continuity Program 630 <br> Governance 631 <br> Business Impact Analysis 631 <br> Risk Assessment 632 <br> Business Continuity Strategy 634 <br>17.3 Business Continuity Readiness 637 <br> Awareness 637 <br> Training 638 <br> Resilience 639 <br> Control Selection 640 <br> Business Continuity Plan 642 <br> Exercising and Testing 647 <br> Performance Evaluation 650 <br>17.4 Business Continuity Operations 655 <br> Emergency Response 655 <br> Crisis Management 656 <br> Business Recovery/Restoration 657 <br>17.5 Business Continuity Best Practices 660 <br>17.6 Key Terms and Review Questions 661 <br> Key Terms 661 <br> Review Questions 661 <br>17.7 References 662 <br> <br> PART III: SECURITY ASSESSMENT 665<br>Chapter 18: Security Monitoring and Improvement 666 <br>18.1 Security Audit 666 <br> Security Audit and Alarms Model 667 <br> Data to Collect for Auditing 668 <br> Internal and External Audit 672 <br> Security Audit Controls 673 <br>18.2 Security Performance 678 <br> Security Performance Measurement 678 <br> Security Monitoring and Reporting 686 <br> Information Risk Reporting 688 <br> Information Security Compliance Monitoring 690 <br>18.3 Security Monitoring and Improvement Best Practices 691 <br>18.4 Key Terms and Review Questions 692 <br> Key Terms 692 <br> Review Questions 692 <br>18.5 References 693 <br> Appendix A: References and Standards 694<br>Appendix B: Glossary 708<br>Index 726<br><br>Appendix C: Answers to Review Questions (Online Only) <br>
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan