Information Security Management Handbook, Volume 6
Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay
1136563109
Information Security Management Handbook, Volume 6
Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay
62.99 In Stock
Information Security Management Handbook, Volume 6

Information Security Management Handbook, Volume 6

Information Security Management Handbook, Volume 6
Add to Wishlist
Information Security Management Handbook, Volume 6

Information Security Management Handbook, Volume 6

Overview

Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 6 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay

Product Details

ISBN-13: 9781466559103
Publisher: CRC Press
Publication date: 04/19/2016
Sold by: Barnes & Noble
Format: eBook
Pages: 504
File size: 16 MB
Note: This product may take a few minutes to download.

About the Author

About the Editors:

Sadly, Harold F. Tipton passed away on Friday, March 16, 2012. We're grateful for his many years of friendship and guidance. Hal was instrumental in the creation and development of the information security publishing program at CRC Press.

Hal was an independent consultant and past president of the International Information System Security Certification Consortium (ISC)2. He was the director of Computer Security for Rockwell International Corporation for 15 years. He initiated the Rockwell computer and data security program in 1977 and then continued to administer, develop, enhance, and expand the program to accommodate the control needs produced by technological advances until his retirement from Rockwell in 1994. He was a member of the Information Systems Security Association (ISSA) since 1982, president of the Los Angeles Chapter in 1984, and president of the national organization of ISSA from 1987 to 1989. He was added to the ISSA Hall of Fame and the ISSA Honor Roll in 2000. He received the Computer Security Institute "Lifetime Achievement Award" in 1994 and the (ISC)2 "Hal Tipton Award" in 2001. He was a member of the National Institute for Standards and Technology (NIST) Computer and Telecommunications Security Council and the National Research Council Secure Systems Study Committee (for the National Academy of Science). He received a bachelor of science degree in engineering from the U.S. Naval Academy, a master's degree in personnel administration from George Washington University, and a certificate in computer science from the University of California, Irvine. He published several papers on information security issues in the Information Security Management Handbook, Data Security Management, Information Systems Security, and the National Academy of Sciences report Computers at Risk.

He was a frequent speaker at all major information se

Table of Contents

Access Control. Telecommunications&Network Security. Information Security&Risk Management. Application Security. Cryptography. Security Architecture&Design. Operations Security. Business Continuity Planning&Disaster Recovery Planning. Legal, Regulations, Compliance&Investigation. Physical Security.

What People are Saying About This

From the Publisher

DOMAIN 1: ACCESS CONTROL
Access Control Administration
What Business Associates Need to Know About Protected Health Information Under HIPAA and HITECH; Rebecca Herold

DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY
Internet, Intranet, Extranet Security
E-mail Security; Terence Fernandes

DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT
Security Management Concepts and Principles
Appreciating Organizational Behavior and Institutions to Solidify Your Information Security Program; Robert Pittman Risk Management
The Information Security Auditors Have Arrived, Now What?; Todd Fitzgerald
Continuous Monitoring: Extremely Valuable to Deploy Within Reason; Foster J. Henderson and Mark A. Podracky
Social Networking; Sandy Bacik
Insider Threat Defense; Sandy Bacik
Risk Management in Public Key Certificate Applications; Alex Golod
Server Virtualization: Information Security Considerations; Thomas A. Johnson Security Management Planning
Security Requirements Analysis; Sean M. Price
CERT Resilience Management Model: An Overview; Bonnie A. Goins Pilewski and Christopher Pilewski
Managing Bluetooth Security; E. Eugene Schultz, Matthew W. A. Pemble, and Wendy Goucher Employment Policies and Practices
Slash and Burn: In Times of Recession, Do Not Let Emotions Drive Business Decisions; Seth Kinnett
A "Zero Trust" Model for Security; Ken Shaurette and Thomas J. Schleppenbach

DOMAIN 4: APPLICATION DEVELOPMENT SECURITY
System Development Controls
Application Whitelisting; Georges Jahchan
Design of Information Security for Large System Development Projects; James C. Murphy
Building Application Security Testing into the Software Development Life Cycle; Sandy Bacik Malicious Code
Twenty-Five (or Forty) Years of Malware History; Robert M. Slade

DOMAIN 5: CRYPTOGRAPHY
Cryptographic Concepts, Methodologies, and Practices
Format Preserving Encryption; Ralph Spencer Poore
Elliptic Curve Cryptosystems; Jeff Stapleton
Pirating the Ultimate Killer APP: Hacking Military Unmanned Aerial Vehicles; Sean P. Mcbride

DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN
Principles of Computer and Network Organizations, Architectures, and Designs
Service-Oriented Architecture; Walter B. Williams
Cloud Security; Terry Komperda
Enterprise Zones of Trust; Sandy Bacik

DOMAIN 7: OPERATIONS SECURITY: OPERATIONS CONTROLS Complex Event Processing for Automated Security Event Analysis; Rob Shein
Records Management; Sandy Bacik

DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING
Business Continuity Planning
Data Backup Strategies: Traditional Versus Cloud: Carl B. Jackson

DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS
Major Categories of Computer Crime
Managing Advanced Persistent Threats; Eugene Schultz and Cuc Du Incident Handling
Virtualization Forensics; Paul A. Henry

DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY
Elements of Physical Security
Terrorism: An Overview; Frank Bolz, Kenneth J. Dudonis, and David P. Schulz Technical Controls
Countermeasure Goals and Strategies; Thomas L. Norman

Index

From the B&N Reads Blog
Page 1 of

Related Subjects

Business
Management & Leadership
Management - General & Miscellaneous
Business
Management & Leadership
Management - General & Miscellaneous

Customer Reviews