Cybersecurity - A Self-Teaching Introduction
This book is designed to provide the reader with the fundamental concepts of cybersecurity and cybercrime in an easy to understand, self-teaching format. It introduces all of the major subjects related to cybersecurity, including data security, threats and viruses, malicious software, firewalls and...
Saved in:
| Main Authors | , |
|---|---|
| Format | eBook |
| Language | English |
| Published |
Herndon, VA
Mercury Learning and Information
2020
Mercury Learning & Information Mercury Learning |
| Edition | 1 |
| Subjects | |
| Online Access | Get full text |
| ISBN | 1683924983 9781683924982 |
| DOI | 10.1515/9781683924968 |
Cover
Table of Contents:
- Title Page Disclaimer Preface Table of Contents 1. Introduction to Information Systems 2. Cybersecurity Application Security 3. Developing Secure Information Systems 4. Information Security Policies, Standards, and Cyber Law 5. Security of Emerging Technology Index
- Cover -- Half-Title -- Title -- Copyright -- Contents -- Preface -- Chapter 1: Introduction to Information Systems -- 1.1 Introduction to Information Systems -- 1.1.1 What Is Information? -- 1.1.2 What Is a System? -- 1.1.3 What Is an Information System (IS)? -- 1.2 Types of Information Systems -- 1.3 Development of Information Systems -- 1.3.1 Prototyping -- 1.4 Changing the Nature of Information Systems -- 1.4.1 Globalization of Business and Need of Distributed Information Systems -- 1.4.2 Needs in Distributed Information Systems (DIS) -- 1.5 Introduction to Information Security -- 1.5.1 Key Concepts of Information Security -- 1.6 Need for Information Security -- 1.7 Threats to Information Systems -- 1.7.1 Classification of Threats on the Basis of Damages -- 1.7.2 Life Cycle of Threat -- 1.7.3 Threats Related to Information Systems -- 1.8 Information Assurance -- 1.9 Cybersecurity and Security Risk Analysis -- 1.9.1 Security Risk Analysis -- Chapter 2: Cybersecurity Application Security -- 2.1 Application Security -- 2.1.1 Database -- 2.1.2 Email -- 2.1.3 Internet -- 2.2 Data Security Considerations: Backups -- 2.3 Archival -- 2.3.1 Storage and Disposal of Data -- 2.3.2 Secure Data Disposal Methods -- 2.4 Security Technology -- Firewall -- 2.4.2 Virtual Private Networks (VPNs) -- 2.5 Intrusion Detection -- 2.5.1 HIDS and NIDS -- 2.5.2 Statistical Anomaly and Signature-Based IDSEs -- 2.6 Denial-of-Service (DOS) Attack -- 2.7 Security Threats -- 2.7.1 Malicious Software -- 2.7.2 Viruses -- 2.7.3 Email Viruses -- 2.7.4 Macro Viruses -- 2.7.5 Worms -- 2.7.6 Trojan Horse -- 2.7.7 Logic Bombs -- 2.7.8 Trapdoors -- 2.7.9 Spoofs -- 2.8 Security Threats to E-Commerce -- 2.9 Electronic Payment Systems -- 2.9.1 The Concept of Electronic Payment -- 2.9.2 Conventional versus Electronic Payment Systems -- 2.9.3 The Process of Electronic Payment Systems
- 4.2.3 Corporate Policies -- 4.2.4 Policy Framework, Legislation, and Responsibilities of Information Security -- 4.3 Information Security Standards -- 4.3.1 International Standards Organization (ISO) -- 4.4 Cyber Laws in India -- 4.4.1 Amendment of Act 2008 -- 4.4.2 IT Act of 2000 Provisions -- 4.5 Intellectual Property Law -- 4.5.1 History -- 4.5.2 Industrial Design Rights -- 4.5.3 Objectives of Intellectual Property Law -- 4.5.4 Infringement, Misappropriation, and Enforcement -- 4.6 Semiconductor Law -- 4.6.1 Background -- 4.6.2 Enactment of US and Other National Legislation -- 4.6.3 How the SCPA Operates -- 4.6.4 Acquisition of Protection by Registration -- 4.6.5 Mask Works -- 4.6.6 Enforcement -- 4.6.7 Functionality Unprotected -- 4.6.8 Reverse Engineering Allowed -- 4.7 Software Licenses -- 4.7.1 Software Licenses and Copyright Law -- 4.7.2 Ownership versus Licensing -- 4.7.3 Proprietary Software Licenses -- 4.7.4 Free and Open-Source Software Licenses -- Chapter 5: Security of Emerging Technology -- 5.1 Security of Big Data Analytics -- 5.1.1 Big Data Analysis can Transform Security Analytics in the Following Ways -- 5.1.2 Big Data Analytics for Security Issues and Privacy Challenges -- 5.2 Security of Cloud Computing -- 5.2.1 Cloud Deployment Models -- 5.2.2 The Three Layers of Cloud Computing Services Model (Software, Platform or Infrastructure (SPI) Model) -- 5.2.3 Security Concerns and Challenges of Cloud Computing -- 5.2.4 Cloud Security as Consumers Service -- 5.3 Security of Internet of Things (IoT) -- 5.3.1 Evolution of IoT -- 5.3.2 Building Blocks of the Internet of Things (IoT) -- 5.3.3 Different Between IoT and Machine-to-Machine (M2M) -- 5.3.4 IoT Layers Models -- 5.3.5 Applications of IoT -- 5.3.6 New Challenges Created by the IoT -- 5.3.7 Security Requirements of IoT -- 5.3.8 Three Primary Targets of Attack against IoT
- 2.9.4 Types of Electronic Payment Systems -- 2.10 Digital Signature -- 2.11 Cryptography -- Chapter 3: Developing Secure Information Systems -- 3.1 Secure Information System Development -- 3.1.1 Initiation -- 3.1.2 Acquisition/Development -- 3.1.3 Implementation -- 3.1.4 Operations and Maintenance -- 3.1.5 Disposition -- 3.2 Application Development Security -- 3.2.1 Initial Review -- 3.2.2 Definition Phase: Threat Modeling -- 3.2.3 Design Phase: Design Review -- 3.2.4 Development Phase: Code Review -- 3.2.5 Deployment Phase: Risk Assessment -- 3.2.6 Risk Mitigation -- 3.2.7 Benchmark -- 3.2.8 Maintenance Phase: Maintain -- 3.3 Information Security Governance and Risk Management -- 3.3.1 Information Security Governance -- 3.3.2 Risk Management -- 3.4 Security Architecture and Design -- 3.4.1 Computer System Architecture -- 3.4.2 Systems Security Architecture -- 3.4.3 Principles of Secure Design -- 3.4.4 Principles of Software Security -- 3.4.5 Security Product Evaluation Methods and Criteria -- 3.5 Security Issues in Hardware, Data Storage, and Downloadable Devices -- 3.5.1 Hardware -- 3.5.2 Security Marking -- 3.5.3 Security Data Backup -- 3.5.4 Power Supply Backup -- 3.5.5 Data Storage -- 3.6 Physical Security of it Assets -- 3.6.1 The Human Factor -- 3.6.2 Natural Disasters -- 3.6.3 Physical Access Control -- 3.6.4 Visual Surveillance System: CCTV (Closed Circuit Television) -- 3.7 Back-Up Security Measures -- 3.7.1 Physical Security -- 3.7.2 Client Security -- 3.7.3 Server Security -- 3.7.4 Network Security -- 3.7.5 Employee Security -- Chapter 4: Information Security Policies, Standards, and Cyber Law -- 4.1 Security Policies -- 4.1.1 Policies -- 4.1.2 Why Policies Should be Developed -- 4.1.3 WWW Policies -- 4.1.4 Email Security Policies -- 4.2 Policy Review Process -- 4.2.1 Technical Review -- 4.2.2 Non-Technical Review
- 5.3.9 Hybrid Encryption Technique -- 5.3.10 Hybrid Encryption Algorithm Based on DES and -- 5.3.11 Advance Encryption Standard (AES) -- 5.3.12 Requirements for Lightweight Cryptography -- 5.3.13 Lightweight Cryptography in the IoT -- 5.3.14 Prevention of Attacks on IoT -- 5.4 Security of Smart Grid -- 5.4.1 Smart Grid Challenges -- 5.4.2 Smart Grid Layers -- 5.4.3 Information Security Risks and Demands of Smart Grid -- 5.4.4 Smart Grid Security Objectives -- 5.4.5 The Smart Grid System can be Divided in Three Major Systems -- 5.4.6 Types of Security Attacks that can Compromise the Smart Grid Security -- 5.4.7 Cybersecurity Attacks in a Smart Grid -- 5.5 Security of Scada Control Systems -- 5.5.1 Components of SCADA Systems -- 5.5.2 SCADA System Layers -- 5.5.3 Requirements and Features for the Security of Control Systems -- 5.5.4 Categories for Security Threats to Modern SCADA Systems -- 5.6 Security of Wireless Sensor Networks (WSNs) -- 5.6.1 WSN Layers -- 5.6.2 Security Requirements in WSNs -- 5.6.3 The Attacks Categories in WSNs -- 5.6.4 Attacks and Defense in WSNs at Different Layers -- 5.6.5 Security Protocols in WSNs -- Index
- Contents --
- Chapter 4: Information Security Policies, Standards, and Cyber Law --
- Preface --
- Chapter 1: Introduction to Information Systems --
- Frontmatter --
- Index
- Chapter 2: Cybersecurity Application Security --
- Chapter 3: Developing Secure Information Systems --
- Chapter 5: Security of Emerging Technology --