rent-now

Rent More, Save More! Use code: ECRENTAL

5% off 1 book, 7% off 2 books, 10% off 3+ books

9780849319976

Information Security Management Handbook, Fifth Edition

by Tipton; Harold F.
  • ISBN13:

    9780849319976

  • ISBN10:

    0849319978

  • Edition: 5th
  • Format: Hardcover
  • Copyright: 2003-12-30
  • Publisher: Auerbach Pub
  • View Upgraded Edition
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $164.95

Summary

Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Now completely revised and updated and in its fifth edition, the handbook maps the ten domains of the Information Security Common Body of Knowledge and provides a complete understanding of all the items in it. This is a must have book, both for preparing for the CISSP exam and as a comprehensive, up-to-date reference.

Table of Contents

Contributors xxiii
Introduction xli
Access Control Systems and Methodology
1(196)
Access Control Techniques
Enhancing Security through Biometric Technology
5(16)
Stephen D. Fried
Biometrics: What's New?
21(6)
Judith M. Myerson
Controlling FTP: Providing Secured Data Transfers
27(18)
Chris Hare
Access Control Administration
Privacy in the Healthcare Industry
45(10)
Kate Borten
The Case for Privacy
55(6)
Michael J. Corby
Identification and Authentication Techniques
Biometric Identification
61(16)
Donald R. Richards
Single Sign-On for the Enterprise
77(20)
Ross A. Leo
Access Control Methodologies and Implementation
Centralized Authentication Services (Radius, Tacacs, Diameter)
97(12)
William Stackpole
An Introduction to Secure Remote Access
109(12)
Christina M. Bird
Methods of Attack
Hacker Tools and Techniques
121(14)
Ed Skoudis
A New Breed of Hacker Tools and Defenses
135(12)
Ed Skoudis
Social Engineering: The Forgotten Risk
147(8)
John Berti
Marcus Rogers
Breaking News: The Latest Hacker Attacks and Defenses
155(10)
Ed Skoudis
Counter-Economic Espionage
165(14)
Craig A. Schiller
Monitoring and Penetration Testing
Penetration Testing
179(12)
Stephen D. Fried
Penetration Testing
191(6)
Chuck Bianco
Telecommunications, Network, and Internet Security
197(470)
Communications and Network Security
Understanding SSL
203(14)
Chris Hare
Packet Sniffers and Network Monitors
217(18)
James S. Tiller
Bryan D. Fish
Secured Connections to External Networks
235(14)
Steven F. Blanding
Security and Network Technologies
249(20)
Chris Hare
Wired and Wireless Physical Layer Security Issues
269(8)
James Trulove
Network Router Security
277(10)
Steven F. Blanding
What's Not So Simple about SNMP?
287(10)
Chris Hare
Network and Telecommunications Media: Security from the Ground Up
297(14)
Samuel Chun
Security and the Physical Network Layer
311(8)
Matthew J. Decker
Security of Wireless Local Area Networks
319(10)
Franjo Majstor
Securing Wireless Networks
329(10)
Sandeep Dhameja
Wireless Security Mayhem: Restraining the Insanity of Convenience
339(10)
Mark T. Chapman
Wireless LAN Security Challenge
349(14)
Frandinata Halim
Gildas Deograt
ISO/OSI Layers and Characteristics
363(10)
George G. McBride
Internet/Intranet/Extranet
Enclaves: The Enterprise as an Extranet
373(10)
Bryan T. Koch
IPSec Virtual Private Networks
383(24)
James S. Tiller
Firewalls: An Effective Solution for Internet Security
407(6)
E. Eugene Schultz
Internet Security: Securing the Perimeter
413(10)
Douglas G. Conorich
Extranet Access Control Issues
423(12)
Christopher King
Application-Layer Security Protocols for Networks
435(12)
William Stackpole
Application Layer: Next Level of Security
447(10)
Keith Pasley
Security of Communication Protocols and Services
457(10)
William Hugh Murray
An Introduction to IPSec
467(8)
William Stackpole
VPN Deployment and Evaluation Strategy
475(18)
Keith Pasley
How to Perform a Security Review of a Checkpoint Firewall
493(20)
Ben Rothke
Comparing Firewall Technologies
513(10)
Per Thorsheim
The (In) Security of Virtual Private Networks
523(16)
James S. Tiller
Cookies and Web Bugs
539(10)
William T. Harding
Anita J. Reed
Robert L. Gray
Leveraging Virtual Private Networks
549(12)
James S. Tiller
Wireless LAN Security
561(6)
Mandy Andress
Security for Broadband Internet Access Users
567(8)
James Trulove
New Perspectives on VPNs
575(6)
Keith Pasley
An Examination of Firewall Architectures
581(20)
Paul A. Henry
E-mail Security
Instant Messaging Security Issues
601(16)
William Hugh Murray
Secure Voice Communications
Voice Security
617(10)
Chris Hare
Secure Voice Communications (VoI)
627(12)
Valene Skerpac
Network Attacks and Countermeasures
Packet Sniffers: Use and Misuse
639(10)
Steve A. Rodgers
ISPs and Denial-of-Service Attacks
649(18)
K. Narayanaswamy
Information Security Management
667(406)
Security Management Concepts and Principles
The Human Side of Information Security
663(14)
Kevin Henry
Security Management
677(8)
Ken Buszta
Measuring ROI on Security
685(4)
Carl F. Endorf
Security Patch Management
689(8)
Jeffrey Davis
Change Control Management
Configuration Management: Charting the Course for the Organization
697(18)
Mollie E. Krehnke
David C. Krehnke
Data Classification
Information Classification: A Corporate Implementation Guide
715(12)
Jim Appleyard
Risk Management
A Matter of Trust
727(14)
Ray Kaplan
Trust Governance in a Web Services World
741(10)
Daniel D. Houser
Risk Management and Analysis
751(8)
Kevin Henry
New Trends in Information Risk Management
759(8)
Brett Regan Young
Information Security in the Enterprise
767(12)
Duane E. Sharp
Managing Enterprise Security Information
779(16)
Matunda Nyanchama
Anna Wilson
Risk Analysis and Assessment
795(26)
Will Ozier
Security Assessment
821(8)
Sudhanshu Kairab
Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security
829(16)
Carol A. Siegel
Ty R. Sagalow
Paul Serritella
Employment Policies and Practices
A Progress Report on the CVE Initiative
845(20)
Robert Martin
Steven Christey
David Baker
Roles and Responsibilities of the Information Systems Security Officer
865(6)
Carl Burney
Information Protection: Organization, Roles, and Separation of Duties
871(16)
Rebecca Herold
Organizing for Success: Some Human Resources Issues in Information Security
887(12)
Jeffrey H. Fenton
James M. Wolfe
Ownership and Custody of Data
899(8)
William Hugh Murray
Hiring Ex-Criminal Hackers
907(10)
Ed Skoudis
Risk Management
Information Security Policies from the Ground Up
917(8)
Brian Shorten
Policy Development
925(20)
Chris Hare
Toward Enforcing Security Policy: Encouraging Personal Accountability for Corporate Information Security Policy
945(8)
John O. Wylder
The Common Criteria for IT Security Evaluation
953(16)
Debra S. Herrmann
A Look at the Common Criteria
969(10)
Ben Rothke
The Security Policy Life Cycle: Functions and Responsibilities
979(10)
Patrick D. Howard
Security Awareness Training
Maintaining Management's Commitment
989(10)
William Tompkins
Making Security Awareness Happen
999(12)
Susan D. Hansche
Making Security Awareness Happen: Appendices
1011(12)
Susan D. Hansche
Security Management Planning
Maintaining Information Security during Downsizing
1023(6)
Thomas J. Bray
The Business Case for Information Security: Selling Management on the Protection of Vital Secrets and Products
1029(6)
Sanford Sherizen
How to Work with a Managed Security Service Provider
1035(12)
Laurie Hill McQuillan
Considerations for Outsourcing Security
1047(14)
Michael J. Corby
Outsourcing Security
1061(12)
James S. Tiller
Application Program Security
1073(222)
Application Issues
Security Models for Object-Oriented Databases
1077(6)
James Cannady
Web Application Security
1083(10)
Mandy Andress
Security for XML and Other Metadata Languages
1093(8)
William Hugh Murray
XML and Information Security
1101(8)
Samuel C. McClintock
Application Security
1109(6)
Walter S. Kobus, Jr.
Covert Channels
1115(8)
Anton Chuvakin
Security as a Value Enhancer in Application Systems Development
1123(16)
Lowell Bruce McCulley
Open Source versus Closed Source
1139(18)
Ed Skoudis
Databases and Data Warehousing
Reflections on Database Integrity
1157(8)
William Hugh Murray
Digital Signatures in Relational Database Applications
1165(10)
Mike R. Prevost
Security and Privacy for Data Warehouses: Opportunity or Threat?
1175(18)
David Bonewell
Karen Gibbs
Adriaan Veldhuisen
Systems Development Controls
Enterprise Security Architecture
1193(12)
William Hugh Murray
Certification and Accreditation Methodology
1205(16)
Mollie E. Krehnke
David C. Krehnke
System Development Security Methodology
1221(14)
Ian Lim
Ioana V. Carastan
A Security-Oriented Extension of the Object Model for the Development of an Information System
1235(16)
Sureerut Inmor
Vatcharaporn Esichaikul
Dencho N. Batanov
Malicious Code
A Look at Java Security
1251(6)
Ben Rothke
Malware and Computer Viruses
1257(30)
Robert M. Slade
Methods of Attack
Methods of Auditing Applications
1287(8)
David C. Rice
Graham Bucholz
Cryptography
1295(170)
Use of Cryptography
Three New Models for the Application of Cryptography
1299(10)
Jay Heiser
Auditing Cryptography: Assessing System Security
1309(4)
Steve Stanek
Cryptographic Concepts, Methodologies, and Practices
Message Authentication
1313(14)
James S. Tiller
Steganography: The Art of Hiding Messages
1327(6)
Mark Edmead
An Introduction to Cryptography
1333(16)
Javek Ikbel
Hash Algorithms: From Message Digests to Signatures
1349(8)
Keith Pasley
A Look at the Advanced Encryption Standard (AES)
1357(8)
Ben Rothke
Private Key Algorithms
Principles and Applications of Cryptographic Key Management
1365(14)
William Hugh Murray
Public Key Infrastructure (PKI)
Preserving Public Key Hierarchy
1379(6)
Geoffrey C. Grabow
PKI Registration
1385(12)
Alex Golod
System Architecture for Implementing Cryptographic Functions
Implementing Kerberos in Distributed Systems
1397(50)
Joe Kovara
Ray Kaplan
Methods of Attack
Methods of Attacking and Defending Cryptosystems
1447(18)
Joost Houwen
Enterprise Security Architecture
1465(90)
Principles of Computer and Network Organizations, Architectures, and Designs
Security Infrastructure: Basics of Intrusion Detection Systems
1465(10)
Ken M. Shaurette
Firewalls, 10 Percent of the Solution: A Security Architecture Primer
1475(14)
Chris Hare
The Reality of Virtual Computing
1489(18)
Chris Hare
Overcoming Wireless LAN Security Vulnerabilities
1507(6)
Gilbert Held
Principles of Security Models, Architectures and Evaluation Criteria
Formulating an Enterprise Information Security Architecture
1513(18)
Mollie Krehnke
David Krehnke
Security Architecture and Models
1531(16)
Foster J. Henderson
Kellina M. Craig-Henderson
Common Flaws and Security Issues --- System Architecture and Design
Common System Design Flaws and Security Issues
1547(8)
William Hugh Murray
Operations Security
1555(86)
Concepts
Operations: The Center of Support and Control
1559(6)
Kevin Henry
Why Today's Security Technologies Are So Inadequate: History, Implications, and New Approaches
1565(4)
Steven Hofmeyr
Resource Protection Requirements
Physical Access Control
1569(16)
Dan M. Bowers
Auditing
Auditing the Electronic Commerce Environment
1585(16)
Chris Hare
Intrusion Detection
Improving Network-Level Security through Real-Time Monitoring and Intrusion Detection
1601(18)
Chris Hare
Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions
1619(14)
Bryan D. Fish
Operations Controls
Directory Security
1633(8)
Ken Buszta
Business Continuity Planning
1641(84)
Business Continuity Planning
Reengineering the Business Continuity Planning Process
1645(12)
Carl B. Jackson
The Changing Face of Continuity Planning
1657(10)
Carl B. Jackson
The Role of Continuity Planning in the Enterprise Risk Management Structure
1667(12)
Carl B. Jackson
Disaster Recovery Planning
Restoration Component of Business Continuity Planning
1679(10)
John Dorf
Martin Johnson
Business Resumption Planning and Disaster Recovery: A Case History
1689(10)
Kevin Henry
Business Continuity Planning: A Collaborative Approach
1699(10)
Kevin Henry
Elements of Business Continuity Planning
The Business Impact Assessment Process
1709(16)
Carl B. Jackson
Law, Investigation, and Ethics
1725(196)
Information Law
Jurisdictional Issues in Global Transmissions
1729(8)
Ralph Spencer Poore
Liability for Lax Computer Security in DDoS Attacks
1737(6)
Dorsey Morrow
The Final HIPAA Security Rule Is Here! Now What?
1743(16)
Todd Fitzgerald
HIPAA 201: A Framework Approach to HIPAA Security Readiness
1759(12)
David MacLeod
Brian Geffert
David Deckter
Investigations
Computer Crime Investigations: Managing a Process without Any Golden Rules
1771(14)
George Wade
Computer Crime Investigation and Computer Forensics
1785(28)
Thomas Welch
Operational Forensics
1813(6)
Michael J. Corby
What Happened
1819(4)
Kelly J. Kuchta
Major Categories of Computer Crime
The International Dimensions of Cybercrime
1823(18)
Ed Gabrys
Incident Handling
Honeypot Essentials
1841(6)
Anton Chuvakin
CIRT: Responding to Attack
1847(14)
Chris Hare
Incident Response Management
1861(10)
Alan B. Sterneckert
Managing the Response to a Computer Security Incident
1871(10)
Michael Vangelos
Cyber Crime: Response, Investigation, and Prosecution
1881(6)
Thomas Akin
Incident Response Exercises
1887(10)
Ken M. Shaurette
Thomas J. Schleppenbach
Software Forensics
1897(14)
Robert M. Slade
Ethics
Ethics and the Internet
1911(10)
Micki Krause
Physical Security
1921(76)
Facility Requirements
Physical Security: A Foundation for Information Security
1925(10)
Christopher Steinke
Physical Security: Controlled Access and Layered Defense
1935(12)
Bruce R. Mathews
Computing Facility Physical Security
1947(10)
Alan Brusewitz
Closed Circuit Television and Video Surveillance
1957(8)
David Litzau
Technical Controls
Types of Information Security Controls
1965(10)
Harold F. Tipton
Environment and Life Safety
Physical Security: The Threat after September 11th
1975(22)
Jaymes Williams
Index 1997

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program