Exploring Getting Started with Computing Concepts
Author: Robert T Grauer
The Exploring series helps students master the How and Why of performing tasks in Office to gain a greater understanding of how to use the individual applications together to solve business problems. Exploring titles feature Perfect pages where every step of every hands-on exercise as well as every end-of-chapter problem begins on a new page and has its own screen shot to make it easier to follow. Each chapter contains Hands-on Exercises, Capstone Exercises, and Mini-Cases for practicing and reviewing skills acquired.
Ideal for students and individuals seeking a comprehensive introduction to computer concepts for Microsoft Office 2007.
See also: The Leaders We Need or Presidential Humor
Managing Information Security Risks: The OCTAVE Approach
Author: Christopher J Alberts
Information security requires far more than the latest tool or technology. Organizations must understand exactly what they are trying to protect--and why--before selecting specific solutions. Security issues are complex and often are rooted in organizational and business concerns. A careful evaluation of security needs and risks in this broader context must precede any security implementation to insure that all the relevant, underlying problems are first uncovered.
The OCTAVE approach for self-directed security evaluations was developed at the influential CERT(R) Coordination Center. This approach is designed to help you:
- Identify and rank key information assets
- Weigh threats to those assets
- Analyze vulnerabilities involving both technology and practices
OCTAVE(SM) enables any organization to develop security priorities based on the organization's particular business concerns. The approach provides a coherent framework for aligning security actions with overall objectives.
Managing Information Security Risks, written by the developers of OCTAVE, is the complete and authoritative guide to its principles and implementations. The book:
- Provides a systematic way to evaluate and manage information security risks
- Illustrates the implementation of self-directed evaluations
- Shows how to tailor evaluation methods to different types of organizations
Special features of the book include:
- A running example to illustrate important concepts and techniques
- A convenient set of evaluation worksheets
- A catalog of best practices to which organizations can comparetheir own
0321118863B05172002
Booknews
Written for people who manage information security risks for their organizations, this book details a security risk evaluation approach called "OCTAVE." The book provides a framework for systematically evaluating and managing security risks, illustrates the implementation of self-directed evaluations, and shows how to tailor evaluation methods to the needs of specific organizations. A running example illustrates key concepts and techniques. Evaluation worksheets and a catalog of best practices are included. The authors are on the technical staff of the Software Engineering Institute. Annotation c. Book News, Inc., Portland, OR
Table of Contents:
| List of Figures | ||
| List of Tables | ||
| Preface | ||
| Acknowledgments | ||
| Pt. I | Introduction | 1 |
| Ch. 1 | Managing Information Security Risks | 3 |
| Ch. 2 | Principles and Attributes of Information Security Risk Evaluations | 17 |
| Pt. II | The OCTAVE Method | 41 |
| Ch. 3 | Introduction to the OCTAVE Method | 43 |
| Ch. 4 | Preparing for OCTAVE | 59 |
| Ch. 5 | Identifying Organizational Knowledge (Processes 1 to 3) | 81 |
| Ch. 6 | Creating Threat Profiles (Process 4) | 109 |
| Ch. 7 | Identifying Key Components (Process 5) | 137 |
| Ch. 8 | Evaluating Selected Components (Process 6) | 157 |
| Ch. 9 | Conducting the Risk Analysis (Process 7) | 169 |
| Ch. 10 | Developing a Protection Strategy - Workshop A (Process 8A) | 191 |
| Ch. 11 | Developing a Protection Strategy - Workshop B (Process 8B) | 227 |
| Pt. III | Variations on the OCTAVE Approach | 239 |
| Ch. 12 | An Introduction to Tailoring OCTAVE | 241 |
| Ch. 13 | Practical Applications | 255 |
| Ch. 14 | Information Security Risk Management | 275 |
| Glossary | 293 | |
| Bibliography | 301 | |
| App. A | Case Scenario for the OCTAVE Method | 311 |
| App. B: Worksheets | 363 | |
| App. C: Catalog of Practices | 443 | |
| About the Authors | 457 | |
| Index | 461 |
No comments:
Post a Comment