Information Security Management Handbook, Sixth Edition, Volume 3

  • 7h 43m
  • Harold F. Tipton, Micki Krause (eds)
  • CRC Press
  • 2009

Every year, in response to new technologies and new laws in different countries and regions, there are changes to the fundamental knowledge, skills, techniques, and tools required by all IT security professionals. In step with the lightning-quick, increasingly fast pace of change in the technology field, the Information Security Management Handbook, updated yearly, has become the standard on which all IT security programs and certifications are based. It reflects new updates to the Common Body of Knowledge (CBK) that IT security professionals all over the globe need to know.

Captures the crucial elements of the CBK

Exploring the ten domains of the CBK, the book explores access control, telecommunications and network security, information security and risk management, application security, and cryptography. In addition, the expert contributors address security architecture and design, operations security, business continuity planning and disaster recovery planning. The book also covers legal regulations, compliance, investigation, and physical security. In this anthology of treatises dealing with the management and technical facets of information security, the contributors examine varied topics such as anywhere computing, virtualization, podslurping, quantum computing, mashups, blue snarfing, mobile device theft, social computing, voting machine insecurity, and format string vulnerabilities.

In this Book

  • Expanding PKI-Based Access Control Capabilities with Attribute Certificates
  • Five Components to Identity Management Systems
  • Security Weaknesses of System and Application Interfaces Used to Process Sensitive Information
  • Mobile Data Security
  • Enhanced Security Through Open Standards—A Path to a Stronger Global Digital Ecosystem
  • Web Application Firewalls
  • Botnets
  • Collaborating Information Security and Privacy to Create Effective Awareness and Training
  • Security Information and Event Management (SIEM) Technology
  • The Insider Threat—A View from the Outside
  • Pod Slurping
  • The USB (Universal Security Burden) Nightmare—Pod Slurping and Other High Storage Capacity Portable Device Vulnerabilities
  • Diary of a Security Assessment—“Put That in Your Pipe and Smoke It!”
  • NERC Compliance—A Compliance Review
  • Mashup Security
  • Format String Vulnerabilities
  • Fast Scanning Worms
  • Message Digests
  • Quantum Computing—The Rise of the Machine
  • Information Flow and Covert Channels
  • Securing Data at Rest—From Smart Phones to Tapes Defining Data at Rest
  • Validating Tape Backups
  • Determining Business Unit Priorities in Business Continuity Management
  • Continuity Program Testing, Maintenance, Training, and Awareness
  • Bluesnarfing
  • Virtualization and Digital Investigations
  • Halon Fire Suppression Systems
  • Crime Prevention through Environmental Design
  • Data Center Site Selection and Facility Design Considerations
SHOW MORE
FREE ACCESS

YOU MIGHT ALSO LIKE

Course CompTIA Security+: Architecture & Infrastructure Concepts
Rating 4.8 of 6 users Rating 4.8 of 6 users (6)
Course Certified in Cybersecurity (CC): Logical Access Controls
Rating 4.6 of 22 users Rating 4.6 of 22 users (22)
Course Certified in Cybersecurity (CC): Business Continuity Planning
Rating 4.5 of 44 users Rating 4.5 of 44 users (44)