You are not signed in. Sign in.


Category IT Books

Information Security Management Handbook » (6th Edition)

Book cover image of Information Security Management Handbook by Harold F. Tipton

Authors: Harold F. Tipton, Micki Krause
ISBN-13: 9780849374951, ISBN-10: 0849374952
Format: Hardcover
Publisher: Taylor & Francis, Inc.
Date Published: December 2006
Edition: 6th Edition

Find Best Prices for This Book »

Author Biography: Harold F. Tipton

Book Synopsis

Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page stand-alone reference is organized under the CISSP Common Body of Knowledge domains and has been updated yearly. Volumes 2, 3, and this year’s Volume 4 reflect the changes to the CBK in response to new laws and evolving technology.

Table of Contents

Domain 1Access Control Systems and Methodology1
Ch. 1Biometrics: What Is New?5
Ch. 2Privacy in the Healthcare Industry15
Ch. 3A New Breed of Hacker Tools and Defenses31
Ch. 4Social Engineering: The Forgotten Risk51
Domain 2Telecommunications and Network Security65
Ch. 5Security and Network Technologies69
Ch. 6Wired and Wireless Physical Layer Security Issues97
Ch. 7Network Router Security109
Ch. 8Wireless Internet Security125
Ch. 9VPN Deployment and Evaluation Strategy149
Ch. 10How to Perform a Security Review of a Checkpoint Firewall177
Ch. 11Comparing Firewall Technologies201
Ch. 12The (In)Security of Virtual Private Networks215
Ch. 13E-Mail Security239
Ch. 14Cookies and Web Bugs: What Are They and How Do They Work Together?259
Ch. 15Leveraging Virtual Private Networks273
Ch. 16Wireless LAN Security291
Domain 3Security Management Practices299
Ch. 17Maintaining Management's Commitment303
Ch. 18Making Security Awareness Happen317
Ch. 19Making Security Awareness Happen: Appendices337
Ch. 20Policy Development353
Ch. 21A Matter of Trust385
Ch. 22Risk Management and Analysis407
Ch. 23New Trends in Information Risk Management419
Ch. 24Information Security in the Enterprise431
Ch. 25Managing Enterprise Security Information451
Ch. 26Configuration Management: Charting the Course for the Organization479
Domain 4Applications and Systems Development Security505
Ch. 27Web Application Security509
Ch. 28The Perfect Security: A New World Order525
Ch. 29Security for XML and Other Metadata Languages539
Ch. 30XML and Information Security551
Ch. 31Digital Signatures in Relational Database Applications563
Ch. 32Security and Privacy for Data Warehouses: Opportunity or Threat577
Domain 5Cryptography603
Ch. 33A Look at the Advanced Encryption Standard (AES)607
Ch. 34Preserving Public Key Hierarchy619
Domain 6Security Architecture and Models629
Ch. 35Reflections on Database Integrity633
Domain 7Operations Security645
Ch. 36Intelligent Intrusion Analysis: How Thinking Machines Can Recognize Computer Intrusions649
Ch. 37Auditing the Electronic Commerce Environment671
Domain 8Business Continuity Planning and Disaster Recovery Planning697
Ch. 38Reengineering the Business Continuity Planning Process701
Ch. 39Business Resumption Planning and Disaster Recovery: A Case History719
Domain 9Law, Investigations, and Ethics735
Ch. 40What Happened?739
Ch. 41Internet Gripe Sites: Bally v. Faber745
Ch. 42State Control of Unsolicited E-Mail: State of Washington v. Heckel751
Domain 10Physical Security757
Ch. 43Physical Security: A Foundation for Information Security761
Ch. 44Physical Security: Controlled Access and Layered Defense775




No reviews. Submit yours!

Review this book.

We would like to know what you think about this book and publish your thoughts here! (top)

Your Review

  1. You may optionally give a title for this comment.

  2. Worst to best, 1 to 5, what would you rate this one?

  3. The actual content of your comment. No HTML nor whatsoever allowed.

  4. The author of this comment.

  5. 1 + 7 = ?

    Please answer the question by common sense.