Authors: Harold F. Tipton, Micki Krause, Micki Krause, Micki Krause
ISBN-13: 9781420067088, ISBN-10: 1420067087
Format: Hardcover
Publisher: Taylor & Francis, Inc.
Date Published: March 2008
Edition: 6th Edition
A compilation of the fundamental knowledge, skills, techniques, and tools require by all security professionals, Information Security Handbook, Sixth Edition sets the standard on which all IT security programs and certifications are based. Considered the gold-standard reference of Information Security, Volume 2 includes coverage of each domain of the Common Body of Knowledge, the standard of knowledge required by IT security professionals worldwide. In step with the lightening-quick, increasingly fast pace of change in the technology field, this book is updated annually, keeping IT professionals updated and current in their field and on the job.
Introduction | ||
Domain 1 | Access Control Systems and Methodology | 1 |
Ch. 1 | Biometrics: What Is New? | 5 |
Ch. 2 | Privacy in the Healthcare Industry | 15 |
Ch. 3 | A New Breed of Hacker Tools and Defenses | 31 |
Ch. 4 | Social Engineering: The Forgotten Risk | 51 |
Domain 2 | Telecommunications and Network Security | 65 |
Ch. 5 | Security and Network Technologies | 69 |
Ch. 6 | Wired and Wireless Physical Layer Security Issues | 97 |
Ch. 7 | Network Router Security | 109 |
Ch. 8 | Wireless Internet Security | 125 |
Ch. 9 | VPN Deployment and Evaluation Strategy | 149 |
Ch. 10 | How to Perform a Security Review of a Checkpoint Firewall | 177 |
Ch. 11 | Comparing Firewall Technologies | 201 |
Ch. 12 | The (In)Security of Virtual Private Networks | 215 |
Ch. 13 | E-Mail Security | 239 |
Ch. 14 | Cookies and Web Bugs: What Are They and How Do They Work Together? | 259 |
Ch. 15 | Leveraging Virtual Private Networks | 273 |
Ch. 16 | Wireless LAN Security | 291 |
Domain 3 | Security Management Practices | 299 |
Ch. 17 | Maintaining Management's Commitment | 303 |
Ch. 18 | Making Security Awareness Happen | 317 |
Ch. 19 | Making Security Awareness Happen: Appendices | 337 |
Ch. 20 | Policy Development | 353 |
Ch. 21 | A Matter of Trust | 385 |
Ch. 22 | Risk Management and Analysis | 407 |
Ch. 23 | New Trends in Information Risk Management | 419 |
Ch. 24 | Information Security in the Enterprise | 431 |
Ch. 25 | Managing Enterprise Security Information | 451 |
Ch. 26 | Configuration Management: Charting the Course for the Organization | 479 |
Domain 4 | Applications and Systems Development Security | 505 |
Ch. 27 | Web Application Security | 509 |
Ch. 28 | The Perfect Security: A New World Order | 525 |
Ch. 29 | Security for XML and Other Metadata Languages | 539 |
Ch. 30 | XML and Information Security | 551 |
Ch. 31 | Digital Signatures in Relational Database Applications | 563 |
Ch. 32 | Security and Privacy for Data Warehouses: Opportunity or Threat | 577 |
Domain 5 | Cryptography | 603 |
Ch. 33 | A Look at the Advanced Encryption Standard (AES) | 607 |
Ch. 34 | Preserving Public Key Hierarchy | 619 |
Domain 6 | Security Architecture and Models | 629 |
Ch. 35 | Reflections on Database Integrity | 633 |
Domain 7 | Operations Security | 645 |
Ch. 36 | Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions | 649 |
Ch. 37 | Auditing the Electronic Commerce Environment | 671 |
Domain 8 | Business Continuity Planning and Disaster Recovery Planning | 697 |
Ch. 38 | Reengineering the Business Continuity Planning Process | 701 |
Ch. 39 | Business Resumption Planning and Disaster Recovery: A Case History | 719 |
Domain 9 | Law, Investigations, and Ethics | 735 |
Ch. 40 | What Happened? | 739 |
Ch. 41 | Internet Gripe Sites: Bally v. Faber | 745 |
Ch. 42 | State Control of Unsolicited E-Mail: State of Washington v. Heckel | 751 |
Domain 10 | Physical Security | 757 |
Ch. 43 | Physical Security: A Foundation for Information Security | 761 |
Ch. 44 | Physical Security: Controlled Access and Layered Defense | 775 |
Index | 793 |