Title Details

PREFACE

ACKNOWLEDGMENTS

A NOTE TO THE INSTRUCTOR

PART I FOUNDATIONS OF COMPUTER SECURITY

1. Brief History and Mission of Information System Security
Seymour Bosworth and Robert V. Jacobson

2. History of Computer Crime
M. E. Kabay

3. Toward a New Framework for Information Security
Donn B. Parker, CISSP

4. Hardware Elements of Security
Sy Bosworth and Stephen Cobb

5. Data Communications and Information Security
Raymond Panko and Eric Fisher

6. Local Area Network Topologies, Protocols, and Design
Gary C. Kessler

7. Encryption
Stephen Cobb and Corinne LeFranc¸ois

8. Using a Common Language for Computer Security Incident Information
John D. Howard

9. Mathematical Models of Computer Security
Matt Bishop

10. Understanding Studies and Surveys of Computer Crime
M. E. Kabay

11. Fundamentals of Intellectual Property Law
William A. Zucker and Scott J. Nathan

PART II THREATS AND VULNERABILITIES

12. The Psychology of Computer Criminals
Q. Campbell and David M. Kennedy

13. The Insider Threat
Gary L. Tagg, CISSP

14. Information Warfare
Seymour Bosworth

15. Penetrating Computer Systems and Networks
Chey Cobb, Stephen Cobb, M. E. Kabay, and Tim Crothers

16. Malicious Code
Robert Guess and Eric Salveggio

17. Mobile Code
Robert Gezelter

18. Denial-of-Service Attacks
Gary C. Kessler

19. Social-Engineering and Low-Tech Attacks
Karthik Raman, Susan Baumes, Kevin Beets, and Carl Ness

20. Spam, Phishing, and Trojans: Attacks Meant to Fool
Stephen Cobb

21. Web-Based Vulnerabilities
Anup K. Ghosh, Kurt Baumgarten, Jennifer Hadley, and Steven Lovaas

22. Physical Threats to the Information Infrastructure
Franklin Platt

PART III PREVENTION: TECHNICAL DEFENSES

23. Protecting the Physical Information Infrastructure
Franklin Platt

24. Operating System Security
William Stallings

25. Local Area Networks
N. Todd Pritsky, Joseph R. Bumblis, and Gary C. Kessler

26. Gateway Security Devices
Justin Opatrny

27. Intrusion Detection and Intrusion Prevention Devices
Rebecca Gurley Bace

28. Identification and Authentication
Ravi Sandhu, Jennifer Hadley, Steven Lovaas, and Nicholas Takacs

29. Biometric Authentication
Eric Salveggio, Steven Lovaas, David R. Lease, and Robert Guess

30. E-Commerce and Web Server Safeguards
Robert Gezelter

31. Web Monitoring and Content Filtering
Steven Lovaas

32. Virtual Private Networks and Secure Remote Access
Justin Opatrny and Carl Ness

33. 802.11 Wireless LAN Security
Gary L. Tagg, CISSP and Jason Sinchak, CISSP

34. Securing VoIP
Christopher Dantos and John Mason

35. Securing P2P, IM, SMS, and Collaboration Tools
Carl Ness

36. Securing Stored Data
David J. Johnson, Nicholas Takacs, Jennifer Hadley, and M. E. Kabay

37. PKI and Certificate Authorities
Santosh Chokhani, Padgett Peterson, and Steven Lovaas

38. Writing Secure Code
Lester E. Nichols, M. E. Kabay, and Timothy Braithwaite

39. Software Development and Quality Assurance
Diane E. Levine, John Mason, and Jennifer Hadley

40. Managing Software Patches and Vulnerabilities
Karen Scarfone, Peter Mell, and Murugiah Souppaya

41. Antivirus Technology
Chey Cobb and Allysa Myers

42. Protecting Digital Rights: Technical Approaches
Robert Guess, Jennifer Hadley, Steven Lovaas, and Diane E. Levine

PART IV PREVENTION: HUMAN FACTORS

43. Ethical Decision Making and High Technology
James Landon Linderman

44. Security Policy Guidelines
M. E. Kabay and Bridgitt Robertson

45. Employment Practices and Policies
M. E. Kabay and Bridgitt Robertson

46. Vulnerability Assessment
Rebecca Gurley Bace and Jason Sinchak

47. Operations Security and Production Controls
M. E. Kabay, Don Holden, and Myles Walsh

48. Email and Internet Use Policies
M. E. Kabay and Nicholas Takacs

49. Implementing a Security-Awareness Program
K. Rudolph

50. Using Social Psychology to Implement Security Policies
M. E. Kabay, Bridgitt Robertson, Mani Akella, and D. T. Lang

51. Security Standards for Products
Paul Brusil and Noel Zakin

PART V DETECTING SECURITY BREACHES

52. Application Controls
Myles Walsh and Susan Baumes

53. Monitoring and Control Systems
Caleb S. Coggins and Diane E. Levine

54. Security Audits
Donald Glass, Richard O. Moore III, Chris Davis, John Mason, David Gursky, James Thomas, Wendy Carr, M. E. Kabay, and Diane Levine

55. Cyber Investigation
Peter Stephenson

PART VI RESPONSE AND REMEDIATION

56. Computer Security Incident Response Teams
Michael Miora, M. E. Kabay, and Bernie Cowens

57. Data Backups and Archives
M. E. Kabay and Don Holden

58. Business Continuity Planning
Michael Miora

59. Disaster Recovery
Michael Miora

60. Insurance Relief
Robert A. Parisi, Jr., John F. Mullen, and Kevin Apollo

61. Working with Law Enforcement
David A. Land

PART VII MANAGEMENT’S ROLE IN SECURITY

62. Quantitative Risk Assessment and Risk Management
Robert V. Jacobson and Susan Baumes

63. Management Responsibilities and Liabilities
Carl Hallberg, M. E. Kabay, Bridgitt Robertson, and Arthur E. Hutt

64. U.S. Legal and Regulatory Security Issues
Timothy Virtue

65. The Role of the CISO
Karen F. Worstell

66. Developing Security Policies
M. E. Kabay and Sean Kelley

67. Developing Classification Policies for Data
Karthik Raman, Kevin Beets, and M. E. Kabay

68. Outsourcing and Security
Kip Boyle, Michael Buglewicz, and Steven Lovaas

PART VIII PUBLIC POLICY AND OTHER CONSIDERATIONS

69. Privacy in Cyberspace: U.S. and European Perspectives
Henry L. Judy, Scott L. David, Benjamin S. Hayes, Jeffrey B. Ritter, Marc Rotenberg, and M. E. Kabay

70. Anonymity and Identity in Cyberspace
M. E. Kabay, Eric Salveggio, Robert Guess, and Russell D. Rosco

71. Healthcare Security and Privacy
Paul Brusil

72. Legal and Policy Issues of Censorship and Content Filtering
Lee Tien, Seth Finkelstein, and Steven Lovaas

73. Expert Witnesses and the Daubert Challenge
Chey Cobb

74. Professional Certification and Training in Information Assurance
M. E. Kabay, Christopher Christian, Kevin Henry, and Sondra Schneider

75. The Future of Information Assurance
Jeremy A. Hansen

INDEX