The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice


Posted on by Ben Rothke

For those that want a 1,000+ page book on information security, there are plenty around. Surprisingly, there is a limited amount of introductory texts to this most important topic.  To the rescue comes The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice

At 175 pages, the book does not kill many trees, but does give the reader an overview of all of the key principles around information security.  

Those looking for information security certification, the Certified Information Systems Security Professional (CISSP) Common Body of Knowledge (CBK) covers the topics relevant to information security professionals.  The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss matters pertaining to the profession with a common understanding.

The books 10 chapters are closely tied to the CBK and provide the reader with a comprehensive overview of the core topics around information security.  This includes detailed chapters on identification and authentication, authorization and access control, cryptography, physical security operating system security and more. 

The book makes ample use of pictures and figures to make many of the often abstract ideas easier to understand.  Each chapter also ends with exercise questions to move the topic from theory to practice.  

As indicative from the CBK, information security is an overwhelming body of knowledge, and for many it can indeed be a far too tremendous body of text to attempt to cover.  To that effort this book is an invaluable resource as it covers the key areas without getting bogged down in the minutia. 

For those looking to get their feet wet in the deep waters of information security, The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice is a great place to start.


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

data security

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs