Information Security Management Handbook
Search in google:
Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page stand-alone reference is organized under the CISSP Common Body of Knowledge domains and has been updated yearly. Volumes 2, 3, and this year’s Volume 4 reflect the changes to the CBK in response to new laws and evolving technology.
IntroductionDomain 1Access Control Systems and Methodology1Ch. 1Biometrics: What Is New?5Ch. 2Privacy in the Healthcare Industry15Ch. 3A New Breed of Hacker Tools and Defenses31Ch. 4Social Engineering: The Forgotten Risk51Domain 2Telecommunications and Network Security65Ch. 5Security and Network Technologies69Ch. 6Wired and Wireless Physical Layer Security Issues97Ch. 7Network Router Security109Ch. 8Wireless Internet Security125Ch. 9VPN Deployment and Evaluation Strategy149Ch. 10How to Perform a Security Review of a Checkpoint Firewall177Ch. 11Comparing Firewall Technologies201Ch. 12The (In)Security of Virtual Private Networks215Ch. 13E-Mail Security239Ch. 14Cookies and Web Bugs: What Are They and How Do They Work Together?259Ch. 15Leveraging Virtual Private Networks273Ch. 16Wireless LAN Security291Domain 3Security Management Practices299Ch. 17Maintaining Management's Commitment303Ch. 18Making Security Awareness Happen317Ch. 19Making Security Awareness Happen: Appendices337Ch. 20Policy Development353Ch. 21A Matter of Trust385Ch. 22Risk Management and Analysis407Ch. 23New Trends in Information Risk Management419Ch. 24Information Security in the Enterprise431Ch. 25Managing Enterprise Security Information451Ch. 26Configuration Management: Charting the Course for the Organization479Domain 4Applications and Systems Development Security505Ch. 27Web Application Security509Ch. 28The Perfect Security: A New World Order525Ch. 29Security for XML and Other Metadata Languages539Ch. 30XML and Information Security551Ch. 31Digital Signatures in Relational Database Applications563Ch. 32Security and Privacy for Data Warehouses: Opportunity or Threat577Domain 5Cryptography603Ch. 33A Look at the Advanced Encryption Standard (AES)607Ch. 34Preserving Public Key Hierarchy619Domain 6Security Architecture and Models629Ch. 35Reflections on Database Integrity633Domain 7Operations Security645Ch. 36Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions649Ch. 37Auditing the Electronic Commerce Environment671Domain 8Business Continuity Planning and Disaster Recovery Planning697Ch. 38Reengineering the Business Continuity Planning Process701Ch. 39Business Resumption Planning and Disaster Recovery: A Case History719Domain 9Law, Investigations, and Ethics735Ch. 40What Happened?739Ch. 41Internet Gripe Sites: Bally v. Faber745Ch. 42State Control of Unsolicited E-Mail: State of Washington v. Heckel751Domain 10Physical Security757Ch. 43Physical Security: A Foundation for Information Security761Ch. 44Physical Security: Controlled Access and Layered Defense775Index793
