Nanopdf PDF

Preview

Summary

Download Nanopdf PDF

Description

SECURITY

Featuring CSX™ and CISM® Exam Prep

ISACA BOOKSTORE isaca.org/bookstore

CSX ™ and CISM ® Exam

NE

CSX Cybersecurity Fundamentals Study Guide by ISACA

ISACA® (isaca.org) helps global professionals lead, adapt and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Established in 1969, ISACA is a global nonprofit association of 140,000 professionals in 180 countries. ISACA also offers the Cybersecurity Nexus™ (CSX), a holistic cybersecurity resource, and COBIT®, a business framework to govern enterprise technology.

The CSX Cybersecurity Fundamentals Study Guide is a comprehensive study aid that will help to prepare learners for the Cybersecurity Fundamentals Certificate exam. By passing the exam and agreeing to adhere to ISACA’s Code of Ethics, candidates will earn the Cybersecurity Fundamentals Certificate, a knowledge-based certificate that was developed to address the growing demand for skilled cybersecurity professionals. The CSX Cybersecurity Fundamentals Study Guide covers key areas that will be tested on the exam, including: cybersecurity concepts, security architecture principles, incident response, security of networks, systems, applications, and data, and security implications of evolving technology. Print Member: US $45.00 Non-member: US $55.00 Product Code: CSXG1

CIS Exp

by IS

The Man ques acco

The to in that ques job p is al

To h their two •

eBook Product Code: WCSXG1

•

Contact the ISACA Bookstore E-mail: [email protected] Tel: +1.847.660.5650 Fax: +1.847.253.1443

Security Resources

®

CISM Exam Prep Materials NEW!

NEW!

CISM® Review Manual, 14th Edition by ISACA The CISM® Review Manual, 14th Edition assists candidates to study and understand essential concepts in the following job practice areas: • Information Security Governance • Information Risk Management and Compliance • Information Security Program Development and Management • Information Security Incident Management Each of the book’s four chapters has been divided into two sections for focused study. Section one of each chapter contains the definitions and objectives for the four areas, as well as the corresponding tasks performed by information security managers and knowledge statements that are tested on the exam. The manual includes: • A map of the relationship of each task to the knowledge statements • A reference guide for the knowledge statements, including the relevant concepts and explanations • References to specific content in section two for each knowledge statement

CISM® Review Questions, Answers & Explanations Database—12-Month Subscription by ISACA The CISM® Review Questions, Answers & Explanations Database is a comprehensive 950-question pool of items that contains the questions from the CISM® Review Questions, Answers & Explanations Manual 8th Edition.

Other features provide the ability to select sample exams by specific job practice domain, view questions that were previously answered incorrectly and vary the length of study sessions, giving candidates the ability to customize their study approach to fit their needs.

CISM Review Questions, Answers & Explanations Database

Member: US $185.00 Non-member: US $225.00 Product Code: XMXCM15-12M

Section two of each chapter consists of reference material and content that support the knowledge statements. The material enhances CISM candidates’ knowledge and/or understanding when preparing for the CISM certification exam. Also included are definitions of terms most commonly found on the exam.

Also available in Spanish

CISM® Review Questions, Answers & Explanations Database—6-Month Extension by ISACA The CISM® Questions, Answers & Explanations Database— 6-Month Extension can only be purchased only as an extension to the CISM® Questions, Answers & Explanations Database—12-Month Subscription. The database is available via the web, allowing CISM Candidates to log in at home, at work or anywhere they have Internet connectivity. 2016

CISM Review Questions, Answers & Explanations Database

Order online at isaca.org/bookstore

by IS

Cybersecurity has evolved as a new field of interest, gaining political and societal attention. Given this magnitude, the future tasks and responsibilities associated with cybersecurity will be essential to organizational survival and profitability. This publication applies the COBIT 5 framework and its component publications to transform cybersecurity in a systemic way.

The deca the aga the e feed erad erad conc a ne even

Print Member: US $35.00 Non-member: US $60.00 Product Code: CB5TC1

Exam candidates can take sample exams with randomly selected questions and view the results by job practice domain, allowing for concentrated study in particular areas. Additionally questions generated during a study session are sorted based on previous scoring history, allowing CISM candidates to identify their strengths and weaknesses and focus their study efforts accordingly.

2016

Member: US $105.00 Non-member: US $135.00 Product Code: CM14ED

Res

by ISACA

The database is available via the web, allowing our CISM candidates to log in at home, at work or anywhere they have Internet connectivity. The database is MAC and Windows compatible.

• Self-assessment questions and explanations of the answers • Suggested resources for further study

Transforming Cybersecurity

Member: US $45.00 Non-member: US $65.00 Product Code: XMXCM15-EXT180

eBook Product Code: WCB5TC1 Free member download

Business Continuity and Disaster Recovery for IT Professionals, 2nd Edition by S. Snedaker Powerful Earthquake Triggers Tsunami in Pacific. Wildfires Burn Hundreds of Houses and Businesses in Colorado. Tornado Touches Down in Missouri. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well. The new second edition of Business Continuity and Disaster Recovery for IT Professionals gives you the most up-to-date planning and risk management techniques for business continuity and disaster recovery (BCDR). With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning. Author Susan Snedaker shares her expertise, including the most current options for disaster recovery and communication, BCDR for mobile devices, and the latest infrastructure considerations including cloud, virtualization, clustering, and more. Snedaker also provides new case studies in several business areas, along with a review of high availability and information security in healthcare IT. Member: US $70.00 Non-member: US $80.00 Product Code: 6SYN2

Sec

by IS

Sec the e Bus COB

This mob user serv

The secu and main the c prov devi and over

Security Resources Cybersecurity Guidance for Small and Medium-sized Enterprises

Implementing Cybersecurity Guidance for Small and Medium-sized Enterprises

Security Considerations for Cloud Computing

by ISACA

by ISACA

Cyber security is a topic of interest for most enterprises, regardless of their size. Cyber crime and cyber warfare are not restricted to large, multinational enterprises. Increasing numbers of small and medium-sized enterprises (SMEs) are being targeted. ISACA’s Cybersecurity Guidance for Small and Medium-sized Enterprises is designed to meet the needs of typical SMEs: reasonable security at affordable cost while helping SMEs to prepare for, and manage, typical cyber security issues, risk and threats.

SMEs need hands-on guidance for affordable and effective cybersecurity. ISACA’s Cybersecurity Guidance for Small and Medium-sized Enterprises and this Implementing Cybersecurity Guidance for Small and Medium-sized Enterprises are designed to meet the needs of typical SMEs: reasonable security at affordable cost. These publications help SMEs to prepare for, and manage, typical cybersecurity issues, risk and threats.

Another publication in the Cloud Computing Vision Series, Security Considerations for Cloud Computing presents practical guidance to facilitate the decision process for IT and business professionals who are looking to move to the cloud. It helps enable effective analysis and measurement of risk through use of decision trees and checklists outlining the security factors to be considered when evaluating the cloud as a potential solution.

Print Member: US $35.00 Non-member: US $60.00 Product Code: CSXE eBook Product Code: WCSXE

Print Member: US $35.00 Non-member: US $60.00 Product Code: CSXI eBook Product Code: WCSXI

by E. Amoroso

The STUDENT EDITION features several case studies illustrating actual implementation scenarios of the principals and requirements discussed in the text. It boasts a new and complete instructor ancillary package including test bank, IM, Ppt slides, case study questions, and more. Member: US $70.00 Non-member: US $80.00 Product Code: 11EL2

Order online at isaca.org/bookstore

Print Member: US $35.00 Non-member: US $75.00 Product Code: SCC

This implementation publication provides practical advice on how to implement cybersecurity governance, risk management, assurance and compliance using Cybersecurity Guidance for Small and Medium-sized Enterprises and its COBIT 5 foundation. Examples and cases give SMEs insights into implementing the standard.

Cyber Attacks: Protecting National Infrastructure This textbook offers a technical, architectural, and management approach to solving the problems of protecting national infrastructure and includes practical and empirically-based guidance for students wishing to become security engineers, network operators, software designers, technology managers, application developers, Chief Security Officers, etc. This book serves as an attractive framework for a new national strategy for cyber security, as each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. A specific set of criteria requirements allows students to understand how any organization, such as a government agency, integrates the principles into their local environment.

by ISACA

Advanced Persistent Threats: How to Manage the Risk to Your Business by ISACA This book explains the nature of the security phenomenon known as the advanced persistent threat (APT). It also provides helpful advice on how to assess the risk of an APT to the organization and recommends practical measures that can be taken to prevent, detect and respond to such an attack. In addition, it highlights key differences between the controls needed to counter the risk of an APT attack and those commonly used to mitigate everyday information security risk. Print Member: US $35.00 Non-member: US $60.00 Product Code: APT eBook Product Code: WAPT Free member download

eBook Product Code: WSCC Free member download

The Dar

by B

Whi inve anticove a hig favo Roo com boo curr the mat part

FISMA Compliance Handbook, Second Edition by L. Taylor This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FISMA compliant security assessment. Various topics discussed in this book include the NIST Risk Management Framework, how to characterize the sensitivity level of your system, contingency plan, system security plan development, security awareness training, privacy impact assessments, security assessments and more. Readers will learn how to obtain an Authority to Operate for an information system and what actions to take in regards to vulnerabilities and audit findings. FISMA Compliance Handbook Second Edition also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government’s technical lead for FedRAMP, the government program used to assess and authorize cloud products and services. Member: US $55.00 Non-member: US $65.00 Product Code: 15SYN

Info Fro by T

Sec secu regu From regu fram prog

Defi exam and func area cont

Security Resources Securing Cloud Services: A Pragmatic Guide to Security Architecture in the Cloud

Computer Forensics InfoSec Pro Guide

by Lee Newcombe

Find out how to excel in the field of computer forensics investigations. Learn what it takes to transition from an IT professional to a computer forensic examiner in the private sector. Written by a Certified Information Systems Security Professional, Computer Forensics: InfoSec Pro Guide is filled with real-world case studies that demonstrate the concepts covered in this book. You’ll learn how to set up a forensics lab, select hardware and software, choose forensic imaging procedures, test your tools, capture evidence from different sources, follow a sound investigative process, safely store evidence, and verify your findings. Best practices for documenting your results, preparing reports, and presenting evidence in court are also covered in this detailed resource.

This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the cloud. It is aimed at business decision makers, senior IT stakeholders, enterprise architects, information security professionals and anyone else who is interested in working with cloud services, but might be concerned about the potential security implications. Member: US $40.00 Non-member: US $50.00 Product Code: 16ITSCS

by David Cowen

Pragmatic Security Metrics: Applying Metametrics to Info Sec

The and

by W. Krag Brotby; Gary Hinson

by D

Other books on information security metrics discuss number theory and statistics in academic terms. Light on mathematics and heavy on utility, Pragmatic Security Metrics: Applying Metametrics to Info Sec breaks the mold. This is the ultimate how-to-do-it guide for security metrics. Packed with time-saving tips, the book offers easy-to-follow guidance for those struggling with security metrics. Step by step, it clearly explains how to specify, develop, use, and maintain an information security measurement system (a comprehensive suite of metrics).

Web expo infor ordin upd tech ever new app tech relat

Member: US $70.00 Non-member: US $80.00 Product Code: 55CRC

Member: US $40.00 Non-member: US $50.00 Product Code: 34MCF

There’s A New Sheriff In Town by Mary Lou Heastings This compilation is a reminder to security professionals that security is no longer about implementing the latest technologies; the role has evolved to one of adding value to the company. Security leaders must help the business understand operational risks and the business value of risk management. “ These writers have given some valuable insight that is worth the read.” – Cynthia Whitley, CISO Fortune 100 Insurance Company “ It’s like having a who’s who of security at your beck and call. Many of these contributors have the knowledge to draft a book of their own, but combined with each contributing from their field of expertise makes this book a must have for any serious Security Executive.” – Frank Artes, Vice President, Converged Security (North America) Deluxe Entertainment Services Group, Inc. Member: US $20.00 Non-member: US $30.00 Product Code: 2EA

Order online at isaca.org/bookstore

Cloud Computing—Assessing the Risks

Access Control, Security and Trust: A Logical Approach

by Jared Carstensen, Bernard Golden, JP Morgenthal

by Shiu-Kai Chin, Beth Older

Written by three internationally renowned experts, this book discusses the primary concerns of most businesses leaders regarding cloud computing, primarily: “How safe is it?”, “Is it reliable?”, “How secure will your information be?” Cloud Computing—Assessing the Risks answers these questions and many more. Using jargon-free language and relevant examples, analogies and diagrams, it is an up-to-date, clear and comprehensive guide the security, governance, risk, and compliance elements of Cloud Computing.

Access Control, Security, and Trust: A Logical Approach equips readers with an access control logic that they can use to specify and verify their security designs. Throughout the text, the authors use a single access control logic based on a simple propositional modal logic. The first part of the book presents the syntax and semantics of access control logic, basic access control concepts, and an introduction to confidentiality and integrity policies. The second section covers access control in networks, delegation, protocols and the use of cryptography. In the third section, the authors focus on hardware and virtual machines. The final part discusses confidentiality, integrity and role-based access control. Taking a logical, rigorous approach to access control, this book shows how logic is a useful tool for analyzing security designs and spelling out the conditions upon which access control decisions depend.

Member: US $40.00 Non-member: US $50.00 Product Code: 17ITCC

Member: US $100.00 Non-member: US $110.00 Product Code: 48CRC

Hac Sec by J

Prot the volu and Wire avai vuln deve hack reinf injec Cutt cord are a

Security Resources Honeypots: A New Paradigm to Information Security

Securing the Clicks: Network Security in the Age of Social Media

Hacking Exposed 7: Network Security Secrets & Solutions

Ant

by R. C. Joshi and Anjali Sardana

by Gary Bahadur, Jason Inasi and Alex de Carvalho

by Stuart McClure, Joel Scambray and George Kurtz

A well-rounded, accessible exposition of honeypots in both wired and wireless networks, this book addresses honeypots from a variety of perspectives. Case studies enhance the practical understanding of the subject, along with a strong theoretical foundation. The book covers the latest technology in information security and honeypots, including honeytokens, honeynets and honeyfarms.

Securing the Clicks: Network Security in the Age of Social Media explains the latest threats along with detailed fixes, best practices, and “from the headlines” case studies. Readers will find ways how to analyze risk, implement robust security protocols, and enforce social media usage policies. Regulatory compliance, online reputation management, and incident response are also covered in this comprehensive volume.

Hacking Exposed 7: Network Security Secrets & Solutions is filled with all new information on today’s most devastating attacks and proven countermeasures. The book covers advanced persistent threats, infrastructure hacks, industrial automation and embedded devices, wireless security, the new SCADA protocol hacks, Microsoft Windows Server 2010, Web 2.0, Unbuntu Linux, hardware, Cisco, RFID, malware, and more!

Fully secu how expl func impl realto sh actio it ea your

Member: US $140.00 Non-member: US $150.00 Product Code: 49CRC

Cybersecu...