What this book covers
Chapter 1, InfoSec and Risk Management, establishes the core principles of InfoSec and ensures the topics central to the discipline are well-understood.
Chapter 2, Protecting the Security of Assets, implements effective processes to ensure you can identify the assets of an organization and avoid common pitfalls that InfoSec professionals encounter.
Chapter 3, Designing Secure Information Systems, explores how to assess architectures and systems for vulnerabilities and mitigate those vulnerabilities with controls, including cryptography.
Chapter 4, Designing and Protecting Network Security, covers designing secure network systems, selecting the appropriate network components, and ensuring their effectiveness for your organization's requirements.
Chapter 5, Controlling Access and Managing Identity, examines both physical and digital access to your organization, and the various aspects of selecting and implementing the appropriate identity and access management controls.
Chapter 6, Designing and Managing Security Testing Processes, covers adopting a mindset of continuous improvement by testing existing implementations and utilizing any findings to optimize your InfoSec program.
Chapter 7, Owning Security Operations, covers aligning the day-to-day tasks involved with maintaining InfoSec to an organization's strategies.
Chapter 8, Improving the Security of Software, covers enforcing secure practices in procuring and developing software.