Teaches end-to-end network security concepts and techniques. Includes comprehensive information on how to design a comprehensive security defense model. Plus, discloses how to develop and deploy computer, personnel, and physical security policies, how to design and manage authentication and authorization methods, and much more.
Author Biography
Roberta Bragg (CISSP, MCSE: Security; Security+, ETI Client Server, Certified Technical Trainer, IBM Certified Trainer, DB2-UDB, Citrix Certified Administrator) has been a Security Advisor columnist for Microsoft Certified Professional Magazine for five years, is a Security Expert for SearchWin2000.com, and writes for the ?SecurityWatch? newsletter, which has more than 55,000 subscribers. Roberta designed, planned, produced, and participated in the first Windows Security Summit, held in Seattle, Washington, in 2002. In September and October of 2002, Roberta was an instructor for four sessions of SANS Gold Standard Windows 2000 Training. Roberta has participated in numerous security audits and is a security evangelist traveling all over the world consulting, assessing, and training on network and Windows security. Roberta has served as adjunct faculty at Seattle Pacific University and at Johnson County Community College teaching courses on Windows 2000 Security Design and Network Security Design.
Mark Rhodes-Ousley (CISSP) has been a practicing security professional for more than ten years. Mark has advised, designed, and installed security technologies and policies for dozens of companies, including Fortune 500 companies, large, medium-sized, and many small companies. All this experience with companies in different stages of growth leads to a unique perspective on how to manage security for a growing company?where to begin, what to do when moving forward, and how to plan for future growth. Mark holds certifications from the International Information Systems Security Certification Consortium, known as (ISC)2, Cisco Systems, Security Dynamics, Raptor Systems, Hewlett Packard, and Digital Equipment Corporation, along with a Bachelor degree in Applied Mathematics and Electrical Engineering from the University of California, San Diego (UCSD).
Keith Strassberg (CPA, CISSP) is an independent security consultant with more than seven years of experience in information security. Most recently, he worked as a senior security engineer for a mid-sized technology consulting company. Keith?s professional experiences cover all facets of information security, including, but not limited to, designing and deploying secure infrastructures, implementing firewalls and intrusion detection systems, performing computer forensic investigations, developing policies and procedures, and performing vulnerability testing.
Table of Contents
Part I: Network Security Foundations
1: Network Security Overview
2: Risk Analysis and Defense Models
3: Security Policy Development
4: Security Organization
Part II: Access Control
5: Physical Security
6: Authentication and Authorization Controls
7: Data Security Architecture
8: Security Management Architecture
Part III: Network Architecture
9: Network Design Considerations
10: Network Device Security
11: Firewalls
12: Virtual Private Network Security
13: Wireless Network Security
14: Intrusion-Detection Systems
15: Integrity and Availability Architecture
16: Network Role-Based Security
Part IV: Operating System Security
17: Operating System Security Models
18: Common Unix Vulnerabilities
19: Linux Security
20: Windows Security
21: Novell Security
Part V: Application Security
22: Principals of Application Security
23: Writing Secure Software
24: J2EE Security
25: Windows .NET Security
26: Database Security
Part VI: Response
27: Disaster Recovery and Business Continuity
28: Attacks and Countermeasures
29: Incident Response and Forensic Analysis
30: Legal Issues: The Laws Affecting Information Security Professionals
Reviews
Reviews
Excerpts from review by K. L. Carriveau Jr., Baylor University
Entries in this work were extracted and condensed from McGraw-Hill Encyclopedia of Science & Technology (9th ed., 20v., CH, Sep'02)... Although this version seems to meet its goal ("providing the reader with essential knowledge in chemistry without extensive detail")...the biographical section included as an appendix is useful and addresses a common need of students from high school through lower undergraduate levels...Although many of the 700 entries are dated, they are still valid and the concise edition will be valuable to special collections looking for a low-cost alternative to the full 20-volume set....
.gif){kind=spacer}
.gif){kind=spacer}
