Computer Security Handbook (2 Volume Set)

Купить бумажную книгу и читать

Название: Computer Security Handbook (2 Volume Set)

Автор: Bosworth S., Kabay M.E., Whyne.E.

Издательство: Wiley

Год: 2014

Страниц: 2207

ISBN: 1118127064, 9781118127063

Формат: PDF

Размер: 28.6 Мб

Язык: english

Computer security touches every part of our daily lives from our computers and connected devices to the wireless signals around us. Breaches have real and immediate financial, privacy, and safety consequences. This handbook has compiled advice from top professionals working in the real world about how to minimize the possibility of computer security breaches in your systems.

Written for professionals and college students, it provides comprehensive best guidance about how to minimize hacking, fraud, human error, the effects of natural disasters, and more. This essential and highly-regarded reference maintains timeless lessons and is fully revised and updated with current information on security issues for social networks, cloud computing, virtualization, and more.

Contents:

Preface

Acknowledgments

About the Editors

About the Contributors

A Note to Instructors

Foundations of Computer Security

Brief History and Mission of Information System Security (Seymour Bosworth and Robert V. Jacobson)

History of Computer Crime

Toward a New Framework for Information Security (Donn B. Parker, CISSP)

Hardware Elements of Security (Sy Bosworth and Stephen Cobb)

Data Communications and Information Security (Raymond Panko and Eric Fisher)

Local Area Network Topologies, Protocols, and Design (Gary C. Kessler)

Encryption (Stephen Cobb and Corinne LeFrancois)

Using a Common Language for Computer Security Incident Information (John D. Howard)

Mathematical Models of Computer Security (Matt Bishop)

Understanding Studies and Surveys of Computer Crime (M. E. Kabay)

Fundamentals of Intellectual Property Law (William A. Zucker and Scott J. Nathan)

Threats and Vulnerabilities

The Psychology of Computer Criminals (Q. Campbell and David M. Kennedy)

The Insider Threat (Gary L. Tagg, CISSP)

Information Warfare (Seymour Bosworth)

Penetrating Computer Systems and Networks (Chey Cobb, Stephen Cobb, M. E. Kabay, and Tim Crothers)

Malicious Code (Robert Guess and Eric Salveggio)

Mobile Code (Robert Gezelter)

Denial-of-Service Attacks (Gary C. Kessler)

Social-engineering and low-tech attacks (Karthik Raman, Susan Baumes, Kevin Beets, and Carl Ness)

Spam, Phishing, and Trojans: Attacks Meant To Fool (Stephen Cobb)

Web-Based Vulnerabilities (Anup K. Ghosh, Kurt Baumgarten, Jennifer Hadley, and Steven Lovaas)

Physical Threats to the Information Infrastructure (Franklin Platt)

Prevention: Technical Defenses

Protecting the Physical Information Infrastructure (Franklin Platt)

Operating System Security (William Stallings)

Local Area Networks (N. Todd Pritsky, Joseph R. Bumblis, and Gary C. Kessler)

Gateway Security Devices (Justin Opatrny)

ntrusion Detection and Intrusion Prevention Devices (Rebecca Gurley Bace)

Identification and Authentication (Ravi Sandhu, Jennifer Hadley, Steven Lovaas, and Nicholas Takacs)

Biometric Authentication (Eric Salveggio, Steven Lovaas, David R. Lease, and Robert Guess)

E-Commerce and Web Server Safeguards (Robert Gezelter)

Web Monitoring and Content Filtering (Steven Lovaas)

Virtual Private Networks and Secure Remote Access (Justin Opatrny and Carl Ness

802.11 Wireless LAN Security (Gary L. Tagg, CISSP and Jason Sinchak, CISSP)

Securing VoIP (Christopher Dantos and John Mason)

Securing P2P, IM, SMS, and Collaboration Tools (Carl Ness)

Securing Stored Data (David J. Johnson, Nicholas Takacs, Jennifer Hadley, and M. E. Kabay)

Chapter 37: PKI and Certificate Authorities (Santosh Chokhani, Padgett Peterson, and Steven Lovaas)

Writing Secure Code (Lester E. Nichols, M. E. Kabay, and Timothy Braithwaite)

Software Development and Quality Assurance (Diane E. Levine, John Mason, and Jennifer Hadley)

Managing Software Patches and Vulnerabilities (Karen Scarfone, Peter Mell, and Murugiah Souppaya)

Antivirus Technology (Chey Cobb and Allysa Myers)

Protecting Digital Rights: Technical Approaches (Robert Guess, Jennifer Hadley, Steven Lovaas, and Diane E. Levine)

Prevention: Human Factors

Ethical Decision Making and High Technology (James Landon Linderman)

Security Policy Guidelines (M. E. Kabay and Bridgitt Robertson)

Employment Practices and Policies (M. E. Kabay and Bridgitt Robertson)

Vulnerability Assessment (Rebecca Gurley Bace and Jason Sinchak)

Operations Security and Production Controls (M. E. Kabay, Don Holden, and Myles Walsh)

E-Mail and Internet Use Policies (M. E. Kabay and Nicholas Takacs)

Implementing a Security-Awareness Program (K. Rudolph)

Using Social Psychology to Implement Security Policies (M. E. Kabay, Bridgitt Robertson, Mani Akella, and D. T. Lang)

Security Standards for Products (Paul Brusil and Noel Zakin)

Detecting Security Breaches

Application Controls (Myles Walsh & Susan Baumes)

Monitoring and Control Systems (Caleb S. Coggins and Diane E. Levine)

Security Audits (Donald Glass, Richard O. Moore III, Chris Davis, John Mason, David Gursky, James Thomas, Wendy Carr, M. E. Kabay and Diane Levine)

Chapter 55: Cyber Investigation1 (Peter Stephenson)

Response and Remediation

Computer Security Incident Response Teams1 (Michael Miora, M. E. Kabay, and Bernie Cowens)

Data Backups and Archives (M. E. Kabay and Don Holden)

Business Continuity Planning (Michael Miora)

Disaster Recovery (Michael Miora)

Insurance Relief (Robert A. Parisi, Jr., John F. Mullen and Kevin Apollo)

Working with Law Enforcement (David A. Land)

Management’s Role in Security

Quantitative Risk Assessment and Risk Management (Robert V. Jacobson & Susan Baumes)

Management Responsibilities and Liabilities (Carl Hallberg, M. E. Kabay, Bridgitt Robertson, and Arthur E. Hutt)

US Legal and Regulatory Security Issues (Timothy Virtue)

The Role of the CISO (Karen F. Worstell)

Developing Security Policies (M. E. Kabay and Sean Kelley)

Developing Classification Policies For Data (Karthik Raman, Kevin Beets, And M. E. Kabay)

Outsourcing and Security (Kip Boyle, Michael Buglewicz, and Steven Lovaas)

Public Policy and Other Considerations

Privacy in Cyberspace: US and European Perspectives (Henry L. Judy, Scott L. David, Benjamin S. Hayes, Jeffrey B. Ritter, Marc Rotenberg and M. E. Kabay)

Anonymity and Identity in Cyberspace (M. E. Kabay, Eric Salveggio, Robert Guess, and Russell D. Rosco)

Healthcare Security and Privacy (Paul Brusil)

Legal and Policy Issues of Censorship and Content Filtering (Lee Tien, Seth Finkelstein, and Steven Lovaas)

Expert Witnesses and the Daubert Challenge (Chey Cobb)

Professional Certification and Training in Information Assurance (M. E. Kabay, Christopher Christian, Kevin Henry and Sondra Schneider)

Undergraduate and Graduate Education in Information Assurance (Vic Maconachy and Seymour Bosworth)

The Future of Information Assurance (Jeremy A. Hansen)