IT Security Controls: A Guide to Corporate Standards and Frameworks
商品資訊
ISBN13:9781484277980
出版社:Apress
作者:Virgilio Viegas
出版日:2022/04/07
裝訂:平裝
規格:25.4cm*17.8cm*2cm (高/寬/厚)
商品簡介
Introduction
Chapter 1. Standards and frameworks
ISO 27001
ISO 27002
ISO 27018 n17
NIST sp 800-53
NIST sp 800-160
PCI DSS
Cloud standards
ISO 17789
NIST sp 500-292
Cobit for it security
CIS controls
Chapter 2. Corporate security controls
Information security processes and services
Security governance
Governance of information security (ISO 27014:2013)Security metrics
Policies and procedures
Cyber security and risk assessment
Penetration testingRed teaming
Owasp code review
Compliance scans
Vulnerability scans
Firewall assurance
Risk assessments
Security awareness
Security awareness training
Simulated attacksSecurity operations center
Incident response and recovery
Threat hunting
Ediscovery/forensics
Threat intelligence
Cyber crisis management plan
Security engineering
Asset management
Configuration management and security baselinesSecurity architecture and design
It security technical controls
Off premises unmanaged devices
Secure connectionsClean pipes
DDOS protection
Ipsec / tls encryption
EMM - enterprise mobility management (mdm, mam, mcm)
NAC - network access control
Multi factor authentication
Managed devices
Active directory integration
SCCM - system center configuration managerTPM - trusted platform module
VPN client
NAC - network access control (agent)
Data classification
UAM - user activity monitoring
Phishing reporting tool
Endpoint protection
Host ips / edr
Desktop firewall
Antivirus
Antispyware
Full disk encryption
App-control / white-listing
Perimeter controls
Firewall
IDS / IPS
Proxy and content filtering
DLP - data leakage/loss protectionHoneypot
WAF - web application firewall
Ssl / vpn
Dns
Message security
Adfs
Sandbox
File integrity
Encrypted email
On premises controls
Mandatory requirements
Vlan segmentation
Criticality
NatureType
Security baselines
Redundancy
Load balancing
Production traffic encryption
Multilayer implementation
Tls decryption
Static routing
Disaster recoveryTime synchronization
Redundancy
Physical network segmentation
Distinct heartbeat interfaces
Centralized management
Default gateways
Sinkhole
Public key infrastructure
Security monitoring and enforcementPrivileged access management
Log concentrator
Identity and access management
Vulnerability management and penetration testing
Security information and event management
Database activity monitoring
Risk register
Single sign-on
Chapter 3. It security technical control matrix
Chapter 4. It security processes maturity level matrix
Chapter 5. More about cloud
ISO 17789 and NIST sp500-292 developed
IaaSSaaS & secaas
Chapter 6. Security testing tools
Web applications attacks
Passive online password hacking
Steganography
Windows log tools
Vulnerability scanner
SQL injection
Wireless attacksSession hijacking
Bluetooth attacks
Arp poisoning
W
購物須知
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。