Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues [Paperback]

Merrill Warkentin , Rayford Vaughn


Available from these sellers.


Formats

Amazon Price New from Used from
Hardcover CDN $79.68  
Paperback --  
Join Amazon Student in Canada


Book Description

February 2006
"Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues" brings together authoritative authors to address one of the most pressing challenges in the IT field - how to create secure environments for the application of technology to serve future needs. This book bridges the gap between theory and practice, academia and industry, computer science and MIS. The chapters provide an integrated, holistic perspective on this complex set of challenges, supported with practical experiences of leading figures from all realms. "Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues" provides an excellent collection for corporate executives who are charged with securing their systems and data, students studying the topic of business information security, and those who simply have an interest in this exciting topic.

Product Details

  • Paperback: 406 pages
  • Publisher: IGI Global (February 2006)
  • Language: English
  • ISBN-10: 1591409128
  • ISBN-13: 978-1591409120
  • Product Dimensions: 25.1 x 17.3 x 2.3 cm
  • Shipping Weight: 658 g

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 5.0 out of 5 stars  1 review
0 of 1 people found the following review helpful
5.0 out of 5 stars If you know more than nothing but not a lot... May 8 2007
By Amazon Customer - Published on Amazon.com
Format:Hardcover
I took a class for A+ and CCNA, but never certified. I also took a class in Net+ and decided to go get certified there. I worked for about five months as a tech-support technician and have build a few computers. So, that's my background. With a BS in History I decided to go for a master degree in Information Systems Security...you see the connection right? Actually I'm looking to turn a hobby into a profession, naturally not having a BS in CIS or CS I was typically worried about the course. This book had been a tremendous help. I use this book more than any other individual book, to include the course books. My masters degree will be a management degree and that is what this book is geared for...as the title indicates.

I knew about routers, networks, basic security like strong passwords, AND since I'm an army reservist I'm familiar the concept of Risk Management; however, I knew ZERO about E-Commerce, E-Business, Security Policies, planning and implementing IT Architecture, etc. This book took me through the whole gambit step by step. It has diagrams that are logical yet simple to understand. Do you know what Defense-in-Depth is? -or put another way- How about the concept of Security in Layers? This book will explain it from outside in, top to bottom, and front to back. What about encryption? What's new and what's obsolete? This book was published in 2006, so it's still pretty current.

The book breaks down a typical E-Business environment into easily understood models taking you from the customer outside the Internet or the corporate staff person logging onto a corporate network...to a Business Logic Layer of web servers and application servers...to the Data Layer of database servers and directory servers. It covers security from outside the perimeter of firewalls and routers to hardening the internal database applications. You want to know what security access controls encompass? This books covers complete security domain profiles.

I will say that the matrix definition/method equations covered in Chapter VII were not exactly written at what I would call a beginners level, so I'm glad my classes haven't covered that. Wheew.

There are plenty of examples and definitions to illustrate covered materials. The chapters are as follows:

Ch I: A Model of Information Security Governance for E-Business

Ch II: IT Security Governance and Centralized Security Controls

Ch III: Case Study of Implemented Information Systems Security Policy

Ch IV: Malware and Antivirus Deployment for Enterprise Security

Ch V: The impact of the Sarbanes-Oxley (SOX) Act on Information Security

Ch VI: A Security Blueprint for E-Business Applications

Ch VII: Security Management for an E-Enterprise

Ch VIII: Implementing IT Security for Small & Medium Enterprises

Ch IX: E-Commerce Security

Ch X: The Survivability Principle: IT-Enabled Dispersal of Organizational Capitol

Ch XI: Security Engineering: IT is all about control and assurance objectives

Ch XII: High Assurance Products in IT Security

Ch XIII: The Demilitarized Zone as an Information Protection Network

Ch XIV: Software Security Engineering: Toward unifying software engineering and security engineering

Ch XV: Wireless Security

Ch XVI: Intrusion Detection and Response

Ch XVII: Deploying Honeynets

Ch XVIII: Steganography and Steganalysis

Ch XIX: Designing Secure Data Warehouses

Ch XX: Digital Forensics

Ch XXI: A Comparison of Authentication, Authorization, and Auditing in Windows and Linux

Ch XXII: Taxonomies of User-Authentication Methods in Computer Networks

Ch XXIII: Identity Management: A comprehensive approach to ensuring a secure network infrastructure

This book covers just about everything you need to know about what goes into developing a comprehensive security policy. At least for someone like me who has had no technical experience as a working IT professional in management writing security policies or as a technician employing vulnerability exploitation tools for penetration testing...it provided what I needed...and still does.

Look for similar items by category


Feedback