جزییات کتاب
Prepare yourself for any type of audit and minimise security findings Key Features It follows a lifecycle approach to information security by understanding: Why we need Information security How we can implement How to operate securely and maintain a secure posture How to face audits Description This book is a guide for Network professionals to understand real-world information security scenarios. It offers a systematic approach to prepare for security assessments including process security audits, technical security audits and Penetration tests. This book aims at training pre-emptive security to network professionals in order to improve their understanding of security infrastructure and policies. With our network being exposed to a whole plethora of security threats, all technical and non-technical people are expected to be aware of security processes. Every security assessment (technical/ non-technical) leads to new findings and the cycle continues after every audit. This book explains the auditor’s process and expectations.What You Will Learn This book is solely focused on aspects of Information security that Network professionals (Network engineer, manager and trainee) need to deal with, for different types of Audits.Information Security Basics, security concepts in detail, threat Securing the Network focuses on network security design aspects and how policies influence network design decisions. Secure Operations is all about incorporating security in Network operations. Managing Audits is the real test. Who This Book is For IT Heads, Network managers, Network planning engineers, Network Operation engineer or anybody interested in understanding holistic network security.Table of Contents 1. Basics of Information Security2. Threat Paradigm3. Information Security Controls4. Decoding Policies Standards Procedures & Guidelines5. Network security design6. Know your assets7. Implementing Network Security8. Secure Change Management9. Vulnerability and Risk Management10. Access Control11. Capacity Management12. Log Management13. Network Monitoring14. Information Security Audit15. Technical Compliance Audit16. Penetration TestingAbout the AuthorNeha Saxena is currently teaching at Symbiosis International (Deemed University) as guest faculty and working as a Freelance security consultant with various organizations.She has previously worked with HP Singapore, Etihad airways Abu Dhabi, Quadrant Risk Management Dubai, Noor Islamic bank Dubai as Information security Officer (ISO), Senior Consultant and Team Lead. Her recently concluded projects include ISO27001 audit preparation for one of Dubai’s government subsidiary and Process Gap assessment at a Bank in Abu Dhabi.During her tenure at various jobs she wore many hats including Pen Tester, Application security assessor, Security Trainer, ISO27001 Implementer etc. Later on she moved to leading Audit and Compliance team. Currently she enjoys the thrill of challenges posed by doing different type of security/ teaching assignments as well as flexibility of working as a Freelancer. She takes each project as an opportunity to learn new things, new environment and meet interesting people around the world.She holds a Master’s degree in Computer Applications from Symbiosis International (Deemed University). She resides with her family in Pune, India currently. When not working she indulges herself in reading books, watching movies & paranormal/fantasy TV series, yoga and meditation.