Information Security Management Handbook, Fourth Edition, Volume I
4th Edition
Published on 28. October 1999
Book
Hardback
711 pages
978-0-8493-9829-2 (ISBN)
Description
Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for use by practitioners to conduct the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination.
Preparing for the examination is a major effort because it requires a thorough understanding of the topics contained in the Common Body of Knowledge (CBK) for the field as specified in the Generally Accepted Systems Security Principles (GASSP). The handbook is one of the most important references used by candidates preparing for the exam.
The Information Security Management Handbook maps the ten domains of the Common Body of Knowledge tested on the certification examination: access control issues and methodology, telecommunications and network security, security management practices, applications and systems development security, cryptography, security architecture and models, operations security, business continuity planning and disaster recovery planning, law, investigations, and ethics, and physical security.
The Information Security Management Handbook is a "must have" book, whether you're preparing for the CISSP exam or need a comprehensive, up-to-date reference, or both.
Preparing for the examination is a major effort because it requires a thorough understanding of the topics contained in the Common Body of Knowledge (CBK) for the field as specified in the Generally Accepted Systems Security Principles (GASSP). The handbook is one of the most important references used by candidates preparing for the exam.
The Information Security Management Handbook maps the ten domains of the Common Body of Knowledge tested on the certification examination: access control issues and methodology, telecommunications and network security, security management practices, applications and systems development security, cryptography, security architecture and models, operations security, business continuity planning and disaster recovery planning, law, investigations, and ethics, and physical security.
The Information Security Management Handbook is a "must have" book, whether you're preparing for the CISSP exam or need a comprehensive, up-to-date reference, or both.
More details
Edition
4th New edition
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
Professional and scholarly
Data security managers; IS directors and managers; CIOs; contingency planners and anyone involved with data security issues
Edition type
New edition
Illustrations
22 s/w Photographien bzw. Rasterbilder, 18 s/w Tabellen
22 Halftones, black and white; 18 Tables, black and white
Dimensions
Height: 235 mm
Width: 156 mm
Weight
1143 gr
ISBN-13
978-0-8493-9829-2 (9780849398292)
Copyright in bibliographic data is held by Nielsen Book Services Limited or its licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Harold F. Tipton | Micki Krause
Information Security Management Handbook on CD-ROM, 2005 Edition
Software
06/2005
4th Edition
Auerbach
€190.00
Article exhausted; check for reprint
Harold F. Tipton | Micki Krause
Information Security Management Handbook, Fourth Edition, Volume I
Software
10/1999
Auerbach
€110.68
Article exhausted; check for reprint
Previous edition
Harold F. Tipton | Micki Krause
Handbook of Information Secutity Management
Book
11/1998
99th Edition
Auerbach
€84.17
Article exhausted; check for reprint
Persons
Content
DOMAIN 1: ACCESS CONTROL SYSTEMS & METHODOLOGY
CHAPTER 1.1 ACCESS CONTROL ISSUES
Biometric Identification
Single Signon
DOMAIN 2: TELECOMMUNICATIONS & NETWORK SECURITY
CHAPTER 2.1 NETWORK SECURITY
Secured Connections to External Networks
CHAPTER 2.2 INTERNET, INTRANET. EXTRANET SECURITY
"Internet Firewalls"
Internet Security
Extranet Access Control Issues
Firewall Management
Network Layer Security (e.g., SKIP)
Transport Layer Security
Application Layer Security Protocols for Networks
Security of Communication Protocols & Services
DOMAIN 3: SECURITY MANAGEMENT PRACTICES
CHAPTER 3.1 SECURITY AWARENESS
Security Awareness Program
CHAPTER 3.2 ORGANIZATION ARCHITECTURE
Enterprise Security Architecture
An Introduction to IPSec
CHAPTER 3.3 RISK MANAGEMENT
Risk Analysis and Assessment
Protecting High Tech Business Secrets
Information Security Management in the
Healthcare Industry
DOMAIN 4: APPLICATIONS & SYSTEMS DEVELOPMENT SECURITY
CHAPTER 4.1 APPLICATION SECURITY
"Security Models for Object Oriented Databases" 999
DOMAIN 5: CRYPTOGRAPHY
CHAPTER 5.1 CRYPTO TECHNOLOGY & IMPLEMENTATIONS
"Fundamentals of Cryptography & Encryption"
"Principles & Applications of Cryptographic Key Management"
"Implementing Kerberos in Distributed Systems"
"PKI"
DOMAIN 6: SECURITY ARCHITECTURE & MODELS
CHAPTER 6.1 MICROCOMPUTER & LAN SECURITY
"Microcomputer & LAN Security"
DOMAIN 7: OPERATIONS SECURITY
CHAPTER 7.1 THREATS
"Types of Network Attacks"
"A Look at Java Security"
DOMAIN 8: BUSINESS CONTINUITY PLANNING & DISASTER RECOVERY PLANNING
CHAPTER 8.1 BUSINESS CONTINUITY PLANNING
"Process Improvement BCP"
CHAPTER 8.2 DISASTER RECOVERY PLANNING
"Restoration Component of BCP"
DOMAIN 9: LAW, INVESTIGATIONS & ETHICS
CHAPTER 9.1 INVESTIGATION
Computer Crime Investigation
CHAPTER 9.2 INFORMATION ETHICS
Ethics and the Internet
CHAPTER 9.3 INFORMATION LAW
Jurisdictional Issues in Global Transmissions
DOMAIN 10: PHYSICAL SECURITY
CHAPTER 10.1 THREATS & FACILITY REQUIREMENTS
Intrusion Detection: How to Utilize a Still
Immature Technology
CHAPTER 1.1 ACCESS CONTROL ISSUES
Biometric Identification
Single Signon
DOMAIN 2: TELECOMMUNICATIONS & NETWORK SECURITY
CHAPTER 2.1 NETWORK SECURITY
Secured Connections to External Networks
CHAPTER 2.2 INTERNET, INTRANET. EXTRANET SECURITY
"Internet Firewalls"
Internet Security
Extranet Access Control Issues
Firewall Management
Network Layer Security (e.g., SKIP)
Transport Layer Security
Application Layer Security Protocols for Networks
Security of Communication Protocols & Services
DOMAIN 3: SECURITY MANAGEMENT PRACTICES
CHAPTER 3.1 SECURITY AWARENESS
Security Awareness Program
CHAPTER 3.2 ORGANIZATION ARCHITECTURE
Enterprise Security Architecture
An Introduction to IPSec
CHAPTER 3.3 RISK MANAGEMENT
Risk Analysis and Assessment
Protecting High Tech Business Secrets
Information Security Management in the
Healthcare Industry
DOMAIN 4: APPLICATIONS & SYSTEMS DEVELOPMENT SECURITY
CHAPTER 4.1 APPLICATION SECURITY
"Security Models for Object Oriented Databases" 999
DOMAIN 5: CRYPTOGRAPHY
CHAPTER 5.1 CRYPTO TECHNOLOGY & IMPLEMENTATIONS
"Fundamentals of Cryptography & Encryption"
"Principles & Applications of Cryptographic Key Management"
"Implementing Kerberos in Distributed Systems"
"PKI"
DOMAIN 6: SECURITY ARCHITECTURE & MODELS
CHAPTER 6.1 MICROCOMPUTER & LAN SECURITY
"Microcomputer & LAN Security"
DOMAIN 7: OPERATIONS SECURITY
CHAPTER 7.1 THREATS
"Types of Network Attacks"
"A Look at Java Security"
DOMAIN 8: BUSINESS CONTINUITY PLANNING & DISASTER RECOVERY PLANNING
CHAPTER 8.1 BUSINESS CONTINUITY PLANNING
"Process Improvement BCP"
CHAPTER 8.2 DISASTER RECOVERY PLANNING
"Restoration Component of BCP"
DOMAIN 9: LAW, INVESTIGATIONS & ETHICS
CHAPTER 9.1 INVESTIGATION
Computer Crime Investigation
CHAPTER 9.2 INFORMATION ETHICS
Ethics and the Internet
CHAPTER 9.3 INFORMATION LAW
Jurisdictional Issues in Global Transmissions
DOMAIN 10: PHYSICAL SECURITY
CHAPTER 10.1 THREATS & FACILITY REQUIREMENTS
Intrusion Detection: How to Utilize a Still
Immature Technology