Information Security Management Handbook on CD-ROM, 2006 Edition

Published:
April 06, 2006 by Auerbach Publications - 2,036 Pages
Author(s):
Harold F. Tipton; Mickie Nozaki

Purchasing Options

CD-ROM
Not available
in your region
ISBN 9780849385858
Cat# AU8585
 

Features

  • Presents the most comprehensive resource available on information security management
  • Is organized according to the CISSP Common Body of Knowledge (CBK) ®
  • Includes the latest developments in technology and changes in the CISSP® exam
  • Serves as a study guide, working reference, and is completely searchable
  • Discusses proven ways to design and develop secure systems

    • Summary

    The need for information security management has never been greater. With constantly changing technology, external intrusions, and internal thefts of data, information security officers face threats at every turn.

    The Information Security Management Handbook on CD-ROM, 2006 Edition is now available. Containing the complete contents of the Information Security Management Handbook, this is a resource that is portable, linked and searchable by keyword. In addition to an electronic version of the most comprehensive resource for information security management, this CD-ROM contains an extra volume's worth of information that is not found anywhere else, including chapters from other security and networking books that have never appeared in the print editions. Exportable text and hard copies are available at the click of a mouse.

    The Handbook's numerous authors present the ten domains of the Information Security Common Body of Knowledge (CBK) ®. The CD-ROM serves as an everyday reference for information security practitioners and an important tool for any one preparing for the Certified Information System Security Professional (CISSP) ® examination.

    New content to this Edition:

  • Sensitive/Critical Data Access Controls
  • Role-Based Access Control
  • Smartcards
  • A Guide to Evaluating Tokens
  • Identity Management-Benefits and Challenges
  • An Examination of Firewall Architectures
  • The Five "W's" and Designing a Secure Identity Based Self-Defending Network
  • Maintaining Network Security-Availability via Intelligent Agents
  • PBX Firewalls: Closing the Back Door
  • Voice over WLAN
  • Spam Wars: How to Deal with Junk E-Mail
  • Auditing the Telephony System: Defenses against Communications Security Breaches and Toll Fraud
  • The "Controls" Matrix
  • Information Security Governance

    • Table of Contents

    Access Control Systems and Methodology
    Access Control Techniques
    Access Control Administration
    Identification and Authentication Techniques
    Access Control Methodologies and Implementation
    Methods of Attack
    Monitoring and Penetration Testing
    Telecommunications, Network, and Internet Security Communications and Network Security
    Internet, Intranet, Extranet Security
    E-mail Security
    Secure Voice Communications
    Network Attacks and Countermeasures
    Security Management Practices
    Security Management Concepts and Principles
    Change Control Management
    Data Classification
    Risk Management
    Policies, Standards, Procedures and Guidelines
    Risk Management
    Security Awareness Training
    Security Management Planning
    Application Program Security
    Application Issues
    Databases and Data Warehousing
    Systems Development Controls
    Malicious Code
    Methods of Attack
    Cryptography
    Use of Cryptography
    Cryptographic Concepts, Methodologies, and Practices
    Private Key Algorithms
    Public Key Infrastructure (PKI)
    System Architecture for Implementing Cryptographic
    Functions
    Methods of Attack
    Security Architecture and Models
    Principles of Computer and Network Organizations,
    Architectures, and Designs
    Principles of Security Models, Architectures and Evaluation
    Criteria Formulating an Enterprise Information Security
    Architecture
    Common Flaws and Security Issues - System Architecture
    and Design
    Operations Security
    Concepts
    Resource Protection Requirements
    Auditing
    Intrusion Detection
    Operations Controls
    Business Continuity Planning and Disaster Recovery Planning
    Business Continuity Planning
    Disaster Recovery Planning
    Elements of Business Continuity Planning
    Law, Investigation, and Ethics
    Information Law
    Investigations
    Major Categories of Computer Crime
    Incident Handling
    Ethics
    Physical Security
    Elements of Physical Security
    Environment and Life Safety

    Related Titles