Computer and Information Security Handbook

Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The book offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, applications, and best practices, offering the latest insights into established and emerging technologies and advancements.

With new parts devoted to such current topics as Cloud Security, Cyber-Physical Security, and Critical Infrastructure Security, the book now has 100 chapters written by leading experts in their fields, as well as 12 updated appendices and an expanded glossary. It continues its successful format of offering problem-solving techniques that use real-life case studies, checklists, hands-on exercises, question and answers, and summaries.

Chapters new to this edition include such timely topics as Cyber Warfare, Endpoint Security, Ethical Hacking, Internet of Things Security, Nanoscale Networking and Communications Security, Social Engineering, System Forensics, Wireless Sensor Network Security, Verifying User and Host Identity, Detecting System Intrusions, Insider Threats, Security Certification and Standards Implementation, Metadata Forensics, Hard Drive Imaging, Context-Aware Multi-Factor Authentication, Cloud Security, Protecting Virtual Infrastructure, Penetration Testing, and much more.

Online chapters can also be found on the book companion website:

https://www.elsevier.com/books-and-journals/book-companion/9780128038437

• Written by leaders in the field
• Comprehensive and up-to-date coverage of the latest security technologies, issues, and best practices
• Presents methods for analysis, along with problem-solving techniques for implementing practical solutions

Information Technology and Cyber Security practitioners and researchers in industry, government, the military, and law enforcement, as well as students and academics

Part I: Overview of System and Network Security: A Comprehensive Introduction
1. Information Security in the Modern Enterprise
2. Building a Secure Organization
3. A Cryptography Primer
4. Verifying User and Host Identity
5. Detecting System Intrusions
6. Intrusion Detection in Contemporary Environments
7. Preventing System Intrusions
8. Guarding Against Network Intrusions
9. Fault Tolerance and Resilience in Cloud Computing Environments
10. Securing Web Applications, Services and Servers
11. Unix and Linux Security
12. Eliminating the Security Weakness of Linux and Unix Operating Systems
13. Internet Security
14. The Botnet Problem
15. Intranet Security
16. Wireless Network Security
17. Wireless Sensor Network Security
18. Security for the Internet of Things
19. Cellular Network Security
20. RFID Security
Part II: Managing Information Security
21. Information Security Essentials for IT Managers, Protecting Mission-Critical Systems
22. Security Management Systems
23. Policy-Driven System Management
24. Social Engineering Deceptions and Defenses
25. Ethical Hacking
26. What Is Vulnerability Assessment?
27. Security Education, Training, and Awareness
28. Risk Management
29. Insider Threats
Part III: Disaster Recovery Security
30. Disaster Recovery
31. Disaster Recovery Plans for Small and Medium Business (SMB)
Part IV: Security Standards And Policies
32. Security Certification And Standards Implementation
33. Security Policies And Plans Development
Part V: Cyber, Network, and Systems Forensics Security and Assurance
34. Cyber Forensics
35. Cyber Forensics and Incident Response
36. Securing eDiscovery
37. Microsoft Office & Metadata Forensics: A Deeper Dive
38. Hard Drive Imaging
Part VI: Encryption Technology
39. Satellite Encryption
40. Public Key Infrastructure
41. Context-Aware Multi-Factor Authentication
42. Instant-Messaging Security
Part VII: Privacy and Access Management
43. Online Privacy
44. Privacy-enhancing Technologies
45. Detection Of Conflicts In Security Policies
46. Supporting User Privacy Preferences in Digital Interactions
47. Privacy and Security in Environmental Monitoring Systems: Issues and Solutions
48. Virtual Private Networks
49. VoIP Security
Part VIII: Storage Security
50. Storage Area Networking Devices Security
Part IX: Cloud Security
51. Securing Cloud Computing Systems
52. Cloud Security
53. Private Cloud Security
54. Virtual Private Cloud Security
Part X: Virtual Security
55. Protecting Virtual Infrastructure
56. SDN and NFV Security
Part XI: Cyber Physical Security
57. Physical Security Essentials
Part XII: Practical Security
58. Online Identity and User Management Services
59. Intrusion Prevention and Detection Systems
60. Penetration Testing
61. Access Controls
62. Endpoint Security
63. Fundamentals of Cryptography
Part XIII: Critical Infrastructure Security
64. Securing the Infrastructure
65. Cyber Warfare
Part XIV: Advanced Security
66. Security Through Diversity
67. Online e-Reputation Management Services
68. Data Loss Protection
69. Satellite Cyber Attack Search and Destroy
70. Advanced Data Encryption
Part X: Appendices
Appendix A: Configuring Authentication Service On Microsoft Windows 10
Appendix B: Security Management and Resiliency
Appendix C: List of Top Information And Network Security Implementation and Deployment Companies
Appendix D: List of Security Products
Appendix E: List of Security Standards
Appendix F: List of Miscellaneous Security Resources
Appendix G: Ensuring Built-in Frequency Hopping Spread
Appendix H: Configuring Wireless Internet Security Remote Access
Appendix I: Frequently Asked Questions
Appendix J: Case Studies
Appendix K: Answers To Review Questions/Exercises, Hands-On Projects, Case Projects And Optional Team Case Project By Chapter