Information Security Management Handbook, Volume 5 (Hardcover, 6)

DOMAIN 1: ACCESS CONTROL

Access Control Techniques
Whitelisting for Endpoint Defense; Rob Shein
Whitelisting; Sandy Bacik

Access Control Administration
RFID and Information Security; Salahuddin Kamran
Privileged User Management; Georges J. Jahchan
Privacy in the Age of Social Networking; Salahuddin Kamran

DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY

Communications and Network Security
IF-MAP as a Standard for Security Data Interchange; David O’Berry

Internet, Intranet, Extranet Security
Understating the Ramifications of IPv6; Foster Henderson

Network Attacks and Countermeasures
Managing Security in Virtual Environments; E. Eugene Schultz & Edward Ray

DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT

Security Management Concepts and Principles
Do Your Business Associate Security and Privacy Programs Live Up to HIPAA and HITECH Requirements?; Rebecca Herold
Organization Culture Awareness Will Cultivate Your Information Security Program; Robert Pittman

Risk Management
Role-Based Information Security Governance: Avoiding the Company Oil Slick; Todd Fitzgerald
Social Networking Security Exposure; Sandy Bacik
Social Networking, Social Media, and Web 2.0 Security Risks; Robert M. Slade
Applying Adult Education Principles to Security Awareness Programs; Chris Hare

Security Management Planning
Controlling the Emerging Data Dilemma: Building Policy for Unstructured Data Access; Anne Shultz
Governance and Risk Management within the Context of Information Security; James C. Murphy
Improving Enterprise Security through Predictive Analysis; Chris Hare

Employment Policies and Practices
Security Outsourcing; Sandy Bacik

DOMAIN 4: APPLICATION DEVELOPMENT SECURITY

System Development Controls
The Effectiveness of Access Management Reviews; Chris Hare
Securing SaaS Applications: A Cloud Security Perspective for Application Providers; Pradnyesh Rane
Attacking RFID Systems; Pedro Peris -Lopez, Julio Cesar Hernandez-Castro, Juan M. Estevez-Tapiador, & Arturo Ribagorda

DOMAIN 5: CRYPTOGRAPHY

Cryptographic Concepts, Methodologies, and Practices
Cryptography: Mathematics vs. Engineering; Ralph Spencer Poore
Cryptographic Message Syntax; Jeff Stapleton

DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN

Principles of Computer and Network Organizations, Architectures, and Designs
An Introduction to Virtualization Security; Paul Henry

DOMAIN 7: OPERATIONS SECURITY

Operations Controls
Warfare and Security: Deterrence and Dissuasion in the Cyber Era; Samuel Chun
Configuration, Change, and Release Management; Sean M. Price
Tape Backup Considerations; Sandy Bacik
Productivity vs. Security; Sandy Bacik

DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING

Business Continuity Planning
Continuity Planning for Small- and Medium-Sized Organizations; Carl Jackson

DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS

Information Law
The Cost of Risk: An Examination of Risk Assessment and Information Security in the Financial Industry; Seth Kinnett
Data Security and Privacy Legislation; Salahuddin Kamran

Incident Handling
Discovery of Electronically Stored Information; Salahuddin Kamran

DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY

Elements of Physical Security
The Layered Defense Model and Perimeter Intrusion Detection; Leo Kahng

Index