Introduction BOOK OVERVIEW AND KEY LEARNING POINTS The Basics of Information Security will provide the reader with a basic knowledge of information security in both theoretical and practical aspects.We will first cover the basic knowledge needed to understand the key concepts of informa- tion discussing many of the concepts that underpin the secrity world. We will the n dive into applica ions of these ideas in the areas of oper ations,physical,network,operating system,and application security BOOK AUDIENCE This book will provide a valuable resouce to beginning security professionals s to network and systems administrators. ation provided in this book can be used to develop a better understanding of how we protect our information assets and defend against attacks,as well as how to apply these concepts practically. Those in management positions will find this information useful as well,from the standpoint of developing beter overll secrtypractices for theirorani ions The cone sed to drive security projects and polices.inetmitigate somissues discussed HOW THIS BOOK IS ORGANIZED this book is erstanding of information security oc progression for a underst ing of info atio es in the refer to infor mation located in other chapters in the book,we have endeavored to point out where the information can be found.The following descriptions will provide an overview of the contents of each chapter: Chapter 1:What Is Information Security? In this chapter,we cover some of the most basic concepts of information security. Information security is vital in the era in which data regarding countless indi- viduals and organizations is stored in a variety of computer systems.often no under our direct talk about the diametricaly opposing concepts of security productivity,the models that are helpful in dis cep he integrity,and nd the d rian hexa as wel the and controls to mitigat Lastly,we cover defense in depth and its place in the information security world xv Book overview and key learning points The Basics of Information Security will provide the reader with a basic knowledge of information security in both theoretical and practical aspects. We will first cover the basic knowledge needed to understand the key concepts of informa￾tion security, discussing many of the concepts that underpin the security world. We will then dive into practical applications of these ideas in the areas of oper￾ations, physical, network, operating system, and application security. Book audience This book will provide a valuable resource to beginning security professionals, as well as to network and systems administrators. The information provided in this book can be used to develop a better understanding of how we protect our information assets and defend against attacks, as well as how to apply these concepts practically. Those in management positions will find this information useful as well, from the standpoint of developing better overall security practices for their organiza￾tions. The concepts discussed in this book can be used to drive security projects and policies, in order to mitigate some of the issues discussed. How this book is organized This book is designed to take the reader through a logical progression for a foundational understanding of information security and is best read in the order of the chapters from front to back. In the areas where we refer to infor￾mation located in other chapters in the book, we have endeavored to point out where the information can be found. The following descriptions will provide an overview of the contents of each chapter: Chapter 1: What Is Information Security? In this chapter, we cover some of the most basic concepts of information security. Information security is vital in the era in which data regarding countless indi￾viduals and organizations is stored in a variety of computer systems, often not under our direct control. We talk about the diametrically opposing concepts of security and productivity, the models that are helpful in discussing security con￾cepts, such as the confidentiality, integrity, and availability (CIA) triad and the Parkerian hexad, as well as the basic concepts of risk and controls to mitigate it. Lastly, we cover defense in depth and its place in the information security world. Introduction