عنوان

Information Security Management Handbook, Volume 3.

(Number (ISBN

1280503742

(Number (ISBN

9781280503740

Number

b600886

Title Proper

Information Security Management Handbook, Volume 3.

General Material Designation

[Book]

First Statement of Responsibility

Tipton, Harold F.

Name of Publisher, Distributor, etc.

CRC Press

Date of Publication, Distribution, etc.

2006

Specific Material Designation and Extent of Item

(712)

Text of Note

Cover --; TABLE OF CONTENTS --; ABOUT THE EDITORS --; CONTRIBUTORS --; INTRODUCTION --; DOMAIN 1: ACCESS CONTROL SYSTEMS AND METHODOLOGY --; Section 1.1: Access Control Techniques --; Chapter 1: Sensitive or Critical Data Access Controls --; Chapter 2: An Introduction to Role-Based Access Control --; Chapter 3: Smart Cards --; Chapter 4: A Guide to Evaluating Tokens --; Section 1.2: Access Control Administration --; Chapter 5: Identity Management: Benefits and Challenges --; DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY --; Section 2.1: Communications and Network Security --; Chapter 6: An Examination of Firewall Architectures --; Chapter 7: The Five W's and Designing a Secure, Identity-Based, Self-Defending Network (5W Network) --; Chapter 8: Maintaining Network Security: Availability via Intelligent Agents --; Chapter 9: PBX Firewalls: Closing the Back Door --; Section 2.2: Internet, Intranet, Extranet Security --; Chapter 10: Voice over WLAN --; Chapter 11: Spam Wars: How To Deal with Junk E-Mail --; Section 2.3: Network Attacks and Countermeasures --; Chapter 12: Auditing the Telephony System: Defenses against Communications Security Breaches and Toll Fraud --; DOMAIN 3: SECURITY MANAGEMENT PRACTICES --; Section 3.1: Security Management Concepts and Principles --; Chapter 13: The Controls Matrix --; Chapter 14: Information Security Governance --; Chapter 15: Belts and Suspenders: Diversity in Information Technology Security --; Chapter 16: Building Management Commitment through Security Councils, or Security Council Critical Success Factors --; Section 3.4: Risk Management --; Chapter 17: Developing and Conducting a Security Test and Evaluation --; Chapter 18: Enterprise Security Management Program --; Chapter 19: Technology Convergence and Security: A Simplified Risk Management Model --; Section 3.5: Employment Policies and Practices --; Chapter 20: People, Processes, and Technology: A Winning Combination --; Section 3.6: Policies, Standards, Procedures, and Guidelines --; Chapter 21: Building an Effective Privacy Program --; Chapter 22: Training Employees To Identify Potential Fraud and How To Encourage Them To Come Forward --; Section 3.8: Security Management Planning --; Chapter 23: Beyond Information Security Awareness Training: It Is Time To Change the Culture --; Chapter 24: Establishing a Successful Security Awareness Program --; DOMAIN 4: APPLICATIONS AND SYSTEMS DEVELOPMENT SECURITY --; Section 4.3: System Development Controls --; Chapter 25: System Development Security Methodology --; Chapter 26: Software Engineering Institute Capability Maturity Model --; Section 4.4: Malicious Code --; Chapter 27: Organized Crime and Malware --; Section 4.5: Methods of Attack --; Chapter 28: Enabling Safer Deployment of Internet Mobile Code Technologies --; DOMAIN 5: CRYPTOGRAPHY --; Section 5.2: Crypto Concepts, Methodologies and Practices --; Chapter 29: Blind Detection of Steganographic Content in Digital Images Using Cellular Automata --; Chapter 30: An Overview of Quantum Cryptography --; Chapter 31: Elliptic Curve Cryptography: Delivering High-Performance Security for E-Commerce and Communications --; DOMAIN 6: SECURITY ARCHITECTURE AND MODELS --; Section 6.1: Principles of Computer and Network Organizations, Architectures, and Designs --; Chapter 32: Enterprise Assurance: A Framework Explored --; DOMAIN 7: OPERATIONS SECURITY --; tidt.

Text of Note

Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Now completely revised and updated and in its fifth edition, the handbook maps the ten domains of the Information Security Common Body of Knowledge and provides a complete understanding of all the items in it. This is a must-have book, both for preparing for the CISSP exam and as a comprehensive, up-to-date reference.

Class number

Book number

Tipton, Harold F.

Tipton, Harold F.

Electronic name

[Book]

Y