Computer and Information Security Handbook

2nd Edition

Authors: John Vacca
Hardcover ISBN: 9780123943972
eBook ISBN: 9780123946126
Imprint: Morgan Kaufmann
Published Date: 24th May 2013
Page Count: 1200
Tax/VAT will be calculated at check-out
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise.

The book is organized into 10 parts comprised of 70 contributed chapters by leading experts in the areas of networking and systems security, information management, cyber warfare and security, encryption technology, privacy, data storage, physical security, and a host of advanced security topics. New to this edition are chapters on intrusion detection, securing the cloud, securing web apps, ethical hacking, cyber forensics, physical security, disaster recovery, cyber attack deterrence, and more.

Key Features

  • Chapters by leaders in the field on theory and practice of computer and information security technology, allowing the reader to develop a new level of technical expertise
  • Comprehensive and up-to-date coverage of security issues allows the reader to remain current and fully informed from multiple viewpoints
  • Presents methods of analysis and problem-solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions


The primary audience for this handbook consists of researchers and practitioners in industry and academia as well as security technologists, engineers, and federal and state agencies working with or interested in computer and cyber security. This comprehensive reference and practitioner’s guide will also be of value to students in undergraduate and graduate-level courses in computer and cyber security.

Table of Contents

Part I Overview of System and Network Security: A Comprehensive Introduction
Chapter 1 Building a Secure Organization
1.1 Obstacles To Security
1.2 Ten Steps To Building A Secure Organization
1.3 Don’t Forget The Basics
1.4 Preparing For The Building Of Security Control Assessments
1.5 Summary
1.6 Chapter Review Questions/Exercises
1.7 Optional Team Case Project
Chapter 2 A Cryptography Primer
2.1 What Is Cryptography? What Is Encryption?
2.2 Famous Cryptographic Devices
2.3 Ciphers
2.4 Modern Cryptography
2.5 The Computer Age
2.6 How Aes Works
2.7 Selecting Cryptography: The Process
2.8 Summary
2.9 Chapter Review Questions/Exercises
2.9 Optional Team Case Project
Chapter 3 Detecting System Intrusions
3.1 Introduction
3.2 Monitoring Key Files In The System
3.3 Security Objectives
3.4 0day Attacks
3.5 Good Known State
3.6 Rootkits
3.7 Low Hanging Fruit
3.8 Antivirus Software
3.9 Homegrown Intrusion Detection
3.10 Full Packet Capture Devices
3.11 Out Of Band Attack Vectors
3.12 Security Awareness Training
3.13 Data Correlation
3.14 Siem
3.15 Other Weird Stuff On The System
3.16 Detection
3.17 Network-Based Detection Of System Intrusions (Dsis)
3.18 Summary
3.19 Chapter Review Questions/Exercises
3.20 Optional Team Case Project
Chapter 4 Preventing System Intrusions
4.1 So, What Is An Intrusion?
4.2 Sobering Numbers
4.3 Know Your Enemy: Hackers Versus Crackers
4.4 Motives
4.5 The Crackers’ Tools Of The Trade
4.6 Bots
4.7 Symptoms Of Intrusions
4.8 What Can You Do?
4.9 Security Policies
4.10 Risk Analysis
4.11 Tools Of Your Trade
4.12 Controlling User Access
4.13 Intrusion Prevention Capabilities
4.14 Summary
4.15 Chapter Review Questions/Exercises
4.16 Optional Team Case Project
Chapter 5 Guarding Against Network Intrusions
5.1 Traditional Reconnaissance And Attacks
5.2 Malicious Software


No. of pages:
© Morgan Kaufmann 2013
Morgan Kaufmann
Hardcover ISBN:
eBook ISBN:

About the Author

John Vacca

John Vacca is an information technology consultant, researcher, professional writer, Editor, reviewer, and internationally-known best-selling author based in Pomeroy, Ohio. Since 1982, John has authored/edited 79 books (some of his most recent books include): • Security in the Private Cloud (Publisher: CRC Press (an imprint of Taylor & Francis Group, LLC) (September 1, 2016)) • Cloud Computing Security: Foundations and Challenges (Publisher: CRC Press (an imprint of Taylor & Francis Group, LLC) (August 19, 2016)) • Handbook of Sensor Networking: Advanced Technologies and Applications (Publisher: CRC Press (an imprint of Taylor & Francis Group, LLC) (January 14, 2015)) • Network and System Security, Second Edition, 2E (Publisher: Syngress (an imprint of Elsevier Inc.) (September 23, 2013)) • Cyber Security and IT Infrastructure Protection (Publisher: Syngress (an imprint of Elsevier Inc.) (September 23, 2013)) • Managing Information Security, Second Edition, 2E (Publisher: Syngress (an imprint of Elsevier Inc.) (September 23, 2013)) • Computer and Information Security Handbook, 2E (Publisher: Morgan Kaufmann (an imprint of Elsevier Inc.) (May 31, 2013)) • Identity Theft (Cybersafety) (Publisher: Chelsea House Pub (April 1, 2012 ) • System Forensics, Investigation, And Response (Publisher: Jones & Bartlett Learning (September 24, 2010) • Managing Information Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010)) • Network and Systems Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010)) • Computer and Information Security Handbook, 1E (Publisher: Morgan Kaufmann (an imprint of Elsevier Inc.) (June 2, 2009)) • Biometric Technologies and Verification Systems (Publisher: Elsevier Science & Technology Books (March 16, 2007)) • Practical Internet Security (Hardcover): (Publisher: Springer (October 18, 2006)) • Optical Networking Best Practices Handbook (Hardcover): (Publisher: Wile

Affiliations and Expertise

TechWrite, USA.


"This is the 2nd edition of the classic reference on system security but encompasses many new topics that have become relevant since the 1st edition…In this huge volume (1171 pages and online content) the numerous chapters cover almost every conceivable aspect of information and system security."--Reference & Research Book News, October 2013
"The handbook is well organized and homogeneous, despite contributions by various authors. The new section on practical security is a welcome addition…this handbook will continue to be a very useful resource for professionals and students. I strongly recommend it for individuals as well as libraries.", September 12, 2013