Computer Security Handbook, Fifth Edition | by Seymour Bosworth, M.E. Kabay and Eric Whyne (eds) | 2009 | ISBN: 9780471716525. Computer Books. IT EBooks. Information System Security Books.

November 20, 2009 by kutenk
Filed under: Computer Books 

Computer Security Handbook, Fifth Edition

by Seymour Bosworth, M.E. Kabay and Eric Whyne (eds)
2009 (2040 pages)
ISBN:9780471716525

Whether you are in charge of many computers or just one important one, this important book provides authoritative guidance to identify and to eliminate threats where possible, as well as to lessen any losses attributable to them.

Get this PDF EBook by clicking below:


Buy/Order Now

Computer Security Handbook, Fifth Edition







Preface
A Note to Instructors
Part I – Foundations of Computer Security
Chapter 1 – Brief History and Mission of Information System Security
1.1: Introduction to Information System Security
1.2: Evolution of Information Systems
1.3: Government Recognition of Information Assurance
1.4: Recent Developments
1.5: Ongoing Mission for Information System Security
1.6: Notes

Chapter 2 – History of Computer Crime
2.1: Why Study Historical Records?
2.2: Overview
2.3: 1960s and 1970s: Sabotage
2.4: Impersonation
2.5: Phone Phreaking
2.6: Data Diddling
2.7: Salami Fraud
2.8: Logic Bombs
2.9: Extortion
2.10: Trojan Horses
2.11: Notorious Worms and Viruses
2.12: SPAM
2.13: Denial of Service
2.14: Hacker Underground of the 1980s and 1990s
2.15: Concluding Remarks
2.16: Further Reading
2.17: Notes

Chapter 3 – Toward a New Framework for Information Security
3.1: Proposal for a New Information Security Framework
3.2: Six Essential Security Elements
3.3: What the Dictionaries Say About the Words we Use
3.4: Comprehensive Lists of Sources and Acts Causing Information Losses
3.5: Functions of Information Security
3.6: Selecting Safeguards Using a Standard of Due Diligence
3.7: Threats, Assets, Vulnerabilities Model
3.8: Conclusion

Chapter 4 – Hardware Elements of Security
4.1: Introduction
4.2: Binary Design
4.3: Parity
4.4: Hardware Operations
4.5: Interrupts
4.6: Memory and Data Storage
4.7: Time
4.8: Natural Dangers
4.9: Data Communications
4.10: Cryptography
4.11: Backup
4.12: Recovery Procedures
4.13: Microcomputer Considerations
4.14: Conclusion
4.15: Hardware Security Checklist
4.16: Further Reading

Chapter 5 – Data Communications and Information Security
5.1: Introduction
5.2: Sampling of Networks
5.3: Network Protocols and Vulnerabilities
5.4: Standards
5.5: Internet Protocol (IP)
5.6: Transmission Control Protocol (TCP)
5.7: User Datagram Protocol
5.8: TCP/IP Supervisory Standards
5.9: Application Standards
5.10: Concluding Remarks
5.11: Further Reading
5.12: Notes

Chapter 6 – Network Topologies, Protocols, and Design
6.1: Overview
6.2: LAN Topology
6.3: Media
6.4: Media Access Control
6.5: LAN Protocols and Standards
6.6: Interconnection Devices
6.7: Network Operating Systems
6.8: Summary
6.9: Web Sites
6.10: Further Reading
6.11: Notes

Chapter 7 – Encryption
7.1: Introduction to Cryptography
7.2: Basic Cryptography
7.3: DES and Modern Encryption
7.4: Public Key Encryption
7.5: Practical Encryption
7.6: Beyond RSA and DES
7.7: Further Reading
7.8: Notes

Chapter 8 – Using a Common Language for Computer Security Incident Information
8.1: Introduction
8.2: Why a Common Language is Needed
8.3: Development of the Common Language
8.4: Computer Security Incident Information Taxonomy
8.5: Additional Incident Information Terms
8.6: How to Use the Common Language
8.7: Notes

Chapter 9 – Mathematical Models of Computer Security
9.1: Why Models are Important
9.2: Models and Security
9.3: Models and Controls
9.4: Classic Models
9.5: Other Models
9.6: Conclusion
9.7: Further Reading
9.8: Notes

Chapter 10 – Understanding Studies and Surveys of Computer Crime
10.1: Introduction
10.2: Basic Research Methodology
10.3: Summary
10.4: Further Reading
10.5: Notes


Chapter 11 – Fundamentals of Intellectual Property Law
11.1: Introduction
11.2: The Most Fundamental Business Tool for Protection of Technology is the Contract
11.3: Proprietary Rights and Trade Secrets
11.4: Copyright Law and Software
11.5: Digital Millennium Copyright Act
11.6: Circumventing Technology Measures
11.7: Patent Protection
11.8: Piracy and Other Intrusions
11.9: Other Tools to Prevent Unauthorized Intrusions
11.10: Open Source
11.11: Application Internationally
11.12: Concluding Remarks
11.13: Further Reading
11.14: Notes

Part II – Threats and Vulnerabilities
Chapter 12 – The Psychology of Computer Criminals
12.1: Introduction
12.2: Self-Reported Motivations
12.3: Psychological Perspectives on Computer Crime
12.4: Social Distance, Anonymity, Aggression, and Computer Crime
12.5: Individual Differences and Computer Criminals
12.6: Ethics and Computer Crime
12.7: Classifications of Computer Criminals
12.8: Summary and Conclusions
12.9: Notes

Chapter 13 – The Dangerous Information Technology Insider: Psychological Characteristics and Career Patterns
13.1: Computer Information Technology Insiders
13.2: Psychological Characteristics of Information Technology Specialists
13.3: Characteristics of the Dangerous Computer Information Technology Insider (CITI)
13.4: Escalating Pathway to Major Computer Crime
13.5: Stress and Attacks on Computer Systems
13.6: Typology of Computer Crime Perpetrators
13.7: Conclusion and Implications
13.8: Note

Chapter 14 – Information Warfare
14.1: Introduction
14.2: Vulnerabilities
14.3: Goals and Objectives
14.4: Sources of Threats and Attacks
14.5: Weapons of Cyberwar
14.6: Defenses
14.7: Further Reading
14.8: Notes

Chapter 15 – Penetrating Computer Systems and Networks
15.1: Multiple Factors Involved in System Penetration
15.2: Nontechnical Penetration Techniques
15.3: Technical Penetration Techniques
15.4: Political and Legal Issues
15.5: Summary
15.6: Further Reading
15.7: Notes

Chapter 16 – Malicious Code
16.1: Introduction
16.2: Malicious Code Threat Model
16.3: Survey of Malicious Code
16.4: Detection of Malicious Code
16.5: Prevention of Malicious Code Attacks
16.6: Conclusion
16.7: Further Reading
16.8: Notes

Chapter 17 – Mobile Code
17.1: Introduction
17.2: Signed Code
17.3: Restricted Operating Environments
17.4: Discussion
17.5: Summary
17.6: Further Reading
17.7: Notes

Chapter 18 – Denial-Of-Service Attacks
18.1: Introduction
18.2: Denial-Of-Service Attacks
18.3: Distributed Denial-Of-Service Attacks
18.4: Management Issues
18.5: Further Reading
18.6: Note

Chapter 19 – Social Engineering and Low-Tech Attacks
19.1: Introduction
19.2: Background and History
19.3: Social Engineering Methods
19.4: Psychology and Social Psychology of Social Engineering
19.5: Dangers of Social Engineering and Its Impact on Businesses
19.6: Detection
19.7: Response
19.8: Defense and Mitigation
19.9: Conclusion
19.10: Further Reading
19.11: Notes

Chapter 20 – Spam, Phishing, and Trojans: Attacks Meant to Fool
20.1: Unwanted E-Mail and Other Pests: A Security Issue
20.2: E-Mail: An Anatomy Lesson
20.3: Spam Defined
20.4: Fighting Spam
20.5: Phishing
20.6: Trojan Code
20.7: Concluding Remarks
20.8: Further Reading
20.9: Notes

Chapter 21 – Web-Based Vulnerabilities
21.1: Introduction
21.2: Breaking E-Commerce Systems
21.3: Case Study of Breaking an E-Business
21.4: Web Application System Security
21.5: Protecting Web Applications
21.6: Components and Vulnerabilities in E-Commerce Systems
21.7: Summary
21.8: Further Reading
21.9: Notes

Chapter 22 – Physical Threats to the Information Infrastructure
22.1: Introduction
22.2: Background and Perspective
22.3: Threat Assessment Process
22.4: General Threats
22.5: Workplace Violence and Terrorism
22.6: Other Threat Situations
22.7: Confidential Threat Information
22.8: Summary
22.9: Further Reading
22.10: Notes


Part III – Prevention: Technical Defenses
Chapter 23 – Protecting the Information Infrastructure
23.1: Introduction
23.2: Security Planning and Management
23.3: Strategic Planning Process
23.4: Elements of Good Protection
23.5: Other Considerations
23.6: Access Control
23.7: Surveillance Systems
23.8: Other Design Considerations
23.9: Mitigating Specific Threats
23.10: Information Not Publicly Available
23.11: Completing the Security Planning Process
23.12: Summary and Conclusions
23.13: Further Reading
23.14: Notes

Chapter 24 – Operating System Security
24.1: Information Protection and Security
24.2: Requirements for Operating System Security
24.3: Protection Mechanisms
24.4: File Sharing
24.5: Trusted Systems
24.6: Windows 2000 Security
24.7: Further Reading
24.8: Notes

Chapter 25 – Local Area Networks
25.1: Introduction
25.2: Policy and Procedure Issues
25.3: Physical Site Security
25.4: Physical Layer Issues
25.5: Network Operating System Issues
25.6: Conclusion
25.7: Further Reading
25.8: Notes

Chapter 26 – Gateway Security Devices
26.1: Introduction
26.2: History and Background
26.3: Network Security Mechanisms
26.4: Deployment
26.5: Network Security Device Evaluation
26.6: Concluding Remarks
26.7: Further Reading

Chapter 27 – Intrusion Detection and Intrusion Prevention Devices
27.1: Security Behind the Firewall
27.2: Main Concepts
27.3: Intrusion Prevention
27.4: Information Sources
27.5: Analysis Schemes
27.6: Response
27.7: Needs Assessment and Product Selection
27.8: Conclusion
27.9: Further Reading
27.10: Notes

Chapter 28 – Identification and Authentication
28.1: Introduction
28.2: Four Principles of Authentication
28.3: Password-Based Authentication
28.4: Token-Based Authentication
28.5: Biometric Authentication
28.6: Cross-Domain Authentication
28.7: Relative Costs of Authentication Technologies
28.8: Concluding Remarks
28.9: Summary
28.10: Further Reading
28.11: Notes

Chapter 29 – Biometric Authentication
29.1: Introduction
29.2: Importance of Identification and Verification
29.3: Fundamentals and Applications
29.4: Types of Biometric Technologies
29.5: Types of Errors and System Metrics
29.6: Disadvantages and Problems
29.7: Recent Trends in Biometric Authentication
29.8: Summary and Recommendations
29.9: Further Reading
29.10: Notes

Chapter 30 – E-Commerce and Web Server Safeguards
30.1: Introduction
30.2: Business Policies and Strategies
30.3: Rules of Engagement
30.4: Risk Analysis
30.5: Operational Requirements
30.6: Technical Issues
30.7: Ethical and Legal Issues
30.8: Summary
30.9: Further Reading
30.10: Notes

Chapter 31 – Web Monitoring and Content Filtering
31.1: Introduction
31.2: Some Terminology
31.3: Motivation
31.4: General Techniques
31.5: Implementation
31.6: Enforcement
31.7: Vulnerabilities
31.8: The Future
31.9: Summary
31.10: Further Reading
31.11: Notes

Chapter 32 – Virtual Private Networks and Secure Remote Access
32.1: Introduction
32.2: Secure Client Vpns
32.3: Trusted Vpns
32.4: Extranets
32.5: Conclusion
32.6: Further Reading

Chapter 33 – 802.11 Wireless Lan Security
33.1: Introduction
33.2: 802.11 Architecture and Product Types
33.3: Wireless Lan Security Threats
33.4: Original 802.11 Security Functionality
33.5: IEEE 802.11I
33.6: 802.11 Security Auditing Tools
33.7: Conclusion
33.8: Appendix 33A-802.11 Standards
33.9: Appendix 33B: Abbreviations, Terminology, and Definitions
33.10: Further Reading
33.11: Notes

Chapter 34 – Securing VOIP
34.1: Introduction
34.2: Regulatory Compliance and Risk Analysis
34.3: Technical Aspects of VOIP Security
34.4: Protecting the Infrastructure
34.5: Encryption
34.6: Concluding Remarks
34.7: Further Reading
34.8: Notes

Chapter 35 – Securing P2P, IM, SMS, and Collaboration Tools
35.1: Introduction
35.2: General Concepts and Definitions
35.3: Peer-To-Peer Networks
35.4: Securing Instant Messaging
35.5: Securing SMS
35.6: Securing Collaboration Tools
35.7: Concluding Remarks
35.8: Further Reading
35.9: Notes

Chapter 36 – Securing Stored Data
36.1: Introduction to Securing Stored Data
36.2: Fiber Channel Weakness and Exploits
36.3: NFS Weakness and Exploits
36.4: CIFS Exploits
36.5: Encryption
36.6: Data Disposal
36.7: Concluding Remarks
36.8: Further Reading
36.9: Notes

Chapter 37 – PKI and Certificate Authorities
37.1: Introduction
37.2: Need for Public Key Infrastructure
37.3: Public Key Certificate
37.4: Enterprise Public Key Infrastructure
37.5: Certificate Policy
37.6: Global Public Key Infrastructure
37.7: Forms of Revocation
37.8: Rekey
37.9: Key Recovery
37.10: Privilege Management
37.11: Trusted Archival Services and Trusted Time Stamps
37.12: Cost of Public Key Infrastructure
37.13: Further Reading
37.14: Notes

Chapter 38 – Writing Secure Code
38.1: Introduction
38.2: Policy and Management Issues
38.3: Technical and Procedural Issues
38.4: Types of Software Errors
38.5: Assurance Tools and Techniques
38.6: Concluding Remarks
38.7: Further Reading

Chapter 39 – Software Development and Quality Assurance
39.1: Introduction
39.2: Goals of Software Quality Assurance
39.3: Software Development Life Cycle
39.4: Types of Software Errors
39.5: Designing Software Test Cases
39.6: Before Going into Production
39.7: Managing Change
39.8: Sources of Bugs and Problems
39.9: Conclusion
39.10: Further Reading

Chapter 40 – Managing Software Patches and Vulnerabilities
40.1: Introduction
40.2: Motivation for Using Automated Patching Solutions
40.3: Patch and Vulnerability Management Process
40.4: Patch and Vulnerability Management Issues
40.5: Conclusion and Summary of Major Recommendations
40.6: Further Reading
40.7: Notes

Chapter 41 – Antivirus Technology
41.1: Introduction
41.2: History of Viral Changes
41.3: Antivirus Basics
41.4: Scanning Methodologies
41.5: Content Filtering
41.6: Antivirus Deployment
41.7: Policies and Strategies
41.8: Concluding Remarks
41.9: Further Reading
41.10: Note

Chapter 42 – Protecting Digital Rights: Technical Approaches
42.1: Introduction
42.2: Software-Based Antipiracy Techniques
42.3: Hardware-Based Antipiracy Techniques
42.4: Digital Rights Management
42.5: Privacy-Enhancing Technologies
42.6: Fundamental Problems
42.7: Summary
42.8: Glossary
42.9: Further Reading
42.10: Notes

Part IV – Prevention: Human Factors
Chapter 43 – Ethical Decision Making and High Technology
43.1: Introduction: The ABCs of Computer Ethics
43.2: Awareness
43.3: Basics
43.4: Considerations
43.5: Concluding Remarks
43.6: Further Reading

Chapter 44 – Security Policy Guidelines
44.1: Introduction
44.2: Terminology
44.3: Resources for Policy Writers
44.4: Writing the Policies
44.5: Organizing the Policies
44.6: Presenting the Policies
44.7: Maintaining Policies
44.8: Summary
44.9: Further Reading
44.10: Notes

Chapter 45 – Employment Practices and Policies
45.1: Introduction
45.2: Hiring
45.3: Management
45.4: Termination of Employment
45.5: Summary
45.6: Further Reading
45.7: Notes

Chapter 46 – Vulnerability Assessment
46.1: Scorekeeper of Security Management
46.2: Taxonomy of Vulnerability Assessment Technologies
46.3: Penetration Testing
46.4: Further Reading
46.5: Notes

Chapter 47 – Operations Security and Production Controls
47.1: Introduction
47.2: Operations Management
47.3: Providing a Trusted Operating System
47.4: Protection of Data
47.5: Data Validation
47.6: Concluding Remarks
47.7: Further Reading
47.8: Notes

Chapter 48 – E-Mail and Internet Use Policies
48.1: Introduction…
48.2: Damaging the Reputation of the Enterprise
48.3: Threats to People and Systems
48.4: Threats to Productivity
48.5: Legal Liability
48.6: Recommendations
48.7: Concluding Remarks
48.8: Further Reading
48.9: Notes

Chapter 49 – Implementing a Security Awareness Program
49.1: Introduction
49.2: Awareness as a Survival Technique
49.3: Critical Success Factors
49.4: Obstacles and Opportunities
49.5: Approach
49.6: Content
49.7: Techniques and Principles
49.8: Tools
49.9: Measurement and Evaluation
49.10: Conclusion
49.11: Glossary
49.12: Further Reading
49.13: Notes

Chapter 50 – Using Social Psychology to Implement Security Policies
50.1: Introduction…
50.2: Rationality is Not Enough
50.3: Beliefs and Attitudes
50.4: Encouraging Initiative
50.5: Group Behavior
50.6: Technological Generation Gaps
50.7: Summary of Recommendations
50.8: Further Reading
50.9: Notes

Chapter 51 – Security Standards for Products
51.1: Introduction
51.2: Nonstandard Product Assessment Alternatives
51.3: Security Assessment Standards for Products
51.4: Standards for Assessing Product Builders
51.5: Combined Product and Product Builder Assessment Standards
51.6: Common Criteria Paradigm Overview
51.7: Details About the Common Criteria Standard
51.8: Using the CC to Define Security Requirements and Security Solutions
51.9: Common Test Methodology for CC Tests and Evaluations
51.10: Global Recognition of CEM/CC-Based Assessments
51.11: Example National Scheme: CCEVS
51.12: Validated Profiles and Products
51.13: Benefits of CC Evaluation
51.14: Concluding Remarks
51.15: Notes

Part V – Detecting Security Breaches
Chapter 52 – Application Controls
52.1: Protection in Application Development
52.2: Protecting Online Files
52.3: Protecting Batch Files
52.4: Ensuring that Information in the System is Valid
52.5: Concluding Remarks
52.6: Further Reading
52.7: Note

Chapter 53 – Monitoring and Control Systems
53.1: Introduction
53.2: Change and Security Implications
53.3: System Models
53.4: Targets and Methods
53.5: Log Management
53.6: Data Aggregation and Reduction
53.7: Notifications and Reporting
53.8: Monitoring and Control Challenges
53.9: Summary
53.10: References
53.11: Notes

Chapter 54 – Security Audits, Standards, and Inspections
54.1: Introduction
54.2: Auditing Standards
54.3: SAS 70 Audits
54.4: Sarbanes-Oxley
54.5: Addressing Multiple Regulations for Information Security
54.6: Technical Frameworks for IT Audits
54.7: Further Reading
54.8: Notes

Chapter 55 – Cyber Investigation
55.1: Introduction
55.2: End-To-End Digital Investigation
55.3: Applying the Framework and EEDI
55.4: Using EEDI and the Framework
55.5: Motive, Means, and Opportunity: Profiling Attackers
55.6: Some Useful Tools
55.7: Concluding Remarks
55.8: Further Reading
55.9: Notes

Part VI – Response and Remediation
Chapter 56 – Computer Security Incident Response Teams
56.1: Overview
56.2: Planning the Team
56.3: Selecting and Building the Team
56.4: Principles Underlying Effective Response to Computer Security Incidents
56.5: Responding to Computer Emergencies
56.6: Managing the CSIRT
56.7: Postincident Activities
56.8: Concluding Remarks
56.9: Further Reading
56.10: Notes

Chapter 57 – Data Backups and Archives
57.1: Introduction
57.2: Making Backups
57.3: Backup Strategies
57.4: Data Life Cycle Management
57.5: Safeguarding Backups
57.6: Disposal
57.7: Costs
57.8: Optimizing Frequency of Backups
57.9: Concluding Remarks
57.10: Further Reading
57.11: Notes

Chapter 58 – Business Continuity Planning
58.1: Introduction
58.2: Defining the Goals
58.3: Performing a Business Impact Analysis
58.4: Business Impact Analysis Matrix Analysis
58.5: Justifying the Costs
58.6: Plan Presentation
58.7: Concluding Remarks
58.8: Further Reading

Chapter 59 – Disaster Recovery
59.1: Introduction
59.2: Identifying Threats and Disaster Scenarios
59.3: Developing Recovery Strategies
59.4: Designing Recovery Tasks
59.5: Implementation and Readiness
59.6: Concluding Remarks
59.7: Further Reading

Chapter 60 – Insurance Relief
60.1: Introduction
60.2: Intellectual Property Coverage
60.3: Property Coverage
60.4: Crime/Fidelity Coverage
60.5: E-Commerce Policies
60.6: Privacy and Identity Theft Exposures
60.7: Concluding Remarks
60.8: Further Reading
60.9: Notes

Chapter 61 – Working with Law Enforcement
61.1: Introduction
61.2: Relevant Laws
61.3: Plan Ahead
61.4: Memorandum of Agreement
61.5: Handling Evidence and the Chain of Custody
61.6: Issues of Liability
61.7: Ask Law Enforcement to Give Back
61.8: The Knock at the Door
61.9: Keeping Your Operation Running During an Investigation
61.10: Nonelectronic Records and the Insider Threat
61.11: Information Sharing (The Human Factor)
61.12: Conclusion
61.13: Further Reading
61.14: Notes

Part VII – Management’s Role in Security
Chapter 62 – Risk Assessment and Risk Management
62.1: Introduction to Risk Management
62.2: Objective of a Risk Assessment
62.3: Limitations of Questionnaires in Assessing Risks
62.4: Model of Risk
62.5: Risk Mitigation
62.6: Risk Assessment Techniques
62.7: Summary
62.8: Further Reading
62.9: Notes

Chapter 63 – Management Responsibilities and Liabilities
63.1: Introduction
63.2: Responsibilities
63.3: Liabilities
63.4: Computer Management Functions
63.5: Security Administration
63.6: Concluding Remarks
63.7: Further Reading
63.8: Notes

Chapter 64 – U.S. Legal and Regulatory Security Issues
64.1: Introduction
64.2: Sarbanes-Oxley Act of 2002
64.3: Gramm-Leach-Bliley Act
64.4: Examination Procedures to Evaluate Compliance with Guidelines for Safeguarding Customer Information
64.5: Concluding Remarks
64.6: Further Reading
64.7: Notes

Chapter 65 – Role of the CISO
65.1: CISO as Change Agent
65.2: CISO as Strategist
65.3: Strategy, Governance, and the Standard of Care
65.4: Summary of Actions
65.5: Recommendations for Success for CISOs
65.6: Concluding Remarks
65.7: Notes

Chapter 66 – Developing Security Policies
66.1: Introduction
66.2: Collaborating in Building Security Policies
66.3: Phase 1: Preliminary Evaluation
66.4: Phase 2: Management Sensitization
66.5: Phase 3: Needs Analysis
66.6: Phase 4: Policies and Procedures
66.7: Phase 5: Implementation
66.8: Phase 6: Maintenance
66.9: Concluding Remarks
66.10: Notes

Chapter 67 – Developing Classification Policies for Data
67.1: Introduction
67.2: Why Data Classification is Performed
67.3: Data Classification’s Role in Information Security
67.4: Legal Requirements, Compliance Standards, and Data Classification
67.5: Designing and Implementing DC
67.6: Concluding Remarks
67.7: Notes

Chapter 68 – Outsourcing and Security
68.1: Introduction
68.2: Why Outsource?
68.3: Can Outsourcing Fail?
68.4: Controlling the Risks
68.5: Outsourcing Security Functions
68.6: Concluding Remarks
68.7: Further Reading
68.8: Notes

Part VIII – Public Policy and Other Considerations
Chapter 69 – Privacy in Cyberspace: U.S. and European Perspectives
69.1: Introduction: Worldwide Trends
69.2: European Approaches to Privacy
69.3: United States
69.4: Compliance Models
69.5: Further Reading
Web Sites
69.6: Notes

Chapter 70 – Anonymity and Identity in Cyberspace
70.1: Introduction
70.2: Definitions
70.3: Social Psychology of Anonymity
70.4: Balancing Rights and Duties
70.5: Systems Analysis of Anonymity
70.6: Implications and Discussion
70.7: Concluding Remarks
70.8: Summary
70.9: Further Reading
70.10: Notes

Chapter 71 – Medical Records Protection
71.1: Introduction
71.2: Information and Information Technology in Healthcare
71.3: Information Privacy and Security are Important in Healthcare
71.4: Nonmedical Drivers for Healthcare Information Protection
71.5: United States Laws and Government Policies
71.6: Health Insurance Portability and Accountability Act
71.7: Summary
71.8: Further Reading
71.9: Notes

Chapter 72 – Legal and Policy Issues of Censorship and Content Filtering
72.1: Introduction
72.2: U.S. Context: First Amendment Rights
72.3: Parental Involvement/Responsibility
72.4: Summary
72.5: Further Reading
72.6: Notes

Chapter 73 – Expert Witnesses and the Daubert Challenge
73.1: Introduction
73.2: Daubert
73.3: Whether the Daubert Challenge is Applicable: Refining Daubert
73.4: Divided We Fall?
73.5: Being the Best You Can Be
73.6: Summary
73.7: Further Reading
73.8: Notes

Chapter 74 – Professional Certification and Training in Information Assurance
74.1: Building Skills Through Professional Education
74.2: Information Security Certifications
74.3: Preparing for Security Certifcation Examinations
74.4: Commercial Training in Information Assurance
74.5: Concluding Remarks
74.6: Notes

Chapter 75 – Undergraduate and Graduate Education in Information Assurance
75.1: Introduction
75.2: U.S. Initiatives in Training and Education of Information Assurance
75.3: Distance Learning in Higher Education
75.4: Business Continuity Management
75.5: Concluding Remarks
75.6: Notes

Chapter 76 – European Graduate Work in Information Assurance and the Bologna Declaration
Overview
76.1: Undergraduate and Graduate Education
76.2: Convergence of Educational Programs
76.3: Bachelor’s and Master’s in Information Security
76.4: Computer Science: Does it Encompass Information Security, Assurance, and Security Assurance?
76.5: Bologna Bachelor’s Degree
76.6: Moving from Undergraduate to Graduate Education: Bologna
76.7: Executive and Specialized Master’s Degrees
76.8: Similarities and Differences: Arts and Science
76.9: What Do Programs in Information Security Teach Students?
76.10: Undergraduate Education: Polytechnics and University
76.11: Information Assurance: Defining the Territory
76.12: Teaching Information Security: The Malware Example
76.13: Conclusion of European Initiatives Overview
76.14: Implications for Education
76.15: Implications for Managers
76.16: Notes

Chapter 77 – The Future of Information Assurance
77.1: Introduction
77.2: View of the Future
77.3: Foundations of Assurance
77.4: Best Practices for Increasing Assurance
77.5: Assurance-Based Risk Reduction
77.6: Illustrative Application: Computer-Aided Voting
77.7: Conclusions
77.8: Further Reading
77.9: Notes

For 1000+ more Computer EBooks & IT Security Books, click below:

Computer BooksBusiness & Management Books
Science & Engineering Books

  • Share/Bookmark

Related posts:

  1. Computer and Information Security Handbook | by John R. Vacca (ed) | 2009 | ISBN: 9780123743541. System and Network Security. TEN STEPS TO BUILDING A SECURE ORGANIZATION. Unix and Linux Security. Internet Security. Information Technology Security Management. Security Management Systems. Computer Forensics
  2. Handbook of Research on Information Security and Assurance | by Jatinder N. D. Gupta and Sushil K. Sharma (eds) | 2009 | ISBN: 9781599048550. E-Commerce Security Risks and Countermeasures. Information Security Management Research. Effective Security Policies and Procedures.
  3. The Executive MBA in Information Security | by John J. Trinckes, Jr. | 2010 | ISBN: 9781439810071. Information Security Management. IT Audit and Compliance. Effective Information Security Program. Administrative Controls. Technical Controls. Application Controls. Perimeter Controls
  4. Computer Certifications Study Guide. ExamWise for CompTIA 2009 Security+ Certification Exams SY0-201 and BR0-001 | by David Failor | 2009 | ISBN: 9781590952139. Computing Infrastructure Security. Communication and Wireless Security. IT Vulnerabilities, Threats, and Attacks.
  5. Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions | by Kenneth J. Knapp (ed) | 2009 | ISBN: 9781605663265. Insider Threat Prevention, Detection and Mitigation. Information Security Management Standards. Approach to Managing Identity Fraud. Emergency Response Planning
  6. Schneier on Security | by Bruce Schneier | ISBN: 9780470395356. Information Security Books. The Architecture of Security. The Risks of Cyberterrorism. Identity-Theft Disclosure Laws. The Security of RFID Passports. Cybercrime and Cyberwar. Software Vulnerabilities
  7. New Information Security Framework. Six security elements—availability, utility, integrity, authenticity, confidentiality, and possession.
  8. The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments | by Craig S. Wright | ISBN: 9781597492669. IT Compliance Guideline. Information Systems Audit Program. Developing IT Security Policy. Vulnerability Assessment Tools. Information Systems Legislation
  9. Utilizing Information Technology Systems Across Disciplines: Advancements in the Application of Computer Science | by Evon M. O. Abu-Taieh, Asim A. El-Sheikh and Jeihan Abu-Tayeh | 2009 | ISBN: 9781605666167. Information Technology Research. Information Resources Management
  10. World-Class Selling: New Sales Competencies | by Brian W. Lambert, Tim Ohai and Eric M. Kerkhoff | 2009 | ISBN: 9781562865580. Sales Books. Download PDF EBooks. Sales Training and Development.
  11. 12 Security Services that are Critical for Successful E-Commerce Security. Comprehensive Safeguards Assessment for your E-Commerce and Web Server.
  12. Windows 7 Administrator’s Pocket Consultant $11| by William R. Stanek | 9780735626997 | Computer Books | Computer EBooks | Cheap Discount Bookshop
  13. Handbook of Research on Business Process Modeling | by Jorge Cardoso | 2009 | ISBN: 9781605662886. IT Reference Books. Computer Reference Books. Business Process Engineering. Business Process Languages. Holistic Process Management. Business Process Intelligence. THE MODELING FRAMEWORK
  14. The Effective CIO: How to Achieve Outstanding Success through Strategic Alignment, Financial Management, and IT Governance | by Eric J. Brown and William A. Yarberry, Jr. | 2009 | ISBN: 9781420064605. Management Strategy Books.
  15. Information Communication Technologies and Globalization of Retailing Applications | by Dr. Rajagopal | 2009 | ISBN: 9781605662480. IT Research Books. Computer Research Books. RETAILING MANAGEMENT AND STRATEGY. TECHNOLOGY FOR STORE MANAGEMENT AND PAYMENTS.
  16. Service Science for Socio-Economical and Information Systems Advancement: Holistic Methodologies | by Adamantios Koumpis (ed) | 2010 | ISBN: 9781605666839. Information Systems Books. Computer Science Books. THE SERVICE ANALYSIS MODEL (SAM). SERVICE DEVELOPMENT PROCESS
  17. The CSSLP Prep Guide: Mastering the Certified Secure Software Lifecycle Professional | by Ronald L. Krutz and Alexander J. Fry | 2009 | ISBN: 9780470461907. Software Engineering Books. Security Design Principles. Software Development Methodologies. Standards for Software Quality Assurance
  18. Securing Intellectual Property: Protecting Trade Secrets and Other Information Assets | by Information Security | 2009 | ISBN: 9780750679954. How to Sell Your Intellectual Property Protection Program. Top Ten Ways to Shut Down Hackers. Checklist for Reporting a Theft of Trade Secrets Offense.
  19. Auto-Identification and Ubiquitous Computing Applications: RFID and Smart Technologies for Information Covergence | by Judith Symonds, John Ayoade and David Parry (eds) | 2009 | ISBN: 9781605662985. IT Reference Source. Computer Reference Source. Radio Frequency Identification
  20. Security Manager’s Guide to Disasters: Managing Through Emergencies, Violence, and Other Workplace Threats | by Anthony D. Manley | 2009 | ISBN: 9781439809068. Disaster Management Books. Security and Safety Management. The Emergency Procedure Plan. Criminal and Civil Litigation
  21. MacBook Pro Portable Genius | by Brad Miser | 2009 | ISBN: 9780470291702. Troubleshooting an Internet Connection. Synchronizing Contact Information with an iPhone. Configuring Bluetooth on a MacBook Pro. Protecting MacBook Pro with General Security. Using Boot Camp to Run Windows
  22. Strategic Information Management: Challenges and Strategies in Managing Information Systems, Third Edition | by Robert D. Galliers and Dorothy E. Leidner (eds) | ISBN: 9780750656191. Strategic Information Systems. Information Systems Planning Process. Information Systems–Business Strategy Alignment
  23. Socioeconomic and Legal Implications of Electronic Intrusion | by Dionysios Politis, Phaedon-John Kozyris and Ioannis Iglezakis (eds) | 2009 | ISBN: 9781605662046. IT Research. Computer Research. Digital Forensics to Counter Cybercrime. Light Weight Intrusion Detection Systems
  24. IT Certifications Study Guide. Insiders Choice to CompTIA Security+ Exam SYO-201 and BR0-001 Certification, 2009 Edition | by David K. Failor | 2009 | ISBN: 9781590952153
  25. Computer Software Development Books. Game Programming Books. iPhone Cool Projects | by Gary Bennett et al. | 2009 | ISBN: 9781430223573. Planning a Simple Collaborative Phone Game. Multitouch Interface Design and Implementation
  26. Transforming Infoglut! A Pragmatic Strategy for Oracle Enterprise Content Management | by Andy MacMillan and Brian Huff | 2009 | ISBN: 9780071602365. Information Management Books. Strategic ECM Infrastructure and Middleware. Types of ECM Solutions
  27. Wired for Innovation: How Information Technology is Reshaping the Economy | by Erik Brynjolfsson and Adam Saunders | 2010 | ISBN: 9780262013666. Innovative Business Models. Information Technology Transformation. IT’s Contributions to Productivity and Economic Growth.
  28. Getting Started in Investment Analysis | by Warren Brussee | 2009 | ISBN: 9780470283844. Investment Books. Investing EBooks. Prudent Investing Practices.
  29. 400+ New Computer EBooks – Software Engineering, Programming Language, Project Management, IT Research Resources
  30. Security in RFID and Sensor Networks | by Yan Zhang and Paris Kitsos (eds) | 2009 | ISBN: 9781420068399. Multi-Tag RFID Systems. How to Attack RFID Systems. RFID Relay Attacks Implementation. Designing Secure Wireless Embedded Systems. Security Schemes Against Jamming in Wireless Sensor Networks
  31. Frontiers of Propulsion Science | by Marc G. Millis and Eric W. Davis (eds) | 2009 | ISBN: 9781563479564. Astronautics and Aeronautics Books. Breakthrough Propulsion Physics Project. Interstellar Flight Technology. Rocket-Based Propulsion. Nonrocket (Beamed-Momentum) Propulsion.
  32. Jump into JMP Scripting | by Wendy Murphrey and Rosemary Lucas | 2009 | ISBN: 9781599946580. Discount Computer Bookwares. Essential Scripting Language for IT Professionals. Free Downloads for Books Purchase.
  33. Character Animation with Direct3D | by Carl Granberg | 2009 | ISBN: 9781584505709. Computer Animation Books. Morphing Animation Design. Advanced Skeletal Animation Techniques. Facial Animation. Hair Animation. Creating Wrinkle Maps. How to Blend Multiple Animations. Speech Analysis Integration.
  34. Water and Wastewater Engineering. Water Supply Systems Security | by Larry W. Mays (ed) | 2004 | ISBN: 9780071425315. DRINKING WATER SECURITY AND SAFETY. WATER SYSTEM EMERGENCY RESPONSE PLAN. SECURITY HARDWARE AND SURVEILLANCE SYSTEMS FOR WATER SUPPLY SYSTEMS
  35. Visual Design Fundamentals: A Digital Approach, Third Edition | by Alan Hashimoto and Mike Clayton | 2009 | ISBN: 9781584505815. Computer Science Books. Principles of Good Design.
  36. The 15 Most Common Obstacles to World-Class Reliability: A Roadmap for Managers | by Don Nyman | 2009 | ISBN: 9780831133818. Reliability Engineering Books. Quality Engineering EBooks. Maintenance Management Books.
  37. Computer Engineering Books. Weaving High Performance Multi-Processor Fabric: Architectural Insights into the Intel QuickPath Interconnect | by Robert A. Maddox, Gurbir Singh and Robert J. Safranek | 2009 | ISBN: 9781934053188. Microprocessor Interconnect Design.
  38. IPv6 Socket API Extensions: Programmer’s Guide | by Qing Li, Tatuya Jinmei and Keiichi Shima | 2009 | ISBN: 9780123750761. Computer Network Books. Socket Programming Techniques. IPv6 Addressing. Advanced Socket API. Kernel Implementation of IPv6 Socket APIs
  39. Application-Layer Fault-Tolerance Protocols | by Vincenzo De Florio (ed) | 2009 | ISBN: 9781605661827. Computer Books. Fault-Tolerant Software. RESILIENT COMPUTING. FAULT-TOLERANT PROGRAM. THE ARIEL RECOVERY LANGUAGE
  40. Restoring Financial Stability: How to Repair a Failed System | by Viral Acharya and Matthew Richardson (eds) | 2009 | ISBN: 9780470499344. Finance Books. Economics EBooks. Financial System Restoration. The Financial Sector Bailout and Regulation.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.