Network Security Policy
Douglas E. Comer is a renowned professor at the University of Purdue where he majors in teaching courses in computer networking. This book is used by professionals around the world to familiarize themselves about the internet in onsite presentations and at professional conferences. In this book we come to familiarize ourselves with the concepts used in networking and how the internet functions. It expounds more on the type of devices used in networking such as the routers, firewalls, switches and wireless devices. It also states in broad, how the internet relates with the network, how the networking devices provides the required security to devices that want to access the internet. It relates clearly more on networking and internet and its best suited to provide more knowledge coverage.
This is a book that focusses on new, threats, vulnerabilities and risks in a digital world. The need for information security has been brought about by the need to integrate the internet and broadband communications. In addition to this, organizations are enforced to take into account the compliance laws required to secure and protect privacy data and also reduce liability. In this book, David Kim takes the readers through the fundamentals of the information security adapted from the official (ISC) 2 SSCP CBK) Study Guide. It is also intended to all those individuals who aspire to acquire a System Security Certified Professional certification which enables users with the readers with more details in compliance laws, education, and careers. The book is therefore unique to the others because it offers a comprehensive outline of what information security involves.
This book majorly deals with setting up of security regulations and standards to counter the threats posed by cybercriminals. It also gives an idea of the complete roadmap to complete implementation and adaptation of a security program based on SO/IEC 17799:2005 (27002) Code of Practice for Information Security Management. Timothy Layton, in this book describes a detailed risk assessment methodology, an information security evaluation process and a risk assessment model. He also present a planned security baseline for all organizations, an executive summary of the ISO/IEC 17799 standard, and a gap analysis exposing the differences between the recently rescinded version and the newly released version of the standard. Finally, he dedicates individual chapters to each of the 11 control areas defined in the standard, covering systematically the 133 controls within the 39 control objectives.
This book provide guidance to partners and employees, give coherent procedures and policies and satisfy legal requirements. Thomas Peltier gives professionals a wide variety of information required to develop materials that are appropriate. Information security fundamentals such as the threats, risk management and controls are first introduced followed by other chapters that deals with mission statements, policies, procedures and standards that are necessary for the network security. It also states the responsibilities of the organization to train and educate staff the need to secure and maintain a network. The policies must also be followed in order to avoid situations whereby the network gets breached by cybercriminals. The book also states that the standards must be met which must be reasonable, flexible, current, practical and applicable. Therefore the book is ideal in teaching its readers the importance of securing networks in an organization.
Comer, D. E. (2018). The Internet book: everything you need to know about computer networking and how the Internet works. Chapman and Hall/CRC.
Kim, D. &. (2016). Fundamentals of information systems security. Jones & Bartlett Publishers.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and compliance. Auerbach Publications.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.