Information Security Management Handbook, 6th Edition

  • Volume 7
  • Richard O'Hanley
  • Published By: Auerbach Publications
  • ISBN-10: 146656752X
  • ISBN-13: 9781466567528
  • DDC: 005.8
  • Grade Level Range: College Freshman - College Senior
  • 436 Pages | eBook
  • Original Copyright 2013 | Published/Released November 2015
  • This publication's content originally published in print form: 2013

  • Price:  Sign in for price

About

Overview

Updated annually, the Information Security Management Handbook, Sixth Edition, Volume 7 is the most comprehensive and up-to-date reference available on information security and assurance. Bringing together the knowledge, skills, techniques, and tools required of IT security professionals, it facilitates the up-to-date understanding required to stay one step ahead of evolving threats, standards, and regulations.Reporting on the latest developments in information security and recent changes to the (ISC)2® CISSP Common Body of Knowledge (CBK®), this volume features 27 new chapters on topics such as BYOD, IT consumerization, smart grids, security, and privacy.

The ubiquitous nature of computers and networks will always provide the opportunity and means to do harm. This edition updates its popular predecessors with the information you need to address the vulnerabilities created by recent innovations such as cloud computing, mobile banking, digital wallets, and near-field communications. This handbook is also available on CD.

Table of Contents

Front Cover.
Half Title Page.
Other Information Security Books from Auerbach.
Title Page.
Copyright Page.
Contents.
Introduction.
Contributors.
Domain 2 Telecommunications and Network Security.
1: Communications and Network Security: Securing the Grid.
2: Network Attacks and Countermeasures: Attacks in Mobile Environments.
Domain 3 Information Security and Risk Management.
3: Security Management Concepts and Principles: Security in the Cloud.
4: Security Management Concepts and Principles: Getting the Best Out of Information Security Projects.
5: Security Management Concepts and Principles: Mobility and Its Impact on Enterprise Security.
6: Security Management Concepts and Principles: An Introduction to Digital Rights Management.
7: Security Management Concepts and Principles: Information Security on the Cheap.
8: Security Management Concepts and Principles: Organizational Behavior (Including Institutions) Can Cultivate Your Information Security Program.
9: Security Management Concepts and Principles: Metrics for Monitoring.
10: Policies, Standards, Procedures, and Guidelines: Security Implications of Bring Your Own Device, IT Consumerization, and Managing User Choices.
11: Policies, Standards, Procedures, and Guidelines: Information Assurance:Open Research Questions and Future Directions.
12: Security Awareness Training: Protecting Us from Us:Human Firewall Vulnerability Assessments.
Domain 4 Application Development Security.
13: Application Issues: Service-Oriented Architecture.
14: Systems Development Controls: Managing the Security Testing Process.
15: Systems Development Controls: Security and Resilience in the Software Development Life Cycle.
Domain 5 Cryptography.
16: Cryptographic Concepts, Methodologies, and Practices: Cloud Cryptography.
Domain 6 Security Architecture and Design.
17: Principles of Security Models, Architectures, and Evaluation Criteria: Identity and Access Management Architecture.
18: Principles of Security Models, Architectures, and Evaluation Criteria: FedRAMP: Entry or Exit Ramp for Cloud Security?.
Domain 7 Operations Security.
19: Concepts: Data Storage and Network Security.
Domain 9 Legal, Regulations, Compliance, and Investigations.
20: Information Law: National Patient Identifier and Patient Privacy in the Digital Era.
21: Information Law: Addressing Social Media Security and Privacy Challenges.
22: Investigations: What Is Digital Forensics and What Should You Know about It?.
23: Investigations: eDiscovery.
24: Investigations: Overview of the Steps of the Electronic Discovery Reference Model.
25: Investigations: Cell Phone Protocols and Operating Systems.
26: Major Categories of Computer Crime: Hacktivism: The Whats, Whys, and Wherefores.
27: Compliance: PCI Compliance.
28: Compliance: HIPAA/HITECH Compliance Overview.
Information Security Management Handbook: Comprehensive Table of Contents.