Computer and information security handbook
The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent adv...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Amsterdam, Netherlands :
Elsevier
c2013.
Waltham, MA : 2013. |
| Edición: | 2nd ed |
| Colección: | Gale eBooks
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009628321906719 |
Tabla de Contenidos:
- Front Cover; Computer and Information Security Handbook; Copyright Page; Dedication; Contents; Foreword; Preface; Organization of this Book; Part 1: Overview of System and Network Security: A Comprehensive Introduction; Part 2: Managing Information Security; Part 3: Cyber, Network, and Systems Forensics Security and Assurance; Part 4: Encryption Technology; Part 5: Privacy and Access Management; Part 6: Storage Security; Part 7: Physical Security; Part 8: Practical Security; Part 9: Advanced Security; Supplemental Materials; Acknowledgments; About the Editor; Contributors
- I. Overview of System and Network Security: A Comprehensive Introduction1 Building a Secure Organization; 1. Obstacles to Security; Security Is Inconvenient; 2. Computers are Powerful and Complex; Computer Users Are Unsophisticated; Computers Created Without a Thought to Security; 3. Current Trend is to Share, Not Protect; Data Accessible from Anywhere; 4. Security isn't about Hardware and Software; The Bad Guys Are Very Sophisticated; Management Sees Security as a Drain on the Bottom Line; 5. Ten Steps to Building a Secure Organization; Evaluate the Risks and Threats
- Threats Based on the Infrastructure ModelThreats Based on the Business Itself; Threats Based on Industry; Global Threats; Beware of Common Misconceptions; Provide Security Training for IT Staff-Now and Forever; Think "Outside the Box"; DOXing; Train Employees: Develop a Culture of Security; Identify and Utilize Built-in Security Features of the Operating System and Applications; Monitor Systems; Hire a Third Party to Audit Security; Don't Forget the Basics; Change Default Account Passwords; Use Robust Passwords; Close Unnecessary Ports; Patch, Patch, Patch
- Use Administrator Accounts for Administrative TasksRestrict Physical Access; Don't Forget Paper!; 6. Preparing for the Building of Security Control Assessments; 7. Summary; Chapter Review Questions/Exercises; True/False; Multiple Choice; Exercise; Problem; Hands-On Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem; 2 A Cryptography Primer; 1 What is Cryptography? What is Encryption?; How Is Cryptography Done?; 2 Famous Cryptographic Devices; The Lorenz Cipher; Enigma; 3 Ciphers; The Substitution Cipher; The Shift Cipher; The Polyalphabetic Cipher
- The Kasiski/Kerckhoff Method4 Modern Cryptography; The Vernam Cipher (Stream Cipher); The One-Time Pad; Cracking Ciphers; The XOR Cipher and Logical Operands; Block Ciphers; 5 The Computer Age; Data Encryption Standard; Theory of Operation; Implementation; Rivest, Shamir, and Adleman (RSA); Advanced Encryption Standard (AES or Rijndael); Overview; The Basics of AES; 6 How AES Works; Bytes; Math; In the Beginning; Rounds; 7 Selecting Cryptography: the Process; 8 Summary; Chapter Review Questions/Exercises; True/False; Multiple Choice; Exercise; Problem; Hands-On Projects; Project
- Case Projects
