Other versions by this Author
List Price: $173.25
Buy New
Arriving Soon. Will ship when available.
$165.00
Rent Textbook
Select for Price
Rent Digital
$39.58
Used Textbook
We're Sorry
Sold Out
How Marketplace Works:
- This item is offered by an independent seller and not shipped from our warehouse
- Item details like edition and cover design may differ from our description; see seller's comments before ordering.
- Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
- Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
- Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.
Summary
This annually updated handbook provides a compilation of the fundamental knowledge, skills, techniques, and tools required by IT security professionals. It covers the CISSP®Common Body of Knowledge (CBK®) that forms the standard on which all IT security programs and certifications are based. Topics covered include access control, physical (environmental) security, cryptography, application security, and operations security. This new edition features the latest developments in information security and the (ISC)2®CISSP CBK, including advanced persistent threats, new HIPAA requirements, social networks, virtualization, and SOA.
Table of Contents
| Introduction | p. ix |
| Editors | p. xi |
| Contributors | p. xiii |
| Access Control | |
| Access Control Administration | |
| What Business Associates Need to Know about Protected Health Information under HIPAA and HITECH | p. 3 |
| Telecommunications And Network Security | |
| Internet, Intranet, Extranet Security | |
| E-Mail Security | p. 15 |
| Information Security And Risk Management | |
| Security Management Concepts and Principles | |
| Appreciating Organizational Behavior and Institutions to Solidify Your Information Security Program | p. 29 |
| Risk Management | |
| The Information Security Auditors Have Arrived, Now What? | p. 47 |
| Continuous Monitoring: Extremely Valuable to Deploy within Reason | p. 63 |
| Social Networking | p. 73 |
| Insider Threat Defense | p. 79 |
| Risk Management in Public Key Certificate Applications | p. 83 |
| Server Visualization: Information Security Considerations | p. 101 |
| Security Management Planning | |
| Security Requirements Analysis | p. 113 |
| CERT Resilience Management Model: An Overview | p. 135 |
| Managing Bluetooth Security | p. 153 |
| Employment Policies and Practices | |
| Slash and Burn: In Times of Recession, Do Not Let Emotions Drive Business Decisions | p. 169 |
| A "Zero Trust" Model for Security | p. 175 |
| Application Development Security | |
| System Development Controls | |
| Application Whitelisting | p. 193 |
| Design of Information Security for Large System Development Projects | p. 223 |
| Building Application Security Testing into the Software Development Life Cycle | p. 249 |
| Malicious Code | |
| Twenty-Five (or Forty) Years of Malware History | p. 259 |
| Cryptography | |
| Cryptographic Concepts, Methodologies, and Practices | |
| Format Preserving Encryption | p. 289 |
| Elliptic Curve Cryptosystems | p. 295 |
| Pirating the Ultimate Killer App: Hacking Military Unmanned Aerial Vehicles | p. 301 |
| Security Architecture and Design | |
| Principles of Computer and Network Organizations, Architectures, and Designs | |
| Service-Oriented Architecture | p. 317 |
| Cloud Security | p. 331 |
| Enterprise Zones of Trust | p. 349 |
| Operations Security | |
| Operations Controls | |
| Complex Event Processing for Automated Security Event Analysis | p. 357 |
| Records Management | p. 361 |
| Business Continuity and Disaster Recovery Planning | |
| Business Continuity Planning | |
| Data Backup Strategies: Traditional versus Cloud | p. 375 |
| Legal, Regulations, Compliance, and Investigations | |
| Major Categories of Computer Crime | |
| Managing Advanced Persistent Threats | p. 387 |
| Incident Handling | |
| Virtualization Forensics | p. 405 |
| Physical (Environmental) Security | |
| Elements of Physical Security | |
| Terrorism: An Overview | p. 417 |
| Technical Controls | |
| Countermeasure Goals and Strategies | p. 437 |
| Index | p. 451 |
| Information Security Management Handbook: Comprehensive Table of Contents | p. 463 |
| Table of Contents provided by Ingram. All Rights Reserved. |
An electronic version of this book is available through VitalSource.
This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.
By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.
Digital License
You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.
More details can be found here.
A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.
Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.
Please view the compatibility matrix prior to purchase.