Information Security Management Handbook, Fourth Edition, Volume One
Title: Information Security Management Handbook, Fourth Edition, Volume One
ISBN #: 0849398290
Publisher: AUERBACH
Binding: HC
Pages: 728
Description: Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for use by practitioners to conduct the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Preparing for the examination is a major effort because it requires a thorough understanding of the topics contained in the Common Body of Knowledge (CBK) for the field as specified in the Generally Accepted Systems Security Principles (GASSP). The handbook is one of the most important references used by candidates preparing for the exam.The Information Security Management Handbook maps to the ten domains of the Common Body of Knowledge tested on the certification examination: access control issues and methodology, telecommunications and network security, security management practices, applications and systems development security, cryptography, security architecture and models, operations security, business continuity planning and disaster recovery planning, law, investigations, and ethics, and physical security. The Information Security Management Handbook is a "must have" book, whether you're preparing for the CISSP exam or need a comprehensive, up-to-date reference, or both.
Table of Contents:
DOMAIN 1: ACCESS CONTROL SYSTEMS & METHODOLOGY -CHAPTER 1.1 ACCESS CONTROL ISSUES
Biometric Identification -Single Signon
- DOMAIN 2: TELECOMMUNICATIONS & NETWORK SECURITY -CHAPTER 2.1 NETWORK SECURITY
Secured Connections to External Networks -CHAPTER 2.2 INTERNET, INTRANET. EXTRANET SECURITY
"Internet Firewalls" -Internet Security -Extranet Access Control Issues -Firewall Management
Network Layer Security (e.g., SKIP) -Transport Layer Security -Application Layer Security Protocols for Networks
Security of Communication Protocols & Services
- DOMAIN 3: SECURITY MANAGEMENT PRACTICES -CHAPTER 3.1 SECURITY AWARENESS
Security Awareness Program -CHAPTER 3.2 ORGANIZATION ARCHITECTURE
Enterprise Security Architecture -An Introduction to IPSec -CHAPTER 3.3 RISK MANAGEMENT
Risk Analysis and Assessment -Protecting High Tech Business Secrets -Information Security Management in the
Healthcare Industry
- DOMAIN 4: APPLICATIONS & SYSTEMS DEVELOPMENT SECURITY -CHAPTER 4.1 APPLICATION SECURITY
"Security Models for Object Oriented Databases" 999 -DOMAIN 5: CRYPTOGRAPHY
CHAPTER 5.1 CRYPTO TECHNOLOGY & IMPLEMENTATIONS
"Fundamentals of Cryptography & Encryption"
"Principles & Applications of Cryptographic Key Management" -"Implementing Kerberos in Distributed Systems"
"PKI"
- DOMAIN 6: SECURITY ARCHITECTURE & MODELS -CHAPTER 6.1 MICROCOMPUTER & LAN SECURITY
"Microcomputer & LAN Security" -DOMAIN 7: OPERATIONS SECURITY -CHAPTER 7.1 THREATS
"Types of Network Attacks"
"A Look at Java Security" -DOMAIN 8: BUSINESS CONTINUITY PLANNING & DISASTER RECOVERY PLANNING -CHAPTER 8.1 BUSINESS CONTINUITY PLANNING
"Process Improvement BCP" -CHAPTER 8.2 DISASTER RECOVERY PLANNING
"Restoration Component of BCP"
- DOMAIN 9: LAW, INVESTIGATIONS & ETHICS -CHAPTER 9.1 INVESTIGATION
Computer Crime Investigation -CHAPTER 9.2 INFORMATION ETHICS
Ethics and the Internet -CHAPTER 9.3 INFORMATION LAW
Jurisdictional Issues in Global Transmissions
- DOMAIN 10: PHYSICAL SECURITY -CHAPTER 10.1 THREATS & FACILITY REQUIREMENTS
Intrusion Detection: How to Utilize a Still -Immature Technology
CRC Press LLC, 2000 Corporate Blvd., N.W., Boca Raton, FL 33431. Tel: 561-998-2516; Fax: 800-643-9428.