Every year, in response to advancements in technology and new laws in different countries and regions, there are many changes and updates to the body of knowledge required of IT security professionals. Updated annually to keep up with the increasingly fast pace of change in the field, the Information Security Management Handbook is the single most comprehensive and up-to-date resource on information security and assurance.
Providing an up-to-date compilation of the fundamental skills, techniques, tools, and understanding required of IT security professionals, the Information Security Management Handbook, Sixth Edition, Volume 4 reflects the latest changes to information security and the CISSP® Common Body of Knowledge (CBK®). This edition updates the benchmark Volume 1 with a wealth of new information on mobile device security, adaptive threat defense, Web 2.0, virtualization, data leakage, and governance. New material also addresses risk management, business continuity planning, disaster recovery planning, and cryptography.
As the risks that threaten the security of our systems continue to evolve, it is imperative that those charged with protecting that information stay ahead of the curve. Also available in a fully searchable CD-ROM format, this comprehensive resource provides the up-to-date understanding required to keep you abreast of the latest developments, new vulnerabilities, and possible threats.
Table of Contents
Access Control. Access Control Techniques. Access Control Administration. Methods of Attack. Telecommunications & Network Security. Communications & Network Security. Internet, Intranet, Extranet Security. Network Attacks & Countermeasures. Information Security & Risk Management. Security Management Concepts & Principles. Policies, Standards, Procedures & Guidelines. Risk Management. Security Management Planning. Employment Policies & Practices. Application Security. Application Issues. System Development Controls. Malicious Code. Methods of Attack. Cryptography. Crypto Concepts, Methodologies & Practices. Security Architecture & Design. Principles of Computer & Network Organizations, Architectures & Designs. Operations Security. Operations Controls. Resource Protection Requirements. Business Continuity Planning & Disaster Recovery Planning. Business Continuity Planning. Disaster Recovery Planning. Legal, Regulations, Compliance & Investigation. Information Law. Major Categories of Computer Crime. Incident Handling. Physical Security. Elements of Physical Security.
Harold F. Tipton, HFT Associates, Villa Park, California, USA
Micki Krause Nozaki, Pacific Life Insurance Company, Newport Beach, California, USA