ABSTRACT

Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the C

chapter 1|6 pages

Bits to Bytes to Boardroom

chapter 2|20 pages

Information Security Governance

chapter 3|10 pages

Corporate Governance

chapter 4|6 pages

IT Governance Institute (ITGI) Overview

chapter 8|6 pages

Information Security Governance

chapter 11|10 pages

Validating Your Business Partners

chapter 12|6 pages

Measuring ROI on Security

chapter 13|16 pages

The Human Side of Information Security

chapter 14|10 pages

Security Management

chapter 15|14 pages

It Is All about Control

chapter 17|16 pages

Security Patch Management: The Process

chapter 20|10 pages

Ownership and Custody of Data

chapter 21|8 pages

Information Security Risk Assessment

chapter 23|10 pages

Enterprise Security Management Program

chapter 26|16 pages

A Matter of Trust

chapter 27|10 pages

Trust Governance in a Web Services World

chapter 28|10 pages

Risk Management and Analysis

chapter 29|8 pages

New Trends in Information Risk Management

chapter 31|12 pages

Committee of Sponsoring Organizations (COSO)

chapter 35|14 pages

Building an Effective Privacy Program

chapter 41|24 pages

Policy Development

chapter 44|10 pages

Maintaining Management's Commitment

chapter 45|14 pages

Making Security Awareness Happen

chapter 48|12 pages

Make Security Part of Your Company's DNA

chapter 54|16 pages

Considerations for Outsourcing Security

chapter 55|14 pages

The Ethical and Legal Concerns of Spyware

chapter 56|12 pages

Ethics and the Internet

chapter 57|12 pages

Computer Ethics

chapter |4 pages

Domain II: Access Control

chapter 58|6 pages

A Look at RFID Security

chapter 60|12 pages

Sensitive or Critical Data Access Controls

chapter 61|14 pages

An Introduction to Role-Based Access Control

chapter 62|10 pages

Smart Cards

chapter 63|10 pages

A Guide to Evaluating Tokens

chapter 66|20 pages

Identity Management: Benefits and Challenges

chapter 67|26 pages

Blended Treat Analysis: Passwords and Policy

chapter 69|22 pages

Single Sign-On for the Enterprise

chapter 71|12 pages

An Introduction to Secure Remote Access

chapter 72|16 pages

Hacker Tools and Techniques

chapter 73|14 pages

A New Breed of Hacker Tools and Defenses

chapter 74|12 pages

Hacker Attacks and Defenses

chapter 75|16 pages

Counter-Economic Espionage

chapter 76|12 pages

Insight into Intrusion Prevention Systems

chapter 77|14 pages

Penetration Testing

chapter |4 pages

Domain III Cryptography

chapter 79|10 pages

Cryptographic Transitions

chapter 81|14 pages

An Overview of Quantum Cryptography

chapter 83|12 pages

Cryptographic Key Management Concepts

chapter 84|16 pages

Message Authentication

chapter 85|20 pages

Fundamentals of Cryptography and Encryption

chapter 86|6 pages

Steganography: The Art of Hiding Messages

chapter 87|20 pages

An Introduction to Cryptography

chapter 91|8 pages

Preserving Public Key Hierarchy

chapter 92|14 pages

PKI Registration

chapter 93|58 pages

Implementing Kerberos in Distributed Systems

chapter 95|14 pages

Perimeter Security

chapter 100|10 pages

Computing Facility Physical Security

chapter 102|10 pages

Types of Information Security Controls

chapter 105|6 pages

Enterprise Assurance: A Framework Explored

chapter 106|10 pages

Creating a Secure Architecture

chapter 108|20 pages

The Reality of Virtual Computing

chapter 110|18 pages

Security Architecture and Models

chapter 115|8 pages

Identifying Critical Business Functions

chapter 120|10 pages

Contingency at a Glance

chapter 126|18 pages

The Business Impact Assessment Process

chapter 130|8 pages

PBX Firewalls: Closing the Back Door

chapter 131|12 pages

Network Security Overview

chapter 132|10 pages

Putting Security in the Transport: TLS

chapter 133|16 pages

WLAN Security Update

chapter 134|14 pages

Understanding SSL

chapter 135|20 pages

Packet Sniffers and Network Monitors

chapter 136|16 pages

Secured Connections to External Networks

chapter 137|20 pages

Security and Network Technologies

chapter 139|12 pages

Network Router Security

chapter 140|12 pages

What's Not So Simple about SNMP?

chapter 142|8 pages

Security and the Physical Network Layer

chapter 143|14 pages

Wireless LAN Security Challenge

chapter 145|12 pages

VoIP Security Issues

chapter 146|56 pages

An Examination of Firewall Architectures

chapter 147|10 pages

Voice over WLAN

chapter 148|6 pages

Spam Wars: How To Deal with Junk E-Mail

chapter 149|12 pages

Secure Web Services: Holes and Fillers

chapter 150|26 pages

IPSec Virtual Private Networks

chapter 151|10 pages

Internet Security: Securing the Perimeter

chapter 153|10 pages

Application Layer: Next Level of Security

chapter 155|10 pages

An Introduction to IPSec

chapter 156|20 pages

VPN Deployment and Evaluation Strategy

chapter 157|10 pages

Comparing Firewall Technologies

chapter 159|8 pages

Security for Broadband Internet Access Users

chapter 160|18 pages

Instant Messaging Security Issues

chapter 161|12 pages

Voice Security

chapter 162|14 pages

Secure Voice Communications (VoI)

chapter 163|8 pages

Deep Packet Inspection Technologies

chapter 166|4 pages

Insecurity by Proxy

chapter 167|10 pages

Wireless Security

chapter 168|10 pages

Packet Sniffers: Use and Misuse

chapter 169|10 pages

ISPs and Denial-of-Service Attacks

chapter |4 pages

Domain VIII: Application Security

chapter 171|12 pages

Stack-Based Buffer Overflows

chapter 172|10 pages

Web Application Security

chapter 174|8 pages

XML and Information Security

chapter 175|8 pages

Application Security

chapter 176|8 pages

Covert Channels

chapter 178|20 pages

Open Source versus Closed Source

chapter 179|6 pages

A Look at Java Security

chapter 180|8 pages

Reflections on Database Integrity

chapter 184|12 pages

Avoiding Buffer Overflow Attacks

chapter 185|8 pages

Secure Development Life Cycle

chapter 186|18 pages

System Development Security Methodology

chapter 188|12 pages

Enterprise Security Architecture

chapter 189|18 pages

Certification and Accreditation Methodology

chapter 190|16 pages

System Development Security Methodology

chapter 191|10 pages

Methods of Auditing Applications

chapter 192|10 pages

Hacking Methods

chapter |4 pages

Domain IX: Operations Security

chapter 195|18 pages

Managing Unmanaged Systems

chapter 199|12 pages

Operations Security and Controls

chapter 200|4 pages

The Nebulous Zero Day

chapter 201|6 pages

Understanding Service Level Agreements

chapter 202|18 pages

Physical Access Control

chapter 203|20 pages

Auditing the Electronic Commerce Environment

chapter 208|16 pages

ISPs and Accountability

chapter 209|6 pages

The Case for Privacy

chapter 211|8 pages

Operational Forensics

chapter 213|4 pages

What Happened?

chapter 214|14 pages

Potential Cyber Terrorist Attacks

chapter 215|14 pages

The Evolutiont of the Sploit

chapter 216|8 pages

Computer Crime

chapter 217|20 pages

Phishing: A New Twist to an Old Game

chapter 220|18 pages

Privacy Breach Incident Response

chapter 221|16 pages

Security Event Management

chapter 225|6 pages

Honeypot Essentials