Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings, ISBN-13: 978-0134772806

Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings, ISBN-13: 978-0134772806

[PDF eBook eTextbook]

• Publisher: ‎ Addison-Wesley Professional; 1st edition (August 31, 2018)
• Language: ‎ English
• ‎800 pages
• ISBN-10: ‎ 0134772806
• ISBN-13: ‎ 978-0134772806

William Stallings’ Effective Cybersecurity offers a comprehensive and unified explanation of the best practices and standards that represent proven, consensus techniques for implementing cybersecurity. Stallings draws on the immense work that has been collected in multiple key security documents, making this knowledge far more accessible than it has ever been before. Effective Cybersecurity is organized to align with the comprehensive Information Security Forum document The Standard of Good Practice for Information Security, but deepens, extends, and complements ISF’s work with extensive insights from the ISO 27002 Code of Practice for Information Security Controls, the NIST Framework for Improving Critical Infrastructure Cybersecurity, COBIT 5 for Information Security, and a wide spectrum of standards and guidelines documents from ISO, ITU-T, NIST, Internet RFCs, other official sources, and the professional, academic, and industry literature.

In a single expert source, current and aspiring cybersecurity practitioners will find comprehensive and usable practices for successfully implementing cybersecurity within any organization. Stallings covers:

• Security Planning: Developing approaches for managing and controlling the cybersecurity function; defining the requirements specific to a given IT environment; and developing policies and procedures for managing the security function
• Security Management: Implementing the controls to satisfy the defined security requirements
• Security Evaluation: Assuring that the security management function enables business continuity; monitoring, assessing, and improving the suite of cybersecurity controls.

Beyond requiring a basic understanding of cryptographic terminology and applications, this book is self-contained: all technology areas are explained without requiring other reference material. Each chapter contains a clear technical overview, as well as a detailed discussion of action items and appropriate policies. Stallings, author of 13 TAA Computer Science Textbooks of the Year, offers many pedagogical features designed to help readers master the material. These include: clear learning objectives, keyword lists, and glossaries to QR codes linking to relevant standards documents and web resources.

Table of Contents:

Preface xxvii

Chapter 1: Best Practices, Standards, and a Plan of Action 2

1.1 Defining Cyberspace and Cybersecurity 3

1.2 The Value of Standards and Best Practices Documents 6

1.3 The Standard of Good Practice for Information Security 7

1.4 The ISO/IEC 27000 Suite of Information Security Standards 12

ISO 27001 15

ISO 27002 17

1.5 Mapping the ISO 27000 Series to the ISF SGP 18

1.6 NIST Cybersecurity Framework and Security Documents 21

NIST Cybersecurity Framework 22

NIST Security Documents 25

1.7 The CIS Critical Security Controls for Effective Cyber Defense 27

1.8 COBIT 5 for Information Security 29

1.9 Payment Card Industry Data Security Standard (PCI DSS) 30

1.10 ITU-T Security Documents 32

1.11 Effective Cybersecurity 34

The Cybersecurity Management Process 34

Using Best Practices and Standards Documents 36

1.12 Key Terms and Review Questions 38

Key Terms 38

Review Questions 38

1.13 References 39

PART I: PLANNING FOR CYBERSECURITY 41

Chapter 2: Security Governance 42

2.1 Security Governance and Security Management 43

2.2 Security Governance Principles and Desired Outcomes 45

Principles 45

Desired Outcomes 46

2.3 Security Governance Components 47

Strategic Planning 47

Organizational Structure 51

Roles and Responsibilities 55

Integration with Enterprise Architecture 58

Policies and Guidance 63

2.4 Security Governance Approach 63

Security Governance Framework 63

Security Direction 64

Responsible, Accountable, Consulted, and Informed (RACI) Charts 66

2.5 Security Governance Evaluation 68

2.6 Security Governance Best Practices 69

2.7 Key Terms and Review Questions 70

Key Terms 70

Review Questions 71

2.8 References 71

Chapter 3: Information Risk Assessment 74

3.1 Risk Assessment Concepts 75

Risk Assessment Challenges 78

Risk Management 80

Structure of This 84

3.2 Asset Identification 85

Hardware Assets 85

Software Assets 85

Information Assets 86

Business Assets 87

Asset Register 87

3.3 Threat Identification 89

The STRIDE Threat Model 89

Threat Types 90

Sources of Information 92

3.4 Control Identification 98

3.5 Vulnerability Identification 102

Vulnerability Categories 103

National Vulnerability Database and Common Vulnerability Scoring System 103

3.6 Risk Assessment Approaches 107

Quantitative Versus Qualitative Risk Assessment 107

Simple Risk Analysis Worksheet 113

Factor Analysis of Information Risk 114

3.7 Likelihood Assessment 116

Estimating Threat Event Frequency 118

Estimating Vulnerability 119

Loss Event Frequency 121

3.8 Impact Assessment 122

Estimating the Primary Loss 124

Estimating the Secondary Loss 125

Business Impact Reference Table 126

3.9 Risk Determination 128

3.10 Risk Evaluation 128

3.11 Risk Treatment 129

Risk Reduction 130

Risk Retention 130

Risk Avoidance 130

Risk Transfer 131

3.12 Risk Assessment Best Practices 131

3.13 Key Terms and Review Questions 132

Key Terms 132

Review Questions 133

3.14 References 134

Chapter 4: Security Management 136

4.1 The Security Management Function 137

Security Planning 140

Capital Planning 142

4.2 Security Policy 145

Security Policy Categories 146

Security Policy Document Content 147

Management Guidelines for Security Policies 151

Monitoring the Policy 151

4.3 Acceptable Use Policy 152

4.4 Security Management Best Practices 154

4.5 Key Terms and Review Questions 154

Key Terms 154

Review Questions 155

4.6 References 155

PART II: MANAGING THE CYBERSECURITY FUNCTION 157

Chapter 5: People Management 160

5.1 Human Resource Security 161

Security in the Hiring Process 162

During Employment 164

Termination of Employment 165

5.2 Security Awareness and Education 166

Security Awareness 168

Cybersecurity Essentials Program 173

Role-Based Training 173

Education and Certification 174

5.3 People Management Best Practices 175

5.4 Key Terms and Review Questions 176

Key Terms 176

Review Questions 176

5.5 References 177

Chapter 6: Information Management 178

6.1 Information Classification and Handling 179

Information Classification 179

Information Labeling 185

Information Handling 186

6.2 Privacy 186

Privacy Threats 189

Privacy Principles and Policies 191

Privacy Controls 196

6.3 Document and Records Management 198

Document Management 200

Records Management 202

6.4 Sensitive Physical Information 204

6.5 Information Management Best Practices 205

6.6 Key Terms and Review Questions 206

Key Terms 206

Review Questions 207

6.7 References 208

Chapter 7: Physical Asset Management 210

7.1 Hardware Life Cycle Management 211

Planning 213

Acquisition 214

Deployment 214

Management 215

Disposition 216

7.2 Office Equipment 217

Threats and Vulnerabilities 217

Security Controls 219

Equipment Disposal 222

7.3 Industrial Control Systems 223

Differences Between IT Systems and Industrial Control Systems 225

ICS Security 227

7.4 Mobile Device Security 231

Mobile Device Technology 233

Mobile Ecosystem 234

Vulnerabilities 236

Mobile Device Security Strategy 238

Resources for Mobile Device Security 243

7.5 Physical Asset Management Best Practices 244

7.6 Key Terms and Review Questions 245

Key Terms 245

Review Questions 245

7.7 References 246

Chapter 8: System Development 248

8.1 System Development Life Cycle 248

NIST SDLC Model 249

The SGP’s SDLC Model 252

DevOps 254

8.2 Incorporating Security into the SDLC 259

Initiation Phase 260

Development/Acquisition Phase 264

Implementation/Assessment Phase 266

Operations and Maintenance Phase 270

Disposal Phase 272

8.3 System Development Management 273

System Development Methodology 274

System Development Environments 275

Quality Assurance 277

8.4 System Development Best Practices 278

8.5 Key Terms and Review Questions 278

Key Terms 278

Review Questions 279

8.6 References 279

Chapter 9: Business Application Management 280

9.1 Application Management Concepts 281

Application Life Cycle Management 281

Application Portfolio Management 283

Application Performance Management 285

9.2 Corporate Business Application Security 287

Business Application Register 287

Business Application Protection 288

Browser-Based Application Protection 289

9.3 End User-Developed Applications (EUDAs) 295

Benefits of EUDAs 296

Risks of EUDAs 296

EUDA Security Framework 297

9.4 Business Application Management Best Practices 300

9.5 Key Terms and Review Questions 301

Key Terms 301

Review Questions 302

9.6 References 302

Chapter 10: System Access 304

10.1 System Access Concepts 304

Authorization 306

10.2 User Authentication 307

A Model for Electronic User Authentication 307

Means of Authentication 310

Multifactor Authentication 311

10.3 Password-Based Authentication 312

The Vulnerability of Passwords 313

The Use of Hashed Passwords 315

Password Cracking of User-Chosen Passwords 317

Password File Access Control 319

Password Selection 320

10.4 Possession-Based Authentication 322

Memory Cards 322

Smart Cards 323

Electronic Identity Cards 325

One-Time Password Device 328

Threats to Possession-Based Authentication 329

Security Controls for Possession-Based Authentication 330

10.5 Biometric Authentication 330

Criteria for Biometric Characteristics 331

Physical Characteristics Used in Biometric Applications 332

Operation of a Biometric Authentication System 333

Biometric Accuracy 335

Threats to Biometric Authentication 337

Security Controls for Biometric Authentication 339

10.6 Risk Assessment for User Authentication 341

Authenticator Assurance Levels 341

Selecting an AAL 342

Choosing an Authentication Method 345

10.7 Access Control 347

Subjects, Objects, and Access Rights 348

Access Control Policies 349

Discretionary Access Control 350

Role-Based Access Control 351

Attribute-Based Access Control 353

Access Control Metrics 358

10.8 Customer Access 360

Customer Access Arrangements 360

Customer Contracts 361

Customer Connections 361

Protecting Customer Data 361

10.9 System Access Best Practices 362

10.10 Key Terms and Review Questions 363

Key Terms 363

Review Questions 363

10.11 References 364

Chapter 11: System Management 366

11.1 Server Configuration 368

Threats to Servers 368

Requirements for Server Security 368

11.2 Virtual Servers 370

Virtualization Alternatives 371

Virtualization Security Issues 374

Securing Virtualization Systems 376

11.3 Network Storage Systems 377

11.4 Service Level Agreements 379

Network Providers 379

Computer Security Incident Response Team 381

Cloud Service Providers 382

11.5 Performance and Capacity Management 383

11.6 Backup 384

11.7 Change Management 386

11.8 System Management Best Practices 389

11.9 Key Terms and Review Questions 390

Key Terms 390

Review Questions 390

11.10 References 391

Chapter 12: Networks and Communications 392

12.1 Network Management Concepts 393

Network Management Functions 393

Network Management Systems 399

Network Management Architecture 402

12.2 Firewalls 404

Firewall Characteristics 404

Types of Firewalls 406

Next-Generation Firewalls 414

DMZ Networks 414

The Modern IT Perimeter 416

12.3 Virtual Private Networks and IP Security 417

Virtual Private Networks 417

IPsec 418

Firewall-Based VPNs 420

12.4 Security Considerations for Network Management 421

Network Device Configuration 421

Physical Network Management 423

Wireless Access 426

External Network Connections 427

Firewalls 428

Remote Maintenance 429

12.5 Electronic Communications 430

Email 430

Instant Messaging 436

Voice over IP (VoIP) Networks 438

Telephony and Conferencing 444

12.6 Networks and Communications Best Practices 444

12.7 Key Terms and Review Questions 445

Key Terms 445

Review Questions 445

12.8 References 446

Chapter 13: Supply Chain Management and Cloud Security 448

13.1 Supply Chain Management Concepts 449

The Supply Chain 449

Supply Chain Management 451

13.2 Supply Chain Risk Management 453

Supply Chain Threats 456

Supply Chain Vulnerabilities 459

Supply Chain Security Controls 460

SCRM Best Practices 463

13.3 Cloud Computing 466

Cloud Computing Elements 466

Cloud Computing Reference Architecture 470

13.4 Cloud Security 473

Security Considerations for Cloud Computing 473

Threats for Cloud Service Users 474

Risk Evaluation 475

Best Practices 476

Cloud Service Agreement 477

13.5 Supply Chain Best Practices 478

13.6 Key Terms and Review Questions 479

Key Terms 479

Review Questions 479

13.7 References 480

Chapter 14: Technical Security Management 482

14.1 Security Architecture 483

14.2 Malware Protection Activities 487

Types of Malware 487

The Nature of the Malware Threat 490

Practical Malware Protection 490

14.3 Malware Protection Software 494

Capabilities of Malware Protection Software 494

Managing Malware Protection Software 495

14.4 Identity and Access Management 496

IAM Architecture 497

Federated Identity Management 498

IAM Planning 500

IAM Best Practices 501

14.5 Intrusion Detection 502

Basic Principles 503

Approaches to Intrusion Detection 504

Host-Based Intrusion Detection Techniques 505

Network-Based Intrusion Detection Systems 506

IDS Best Practices 508

14.6 Data Loss Prevention 509

Data Classification and Identification 509

Data States 510

14.7 Digital Rights Management 512

DRM

Effective Cybersecurity: A Guide to Using Best Practices and Standards by William Stallings, ISBN-13: 978-0134772806 quantity

Add to cart