COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Computer and Information Security Handbook - 3rd Edition - ISBN: 9780128038437, 9780128039298

Computer and Information Security Handbook

3rd Edition

Author: John Vacca
Hardcover ISBN:
eBook ISBN: 9780128039298
Hardcover ISBN: 9780128038437
Imprint: Morgan Kaufmann
Published Date: 10th May 2017
Page Count: 1280
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The book offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, applications, and best practices, offering the latest insights into established and emerging technologies and advancements.

With new parts devoted to such current topics as Cloud Security, Cyber-Physical Security, and Critical Infrastructure Security, the book now has 100 chapters written by leading experts in their fields, as well as 12 updated appendices and an expanded glossary. It continues its successful format of offering problem-solving techniques that use real-life case studies, checklists, hands-on exercises, question and answers, and summaries.

Chapters new to this edition include such timely topics as Cyber Warfare, Endpoint Security, Ethical Hacking, Internet of Things Security, Nanoscale Networking and Communications Security, Social Engineering, System Forensics, Wireless Sensor Network Security, Verifying User and Host Identity, Detecting System Intrusions, Insider Threats, Security Certification and Standards Implementation, Metadata Forensics, Hard Drive Imaging, Context-Aware Multi-Factor Authentication, Cloud Security, Protecting Virtual Infrastructure, Penetration Testing, and much more.

Online chapters can also be found on the book companion website:

Key Features

  • Written by leaders in the field
  • Comprehensive and up-to-date coverage of the latest security technologies, issues, and best practices
  • Presents methods for analysis, along with problem-solving techniques for implementing practical solutions


Information Technology and Cyber Security practitioners and researchers in industry, government, the military, and law enforcement, as well as students and academics

Table of Contents

Part I: Overview of System and Network Security: A Comprehensive Introduction
1. Information Security in the Modern Enterprise
2. Building a Secure Organization
3. A Cryptography Primer
4. Verifying User and Host Identity
5. Detecting System Intrusions
6. Intrusion Detection in Contemporary Environments
7. Preventing System Intrusions
8. Guarding Against Network Intrusions
9. Fault Tolerance and Resilience in Cloud Computing Environments
10. Securing Web Applications, Services and Servers
11. Unix and Linux Security
12. Eliminating the Security Weakness of Linux and Unix Operating Systems
13. Internet Security
14. The Botnet Problem
15. Intranet Security
16. Wireless Network Security
17. Wireless Sensor Network Security
18. Security for the Internet of Things
19. Cellular Network Security
20. RFID Security
Part II: Managing Information Security
21. Information Security Essentials for IT Managers, Protecting Mission-Critical Systems
22. Security Management Systems
23. Policy-Driven System Management
24. Social Engineering Deceptions and Defenses
25. Ethical Hacking
26. What Is Vulnerability Assessment?
27. Security Education, Training, and Awareness
28. Risk Management
29. Insider Threats
Part III: Disaster Recovery Security
30. Disaster Recovery
31. Disaster Recovery Plans for Small and Medium Business (SMB)
Part IV: Security Standards And Policies
32. Security Certification And Standards Implementation
33. Security Policies And Plans Development
Part V: Cyber, Network, and Systems Forensics Security and Assurance
34. Cyber Forensics
35. Cyber Forensics and Incident Response
36. Securing eDiscovery
37. Microsoft Office & Metadata Forensics: A Deeper Dive
38. Hard Drive Imaging
Part VI: Encryption Technology
39. Satellite Encryption
40. Public Key Infrastructure
41. Context-Aware Multi-Factor Authentication
42. Instant-Messaging Security
Part VII: Privacy and Access Management
43. Online Privacy
44. Privacy-enhancing Technologies
45. Detection Of Conflicts In Security Policies
46. Supporting User Privacy Preferences in Digital Interactions
47. Privacy and Security in Environmental Monitoring Systems: Issues and Solutions
Virtual Private Networks
49. VoIP Security
Part VIII: Storage Security
50. Storage Area Networking Devices Security
Part IX: Cloud Security
51. Securing Cloud Computing Systems
52. Cloud Security
53. Private Cloud Security
54. Virtual Private Cloud Security
Part X: Virtual Security
55. Protecting Virtual Infrastructure
56. SDN and NFV Security
Part XI: Cyber Physical Security
57. Physical Security Essentials
Part XII: Practical Security
58. Online Identity and User Management Services
59. Intrusion Prevention and Detection Systems
60. Penetration Testing
61. Access Controls
62. Endpoint Security
63. Fundamentals of Cryptography
Part XIII: Critical Infrastructure Security
64. Securing the Infrastructure
65. Cyber Warfare
Part XIV: Advanced Security
66. Security Through Diversity
67. Online e-Reputation Management Services
68. Data Loss Protection
69. Satellite Cyber Attack Search and Destroy
70. Advanced Data Encryption
Part X: Appendices
Appendix A: Configuring Authentication Service On Microsoft Windows 10
Appendix B: Security Management and Resiliency
Appendix C: List of Top Information And Network Security Implementation and Deployment Companies
Appendix D: List of Security Products
Appendix E: List of Security Standards
Appendix F: List of Miscellaneous Security Resources
Appendix G: Ensuring Built-in Frequency Hopping Spread
Appendix H: Configuring Wireless Internet Security Remote Access
Appendix I: Frequently Asked Questions
Appendix J: Case Studies
Appendix K: Answers To Review Questions/Exercises, Hands-On Projects, Case Projects And Optional Team Case Project By Chapter


No. of pages:
© Morgan Kaufmann 2017
10th May 2017
Morgan Kaufmann
Hardcover ISBN:
eBook ISBN:
Hardcover ISBN:

About the Author

John Vacca

John Vacca

John Vacca is an information technology consultant, researcher, professional writer, Editor, reviewer, and internationally-known best-selling author based in Pomeroy, Ohio. Since 1982, John has authored/edited 79 books (some of his most recent books include):

  • Security in the Private Cloud (Publisher: CRC Press (an imprint of Taylor & Francis Group, LLC) (September 1, 2016))
  • Cloud Computing Security: Foundations and Challenges (Publisher: CRC Press (an imprint of Taylor & Francis Group, LLC) (August 19, 2016))
  • Handbook of Sensor Networking: Advanced Technologies and Applications (Publisher: CRC Press (an imprint of Taylor & Francis Group, LLC) (January 14, 2015))
  • Network and System Security, Second Edition, 2E (Publisher: Syngress (an imprint of Elsevier Inc.) (September 23, 2013))
  • Cyber Security and IT Infrastructure Protection (Publisher: Syngress (an imprint of Elsevier Inc.) (September 23, 2013))
  • Managing Information Security, Second Edition, 2E (Publisher: Syngress (an imprint of Elsevier Inc.) (September 23, 2013))
  • Computer and Information Security Handbook, 2E (Publisher: Morgan Kaufmann (an imprint of Elsevier Inc.) (May 31, 2013))
  • Identity Theft (Cybersafety) (Publisher: Chelsea House Pub (April 1, 2012))
  • System Forensics, Investigation, And Response (Publisher: Jones & Bartlett Learning (September 24, 2010))
  • Managing Information Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010))
  • Network and Systems Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010))
  • Computer and Information Security Handbook, 1E (Publisher: Morgan Kaufmann (an imprint of Elsevier Inc.) (June 2, 2009))
  • Biometric Technologies and Verification Systems (Publisher: Elsevier Science & Technology Books (March 16, 2007))
  • Practical Internet Security (Hardcover): (Publisher: Springer (October 18, 2006))
  • Optical Networking Best Practices Handbook (Hardcover): (Publisher: Wiley-Interscience (November 28, 2006))
  • Guide to Wireless Network Security (Publisher: Springer (August 19, 2006))

He has written more than 600 articles in the areas of advanced storage, computer security and aerospace technology (copies of articles and books are available upon request).

John was also a configuration management specialist, computer specialist, and the computer security official (CSO) for NASA's space station program (Freedom) and the International Space Station Program, from 1988 until his retirement from NASA in 1995.

In addition, John is also an independent online book reviewer. Finally, John was one of the security consultants for the MGM movie titled: "AntiTrust," which was released on January 12, 2001. A detailed copy of Johns author bio can be viewed at URL: John can be reached at:

Affiliations and Expertise

TechWrite, USA


"The editor, John Vacca, has pulled together contributions from a large number of experts into a massive tome that touches on pretty much every angle of security and privacy.’s hard to think of anyone with any interest in infosecurity who wouldn’t get something out of it.

This is the reference work you want on your bookshelf when you need to quickly get a grounding in some new aspect of security." --Network Security Newsletter

Ratings and Reviews