Computer and information security handbook

Presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. Also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, including Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessment and mitigation and auditing and testing of security systems as well as application standards and technologies required to build secure VPNs, configure client software and server operating systems, IPsec-enabled routers, firewalls and SSL clients. This comprehensive book will provide essential knowledge and skills needed to select, design and deploy a public key infrastructure (PKI) to secure existing and future applications.

PART I: OVERVIEW OF SYSTEM AND NETWORK SECURITY: A COMPREHENSIVE INTRODUCTION Chapter 1: Building a Secure Organization Chapter 2: A Cryptography Primer Chapter 3: Verifying User and Host Identity Chapter 4: Preventing System Intrusions Chapter 5: Guarding Against Network Intrusions Chapter 6: Ensuring Network Confidentiality Chapter 7: UNIX and Linux Security Chapter 8: Internet Security Chapter 9: Intranet Security Chapter 10: Local Area Network (LAN) Security Chapter 11: Wireless Network Security Chapter 12: RFID Security PART II: MANAGING INFORMATION SECURITY Chapter 13: Security Essentials for IT Managers: Protecting Mission-Critical Systems Chapter 14: Security Management Systems Chapter 15: IT Security Management Chapter 16: ID Management Chapter 17: Intrusion Detection and Prevention Systems Chapter 18: Computer Forensics Chapter 19: Firewalls Chapter 20: Penetration Testing Chapter 21: Vulnerability Assessment PART III: ENCRYPTION TECHNOLOGY Chapter 22: Data Encryption Chapter 23: Satellite Encryption Chapter 24: Public Key Infrastructure Chapter 25: Instant Messaging Security PART IV: PRIVACY AND ACCESS MANAGEMENT Chapter 26: Net Privacy Chapter 27: Virtual Private Networks Chapter 28: Identity Theft Chapter 29: Access Management Chapter 30: IPSec Versus SSL VPNs For Secure Remote Access Chapter 31: VoIP Security PART V: STORAGE SECURITY Chapter 32: SAN Security Chapter 33: Disaster Recovery Chapter 34: Risk Management PART VI: PHYSICAL SECURITY Chapter 35: Physical Security Essentials Chapter 36: Facilities Security Management Chapter 37: Biometerics Chapter 38: Homeland Security Chapter 39: Information Warfare