Business Continuity and Disaster Recovery for InfoSec ManagersElsevier, 8. apr. 2011 - 408 strani Every year, nearly one in five businesses suffers a major disruption to its data or voice networks or communications systems. Since 9/11 it has become increasingly important for companies to implement a plan for disaster recovery. This comprehensive book addresses the operational and day-to-day security management requirements of business stability and disaster recovery planning specifically tailored for the needs and requirements of an Information Security Officer. This book has been written by battle tested security consultants who have based all the material, processes and problem- solving on real-world planning and recovery events in enterprise environments world wide. John has over 25 years experience in the IT and security sector. He is an often sought management consultant for large enterprise and is currently a member of the Federal Communication Commission's Homeland Security Network Reliability and Interoperability Council Focus Group on Cybersecurity, working in the Voice over Internet Protocol workgroup. James has over 30 years experience in security operations and technology assessment as a corporate security executive and positions within the intelligence, DoD, and federal law enforcement communities. He has a Ph.D. in information systems specializing in information security and is a member of Upsilon Pi Epsilon (UPE), the International Honor Society for the Computing and Information Disciplines. He is currently an Independent Consultant. · Provides critical strategies for maintaining basic business functions when and if systems are shut down · Establishes up to date methods and techniques for maintaining second site back up and recovery · Gives managers viable and efficient processes that meet new government rules for saving and protecting data in the event of disasters |
Vsebina
| xv | |
| xix | |
Acknowledgments | lxix |
Chapter 1 Contingency and Continuity Planning | 1 |
Chapter 2 Assessing Risk | 23 |
Chapter 3 Mitigation Strategies | 97 |
Chapter 4 Preparing for a Possible Emergency | 133 |
Chapter 5 Disaster Recovery Phase | 155 |
Chapter 7 Testing Auditing and Training | 193 |
Chapter 8 Maintaining a Business Continuity Plan | 241 |
BCPDR Glossary | 253 |
General References | 275 |
A Sample Recovery Checklist | 283 |
B Physical Facility Questionnaire | 291 |
C Organizational Security Management | 295 |
| 323 | |
Druge izdaje - Prikaži vse
Business Continuity and Disaster Recovery for Infosec Managers John W. Rittinghouse,James F. Ransome Predogled ni na voljo - 2005 |
Pogosti izrazi in povedi
access control activities administrators alternate analysis applications appropriate areas assets audit backup and recovery BCP project business continuity plans business functions business processes changes communications Computer Security configuration contingency plan coordinator corporate cost critical damage determine disaster recovery phase disaster recovery plan discretionary access control disruption documents effective emergency employees ensure environment equipment event facility failure fire hackers hardware HIPAA identify impact implement incident information security information systems infrastructure Internet John the Ripper L0phtCrack loss maintenance ment monitoring necessary Nessus Nmap occur offsite operating system organization organization’s organizational outage Page/Section Password Cracking passwords personnel potential procedures protect recovery process responsible restored result risk assessment risk management security manager security policy server specific spyware storage testing threat tion types updated vendor vulnerability
Priljubljeni odlomki
Stran xxx - If two or more persons conspire either to commit any offense against the United States or to defraud the United States, or any agency thereof in any manner or for any purpose, and one or more of such persons do any act to effect the object of the conspiracy, each shall be fined not more than $10,000 or imprisoned not more than five years, or both.
Stran xxv - Auction fraud and nondelivery of payment or merchandise are both types of confidence fraud and are the most reported offenses to the IFCC. The Nigerian Letter Scam is another offense classified under confidence fraud. The Nigerian Letter Scam...