Computer and Information Security HandbookEdited by
- John Vacca
- John Vacca
Presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. Also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, including Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems as well as application standards and technologies required to build secure VPNs, configure client software and server operating systems, IPsec-enabled routers, firewalls and SSL clients. This comprehensive book will provide essential knowledge and skills needed to select, design and deploy a public key infrastructure (PKI) to secure existing and future applications.
The primary audience for this professional handbook consists of researchers and practitioners in industry and academia, as well as security technologists and engineers working with or interested in all aspects of computer security. This comprehensive reference will also be of value to students in upper-division undergraduate and grad level courses in computer security.
Hardbound, 928 Pages
Published: May 2009
Imprint: Morgan Kaufmann
"I believe that this book contains something for everyone no matter what your experience level or specialty in the information security fieldâ¦ I think John did a great job putting together this handbook and the team of experts to deliver this information and I would recommend this book for anyone in the information security field."--PenTestMag.com, March 2012, page 1 "[T]here is a lot of information covering many topics contained within this book making it a valuable desk reference book or a textbook for a course in Information Security. I believe that this book contains something for everyone no matter what your experience level or specialty in the information security fieldâ¦ I think John did a great job putting together this handbook and the team of experts to deliver this information and I would recommend this book for anyone in the information security field."--PenTest Extra, June 2012, page 54
- PART I: OVERVIEW OF SYSTEM AND NETWORK SECURITY: A COMPREHENSIVE INTRODUCTION Chapter 1: Building a Secure Organization Chapter 2: A Cryptography Primer Chapter 3: Verifying User and Host Identity Chapter 4: Preventing System Intrusions Chapter 5: Guarding Against Network Intrusions Chapter 6: Ensuring Network Confidentiality Chapter 7: UNIX and Linux Security Chapter 8: Internet Security Chapter 9: Intranet Security Chapter 10: Local Area Network (LAN) Security Chapter 11: Wireless Network Security Chapter 12: RFID SecurityPART II: MANAGING INFORMATION SECURITYChapter 13: Security Essentials for IT Managers: Protecting Mission-Critical Systems Chapter 14: Security Management Systems Chapter 15: IT Security Management Chapter 16: ID Management Chapter 17: Intrusion Detection and Prevention Systems Chapter 18: Computer Forensics Chapter 19: Firewalls Chapter 20: Penetration Testing Chapter 21: Vulnerability AssessmentPART III: ENCRYPTION TECHNOLOGYChapter 22: Data EncryptionChapter 23: Satellite EncryptionChapter 24: Public Key InfrastructureChapter 25: Instant Messaging SecurityPART IV: PRIVACY AND ACCESS MANAGEMENTChapter 26: Net PrivacyChapter 27: Virtual Private NetworksChapter 28: Identity TheftChapter 29: Access ManagementChapter 30: IPSec Versus SSL VPNs For Secure Remote Access Chapter 31: VoIP SecurityPART V: STORAGE SECURITYChapter 32: SAN SecurityChapter 33: Disaster RecoveryChapter 34: Risk ManagementPART VI: PHYSICAL SECURITYChapter 35: Physical Security Essentials Chapter 36: Facilities Security Management Chapter 37: Biometerics Chapter 38: Homeland Security Chapter 39: Information Warfare