Information Security Management Handbook, Fifth Edition: Tipton; Harold F.: 9780849319976: Book: Computers: eCampus.com

Contributors

xxiii

Introduction

xli

Access Control Systems and Methodology

(196)

Access Control Techniques

Enhancing Security through Biometric Technology

(16)

Stephen D. Fried

Biometrics: What's New?

(6)

Judith M. Myerson

Controlling FTP: Providing Secured Data Transfers

(18)

Chris Hare

Access Control Administration

Privacy in the Healthcare Industry

(10)

Kate Borten

The Case for Privacy

(6)

Michael J. Corby

Identification and Authentication Techniques

Biometric Identification

(16)

Donald R. Richards

Single Sign-On for the Enterprise

(20)

Ross A. Leo

Access Control Methodologies and Implementation

Centralized Authentication Services (Radius, Tacacs, Diameter)

(12)

William Stackpole

An Introduction to Secure Remote Access

109

(12)

Christina M. Bird

Methods of Attack

Hacker Tools and Techniques

121

(14)

Ed Skoudis

A New Breed of Hacker Tools and Defenses

135

(12)

Ed Skoudis

Social Engineering: The Forgotten Risk

147

(8)

John Berti

Marcus Rogers

Breaking News: The Latest Hacker Attacks and Defenses

155

(10)

Ed Skoudis

Counter-Economic Espionage

165

(14)

Craig A. Schiller

Monitoring and Penetration Testing

Penetration Testing

179

(12)

Stephen D. Fried

Penetration Testing

191

(6)

Chuck Bianco

Telecommunications, Network, and Internet Security

197

(470)

Communications and Network Security

Understanding SSL

203

(14)

Chris Hare

Packet Sniffers and Network Monitors

217

(18)

James S. Tiller

Bryan D. Fish

Secured Connections to External Networks

235

(14)

Steven F. Blanding

Security and Network Technologies

249

(20)

Chris Hare

Wired and Wireless Physical Layer Security Issues

269

(8)

James Trulove

Network Router Security

277

(10)

Steven F. Blanding

What's Not So Simple about SNMP?

287

(10)

Chris Hare

Network and Telecommunications Media: Security from the Ground Up

297

(14)

Samuel Chun

Security and the Physical Network Layer

311

(8)

Matthew J. Decker

Security of Wireless Local Area Networks

319

(10)

Franjo Majstor

Securing Wireless Networks

329

(10)

Sandeep Dhameja

Wireless Security Mayhem: Restraining the Insanity of Convenience

339

(10)

Mark T. Chapman

Wireless LAN Security Challenge

349

(14)

Frandinata Halim

Gildas Deograt

ISO/OSI Layers and Characteristics

363

(10)

George G. McBride

Internet/Intranet/Extranet

Enclaves: The Enterprise as an Extranet

373

(10)

Bryan T. Koch

IPSec Virtual Private Networks

383

(24)

James S. Tiller

Firewalls: An Effective Solution for Internet Security

407

(6)

E. Eugene Schultz

Internet Security: Securing the Perimeter

413

(10)

Douglas G. Conorich

Extranet Access Control Issues

423

(12)

Christopher King

Application-Layer Security Protocols for Networks

435

(12)

William Stackpole

Application Layer: Next Level of Security

447

(10)

Keith Pasley

Security of Communication Protocols and Services

457

(10)

William Hugh Murray

An Introduction to IPSec

467

(8)

William Stackpole

VPN Deployment and Evaluation Strategy

475

(18)

Keith Pasley

How to Perform a Security Review of a Checkpoint Firewall

493

(20)

Ben Rothke

Comparing Firewall Technologies

513

(10)

Per Thorsheim

The (In) Security of Virtual Private Networks

523

(16)

James S. Tiller

Cookies and Web Bugs

539

(10)

William T. Harding

Anita J. Reed

Robert L. Gray

Leveraging Virtual Private Networks

549

(12)

James S. Tiller

Wireless LAN Security

561

(6)

Mandy Andress

Security for Broadband Internet Access Users

567

(8)

James Trulove

New Perspectives on VPNs

575

(6)

Keith Pasley

An Examination of Firewall Architectures

581

(20)

Paul A. Henry

E-mail Security

Instant Messaging Security Issues

601

(16)

William Hugh Murray

Secure Voice Communications

Voice Security

617

(10)

Chris Hare

Secure Voice Communications (VoI)

627

(12)

Valene Skerpac

Network Attacks and Countermeasures

Packet Sniffers: Use and Misuse

639

(10)

Steve A. Rodgers

ISPs and Denial-of-Service Attacks

649

(18)

K. Narayanaswamy

Information Security Management

667

(406)

Security Management Concepts and Principles

The Human Side of Information Security

663

(14)

Kevin Henry

Security Management

677

(8)

Ken Buszta

Measuring ROI on Security

685

(4)

Carl F. Endorf

Security Patch Management

689

(8)

Jeffrey Davis

Change Control Management

Configuration Management: Charting the Course for the Organization

697

(18)

Mollie E. Krehnke

David C. Krehnke

Data Classification

Information Classification: A Corporate Implementation Guide

715

(12)

Jim Appleyard

Risk Management

A Matter of Trust

727

(14)

Ray Kaplan

Trust Governance in a Web Services World

741

(10)

Daniel D. Houser

Risk Management and Analysis

751

(8)

Kevin Henry

New Trends in Information Risk Management

759

(8)

Brett Regan Young

Information Security in the Enterprise

767

(12)

Duane E. Sharp

Managing Enterprise Security Information

779

(16)

Matunda Nyanchama

Anna Wilson

Risk Analysis and Assessment

795

(26)

Will Ozier

Security Assessment

821

(8)

Sudhanshu Kairab

Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security

829

(16)

Carol A. Siegel

Ty R. Sagalow

Paul Serritella

Employment Policies and Practices

A Progress Report on the CVE Initiative

845

(20)

Robert Martin

Steven Christey

David Baker

Roles and Responsibilities of the Information Systems Security Officer

865

(6)

Carl Burney

Information Protection: Organization, Roles, and Separation of Duties

871

(16)

Rebecca Herold

Organizing for Success: Some Human Resources Issues in Information Security

887

(12)

Jeffrey H. Fenton

James M. Wolfe

Ownership and Custody of Data

899

(8)

William Hugh Murray

Hiring Ex-Criminal Hackers

907

(10)

Ed Skoudis

Risk Management

Information Security Policies from the Ground Up

917

(8)

Brian Shorten

Policy Development

925

(20)

Chris Hare

Toward Enforcing Security Policy: Encouraging Personal Accountability for Corporate Information Security Policy

945

(8)

John O. Wylder

The Common Criteria for IT Security Evaluation

953

(16)

Debra S. Herrmann

A Look at the Common Criteria

969

(10)

Ben Rothke

The Security Policy Life Cycle: Functions and Responsibilities

979

(10)

Patrick D. Howard

Security Awareness Training

Maintaining Management's Commitment

989

(10)

William Tompkins

Making Security Awareness Happen

999

(12)

Susan D. Hansche

Making Security Awareness Happen: Appendices

1011

(12)

Susan D. Hansche

Security Management Planning

Maintaining Information Security during Downsizing

1023

(6)

Thomas J. Bray

The Business Case for Information Security: Selling Management on the Protection of Vital Secrets and Products

1029

(6)

Sanford Sherizen

How to Work with a Managed Security Service Provider

1035

(12)

Laurie Hill McQuillan

Considerations for Outsourcing Security

1047

(14)

Michael J. Corby

Outsourcing Security

1061

(12)

James S. Tiller

Application Program Security

1073

(222)

Application Issues

Security Models for Object-Oriented Databases

1077

(6)

James Cannady

Web Application Security

1083

(10)

Mandy Andress

Security for XML and Other Metadata Languages

1093

(8)

William Hugh Murray

XML and Information Security

1101

(8)

Samuel C. McClintock

Application Security

1109

(6)

Walter S. Kobus, Jr.

Covert Channels

1115

(8)

Anton Chuvakin

Security as a Value Enhancer in Application Systems Development

1123

(16)

Lowell Bruce McCulley

Open Source versus Closed Source

1139

(18)

Ed Skoudis

Databases and Data Warehousing

Reflections on Database Integrity

1157

(8)

William Hugh Murray

Digital Signatures in Relational Database Applications

1165

(10)

Mike R. Prevost

Security and Privacy for Data Warehouses: Opportunity or Threat?

1175

(18)

David Bonewell

Karen Gibbs

Adriaan Veldhuisen

Systems Development Controls

Enterprise Security Architecture

1193

(12)

William Hugh Murray

Certification and Accreditation Methodology

1205

(16)

Mollie E. Krehnke

David C. Krehnke

System Development Security Methodology

1221

(14)

Ian Lim

Ioana V. Carastan

A Security-Oriented Extension of the Object Model for the Development of an Information System

1235

(16)

Sureerut Inmor

Vatcharaporn Esichaikul

Dencho N. Batanov

Malicious Code

A Look at Java Security

1251

(6)

Ben Rothke

Malware and Computer Viruses

1257

(30)

Robert M. Slade

Methods of Attack

Methods of Auditing Applications

1287

(8)

David C. Rice

Graham Bucholz

Cryptography

1295

(170)

Use of Cryptography

Three New Models for the Application of Cryptography

1299

(10)

Jay Heiser

Auditing Cryptography: Assessing System Security

1309

(4)

Steve Stanek

Cryptographic Concepts, Methodologies, and Practices

Message Authentication

1313

(14)

James S. Tiller

Steganography: The Art of Hiding Messages

1327

(6)

Mark Edmead

An Introduction to Cryptography

1333

(16)

Javek Ikbel

Hash Algorithms: From Message Digests to Signatures

1349

(8)

Keith Pasley

A Look at the Advanced Encryption Standard (AES)

1357

(8)

Ben Rothke

Private Key Algorithms

Principles and Applications of Cryptographic Key Management

1365

(14)

William Hugh Murray

Public Key Infrastructure (PKI)

Preserving Public Key Hierarchy

1379

(6)

Geoffrey C. Grabow

PKI Registration

1385

(12)

Alex Golod

System Architecture for Implementing Cryptographic Functions

Implementing Kerberos in Distributed Systems

1397

(50)

Joe Kovara

Ray Kaplan

Methods of Attack

Methods of Attacking and Defending Cryptosystems

1447

(18)

Joost Houwen

Enterprise Security Architecture

1465

(90)

Principles of Computer and Network Organizations, Architectures, and Designs

Security Infrastructure: Basics of Intrusion Detection Systems

1465

(10)

Ken M. Shaurette

Firewalls, 10 Percent of the Solution: A Security Architecture Primer

1475

(14)

Chris Hare

The Reality of Virtual Computing

1489

(18)

Chris Hare

Overcoming Wireless LAN Security Vulnerabilities

1507

(6)

Gilbert Held

Principles of Security Models, Architectures and Evaluation Criteria

Formulating an Enterprise Information Security Architecture

1513

(18)

Mollie Krehnke

David Krehnke

Security Architecture and Models

1531

(16)

Foster J. Henderson

Kellina M. Craig-Henderson

Common Flaws and Security Issues --- System Architecture and Design

Common System Design Flaws and Security Issues

1547

(8)

William Hugh Murray

Operations Security

1555

(86)

Concepts

Operations: The Center of Support and Control

1559

(6)

Kevin Henry

Why Today's Security Technologies Are So Inadequate: History, Implications, and New Approaches

1565

(4)

Steven Hofmeyr

Resource Protection Requirements

Physical Access Control

1569

(16)

Dan M. Bowers

Auditing

Auditing the Electronic Commerce Environment

1585

(16)

Chris Hare

Intrusion Detection

Improving Network-Level Security through Real-Time Monitoring and Intrusion Detection

1601

(18)

Chris Hare

Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions

1619

(14)

Bryan D. Fish

Operations Controls

Directory Security

1633

(8)

Ken Buszta

Business Continuity Planning

1641

(84)

Business Continuity Planning

Reengineering the Business Continuity Planning Process

1645

(12)

Carl B. Jackson

The Changing Face of Continuity Planning

1657

(10)

Carl B. Jackson

The Role of Continuity Planning in the Enterprise Risk Management Structure

1667

(12)

Carl B. Jackson

Disaster Recovery Planning

Restoration Component of Business Continuity Planning

1679

(10)

John Dorf

Martin Johnson

Business Resumption Planning and Disaster Recovery: A Case History

1689

(10)

Kevin Henry

Business Continuity Planning: A Collaborative Approach

1699

(10)

Kevin Henry

Elements of Business Continuity Planning

The Business Impact Assessment Process

1709

(16)

Carl B. Jackson

Law, Investigation, and Ethics

1725

(196)

Information Law

Jurisdictional Issues in Global Transmissions

1729

(8)

Ralph Spencer Poore

Liability for Lax Computer Security in DDoS Attacks

1737

(6)

Dorsey Morrow

The Final HIPAA Security Rule Is Here! Now What?

1743

(16)

Todd Fitzgerald

HIPAA 201: A Framework Approach to HIPAA Security Readiness

1759

(12)

David MacLeod

Brian Geffert

David Deckter

Investigations

Computer Crime Investigations: Managing a Process without Any Golden Rules

1771

(14)

George Wade

Computer Crime Investigation and Computer Forensics

1785

(28)

Thomas Welch

Operational Forensics

1813

(6)

Michael J. Corby

What Happened

1819

(4)

Kelly J. Kuchta

Major Categories of Computer Crime

The International Dimensions of Cybercrime

1823

(18)

Ed Gabrys

Incident Handling

Honeypot Essentials

1841

(6)

Anton Chuvakin

CIRT: Responding to Attack

1847

(14)

Chris Hare

Incident Response Management

1861

(10)

Alan B. Sterneckert

Managing the Response to a Computer Security Incident

1871

(10)

Michael Vangelos

Cyber Crime: Response, Investigation, and Prosecution

1881

(6)

Thomas Akin

Incident Response Exercises

1887

(10)

Ken M. Shaurette

Thomas J. Schleppenbach

Software Forensics

1897

(14)

Robert M. Slade

Ethics

Ethics and the Internet

1911

(10)

Micki Krause

Physical Security

1921

(76)

Facility Requirements

Physical Security: A Foundation for Information Security

1925

(10)

Christopher Steinke

Physical Security: Controlled Access and Layered Defense

1935

(12)

Bruce R. Mathews

Computing Facility Physical Security

1947

(10)

Alan Brusewitz

Closed Circuit Television and Video Surveillance

1957

(8)

David Litzau

Technical Controls

Types of Information Security Controls

1965

(10)

Harold F. Tipton

Environment and Life Safety

Physical Security: The Threat after September 11th

1975

(22)

Jaymes Williams

Index

1997


	Buy Textbooks Sell Textbooks College Apparel Shop by School Virtual Bookstores	Order Status Shipping Rates Return Policy Marketplace Info F.A.S.T.	Contact Us Privacy Policy Legal Notices Site Security Employment	Help Desk eCampus Blog Affiliate Program Bulk Orders College Marketing

Need Help? eService@ecampus.com Copyright© 1999-2008
.