×

Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Information Security Management Handbook / Edition 4
     

Information Security Management Handbook / Edition 4

by Harold F. Tipton, Micki Krause
 

See All Formats & Editions

ISBN-10: 0849311276

ISBN-13: 9780849311277

Pub. Date: 09/26/2001

Publisher: Taylor & Francis

Whether you are active in security management or studying for the CISSP exam, you need accurate information you can trust. A practical reference and study guide, Information Security Management Handbook, Fourth Edition, Volume 3 prepares you not only for the CISSP exam, but also for your work as a professional. From cover to cover, the book gives you the information

Overview

Whether you are active in security management or studying for the CISSP exam, you need accurate information you can trust. A practical reference and study guide, Information Security Management Handbook, Fourth Edition, Volume 3 prepares you not only for the CISSP exam, but also for your work as a professional. From cover to cover, the book gives you the information you need to understand what makes information secure and how to secure it -- the exam's core subjects. Providing an overview of the information security arena, each chapter presents a wealth of technical detail. The changes in the technology of information security and the increasing threats to security from open systems make a complete and up-to-date understanding of this material essential. Volume 3 supplements the information in the earlier volumes of this handbook, updating it and keeping it current. There is no duplication of material among any of the three volumes. Because the knowledge required to master information security -- the Common Body of Knowledge (CBK) -- is growing so quickly, it requires frequent updates.

Product Details

ISBN-13:
9780849311277
Publisher:
Taylor & Francis
Publication date:
09/26/2001
Edition description:
Older Edition
Pages:
848
Product dimensions:
6.12(w) x 9.25(h) x 1.95(d)

Table of Contents

Introductionxiii
Domain 1Access Control Systems and Methodology1
Section 1.1Access Control Techniques
Chapter 1Biometrics: What Is New?5
Section 1.2Access Control Administration
Chapter 2Privacy in the Healthcare Industry15
Section 1.3Methods of Attack
Chapter 3A New Breed of Hacker Tools and Defenses31
Chapter 4Social Engineering: The Forgotten Risk51
Domain 2Telecommunications and Network Security65
Section 2.1Communications and Network Security
Chapter 5Security and Network Technologies69
Chapter 6Wired and Wireless Physical Layer Security Issues97
Chapter 7Network Router Security109
Section 2.2Internet, Intranet, and Extranet Security
Chapter 8Wireless Internet Security125
Chapter 9VPN Deployment and Evaluation Strategy149
Chapter 10How to Perform a Security Review of a Checkpoint Firewall177
Chapter 11Comparing Firewall Technologies201
Chapter 12The (In)Security of Virtual Private Networks215
Chapter 13E-Mail Security239
Chapter 14Cookies and Web Bugs: What Are They and How Do They Work Together?259
Chapter 15Leveraging Virtual Private Networks273
Chapter 16Wireless LAN Security291
Domain 3Security Management Practices299
Section 3.1Security Awareness and Training
Chapter 17Maintaining Management's Commitment303
Chapter 18Making Security Awareness Happen317
Chapter 19Making Security Awareness Happen: Appendices337
Section 3.2Policies, Standards, Procedures, and Guidelines
Chapter 20Policy Development353
Section 3.3Risk Management
Chapter 21A Matter of Trust385
Chapter 22Risk Management and Analysis407
Chapter 23New Trends in Information Risk Management419
Chapter 24Information Security in the Enterprise431
Chapter 25Managing Enterprise Security Information451
Section 3.4Change Control Management
Chapter 26Configuration Management: Charting the Course for the Organization479
Domain 4Applications and Systems Development Security505
Section 4.1Application Issues
Chapter 27Web Application Security509
Chapter 28The Perfect Security: A New World Order525
Chapter 29Security for XML and Other Metadata Languages539
Chapter 30XML and Information Security551
Section 4.2Databases and Data Warehousing
Chapter 31Digital Signatures in Relational Database Applications563
Chapter 32Security and Privacy for Data Warehouses: Opportunity or Threat577
Domain 5Cryptography603
Section 5.1Private Key Algorithms
Chapter 33A Look at the Advanced Encryption Standard (AES)607
Section 5.2Public Key Infrastructure (PKI)
Chapter 34Preserving Public Key Hierarchy619
Domain 6Security Architecture and Models629
Section 6.1Principles of Computer and Network Organizations, Architectures, and Designs
Chapter 35Reflections on Database Integrity633
Domain 7Operations Security645
Section 7.1Intrusion Detection
Chapter 36Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions649
Section 7.2Auditing
Chapter 37Auditing the Electronic Commerce Environment671
Domain 8Business Continuity Planning and Disaster Recovery Planning697
Section 8.1Business Continuity Planning
Chapter 38Reengineering the Business Continuity Planning Process701
Section 8.2Disaster Recovery Planning
Chapter 39Business Resumption Planning and Disaster Recovery: A Case History719
Domain 9Law, Investigations, and Ethics735
Section 9.1Investigation
Chapter 40What Happened?739
Section 9.2Information Law
Chapter 41Internet Gripe Sites: Bally v. Faber745
Chapter 42State Control of Unsolicited E-Mail: State of Washington v. Heckel751
Domain 10Physical Security757
Section 10.1Threats and Facility Requirements
Chapter 43Physical Security: A Foundation for Information Security761
Chapter 44Physical Security: Controlled Access and Layered Defense775
Index793

Customer Reviews

Average Review:

Post to your social network

     

Most Helpful Customer Reviews

See all customer reviews