Computer and information security handbook
John R. Vacca (Editor)
This comprehensive reference on computer security offers deep coverage of a wide range of issues in computer and cyber security theory, applications, and best practices.-- Adapted from publisher's description
eBook, English, [2017]
Third edition View all formats and editions
Morgan Kaufmann Publishers, Cambridge, MA, [2017]
Electronic books
1 online resource
9780128039298, 0128039299
987775933
Front Cover; Computer and Information Security Handbook; Computer and Information Security Handbook; Copyright; Dedication; Contents; Contributors; About the Editor; Foreword; Preface; 1. ORGANIZATION OF THIS BOOK; Part 1: Overview of System and Network Security: A Comprehensive Introduction; Part 2: Managing Information Security; Part 3: Disaster Recovery Security; Part 4: Security Standards and Policies; Part 5: Cyber, Network, and Systems Forensics Security and Assurance; Part 6: Encryption Technology; Part 7: Privacy and Access Management; Part 8: Storage Security; Part 9: Cloud Security. Part 10: Virtual SecurityPart 11: Cyber Physical Security; Part 12: Practical Security; Part 13: Critical Infrastructure Security; Part 14: Advanced Security; 2. SUPPLEMENTAL MATERIALS; Acknowledgments; I
Overview of System and Network Security: A Comprehensive Introduction; 1
Information Security in the Modern Enterprise; 1. INTRODUCTION; Management Matters as Much as Technology; Trade Secrets and ``Reasonable Efforts''; 2. CHALLENGES FACING INFORMATION SECURITY; 3. ASSESSMENT AND PLANNING; Know Where to Begin; Risk Management; Public Standards for Information Security. Creating the Security Plan4. POLICIES AND PROCEDURES; 5. TRAINING; 6. SUMMARY; CHAPTER REVIEW QUESTIONS/EXERCISES; True/False; Multiple Choice; EXERCISE; Problem; Hands-On Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem; 2
Building a Secure Organization; 1. OBSTACLES TO SECURITY; Security Is Inconvenient; 2. COMPUTERS ARE POWERFUL AND COMPLEX; Computer Users Are Unsophisticated; Computers Created Without a Thought to Security; 3. CURRENT TREND IS TO SHARE, NOT PROTECT; Data Accessible From Anywhere; 4. SECURITY IS NOT ABOUT HARDWARE AND SOFTWARE. The Bad Guys Are Very SophisticatedManagement Sees Security as a Drain on the Bottom Line; 5. TEN STEPS TO BUILDING A SECURE ORGANIZATION; Evaluate the Risks and Threats; Threats Based on the Infrastructure Model; Threats Based on the Business Itself; Threats Based on Industry; Global Threats; Beware of Common Misconceptions; Provide Security Training for Information Technology Staff: Now and Forever; Think ``Outside the Box''; DOXing; Train Employees: Develop a Culture of Security; Identify and Use Built-in Security Features of the Operating System and Applications; Monitor Systems. Hire a Third Party to Audit SecurityDo Not Forget the Basics; Change Default Account Passwords; Use Robust Passwords; Close Unnecessary Ports; Patch, Patch, Patch; Use Administrator Accounts for Administrative Tasks; Restrict Physical Access; Do Not Forget Paper!; 6. PREPARING FOR THE BUILDING OF SECURITY CONTROL ASSESSMENTS; 7. SUMMARY; CHAPTER REVIEW QUESTIONS/EXERCISES; True/False; Multiple Choice; EXERCISE; Problem; Hands-on Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem; 3
A Cryptography Primer; 1. WHAT IS CRYPTOGRAPHY? WHAT IS ENCRYPTION?