Review of Network Security Evaluation Using the NSA IEM Posted
Amazon.com just posted my four-star review of Network Security Evaluation Using the NSA IEM. I've mentioned the IEM before and I am scheduled for IAM and IEM training this month and next. I expect it to be good, as long as I can ignore all of the INFOSEC terminology. I cannot STAND the term "INFOSEC". Why all capitals? It's not an acronym! It must have Navy roots, e.g. SPAWAR. Argh. Anyway, from the review:
"I am a security consultant in the DC area, so I have heard the NSA IAM and IEM terms bandied about the Beltway. I read Network Security Evaluation Using the NSA IEM (NSE) to get a better understanding of the IEM side of the equation. I found the business process coverage of this book helpful, along with the general understanding of the goals of the IAM and IEM. For these two reasons you may find NSE helpful too."
Many of the authors of this IEM book work for Security Horizon, which provides IAM/IEM services and training. You may recognize founder Russ Rogers, who just published the latest issue of his quarterly Security Journal.
"I am a security consultant in the DC area, so I have heard the NSA IAM and IEM terms bandied about the Beltway. I read Network Security Evaluation Using the NSA IEM (NSE) to get a better understanding of the IEM side of the equation. I found the business process coverage of this book helpful, along with the general understanding of the goals of the IAM and IEM. For these two reasons you may find NSE helpful too."
Many of the authors of this IEM book work for Security Horizon, which provides IAM/IEM services and training. You may recognize founder Russ Rogers, who just published the latest issue of his quarterly Security Journal.
Comments
COMPUSEC- Air Force computer security
OPSEC- DoD operations security
COMSEC- DoD communication security
Do you feel the terms are yelling at you? Are you troubled by the overbearing appearance these terms have on the lowercase words which surround them?
Let it out.
I felt that it was a good introduction into the NSA IAM process, but was wondering if the 'Network Security Evaluation' book takes it to the next level or remains in the same 'introduction' phase for IEM???
Thanks
I did not read the IAM book.
http://www.e-publishing.af.mil/pubfiles/446aw/33/446awi33-202/446awi33-202.pdf