Practical Guidance
Time-saving Solutions
Knowledgeable Insights

Information Security, State and Local Government Series

Frequency: (1 issues)

Select a format

Book :+ Folio exe file
ISBN: 9781632807779
In Stock
Price
$334.00
QTY
eBook :epub
ISBN: 9781632811080
In Stock
Price
$334.00
QTY
eBook :mobi
ISBN: 9781632811080
In Stock
Price
$334.00
QTY
Downloadable Content :exe
Not sold separately
ISBN: 9781632807779
In Stock
Price
$334.00
International Order Inquiry

Product details

View a sample of this title using the ReadNow feature

Information Security is designed as a resource for executive management, departmental users, and technical resource personnel of public sector organizations.

Information Security describes a methodology for security planning that focuses on risks, related threats, tools for addressing the threats, and the processes needed to build more secure systems and continuously monitor and improve security. The approach is based on a proven technique that results in documented security strategies and informed decisions. The manual can be used as a guide for security "best practices" because it provides a wider perspective on security in general for a better understanding of how to reduce and manage security risk.

•  The author writes from a data management planning perspective and provides "best practices" guidance.
•  Sample forms, diagrams, charts, glossary, risk assessment worksheets, and other tools facilitate implementation of the security plan.
•  The manual is organized by security planning phases which makes the process easy to follow.
•  Sample policies simplify the policy development process and ensure the plan, once implemented, can be continuously monitored and managed.

Authors / Contributors

Table of Contents

Part I: Risk Assessment

Chapter 1 – Computer Crime Techniques

Chapter 2 – Laws, Standards, and Frameworks

Chapter 3 – Risk Assessment Process


Part II: Protective Controls

Chapter 4 – Physical Security

Chapter 5 – Authentication and Authorization

Chapter 6 – Biometric Identification

Chapter 7 – Password Management

Chapter 8 – Server Security and Management

Chapter 9 – Firewall Security and Management

Chapter 10 – Encryption Techniques

Chapter 11 – Malware Threats and Mitigation Strategies

Chapter 12 – Application Security and Controls

Chapter 13 – Security Awareness


Part III: Detective Controls

Chapter 14 – Computer Security Logs and Audit Trails

Chapter 15 – Intrusion Detection and Prevention Systems

Chapter 16 – Forensic Techniques

Chapter 17 – Information Security Assessments

Chapter 18 – Management and Organizational Controls

Chapter 19 – Systems Development and Maintenance Controls


Part IV: Security Planning and Management

Chapter 20 – Security Planning Process

Chapter 21 – IT Governance and Management

Chapter 22 – Mobile Device Management and Security

Chapter 23 – Cloud Computing and IT Outsourcing

Chapter 24 – Information Security Metrics


Part V: Response Management

Chapter 25 – Incident Response Plan

Chapter 26 – Backup and Offsite Storage

Chapter 27 – Business Continuity Planning and Management

Chapter 28Continuity of Operations Planning


Part VI: Compliance Management

Chapter 29 – External Audit

Chapter 30 – Internal IT Audit


Part VII: Working Materials

Appendix A – Risk Assessment Worksheets

Appendix B – Sample Policies

Appendix C – Exhibits

Appendix D – Glossary


Index