- Applied Labs
- Table of Contents
- Course Objectives
Revised and updated with the latest data in the field, Fundamentals of Information Systems Security, Third Edition provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of the new risks, threats, and vulnerabilities associated with the transition to a digital world. Part 2 presents a high level overview of the Security+ Exam and provides students with information as they move toward this certification. The book closes with information on information security standards, education, professional certifications, and compliance laws. With its practical, conversational writing style and step-by-step examples, this text is a must-have resource for those entering the world of information systems security.
- Maps fully to the six major domains of the CompTIA Security+ SY0-401 Certification exam
- Updated to include coverage on recent compliance law and standards updates, including FISMA, NIST SP800-171, and PCI DSS v3.2
- New content on advanced malware and APT attacks to the end points such as ransomware and crypto locker
- Addresses data breach and data breach incident response planning
- Introduces recent “Internet of Things” risk threats and privacy issues
- Available with the Virtual Security Cloud Labs which provide a hands-on, immersive mock IT infrastructure enabling students to test their skills with realistic security scenarios
This title is available with Virtual Security Cloud Labs – delivered in a first-of-its-kind cloud computing environment- that provides a fully immersive mock IT infrastructure enabling hands-on-experiential learning. An integrated lab manual is available to assist you with these labs.
|Lab #1:||Performing Reconnaissance and Probing Using Common Tools|
|Lab #2:||Performing a Vulnerability Assessment|
|Lab #3:||Enabling Windows Active Directory and User Access Controls|
|Lab #4:||Using Group Policy Objects and Microsoft Baseline Security Analyzer for Change Control|
|Lab #5:||Performing Packet Capture and Traffic Analysis|
|Lab #6:||Implementing a Business Continuity Plan|
|Lab #7:||Using Encryption to Enhance Confidentiality and Integrity|
Performing a Web Site and Database Attack by Exploiting
|Lab #9:||Eliminating Threats with a Layered Security Approach|
|Lab #10:||Implementing an Information Systems Security Policy|
|Part 1: The Need for Information Security|
|Chapter 1:||Information Systems Security|
|Chapter 2:||The Internet of Things is Changing How We Live|
|Chapter 3:||Malicious Attacks, Threats, and Vulnerabilities|
|Chapter 4:||The Drivers of the Information Security Business|
|Part 2: Securing Today’s Information Systems|
|Chapter 5:||Access Controls|
|Chapter 6:||Security Operations and Administration|
|Chapter 7:||Auditing, Testing, and Monitoring|
|Chapter 8:||Risk, Response, and Recovery|
|Chapter 10:||Networks and Telecommunications|
|Chapter 11:||Malicious Code and Activity|
|Part 3: Information Security Standards, Education, Certification, and Laws|
|Chapter 12:||Information Security Standards|
|Chapter 13:||Information Systems Security Education and Training|
|Chapter 14:||Information Security Professional Certifications|
|Chapter 15:||US Compliance Laws|
- Explain the concepts of information systems security as applied to an IT infrastructure.
- Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
- Explain the role of access controls in implementing a security policy.
- Explain the role of operations and administration in effective implementation of security policy.
- Explain the importance of security audits, testing, and monitoring to effective security policy.
- Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.
- Explain how businesses apply cryptography in maintaining information security.
- Analyze the importance of network principles and architecture to security operations.
- Explain the means attackers use to compromise systems and networks and defenses used by organizations.
- Apply international and domestic information security standards and compliance laws to real-world implementation in both the private and public sector.
Instructor Resources include: