Introduction to Information Security: A Strategic-Based Approach

Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information.

Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.

Provides a broad introduction to the methods and techniques in the field of information securityOffers a strategy-based view of these tools and techniques, facilitating selection of overlapping methods for in-depth defense of informationProvides very current view of the emerging standards of practice in information security

1. Introduction & Definitions
2. Strategies and Security 
3. Deception Strategies: Network Organization 
4. Deception Strategies: Defensive technologies 
5. Frustration Strategies: Footprint Minimization
6. Frustration Strategies: Formal verification
7. Resistance Strategies: Authentication & Permissions 
8. Resistance Strategies: Encryption
9. Resistance Strategies: Partitioning & Need-to-Know
10. Resistance Strategies: Change management 
11. Recognition Strategies: Network Analysis
12. Recognition Strategies: Intrusion Detection and Prevention
13. Recognition Strategies: Host-based recognition & Forensics
14. Recognition Strategies: Integrity detection
15. Recovery of Security
16. Summary: Certifications and Conclusions