Information Security Management Handbook / Edition 4

Information Security Management Handbook / Edition 4

by Harold F. Tipton, Micki Krause
     
 

ISBN-10: 0849311276

ISBN-13: 9780849311277

Pub. Date: 09/26/2001

Publisher: Taylor & Francis

Whether you are active in security management or studying for the CISSP exam, you need accurate information you can trust. A practical reference and study guide, Information Security Management Handbook, Fourth Edition, Volume 3 prepares you not only for the CISSP exam, but also for your work as a professional. From cover to cover, the book gives you the information…  See more details below

Overview

Whether you are active in security management or studying for the CISSP exam, you need accurate information you can trust. A practical reference and study guide, Information Security Management Handbook, Fourth Edition, Volume 3 prepares you not only for the CISSP exam, but also for your work as a professional. From cover to cover, the book gives you the information you need to understand what makes information secure and how to secure it -- the exam's core subjects. Providing an overview of the information security arena, each chapter presents a wealth of technical detail. The changes in the technology of information security and the increasing threats to security from open systems make a complete and up-to-date understanding of this material essential. Volume 3 supplements the information in the earlier volumes of this handbook, updating it and keeping it current. There is no duplication of material among any of the three volumes. Because the knowledge required to master information security -- the Common Body of Knowledge (CBK) -- is growing so quickly, it requires frequent updates.

Read More

Product Details

ISBN-13:
9780849311277
Publisher:
Taylor & Francis
Publication date:
09/26/2001
Edition description:
Older Edition
Pages:
848
Product dimensions:
6.49(w) x 9.54(h) x 1.95(d)

Table of Contents

Introduction
Domain 1Access Control Systems and Methodology1
Ch. 1Biometrics: What Is New?5
Ch. 2Privacy in the Healthcare Industry15
Ch. 3A New Breed of Hacker Tools and Defenses31
Ch. 4Social Engineering: The Forgotten Risk51
Domain 2Telecommunications and Network Security65
Ch. 5Security and Network Technologies69
Ch. 6Wired and Wireless Physical Layer Security Issues97
Ch. 7Network Router Security109
Ch. 8Wireless Internet Security125
Ch. 9VPN Deployment and Evaluation Strategy149
Ch. 10How to Perform a Security Review of a Checkpoint Firewall177
Ch. 11Comparing Firewall Technologies201
Ch. 12The (In)Security of Virtual Private Networks215
Ch. 13E-Mail Security239
Ch. 14Cookies and Web Bugs: What Are They and How Do They Work Together?259
Ch. 15Leveraging Virtual Private Networks273
Ch. 16Wireless LAN Security291
Domain 3Security Management Practices299
Ch. 17Maintaining Management's Commitment303
Ch. 18Making Security Awareness Happen317
Ch. 19Making Security Awareness Happen: Appendices337
Ch. 20Policy Development353
Ch. 21A Matter of Trust385
Ch. 22Risk Management and Analysis407
Ch. 23New Trends in Information Risk Management419
Ch. 24Information Security in the Enterprise431
Ch. 25Managing Enterprise Security Information451
Ch. 26Configuration Management: Charting the Course for the Organization479
Domain 4Applications and Systems Development Security505
Ch. 27Web Application Security509
Ch. 28The Perfect Security: A New World Order525
Ch. 29Security for XML and Other Metadata Languages539
Ch. 30XML and Information Security551
Ch. 31Digital Signatures in Relational Database Applications563
Ch. 32Security and Privacy for Data Warehouses: Opportunity or Threat577
Domain 5Cryptography603
Ch. 33A Look at the Advanced Encryption Standard (AES)607
Ch. 34Preserving Public Key Hierarchy619
Domain 6Security Architecture and Models629
Ch. 35Reflections on Database Integrity633
Domain 7Operations Security645
Ch. 36Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions649
Ch. 37Auditing the Electronic Commerce Environment671
Domain 8Business Continuity Planning and Disaster Recovery Planning697
Ch. 38Reengineering the Business Continuity Planning Process701
Ch. 39Business Resumption Planning and Disaster Recovery: A Case History719
Domain 9Law, Investigations, and Ethics735
Ch. 40What Happened?739
Ch. 41Internet Gripe Sites: Bally v. Faber745
Ch. 42State Control of Unsolicited E-Mail: State of Washington v. Heckel751
Domain 10Physical Security757
Ch. 43Physical Security: A Foundation for Information Security761
Ch. 44Physical Security: Controlled Access and Layered Defense775
Index793

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >