|
To access the contents, click the chapter and section titles.
Handbook of Information Security Management
(Imprint: Auerbach Publications)
(Publisher: CRC Press LLC)
Authors: Micki Krause, Harold F. Tipton
ISBN: 0849399475
This edition was placed with authorisation of Auerbach Publications
Here you may find a 4th edition of this book
- Introduction
- Contributors
- Domain 1—Access Control
- Section 1-1—Access Control Principles and Objectives
- Chapter 1-1-1—Types of Information Security Controls
- Chapter 1-1-2—Purposes of Information Security Management
- Section 1-2—Access Control Issues
- Chapter 1-2-1—Biometric Identification
- Chapter 1-2-2—When Technology and Privacy Collide
- Chapter 1-2-3—Relational Data Base Access Controls Using SQL
- Section 1-3—Access Control Administration
- Chapter 1-3-1—Implementation of Access Controls
- Chapter 1-3-2—Implementing Kerberos in Distributed Systems
- Domain 2—Communications Security
- Section 2-1—Telecommunications Security Objectives, Threats, and Countermeasures
- Chapter 2-1-1—The Self-Hack Audit
- Section 2-2—Network Security
- Chapter 2-2-1—A New Security Model for Networks and the Internet
- Chapter 2-2-2—An Introduction to LAN/WAN Security
- Section 2-3—Internet Security
- Chapter 2-3-1—Security Management for the World Wide Web
- Chapter 2-3-2—Internet Firewalls
- Domain 3—Risk Management and Business Continuity Planning
- Section 3-1—Risk Analysis
- Chapter 3-1-1—Risk Analysis and Assessment
- Section 3-2—Business Continuity Planning
- Chapter 3-2-1—Business Continuity in Distributed Environments
- Section 3-3—Distributed Systems BCP
- Chapter 3-3-1—The Business Impact Assessment Process
- Domain 4—Policy, Standards, and Organization
- Section 4-1—Information Classification
- Chapter 4-1-1—Information Classification: A Corporate Implementation Guide
- Section 4-2—Security Awareness
- Chapter 4-2-1—Information Warfare and the Information Systems Security Professional
- Section 4-3—Organization Architecture
- Chapter 4-3-1—New Organizational Model for IP Practitioners
- Chapter 4-3-2—Enterprise Security Architecture
- Section 4-4—Policy Development
- Chapter 4-4-1—Policy Development
- Domain 5—Computer Architecture and System Security
- Section 5-1—Computer Organization and Configuration
- Chapter 5-1-1—Secure Systems Architecture
- Section 5-2—Microcomputer and LAN Security
- Chapter 5-2-1—Microcomputer and LAN Security
- Section 5-3—System Security
- Chapter 5-3-1—Systems Integrity Engineering
- Domain 6—Law, Investigation, and Ethics
- Section 6-1—Legal and Regulatory Issues
- Chapter 6-1-1—Computer Abuse Methods and Detection
- Chapter 6-1-2—Federal and State Computer Crime Laws
- Section 6-2—Investigation
- Chapter 6-2-1—Computer Crime Investigation and Computer Forensics
- Section 6-3—Information Ethics
- Chapter 6-3-1—Computer Ethics
- Domain 7—Application Program Security
- Section 7-1—Application Security
- Chapter 7-1-1—Role-Based Access Control in Real Systems
- Chapter 7-1-2—Security Models for Object-Oriented Data Bases
- Domain 8—Cryptography
- Section 8-1—Cryptography Applications and Uses
- Chapter 8-1-1—Cryptography and Escrowed Encryption
- Domain 9—Computer Operations Security
- Section 9-1—Operator, Hardware, and Media Controls
- Chapter 9-1-1—Operations Security and Controls
- Domain 10—Physical Security
- Section 10-1—Threats and Facility Requirements
- Chapter 10-1-1—Physical Security
- Section 10-2—Personnel Physical Access Control
- Chapter 10-2-1—Information Security and Personnel Practices
- Section 10-3—Microcomputer Physical Security
- Chapter 10-3-1—Protecting the Portable Computing Environment
- Index
|
