Infosec Strategies and Best Practices

Infosec Strategies and Best Practices

In this book, we will cover various topics within the information security (InfoSec) domain, and help you to translate your organization’s strategic requirements into actionable improvements in securing their most valuable assets.

You can expect to learn about a wide range of InfoSec paradigms, including the foundations of risk management, implementing processes and controls, designing information systems securely, and managing the day-to-day activities required to ensure security is maintained at your organization.

Upon completion, you should be well on your way toward converting the theory of your InfoSec certifications into actionable and practical changes you can make to ensure your organization is more secure. Beyond that, delving deeper into any and all of the topics covered in this book will help you to progress in your career as an InfoSec professional.

Who this book is for

This book is for those who are looking to begin (or have recently begun) working in an InfoSec role. Perhaps you’ve been taking courses and studying for an industry-standard certification such as the CISSP or CISM, but you’re looking for a way to convert the concepts (and seemingly endless number of acronyms) from theory into practice and start making a difference in your day-to-day work at your organization.

What this book covers

Chapter 1, InfoSec and Risk Management, establishes the core principles of InfoSec and ensures the topics central to the discipline are well-understood.

Chapter 2, Protecting the Security of Assets, implements effective processes to ensure you can identify the assets of an organization and avoid common pitfalls that InfoSec professionals encounter.

Chapter 3, Designing Secure Information Systems, explores how to assess architectures and systems for vulnerabilities and mitigate those vulnerabilities with controls, including cryptography.

Chapter 4, Designing and Protecting Network Security, covers designing secure network systems, selecting the appropriate network components, and ensuring their effectiveness for your organization’s requirements.

Chapter 5, Controlling Access and Managing Identity, examines both physical and digital access to your organization, and the various aspects of selecting and implementing the appropriate identity and access management controls.

Chapter 6, Designing and Managing Security Testing Processes, covers adopting a mindset of continuous improvement by testing existing implementations and utilizing any findings to optimize your InfoSec program.

Chapter 7, Owning Security Operations, covers aligning the day-to-day tasks involved with maintaining InfoSec to an organization’s strategies.

Chapter 8, Improving the Security of Software, covers enforcing secure practices in procuring and developing software.


  • 关于本书的内容介绍、目录、详情等请在 AmazonGoolge Books 等售书网站搜索查看,本站仅展示封面作为参考。
  • 如无特殊说明,本站提供的所有pdf均为文字版(aka True PDF or Digitally Created PDF)。
  • 本站已经列出的所有图书均可以找到。
  • 收到PDF链接之后建议尽快下载或者保存到自己的百度网盘,防止链接过期失效。


扫描下方二维码添加微信号 bookyage 回复本书编号 217093 即可,我们会尽快(一般24小时之内)将本书PDF文件以百度网盘链接的形式发送给您。