Название: Practical Network Security: An auditee's guide to zero findings
Автор: Neha Saxena
Издательство: BPB Publications
Год: 2018
Страниц: 525
Язык: английский
Формат: pdf, epub
Размер: 13.1 MB

This book is a guide for Network professionals to understand real-world information security scenarios. It offers a systematic approach to prepare for security assessments including process security audits, technical security audits and Penetration tests. This book aims at training preemptive security to network professionals in order to improve their understanding of security infrastructure and policies.

With our network being exposed to a whole plethora of security threats, all technical and non-technical people are expected to be aware of security processes. Every security assessment (technical/ non-technical) leads to new findings and the cycle continues after every audit. This book explains the auditor's process and expectations and also helps an organisation prepare for any type of audit and minimise security findings.

It follows a lifecycle approach to information security by understanding:

Why we need Information security
How we can implement
How to operate securely and maintain a secure posture
How to face audits

Key Features:

It follows a lifecycle approach to information security by understanding:
Why we need Information security
How we can implement
How to operate securely and maintain a secure posture
How to face audits

What Will You Learn:

This book is solely focused on aspects of Information security that Network professionals (Network engineer, manager and trainee) need to deal with, for different types of Audits.
Information Security Basics, security concepts in detail, threat
Securing the Network focuses on network security design aspects and how policies influence network design decisions.
Secure Operations is all about incorporating security in Network operations.
Managing Audits is the real test.

Who This Book is For:
IT Heads, Network managers, Network planning engineers, Network Operation engineer or anybody interested in understanding holistic network security.

Contents:
Basics of Information Security
Threat Paradigm
Information Security Controls
Decoding Policies Standards Procedures & Guidelines
Network security design
Know your assets
Implementing Network Security
Secure Change Management
Vulnerability and Risk Management
Access Control
Capacity Management
Log Management
Network Monitoring
Information Security Audit
Technical Compliance Audit
Penetration Testing