Information Security Management Handbook, Volume 4, Volume 4Harold F. Tipton CRC Press, 26/12/2002 - 1016 páginas The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion |
Índice
Chapter 1 It Is All about Control | 3 |
Providing Secured Data Transfers | 21 |
Chapter 3 The Case for Privacy | 43 |
The Latest Hacker Attacks and Defenses | 51 |
Chapter 5 CounterEconomic Espionage | 67 |
Domain 2 Telecommunications and Network Security | 89 |
Chapter 6 Whats Not So Simple about SNMP? | 93 |
Chapter 7 Security for Broadband Internet Access Users | 107 |
Chapter 31 A Framework for Certification Testing | 509 |
The Threat Detection and Protection | 541 |
Chapter 33 Malware and Computer Viruses | 565 |
Cryptography | 617 |
The Art of Hiding Messages | 619 |
Chapter 35 An Introduction to Cryptography | 627 |
From Message Digests to Signatures | 653 |
Chapter 37 PKI Registration | 665 |
Chapter 8 New Perspectives on VPNs | 119 |
Chapter 9 An Examination of Firewall Architectures | 129 |
A Case Study | 155 |
Chapter 11 Overcoming Wireless LAN Security Vulnerabilities | 167 |
Chapter 12 Voice Security | 175 |
Chapter 13 Secure Voice Communications Vol | 191 |
Use and Misuse | 211 |
Chapter 15 ISPs and DenialofService Attacks | 225 |
Domain 3 Security Management Practices | 237 |
Chapter 16 The Human Side of Information Security | 239 |
Chapter 17 Security Management | 263 |
Chapter 18 The Common Criteria for IT Security Evaluation | 275 |
Functions and Responsibilities | 297 |
Chapter 20 Security Assessment | 313 |
The Challenges of Balancing Risk Cost and Frequency of Evaluating Safeguards | 325 |
Technical and Insurance Controls for EnterpriseLevel Security | 341 |
Chapter 23 How to Work with a Managed Security Service Provider | 365 |
Chapter 24 Considerations for Outsourcing Security | 383 |
Chapter 25 Role and Resonsibilities of the Information Systems Security Officer | 405 |
Organization Roles and Separation of Duties | 415 |
Some Human Resources Issues in Information Security | 441 |
Chapter 28 Ownership and Custody of Data | 461 |
Application Program Security | 473 |
Chapter 29 Application Security | 475 |
Chapter 30 Certification and Acrreditation Methodology | 485 |
Domain 6 Computer System and Security Architecture | 681 |
Basics of Intrusion Detection Systems | 683 |
A Security Architecture Primer | 699 |
Chapter 40 The Reality of Virtual Computing | 719 |
Operations Security | 745 |
Chapter 41 Directory Security | 747 |
Business Continuity Planning | 759 |
Chapter 42 The Changing Face of Continuity Planning | 761 |
A Collaborative Approach | 775 |
Law Investigation and Ethics | 789 |
Chapter 44 Liability for Lax Computer Security in DDoS Attacks | 791 |
A Framework Approach to HIPAA Security Readiness | 799 |
A Look at the Council of Europes CyberCrime Convention and the Need for an International Regime to Fight CyberCrime | 815 |
Chapter 47 Reporting Security Breaches | 841 |
Chapter 48 Incident Response Management | 855 |
Chapter 49 Managing the Response to a Computer Security Incident | 873 |
Response Investigation and Prosecution | 889 |
Physical Security | 899 |
Chapter 51 Computing Facility Physical Security | 901 |
Chapter 52 ClosedCircuit Television and Video Surveillance | 915 |
The Threat after September 11 | 927 |
959 | |
Back cover | 1001 |
Palavras e frases frequentes
activity addition administrator allow application appropriate areas assessment assets associated attack audit authentication authorized called certification chapter CISSP configuration connection considered continuity controls cost create critical defined detection determine devices document e-mail effective employees encryption ensure enterprise environment established evaluation event example executive Exhibit existing firewall functions identify implementation important incident infected information security infrastructure integrity internal Internet issues limited logs measures ment methods monitoring objectives operations organization packet password perform person physical possible practices prevent problem procedures protection protocol referred requirements response result risk server specific standards technical threats tion traffic vendor virus viruses vulnerabilities worm
Referências a este livro
Information Security Fundamentals John A. Blackley,Thomas R. Peltier,Justin Peltier Pré-visualização limitada - 2004 |
Security of Information and Networks: Proceedings of the First International ... Atilla Eli,S. Berna Ors,Bart Preneel Pré-visualização limitada - 2008 |