The NICE cyber security framework cyber security management /
This textbook covers security controls and management. It is for courses in cyber security education that follow National Initiative for Cybersecurity Education (NICE) work roles and framework that adopt the Competency-Based Education (CBE) method. The book follows the CBE general framework, meaning...
| Main Author: | Alsmadi, Izzat, 1972- |
|---|---|
| Other Authors: | Easttom, Chuck., Tawalbeh, Lo'ai., SpringerLink (Online service) |
| Format: | eBook |
| Language: | English |
| Published: |
Cham :
Springer,
2020.
Cham : 2020. |
| Physical Description: |
1 online resource (xv, 262 pages) : illustrations. |
| Subjects: |
Table of Contents:
- Intro
- Preface
- Contents
- 1 Information Assurance/Encryption
- General Cryptography Knowledge
- Ancient Ciphers
- The Caesar Cipher
- ROT 13
- Atbash Cipher
- Multi-alphabet Substitution
- Specific Modern Algorithms
- Symmetric Cryptography
- Implementing Ciphers
- Cryptographic Hashes
- Asymmetric Cryptography
- Wireless Encryption and Security
- WEP
- WPA
- WPA 2
- WPA 3
- Obfuscation
- Steganography
- TOR
- Digital Signatures
- Digital Certificates
- SSL/TLS
- Cryptography Regulations
- United States Regulations/Standards
- Cryptography Laws
- Key Management.
- Drive and File Encryption
- Virtual Private Networks
- Point-to-Point Tunneling Protocol
- Layer 2 Tunneling Protocol
- IPsec
- SSL/TLS
- Conclusion
- 2 Information Systems Security Management
- Introduction
- K0005: Knowledge of Cyber Threats and Vulnerabilities
- Cyber Threat Categories
- Cyber Resilience
- K0049: Knowledge of Information Technology (IT) Security Principles and Methods (e.g., Firewalls, Demilitarized Zones, Encryption)
- Security Principles
- Firewalls
- K0050: Knowledge of Local Area and Wide Area Networking Principles and Concepts Including Bandwidth Management.
- K0053: Knowledge of Measures or Indicators of System Performance and Availability
- K0094: Knowledge of the Capabilities and Functionality Associated with Content Creation Technologies (e.g., Wikis, Social Networking, Content Management Systems, Blogs)
- References
- 3 IT Risk and Security Management
- K0002: Knowledge of Risk Management Processes (e.g., Methods for Assessing and Mitigating Risk)
- K0048: Knowledge of Risk Management Framework (RMF) Requirements
- K0149: Knowledge of Organization's Risk Tolerance and/or Risk Management Approach
- K0165: Knowledge of Risk/Threat Assessment.
- Risk Assessment
- Threat Assessment
- K0195: Knowledge of Data Classification Standards and Methodologies Based on Sensitivity and Other Risk Factors
- K0203: Knowledge of Security Models (e.g., Bell-LaPadula Model, Biba Integrity Model, Clark-Wilson Integrity Model)
- K0214: Knowledge of the Risk Management Framework Assessment Methodology
- Cybersecurity Risk Assessment Framework
- DITSCAP, DIACAP and RMF Certification and Accreditation (C & A)
- K0232: Knowledge of Critical Protocols (e.g., IPSEC, AES, GRE, IKE)
- K0263: Knowledge of Information Technology (IT) Risk Management Policies, Requirements, and Procedures
- K0281: Knowledge of Information Technology (IT) Service Catalogs
- K0295: Knowledge of Confidentiality, Integrity, and Availability Principles
- K0326: Knowledge of Demilitarized Zones
- K0383: Knowledge of Collection Capabilities, Accesses, Performance Specifications, and Constraints Utilized to Satisfy Collection Plan
- CNA/D/E/O.