Computer Security Handbook (Paperback, 5th)

Part I. Foundations Of Computer Security. 1. Brief History and Mission of Information System Security. 2. History of Computer Crime. 3. Toward a New Framework for Information Security. 4. Hardware Elements of Security. 5. Data Communications and Information Security. 6. Network Topologies, Protocols, and Design. 7. Encryption. 8. Using a Common Language for Computer Security Incident Information. 9. Mathematical Models of Computer Security. 10. Understanding Studies and Surveys of Computer Crime. 11. Fundamentals of Intellectual Property Law. Part II. Threats And Vulnerabilities. 12. The Psychology of Computer Criminals. 13. The Dangerous Information Technology Insider: Psychological Characteristics and Career Patterns. 14. Information Warfare. 15. Penetrating Computer Systems and Networks. 16. Malicious Code. 17. Mobile Code. 18. Denial-of-Service Attacks. 19. Social Engineering and Low-Tech Attacks. 20. Spam, Phishing, and Trojans: Attacks Meant To Fool. 21. Web-Based Vulnerabilities. 22. Physical Threats to the Information Infrastructure. Part III. Prevention: Technical Defenses. 23. Protecting the Information Infrastructure. 24. Operating System Security. 25. Local Area Networks. 26. Gateway Security Devices. 27. Intrusion Detection and Intrusion Prevention Devices. 28. Identification and Authentication. 29. Biometric Authentication. 30. E-Commerce and Web Server Safeguards. 31. Web Monitoring and Content Filtering. 32. Virtual Private Networks and Secure Remote Access. 33. 802.11 Wireless LAN Security. 34. Securing VOIP. 35. Securing P2P, IM, SMS, and Collaboration Tools. 36. Securing Stored Data. 37. PKI and Certificate Authorities. 38. Writing Secure Code. 39. Software Development and Quality Assurance. 40. Managing Software Patches and Vulnerabilities. 41. Antivirus Technology. 42. Protecting Digital Rights: Technical Approaches. Part IV. Prevention: Human Factors. 43. Ethical Decision Making and High Technology. 44. Security Policy Guidelines. 45. Employment Practices and Policies. 46. Vulnerability Assessment. 47. Operations Security and Production Controls. 48. E-Mail and Internet Use Policies. 49. Implementing a Security Awareness Program. 50. Using Social Psychology to Implement Security Policies. 51. Security Standards for Products. Part V. Detecting Security Breaches. 52. Application Controls. 53. Monitoring and Control Systems. 54. Security Audits, Standards and Inspections. 55. Cyber Investigation. Part VI. Response & Remediation. 56. Computer Security Incident Response Teams. 57. Data Backups and Archives. 58. Business Continuity Planning. 59. Disaster Recovery. 60. Insurance Relief. 61. Working with Law Enforcement. Part VII. Management's Role In Security. 62. Risk Assessment and Risk Management. 63. Management Responsibilities and Liabilities. 64. U.S. Legal and Regulatory Security Issues. 65. The Role of the CISO. 66. Developing Security Policies. 67. Developing Classification Policies for Data. 68. Outsourcing and Security. Part VIII. Public Policy And Other Considerations. 69. Privacy in Cyberspace: U.S. and European Perspectives.70. Anonymity and Identity in Cyberspace. 71. Medical Records Protection. 72. Legal and Policy Issues of Censorship and Content Filtering. 73. Expert Witnesses and the Daubert Challenge. 74. Professional Certification and Training in Information Assurance. 75. Undergraduate and Graduate Education in Information Assurance. 76. The Future of Information Assurance.