Foreword | xi | ||||
|
|||||
Introduction | 1 | (6) | |||
|
1 | (6) | |||
1. Why is information security necessary? | 7 | (12) | |||
|
8 | (1) | |||
|
9 | (1) | |||
|
10 | (1) | |||
|
11 | (3) | |||
|
14 | (2) | |||
|
16 | (1) | |||
|
17 | (2) | |||
2. The Combined Code and the Turnbull Report | 19 | (6) | |||
|
19 | (1) | |||
|
19 | (4) | |||
|
23 | (2) | |||
3. BS 7799 | 25 | (14) | |||
|
25 | (1) | |||
|
26 | (1) | |||
|
27 | (1) | |||
|
28 | (2) | |||
|
30 | (1) | |||
|
31 | (1) | |||
|
32 | (1) | |||
|
33 | (5) | |||
|
38 | (1) | |||
4. Information security management | 39 | (20) | |||
|
39 | (2) | |||
|
41 | (1) | |||
|
41 | (1) | |||
|
42 | (2) | |||
|
44 | (5) | |||
|
49 | (1) | |||
|
50 | (2) | |||
|
52 | (4) | |||
|
56 | (1) | |||
|
57 | (1) | |||
|
58 | (1) | |||
5. Information security policy and scope | 59 | (8) | |||
|
59 | (5) | |||
|
64 | (1) | |||
|
65 | (2) | |||
6. The risk assessment and statement of applicability | 67 | (18) | |||
|
67 | (12) | |||
|
79 | (2) | |||
|
81 | (1) | |||
|
82 | (1) | |||
|
83 | (2) | |||
7. Security of third party access and outsourcing | 85 | (10) | |||
|
85 | (1) | |||
|
86 | (1) | |||
|
87 | (1) | |||
|
88 | (2) | |||
|
90 | (3) | |||
|
93 | (2) | |||
8. Asset classification and control | 95 | (14) | |||
|
95 | (1) | |||
|
95 | (3) | |||
|
98 | (3) | |||
|
101 | (2) | |||
|
103 | (5) | |||
|
108 | (1) | |||
9. Personnel security | 109 | (20) | |||
|
109 | (2) | |||
|
111 | (3) | |||
|
114 | (2) | |||
|
116 | (5) | |||
|
121 | (4) | |||
|
125 | (1) | |||
|
126 | (3) | |||
10. Physical and environmental security | 129 | (10) | |||
|
129 | (8) | |||
|
137 | (2) | |||
11. Equipment security | 139 | (8) | |||
|
139 | (3) | |||
|
142 | (1) | |||
|
143 | (1) | |||
|
144 | (1) | |||
|
145 | (1) | |||
|
146 | (1) | |||
12. General security controls | 147 | (4) | |||
|
147 | (1) | |||
|
148 | (3) | |||
13. Communications and operations management | 151 | (12) | |||
|
151 | (2) | |||
|
153 | (1) | |||
|
154 | (2) | |||
|
156 | (1) | |||
|
156 | (1) | |||
|
157 | (1) | |||
|
158 | (5) | |||
14. Controls against malicious software (malware) | 163 | (8) | |||
|
163 | (1) | |||
|
164 | (2) | |||
|
166 | (1) | |||
|
167 | (2) | |||
|
169 | (2) | |||
15. Housekeeping, network management and media handling | 171 | (10) | |||
|
175 | (2) | |||
|
177 | (4) | |||
16. Exchanges of information and software | 181 | (16) | |||
|
181 | (1) | |||
|
182 | (1) | |||
|
183 | (2) | |||
|
185 | (3) | |||
|
188 | (1) | |||
|
189 | (2) | |||
|
191 | (2) | |||
|
193 | (4) | |||
17. E-mail and Internet use | 197 | (8) | |||
|
197 | (2) | |||
|
199 | (2) | |||
|
201 | (4) | |||
18. Access control | 205 | (16) | |||
|
205 | (1) | |||
|
206 | (3) | |||
|
209 | (1) | |||
|
209 | (12) | |||
19. Network access control | 221 | (12) | |||
|
221 | (4) | |||
|
225 | (8) | |||
20. Operating system access control | 233 | (6) | |||
|
233 | (1) | |||
|
234 | (1) | |||
|
235 | (1) | |||
|
235 | (1) | |||
|
236 | (1) | |||
|
237 | (1) | |||
|
237 | (1) | |||
|
237 | (2) | |||
21. Application access control | 239 | (6) | |||
|
241 | (4) | |||
22. Mobile computing and teleworking | 245 | (4) | |||
|
245 | (1) | |||
|
246 | (3) | |||
23. Systems development and maintenance | 249 | (4) | |||
|
249 | (1) | |||
|
250 | (3) | |||
24. Cryptographic controls | 253 | (6) | |||
|
254 | (1) | |||
|
255 | (1) | |||
|
256 | (1) | |||
|
256 | (1) | |||
|
257 | (2) | |||
25. Security in development and support processes | 259 | (6) | |||
|
259 | (1) | |||
|
260 | (1) | |||
|
261 | (4) | |||
26. Business continuity management | 265 | (12) | |||
|
265 | (1) | |||
|
266 | (1) | |||
|
267 | (1) | |||
|
268 | (4) | |||
|
272 | (5) | |||
27. Compliance | 277 | (18) | |||
|
277 | (6) | |||
|
283 | (4) | |||
|
287 | (1) | |||
|
288 | (1) | |||
|
289 | (1) | |||
|
289 | (1) | |||
|
290 | (1) | |||
|
291 | (2) | |||
|
|||||
|
293 | (2) | |||
28. The BS 7799 audit | 295 | (6) | |||
|
295 | (1) | |||
|
296 | (1) | |||
|
297 | (4) | |||
Appendices | 301 | (10) | |||
|
303 | (8) | |||
|
303 | (1) | |||
|
303 | (1) | |||
|
304 | (1) | |||
|
304 | (1) | |||
|
304 | (2) | |||
|
306 | (1) | |||
|
307 | (1) | |||
|
307 | (1) | |||
|
308 | (1) | |||
|
309 | (2) | |||
II. BS 7799-2:2002 | 311 | (6) | |||
III. Further reading | 317 | (2) | |||
Index | 319 |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.