Information Security Best Practices

205 Basic Rules


  • George L Stefanek

Protecting computer networks and their client computers against willful (or accidental) attacks is a growing concern for organizations and their information technology managers. This book draws upon the author's years of experience in computer security to describe a set of over 200 "rules" designed to enhance the security of a computer network (and its data) and to allow quick detection of an attack and development of effective defensive responses to attacks. Both novice and experienced network administrators will find this book an essential part of their professional "tool kit." It is also essential reading for a corporate or organization manager who needs a solid understanding of the issues involved in computer security.

Much literature is available on network and data security that describes security concepts, but offers so many different solutions to information security problems that it typically overwhelms both the novice and the experienced network administrator. This book presents a simple set of rules important in maintaining good information security. These rules or best practices are intended to be a recipe for setting up network and information security. This manual will take the mystery out of configuring an information security solution and provide a framework which the novice as well as experienced network administrator can follow and adapt to their network and data environment.

All disc-based content for this title is now available on the Web.

View full description


Information technology managers, system administrators, network engineers, and others concerned with issues of network and computer security.


Book information

  • Published: March 2002
  • ISBN: 978-1-878707-96-3

Table of Contents

PrefaceCh. 1 Information Security Attacks And VulnerabilitiesCh. 2 Anatomy Of An AttackCh. 3 Awareness And Management Commitment To SecurityCh. 4 Security PolicyCh. 5 Infosec Network Architecture DesignCh. 6 Selecting Security Hardware And SoftwareCh. 7 Physical SecurityCh. 8 Network Hardware SecurityCh. 9 Network Operating System SecurityCh. 10 PC Operating System SecurityCh. 11 Internet SecurityCh. 12 Application SecurityCh. 13 Software Validation And VerificationCh. 14 Data EncryptionCh. 15 Configuration ManagementCh. 16 Monitoring The NetworkCh. 17 Maintenance And Troubleshooting SecurityCh. 18 Training