Updated annually to keep up with the increasingly fast pace of change in the field, the Information Security Management Handbook is the single most comprehensive and up-to-date resource on information security (IS) and assurance. Facilitating the up-to-date understanding required of all IS professionals, the Information Security Management Handbook, Sixth Edition, Volume 5 reflects the latest issues in information security and the CISSP(R) Common Body of Knowledge (CBK(R)). This edition updates the benchmark Volume 1 with a wealth of new information to help IS professionals address the challenges created by complex technologies and escalating threats to information security. Topics covered include chapters related to access control, physical security, cryptography, application security, operations security, and business continuity and disaster recovery planning. The updated edition of this bestselling reference provides cutting-edge reporting on mobile device security, adaptive threat defense, Web 2.0, virtualization, data leakage, governance, and compliance. Also available in a fully searchable CD-ROM format, it supplies you with the tools and understanding to stay one step ahead of evolving threats and ever-changing standards and regulations.
| ISBN | 1439853452 | | Pages | 558 | | ISBN13 | 9781439853450
(What's this?) | | Weight (grammes) | 1158 | | Publisher | Taylor & Francis Ltd | | Published in | London | | Imprint | Auerbach Publishers Inc. | | Height (mm) | 254 | | Format | Hardback | | Width (mm) | 178 | | Publication date | 09 Sep 2011 | | Spine width (mm) | 36 | | DEWEY | 005.8 | | Academic level | Postgraduate | | DEWEY edition | DC22 | |
|
|
|
DOMAIN 1: ACCESS CONTROL Access Control Techniques Whitelisting for Endpoint Defense; Rob Shein Whitelisting; Sandy Bacik Access Control Administration RFID and Information Security; Salahuddin Kamran Privileged User Management; Georges J. Jahchan Privacy in the Age of Social Networking; Salahuddin Kamran DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY Communications and Network Security IF-MAP as a Standard for Security Data Interchange; David O'Berry Internet, Intranet, Extranet Security Understating the Ramifications of IPv6; Foster Henderson Network Attacks and Countermeasures Managing Security in Virtual Environments; E. Eugene Schultz & Edward Ray DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT Security Management Concepts and Principles Do Your Business Associate Security and Privacy Programs Live Up to HIPAA and HITECH Requirements?; Rebecca Herold Organization Culture Awareness Will Cultivate Your Information Security Program; Robert Pittman Risk Management Role-Based Information Security Governance: Avoiding the Company Oil Slick; Todd Fitzgerald Social Networking Security Exposure; Sandy Bacik Social Networking, Social Media, and Web 2.0 Security Risks; Robert M. Slade Applying Adult Education Principles to Security Awareness Programs; Chris Hare Security Management Planning Controlling the Emerging Data Dilemma: Building Policy for Unstructured Data Access; Anne Shultz Governance and Risk Management within the Context of Information Security; James C. Murphy Improving Enterprise Security through Predictive Analysis; Chris Hare Employment Policies and Practices Security Outsourcing; Sandy Bacik DOMAIN 4: APPLICATION DEVELOPMENT SECURITY System Development Controls The Effectiveness of Access Management Reviews; Chris Hare Securing SaaS Applications: A Cloud Security Perspective for Application Providers; Pradnyesh Rane Attacking RFID Systems; Pedro Peris -Lopez, Julio Cesar Hernandez-Castro, Juan M. Estevez-Tapiador, & Arturo Ribagorda DOMAIN 5: CRYPTOGRAPHY Cryptographic Concepts, Methodologies, and Practices Cryptography: Mathematics vs. Engineering; Ralph Spencer Poore Cryptographic Message Syntax; Jeff Stapleton DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN Principles of Computer and Network Organizations, Architectures, and Designs An Introduction to Virtualization Security; Paul Henry DOMAIN 7: OPERATIONS SECURITY Operations Controls Warfare and Security: Deterrence and Dissuasion in the Cyber Era; Samuel Chun Configuration, Change, and Release Management; Sean M. Price Tape Backup Considerations; Sandy Bacik Productivity vs. Security; Sandy Bacik DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Business Continuity Planning Continuity Planning for Small- and Medium-Sized Organizations; Carl Jackson DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS Information Law The Cost of Risk: An Examination of Risk Assessment and Information Security in the Financial Industry; Seth Kinnett Data Security and Privacy Legislation; Salahuddin Kamran Incident Handling Discovery of Electronically Stored Information; Salahuddin Kamran DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY Elements of Physical Security The Layered Defense Model and Perimeter Intrusion Detection; Leo Kahng Index
Enlarge
