75.3% OFF

Effective Cybersecurity: A Guide to Using Best Practices and Standards William Stallings, ISBN-13: 978-0134772806

$12.35

Description

Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings, ISBN-13: 978-0134772806

[PDF eBook eTextbook]

  • Publisher: ‎ Addison-Wesley Professional; 1st edition (August 31, 2018)
  • Language: ‎ English
  • 800 pages
  • ISBN-10: ‎ 0134772806
  • ISBN-13: ‎ 978-0134772806

William Stallings’ Effective Cybersecurity offers a comprehensive and unified explanation of the best practices and standards that represent proven, consensus techniques for implementing cybersecurity. Stallings draws on the immense work that has been collected in multiple key security documents, making this knowledge far more accessible than it has ever been before. Effective Cybersecurity is organized to align with the comprehensive Information Security Forum document The Standard of Good Practice for Information Security, but deepens, extends, and complements ISF’s work with extensive insights from the ISO 27002 Code of Practice for Information Security Controls, the NIST Framework for Improving Critical Infrastructure Cybersecurity, COBIT 5 for Information Security, and a wide spectrum of standards and guidelines documents from ISO, ITU-T, NIST, Internet RFCs, other official sources, and the professional, academic, and industry literature.

In a single expert source, current and aspiring cybersecurity practitioners will find comprehensive and usable practices for successfully implementing cybersecurity within any organization. Stallings covers:

  • Security Planning: Developing approaches for managing and controlling the cybersecurity function; defining the requirements specific to a given IT environment; and developing policies and procedures for managing the security function
  • Security Management: Implementing the controls to satisfy the defined security requirements
  • Security Evaluation: Assuring that the security management function enables business continuity; monitoring, assessing, and improving the suite of cybersecurity controls.

Beyond requiring a basic understanding of cryptographic terminology and applications, this book is self-contained: all technology areas are explained without requiring other reference material. Each chapter contains a clear technical overview, as well as a detailed discussion of action items and appropriate policies. Stallings, author of 13 TAA Computer Science Textbooks of the Year, offers many pedagogical features designed to help readers master the material. These include: clear learning objectives, keyword lists, and glossaries to QR codes linking to relevant standards documents and web resources.

Table of Contents:

Preface xxvii

Chapter 1: Best Practices, Standards, and a Plan of Action 2

1.1 Defining Cyberspace and Cybersecurity 3

1.2 The Value of Standards and Best Practices Documents 6

1.3 The Standard of Good Practice for Information Security 7

1.4 The ISO/IEC 27000 Suite of Information Security Standards 12

ISO 27001 15

ISO 27002 17

1.5 Mapping the ISO 27000 Series to the ISF SGP 18

1.6 NIST Cybersecurity Framework and Security Documents 21

NIST Cybersecurity Framework 22

NIST Security Documents 25

1.7 The CIS Critical Security Controls for Effective Cyber Defense 27

1.8 COBIT 5 for Information Security 29

1.9 Payment Card Industry Data Security Standard (PCI DSS) 30

1.10 ITU-T Security Documents 32

1.11 Effective Cybersecurity 34

The Cybersecurity Management Process 34

Using Best Practices and Standards Documents 36

1.12 Key Terms and Review Questions 38

Key Terms 38

Review Questions 38

1.13 References 39

PART I: PLANNING FOR CYBERSECURITY 41

Chapter 2: Security Governance 42

2.1 Security Governance and Security Management 43

2.2 Security Governance Principles and Desired Outcomes 45

Principles 45

Desired Outcomes 46

2.3 Security Governance Components 47

Strategic Planning 47

Organizational Structure 51

Roles and Responsibilities 55

Integration with Enterprise Architecture 58

Policies and Guidance 63

2.4 Security Governance Approach 63

Security Governance Framework 63

Security Direction 64

Responsible, Accountable, Consulted, and Informed (RACI) Charts 66

2.5 Security Governance Evaluation 68

2.6 Security Governance Best Practices 69

2.7 Key Terms and Review Questions 70

Key Terms 70

Review Questions 71

2.8 References 71

Chapter 3: Information Risk Assessment 74

3.1 Risk Assessment Concepts 75

Risk Assessment Challenges 78

Risk Management 80

Structure of This 84

3.2 Asset Identification 85

Hardware Assets 85

Software Assets 85

Information Assets 86

Business Assets 87

Asset Register 87

3.3 Threat Identification 89

The STRIDE Threat Model 89

Threat Types 90

Sources of Information 92

3.4 Control Identification 98

3.5 Vulnerability Identification 102

Vulnerability Categories 103

National Vulnerability Database and Common Vulnerability Scoring System 103

3.6 Risk Assessment Approaches 107

Quantitative Versus Qualitative Risk Assessment 107

Simple Risk Analysis Worksheet 113

Factor Analysis of Information Risk 114

3.7 Likelihood Assessment 116

Estimating Threat Event Frequency 118

Estimating Vulnerability 119

Loss Event Frequency 121

3.8 Impact Assessment 122

Estimating the Primary Loss 124

Estimating the Secondary Loss 125

Business Impact Reference Table 126

3.9 Risk Determination 128

3.10 Risk Evaluation 128

3.11 Risk Treatment 129

Risk Reduction 130

Risk Retention 130

Risk Avoidance 130

Risk Transfer 131

3.12 Risk Assessment Best Practices 131

3.13 Key Terms and Review Questions 132

Key Terms 132

Review Questions 133

3.14 References 134

Chapter 4: Security Management 136

4.1 The Security Management Function 137

Security Planning 140

Capital Planning 142

4.2 Security Policy 145

Security Policy Categories 146

Security Policy Document Content 147

Management Guidelines for Security Policies 151

Monitoring the Policy 151

4.3 Acceptable Use Policy 152

4.4 Security Management Best Practices 154

4.5 Key Terms and Review Questions 154

Key Terms 154

Review Questions 155

4.6 References 155

PART II: MANAGING THE CYBERSECURITY FUNCTION 157

Chapter 5: People Management 160

5.1 Human Resource Security 161

Security in the Hiring Process 162

During Employment 164

Termination of Employment 165

5.2 Security Awareness and Education 166

Security Awareness 168

Cybersecurity Essentials Program 173

Role-Based Training 173

Education and Certification 174

5.3 People Management Best Practices 175

5.4 Key Terms and Review Questions 176

Key Terms 176

Review Questions 176

5.5 References 177

Chapter 6: Information Management 178

6.1 Information Classification and Handling 179

Information Classification 179

Information Labeling 185

Information Handling 186

6.2 Privacy 186

Privacy Threats 189

Privacy Principles and Policies 191

Privacy Controls 196

6.3 Document and Records Management 198

Document Management 200

Records Management 202

6.4 Sensitive Physical Information 204

6.5 Information Management Best Practices 205

6.6 Key Terms and Review Questions 206

Key Terms 206

Review Questions 207

6.7 References 208

Chapter 7: Physical Asset Management 210

7.1 Hardware Life Cycle Management 211

Planning 213

Acquisition 214

Deployment 214

Management 215

Disposition 216

7.2 Office Equipment 217

Threats and Vulnerabilities 217

Security Controls 219

Equipment Disposal 222

7.3 Industrial Control Systems 223

Differences Between IT Systems and Industrial Control Systems 225

ICS Security 227

7.4 Mobile Device Security 231

Mobile Device Technology 233

Mobile Ecosystem 234

Vulnerabilities 236

Mobile Device Security Strategy 238

Resources for Mobile Device Security 243

7.5 Physical Asset Management Best Practices 244

7.6 Key Terms and Review Questions 245

Key Terms 245

Review Questions 245

7.7 References 246

Chapter 8: System Development 248

8.1 System Development Life Cycle 248

NIST SDLC Model 249

The SGP’s SDLC Model 252

DevOps 254

8.2 Incorporating Security into the SDLC 259

Initiation Phase 260

Development/Acquisition Phase 264

Implementation/Assessment Phase 266

Operations and Maintenance Phase 270

Disposal Phase 272

8.3 System Development Management 273

System Development Methodology 274

System Development Environments 275

Quality Assurance 277

8.4 System Development Best Practices 278

8.5 Key Terms and Review Questions 278

Key Terms 278

Review Questions 279

8.6 References 279

Chapter 9: Business Application Management 280

9.1 Application Management Concepts 281

Application Life Cycle Management 281

Application Portfolio Management 283

Application Performance Management 285

9.2 Corporate Business Application Security 287

Business Application Register 287

Business Application Protection 288

Browser-Based Application Protection 289

9.3 End User-Developed Applications (EUDAs) 295

Benefits of EUDAs 296

Risks of EUDAs 296

EUDA Security Framework 297

9.4 Business Application Management Best Practices 300

9.5 Key Terms and Review Questions 301

Key Terms 301

Review Questions 302

9.6 References 302

Chapter 10: System Access 304

10.1 System Access Concepts 304

Authorization 306

10.2 User Authentication 307

A Model for Electronic User Authentication 307

Means of Authentication 310

Multifactor Authentication 311

10.3 Password-Based Authentication 312

The Vulnerability of Passwords 313

The Use of Hashed Passwords 315

Password Cracking of User-Chosen Passwords 317

Password File Access Control 319

Password Selection 320

10.4 Possession-Based Authentication 322

Memory Cards 322

Smart Cards 323

Electronic Identity Cards 325

One-Time Password Device 328

Threats to Possession-Based Authentication 329

Security Controls for Possession-Based Authentication 330

10.5 Biometric Authentication 330

Criteria for Biometric Characteristics 331

Physical Characteristics Used in Biometric Applications 332

Operation of a Biometric Authentication System 333

Biometric Accuracy 335

Threats to Biometric Authentication 337

Security Controls for Biometric Authentication 339

10.6 Risk Assessment for User Authentication 341

Authenticator Assurance Levels 341

Selecting an AAL 342

Choosing an Authentication Method 345

10.7 Access Control 347

Subjects, Objects, and Access Rights 348

Access Control Policies 349

Discretionary Access Control 350

Role-Based Access Control 351

Attribute-Based Access Control 353

Access Control Metrics 358

10.8 Customer Access 360

Customer Access Arrangements 360

Customer Contracts 361

Customer Connections 361

Protecting Customer Data 361

10.9 System Access Best Practices 362

10.10 Key Terms and Review Questions 363

Key Terms 363

Review Questions 363

10.11 References 364

Chapter 11: System Management 366

11.1 Server Configuration 368

Threats to Servers 368

Requirements for Server Security 368

11.2 Virtual Servers 370

Virtualization Alternatives 371

Virtualization Security Issues 374

Securing Virtualization Systems 376

11.3 Network Storage Systems 377

11.4 Service Level Agreements 379

Network Providers 379

Computer Security Incident Response Team 381

Cloud Service Providers 382

11.5 Performance and Capacity Management 383

11.6 Backup 384

11.7 Change Management 386

11.8 System Management Best Practices 389

11.9 Key Terms and Review Questions 390

Key Terms 390

Review Questions 390

11.10 References 391

Chapter 12: Networks and Communications 392

12.1 Network Management Concepts 393

Network Management Functions 393

Network Management Systems 399

Network Management Architecture 402

12.2 Firewalls 404

Firewall Characteristics 404

Types of Firewalls 406

Next-Generation Firewalls 414

DMZ Networks 414

The Modern IT Perimeter 416

12.3 Virtual Private Networks and IP Security 417

Virtual Private Networks 417

IPsec 418

Firewall-Based VPNs 420

12.4 Security Considerations for Network Management 421

Network Device Configuration 421

Physical Network Management 423

Wireless Access 426

External Network Connections 427

Firewalls 428

Remote Maintenance 429

12.5 Electronic Communications 430

Email 430

Instant Messaging 436

Voice over IP (VoIP) Networks 438

Telephony and Conferencing 444

12.6 Networks and Communications Best Practices 444

12.7 Key Terms and Review Questions 445

Key Terms 445

Review Questions 445

12.8 References 446

Chapter 13: Supply Chain Management and Cloud Security 448

13.1 Supply Chain Management Concepts 449

The Supply Chain 449

Supply Chain Management 451

13.2 Supply Chain Risk Management 453

Supply Chain Threats 456

Supply Chain Vulnerabilities 459

Supply Chain Security Controls 460

SCRM Best Practices 463

13.3 Cloud Computing 466

Cloud Computing Elements 466

Cloud Computing Reference Architecture 470

13.4 Cloud Security 473

Security Considerations for Cloud Computing 473

Threats for Cloud Service Users 474

Risk Evaluation 475

Best Practices 476

Cloud Service Agreement 477

13.5 Supply Chain Best Practices 478

13.6 Key Terms and Review Questions 479

Key Terms 479

Review Questions 479

13.7 References 480

Chapter 14: Technical Security Management 482

14.1 Security Architecture 483

14.2 Malware Protection Activities 487

Types of Malware 487

The Nature of the Malware Threat 490

Practical Malware Protection 490

14.3 Malware Protection Software 494

Capabilities of Malware Protection Software 494

Managing Malware Protection Software 495

14.4 Identity and Access Management 496

IAM Architecture 497

Federated Identity Management 498

IAM Planning 500

IAM Best Practices 501

14.5 Intrusion Detection 502

Basic Principles 503

Approaches to Intrusion Detection 504

Host-Based Intrusion Detection Techniques 505

Network-Based Intrusion Detection Systems 506

IDS Best Practices 508

14.6 Data Loss Prevention 509

Data Classification and Identification 509

Data States 510

14.7 Digital Rights Management 512

DRM Structure and Components 513

DRM Best Practices 515

14.8 Cryptographic Solutions 517

Uses of Cryptography 517

Cryptographic Algorithms 518

Selection of Cryptographic Algorithms and Lengths 525

Cryptography Implementation Considerations 526

14.9 Cryptographic Key Management 528

Key Types 530

Cryptoperiod 532

Key Life Cycle 534

14.10 Public Key Infrastructure 536

Public Key Certificates 536

PKI Architecture 538

Management Issues 540

14.11 Technical Security Management Best Practices 541

14.12 Key Terms and Review Questions 543

Key Terms 543

Review Questions 543

14.13 References 544

Chapter 15: Threat and Incident Management 546

15.1 Technical Vulnerability Management 547

Plan Vulnerability Management 547

Discover Known Vulnerabilities 548

Scan for Vulnerabilities 549

Log and Report 551

Remediate Vulnerabilities 551

15.2 Security Event Logging 554

Security Event Logging Objective 556

Potential Security Log Sources 556

What to Log 557

Protection of Log Data 557

Log Management Policy 558

15.3 Security Event Management 559

SEM Functions 560

SEM Best Practices 561

15.4 Threat Intelligence 563

Threat Taxonomy 564

The Importance of Threat Intelligence 566

Gathering Threat Intelligence 568

Threat Analysis 569

15.5 Cyber Attack Protection 570

Cyber Attack Kill Chain 570

Protection and Response Measures 573

Non-Malware Attacks 576

15.6 Security Incident Management Framework 577

Objectives of Incident Management 579

Relationship to Information Security Management System 579

Incident Management Policy 580

Roles and Responsibilities 581

Incident Management Information 583

Incident Management Tools 583

15.7 Security Incident Management Process 584

Preparing for Incident Response 585

Detection and Analysis 586

Containment, Eradication, and Recovery 587

Post-Incident Activity 588

15.8 Emergency Fixes 590

15.9 Forensic Investigations 592

Prepare 593

Identify 594

Collect 594

Preserve 595

Analyze 595

Report 596

15.10 Threat and Incident Management Best Practices 597

15.11 Key Terms and Review Questions 598

Key Terms 598

Review Questions 599

15.12 References 599

Chapter 16: Local Environment Management 602

16.1 Local Environment Security 602

Local Environment Profile 603

Local Security Coordination 604

16.2 Physical Security 606

Physical Security Threats 606

Physical Security Officer 609

Defense in Depth 610

Physical Security: Prevention and Mitigation Measures 612

Physical Security Controls 615

16.3 Local Environment Management Best Practices 619

16.4 Key Terms and Review Questions 620

Key Terms 620

Review Questions 620

16.5 References 621

Chapter 17: Business Continuity 622

17.1 Business Continuity Concepts 625

Threats 626

Business Continuity in Operation 628

Business Continuity Objectives 629

Essential Components for Maintaining Business Continuity 630

17.2 Business Continuity Program 630

Governance 631

Business Impact Analysis 631

Risk Assessment 632

Business Continuity Strategy 634

17.3 Business Continuity Readiness 637

Awareness 637

Training 638

Resilience 639

Control Selection 640

Business Continuity Plan 642

Exercising and Testing 647

Performance Evaluation 650

17.4 Business Continuity Operations 655

Emergency Response 655

Crisis Management 656

Business Recovery/Restoration 657

17.5 Business Continuity Best Practices 660

17.6 Key Terms and Review Questions 661

Key Terms 661

Review Questions 661

17.7 References 662

PART III: SECURITY ASSESSMENT 665

Chapter 18: Security Monitoring and Improvement 666

18.1 Security Audit 666

Security Audit and Alarms Model 667

Data to Collect for Auditing 668

Internal and External Audit 672

Security Audit Controls 673

18.2 Security Performance 678

Security Performance Measurement 678

Security Monitoring and Reporting 686

Information Risk Reporting 688

Information Security Compliance Monitoring 690

18.3 Security Monitoring and Improvement Best Practices 691

18.4 Key Terms and Review Questions 692

Key Terms 692

Review Questions 692

18.5 References 693

Appendix A: References and Standards 694

Appendix B: Glossary 708

Index 726

Dr. William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer security, computer networking, and computer architecture. He has authored 18 textbooks, and, counting revised editions, a total of 70 books on various aspects of these subjects. His writings have appeared in numerous ACM and IEEE publications, including the Proceedings of the IEEE and ACM Computing Reviews. He is a 13-time recipient of the award for the best computer science textbook of the year from the Text and Academic Authors Association.

In more than 30 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. He has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. Currently, he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions.

He created and maintains the Computer Science Student Resource Site at ComputerScienceStudent.com/. This site provides documents and links on a variety of subjects of general interest to computer science students (and professionals). He is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology.

Dr. Stallings holds a Ph.D. from M.I.T. in Computer Science and a B.S. from Notre Dame in Electrical Engineering.

What makes us different?

• Instant Download

• Always Competitive Pricing

• 100% Privacy

• FREE Sample Available

• 24-7 LIVE Customer Support

Reviews

There are no reviews yet.

Be the first to review “Effective Cybersecurity: A Guide to Using Best Practices and Standards William Stallings, ISBN-13: 978-0134772806”
Cart
Your cart is currently empty.