- Shopping Bag ( 0 items )
The classic and authoritative reference in the field of computer security, now completely updated and revised
With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them.
With seventy-seven chapters contributed by a panel of renowned industry professionals, the new edition has increased coverage in both breadth and depth of all ten domains of the Common Body of Knowledge defined by the International Information Systems Security Certification Consortium (ISC).
Of the seventy-seven chapters in the fifth edition, twenty-five chapters are completely new, including:
1. Hardware Elements of Security
2. Fundamentals of Cryptography and Steganography
3. Mathematical models of information security
4. Insider threats
5. Social engineering and low-tech attacks
6. Spam, phishing, and Trojans: attacks meant to fool
7. Biometric authentication
8. VPNs and secure remote access
9. Securing Peer2Peer, IM, SMS, and collaboration tools
10. U.S. legal and regulatory security issues, such as GLBA and SOX
Whether you are in charge of many computers or just one important one, there are immediate steps you can take to safeguard your computer system and its contents. Computer Security Handbook, Fifth Edition equips you to protect the information and networks that are vital to your organization.
Brief History and Mission of Information System Security (S. Bosworth & R. Jacobson).
Cyberspace Law and Computer Forensics (R. Heverly & M. Wright).
Using a "Common Language" for Computer Security Incident Information (J. Howard & P. Meunier).
Studies and Surveys of Computer Crime (M. Kabay).
Toward a New Framework for Information Security (D. Parker).
PART TWO: THREATS AND VULNERABILITIES.
The Psychology of Computer Criminals (Q. Campbell & D. Kennedy).
Information Warfare (S. Bosworth).
Penetrating Computer Systems and Networks (C. Cobb, et al.).
Malicious Code (R. Thompson).
Mobile Code (R. Gezelter).
Denial of Service Attacks (D. Levine & G. Kessler).
The Legal Framework for Protecting Intellectual Property in the Field of Computing and Computer Software (W. Zucker & S. Nathan).
E-Commerce Vulnerabilities (A. Ghosh).
Physical Threats to the Information Infrastructure (F. Platt).
PART THREE: PREVENTION: TECHNICAL DEFENSES.
Protecting the Information Infrastructure (F. Platt).
Identification and Authentication (R. Sandhu).
Operating System Security (W. Stallings).
Local Area Networks (G. Kessler & N. Pritsky).
E-Commerce Safeguards (J. Ritter & M. Money).
Firewalls and Proxy Servers (D. Brussin).
Protecting Internet-Visible Systems (R. Gezelter).
Protecting Web Sites (R. Gezelter).
Public Key Infrastructures and Certificate Authorities (S. Chokhani).
Antivirus Technology (C. Cobb).
Software Development and Quality Assurance (D. Levine).
Piracy andAntipiracy Techniques (D. Levine).
PART FOUR: PREVENTION: HUMAN FACTORS.
Standards for Security Products (P. Brusil & N. Zakin).
Security Policy Guidelines (M. Kabay).
Security Awareness (K. Rudolph, et al.).
Ethical Decision Making and High Technology (J. Linderman).
Employment Practices and Policies (M. Kabay).
Operations Security and Production Controls (M. Walsh & M. Kabay).
E-Mail and Internet Use Policies (M. Kabay).
Working with Law Enforcement (M. Wright).
Using Social Psychology to Implement Security Policies (M. Kabay).
Auditing Computer Security (D. Levine).
PART FIVE: DETECTION.
Vulnerability Assessment and Intrusion Detection Systems (R. Bace).
Monitoring and Control Systems (D. Levine).
Application Controls (M. Walsh).
PART SIX: REMEDIATION.
Computer Emergency Quick-Response Teams (B. Cowens & M. Miora).
Data Backups and Archives (M. Kabay).
Business Continuity Planning (M. Miora).
Disaster Recovery (M. Miora).
Insurance Relief (R. Parisi, Jr.).
PART SEVEN: MANAGEMENT'S ROLE.
Management Responsibilities and Liabilities (C. Hallberg, et al.).
Developing Security Policies (M. Kabay).
Risk Assessment and Risk Management (R. Jacobson).
Y2K: Lessons Learned for Computer Security (T. Braithwaite).
PART EIGHT: OTHER CONSIDERATIONS.
Medical Records Security (P. Brusil & D. Harley).
Using Encryption Internationally (D. Levine).
Censorship and Content Filtering (L. Tien & S. Finkelstein).
Privacy in Cyberspace (B. Hayes, et al.).
Anoymity and Identity in Cyberspace (M. Kabay).
The Future of Information Security (P. Tippett).