Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "The Executive Guide to Information Security", Mark E

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "The Executive Guide to Information Security", Mark Egan/Tim Mather
Date: Tue, 06 Mar 2007 17:59:04 -0800 
BKEGINSC.RVW   20070112

"The Executive Guide to Information Security", Mark Egan/Tim Mather,
2005, 0-321-30451-9, U$34.99/C$49.99
%A   Mark Egan
%A   Tim Mather
%C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario  M3C 2T8
%D   2005
%G   0-321-30451-9
%I   Addison-Wesley Publishing Co.
%O   U$34.99/C$49.99 416-447-5101 fax: 416-443-0948 bkexpress@aw.com
%O  http://www.amazon.com/exec/obidos/ASIN/0321304519/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0321304519/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0321304519/robsladesin03-20
%O   Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   268 p.
%T   "The Executive Guide to Information Security"

The preface states that the book is intended as a crash course on
information security for those at the executive management level who
are not familiar with the security or technical field.  The work is
intended to present practical recommendations that can be implemented
quickly, and to explain key principles in non-technical language.

Chapter one notes that security is becoming an increasing concern to
the corporation, and that new technologies, such as the Internet and
wireless networking, are making this already difficult task ever more
complicated.  Some random aspects of security, mostly different types
of security tools, are listed in chapter two.  The recommendation
about developing a security program, in chapter three, is limited to
generic project management.  Some general advice on staffing is given
in chapter four.  Chapter five outlines a few processes necessary to a
security assessment and program.  More technologies and utilities are
catalogued in chapter six, more processes in seven.  Chapter eight
looks to the increasing complexity of information systems, new and
harsher attacks, and the expanding problems in securing systems.  Some
important, but not comprehensive, points about an information security
program are listed in chapter nine.

The book includes a "security framework," in the checklist style
favoured by so many authors of frameworks, but it has more gaps and is
limited in comparison to the other available structures (such as Fred
Cohen's "Security Governance," cf. BKSECGOV.RVW).

This is much like a collection of reasonable magazine articles, and
would be good for raising awareness and limited familiarity with the
importance of security, and some of the major issues.  It is, however,
hardly the basis for a complete understanding of the security realm,
even at the executive level.  It certainly would not serve as the
foundation for a security program.

copyright Robert M. Slade, 2007   BKEGINSC.RVW   20070112


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
I base most of my fashion taste on what doesn't itch. - Gilda Radner
Dictionary of Information Security  www.syngress.com/catalog/?pid=4150
http://victoria.tc.ca/techrev/rms.htm


------------------------ Yahoo! Groups Sponsor --------------------~--> 
Something is new at Yahoo! Groups.  Check out the enhanced email design.
http://us.click.yahoo.com/kOt0.A/gOaOAA/yQLSAA/kgFolB/TM
--------------------------------------------------------------------~-> 

 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "The Executive Guide to Information Security", Mark Egan/Tim Mather, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  Re: [CISSP-D] Digest Number 837, b g
Next by Date:  [CISSP-D] let's look at this together, Oluwatomi Olawande James
Previous by Thread:  Re: [CISSP-D] Digest Number 837, b g
Next by Thread:  [CISSP-D] let's look at this together, Oluwatomi Olawande James
Indexes:  [Date] [Thread] [Top] [All Lists]