Information Security Management Handbook, Volume 4 | Harold F. Tipton

Book

Information Security Management Handbook, Volume 4

ABSTRACT

The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion

TABLE OF CONTENTS

part |2 pages

Domain 1: Access Control Systems and Methodology

chapter 1|18 pages

It Is All about Control

chapter 2|22 pages

Controlling FTP: Providing Secured Data Transfers

chapter 3|8 pages

The Case for Privacy

chapter 4|16 pages

Breaking News: The Latest Hacker Attacks and Defenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Edward Skoudis

chapter 5|22 pages

Counter-Economic Espionage

chapter |4 pages

Domain 2. Telecommunications and Network Security

chapter 6|14 pages

What’s Not So Simple about SNMP?

chapter 7|12 pages

Security for Broadband Internet Access Users

chapter 8|10 pages

New Perspectives on VPNs

chapter 9|26 pages

An Examination of Firewall Architectures

chapter 10|12 pages

Deploying Host-Based Firewalls across the Enterprise: A Case Study

chapter 11|8 pages

Overcoming Wireless LAN Security Vulnerabilities

chapter 12|16 pages

Voice Security

chapter 13|20 pages

Secure Voice Communications (VoI) . . . . . . . . . . . . . . . . . . Valene Skerpac

chapter 14|14 pages

Packet Sniffers: Use and Misuse

chapter 15|12 pages

ISPs and Denial-of-Service Attacks

part |2 pages

Domain 3. Security Management Practices

chapter 16|24 pages

The Human Side of Information Security

chapter 17|12 pages

Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ken Buszta

chapter 18|22 pages

The Common Criteria for IT Security Evaluation

chapter 19|16 pages

The Security Policy Life Cycle: Functions and Responsibilities

chapter 20|12 pages

Security Assessment

chapter 21|16 pages

Evaluating the Security Posture of an Information Technology Environment: The Challenges of Balancing Risk, Cost, and Frequency of Evaluating Safeguards

chapter 22|24 pages

Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security

chapter 23|18 pages

How to Work with a Managed Security Service Provider

chapter 24|22 pages

Considerations for Outsourcing Security

chapter 25|10 pages

Roles and Responsibilities of the Information Systems Security Officer

chapter 26|26 pages

Information Protection: Organization, Roles and Separation of Duties

chapter 27|20 pages

Organizing for Success: Human Resources Issues in Information Security

chapter 28|12 pages

Ownership and Custody of Data

part |2 pages

Domain 4: Application Program Security

chapter 29|10 pages

Application Security

chapter 30|24 pages

Certification and Accreditation Methodology . . . . . . . . . . Mollie Krehnke and David Krehnke

chapter 31|32 pages

A Framework for Certification Testing

chapter 32|24 pages

Malicious Code: The Threat, Detection, and Protection

chapter 33|52 pages

Malware and Computer Viruses

part |2 pages

Domain 5: Cryptography

chapter 34|8 pages

Steganography: The Art of Hiding Messages

chapter 35|26 pages

An Introduction to Cryptography

chapter 36|12 pages

Hash Algorithms: From Message Digests to Signatures

chapter 37|16 pages

PKI Registration

part |2 pages

Domain 6. Computer, System, and Security Architecture

chapter 38|16 pages

Security Infrastructure: Basics of Intrusion Detection Systems

chapter 39|20 pages

Firewalls, Ten Percent of the Solution: A Security Architecture Primer

chapter 40|26 pages

The Reality of Virtual Computing

part |2 pages

Domain 7: Operations Security

chapter 41|12 pages

Directory Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Ken Buszta

part |2 pages

Domain 8: Business Continuity Planning

chapter 42|14 pages

The Changing Face of Continuity Planning

chapter 43|14 pages

Business Continuity Planning: A Collaborative Approach

part |2 pages

Domain 9: Law, Investigation, and Ethics

chapter 44|8 pages

Liability for Lax Computer Security in DDoS Attacks

chapter 45|16 pages

HIPAA 201: A Framework Approach to HIPAA Security Readiness

chapter 46|26 pages

The International Dimensions of Cyber-Crime: A Look at the Council of Europe's Cyber-Crime Convention and the Need for an International Regime to Fight Cyber-Crime

chapter 47|14 pages

Reporting Security Breaches

chapter 48|18 pages

Incident Response Management

chapter 49|16 pages

Managing the Response to a Computer Security Incident . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Michael Vangelos

chapter 50|10 pages

Cyber-Crime: Response, Investigation, and Prosecution

part |2 pages

DOMAIN 10 PHYSICAL SECURITY

chapter 51|14 pages

Computing Facility Physical Security

chapter 52|12 pages

Closed-Circuit Television and Video Surveillance

chapter 53|32 pages

Physical Security: The Threat after September 11