ISO27000 and Information Security: A Combined Glossary
- 1h 15m
- Alan Calder, Steve G. Watkins
- IT Governance
- 2010
Get to grips with key ISO27000 and information security vocabulary with this indispensable, concise pocket guide!
Information security is of crucial importance to your business. If you don’t know the difference between a cookie and a worm, or between war-chalking and digital watermarking, you are sure to find this guide enlightening. The strength of the book is that it is a combined glossary, enabling you to find explanations of geek slang, procedural language and acronyms all in one place. The combined glossary is a revised edition of the popular Dictionary of Information Security Terms, and this new edition has been able to draw on the definitions provided in ISO/IEC 27000:2009 – Security Techniques – Information security management systems – Overview and vocabulary.
What's new?
Further definitions are sourced from ISO/IEC Guide 73:2002 to provide you with authoritative explanations of those information security terms that are used across the ISO framework. The combined glossary has taken account of an important change on the information security scene, and contains some new acronyms and definitions from the Payment Card Industry Data Security Standard (PCI DSS).
About the Authors
Alan Calder is the founder director of IT Governance Ltd. His long executive career has spanned both the private and public sectors. He writes, speaks and consults widely on IT governance, compliance and information security.
Steve G. Watkins leads the consultancy and training services of IT Governance Ltd. In his various roles in both the public and private sectors, he has been responsible for most support disciplines. He has over 20 years' experience of managing integrated management systems, including maintenance of information security, quality, environmental and Investor in People certifications.
In this Book
-
ISO27000 and Information Security—A Combined Glossary
-
Introduction
-
Acceptable use policy — Awareness training
-
Back door — Byte
-
Cache — Cyberwar
-
Data controller — Dumpster diving
-
Eavesdropping — Extranet
-
Facebook — FTPS
-
Gateway — Guideline
-
Hackers — HVAC
-
ICANN — ITPC
-
Java — Junk mail
-
Kerberos — Kilobyte
-
LAN — Logical
-
MAC — Multiple sign-on
-
N3 — NSSF
-
Objective evidence — OWASP
-
P2P — Public terminals
-
QSA
-
RADIUS — Router
-
SaaP — System utilities
-
TACACS+ — Two-factor authentication
-
UKAS — User rights
-
Validation — Vulnerability scanning
-
WAN — WPA2
-
XML
-
Zachman Framework — Zombie
-
ITG Resources