Tabla de Contenidos: “…-- Benefits of confidential computing -- Trusted execution environments - attestation of source code and how it helps protect against insider threat attacks -- Industry standards for ML in TEEs -- Confidential Computing Consortium -- High-level comparison of Intel SGX, AWS Nitro Enclaves, Google Asylo, Azure enclaves, and Anjuna -- Pros and cons of TEEs -- Summary -- Chapter 10: Preserving Privacy in Large Language Models -- Key concepts/terms used in LLMs -- Prompt example using ChatGPT (closed source LLM) -- Prompt example using open source LLMs -- Comparison of open source LLMs and closed source LLMs -- AI standards and terminology of attacks -- NIST -- OWASP Top 10 for LLM applications -- Privacy attacks on LLMs -- Membership inference attacks against generative models -- Extracting training data attack from generative models -- Prompt injection attacks -- Privacy-preserving technologies for LLMs…”

Tabla de Contenidos: “…5.3.4 The Need for Post-Quantum Cryptography -- 5.4 Algorithms Proposed for Post-Quantum Cryptography -- 5.4.1 Code-Based Cryptography -- 5.4.2 Lattice-Based Cryptography -- 5.4.3 Multivariate Cryptography -- 5.4.4 Hash-Based Cryptography -- 5.4.5 Supersingular Elliptic Curve Isogeny Cryptography -- 5.4.6 Quantum-Resistant Symmetric Key Cryptography -- 5.5 Launching of the Project Called "Open Quantum Safe" -- 5.6 Algorithms Proposed During the NIST Standardization Procedure for Post-Quantum Cryptography -- 5.7 Hardware Requirements of Post-Quantum Cryptographic Algorithms -- 5.7.1 NTRUEncrypt -- 5.7.1.1 Polynomial Multiplication -- 5.7.1.2 Hardware to Accelerate NTRUEncrypt -- 5.7.2 Hardware-Software Design to Implement PCQ Algorithms -- 5.7.3 Implementation of Cryptographic Algorithms Using HLS -- 5.8 Challenges on the Way of Post-Quantum Cryptography -- 5.9 Post-Quantum Cryptography Versus Quantum Cryptography -- 5.10 Future Prospects of Post-Quantum Cryptography -- References -- Chapter 6 A Statistical Characterization of MCX Crude Oil Price with Regard to Persistence Behavior and Seasonal Anomaly -- 6.1 Introduction -- 6.2 Related Literature -- 6.3 Data Description and Methodology -- 6.3.1 Data -- 6.3.2 Methodology -- 6.3.2.1 Characterizing Persistence Behavior of Crude Oil Return Time Series Using Hurst Exponent -- 6.3.2.2 Zipf Plot -- 6.3.2.3 Seasonal Anomaly in Oil Returns -- 6.4 Analysis and Findings -- 6.4.1 Persistence Behavior of Daily Oil Stock Price -- 6.4.2 Detecting Seasonal Pattern in Oil Prices -- 6.5 Conclusion and Implications -- References -- Appendix -- Chapter 7 Some Fixed Point and Coincidence Point Results Involving Gα-Type Weakly Commuting Mappings -- 7.1 Introduction -- 7.2 Definitions and Mathematical Preliminaries -- 7.2.1 Definition: G-metric Space (G-ms) -- 7.2.2 Definition: t-norm…”

Tabla de Contenidos: “…-- FEATURES -- 1 - OVERVIEW -- INTRODUCTION -- CHAPTER 2-EVOLUTION OF APPLICATION MANAGEMENT -- CHAPTER 3-MANAGING TRADITIONAL APPLICATIONS -- CHAPTER 4-MANAGING APPLICATIONS IN THE CLOUD -- CHAPTER 5-MANAGING VIRTUALIZED SYSTEMS -- CHAPTER 6-MANAGING MOBILE COMPUTING -- CHAPTER 7-MANAGING WEB-BASED APPLICATIONS -- CHAPTER 8-APPLICATION MANAGEMENT SECURITY -- CHAPTER 9-DISTRIBUTED, TIERED, AND COMPONENTIZED APPLICATION ARCHITECTURES -- CHAPTER 10-DEVOPS AND CONTINUOUS DELIVERY -- CHAPTER 11-MANAGING APPLICATION PROGRAMMING INTERFACES AND CONNECTED SYSTEMS -- CHAPTER 12-APPLICATION PERFORMANCE MANAGEMENT AND USER EXPERIENCE MANAGEMENT -- CHAPTER 13-MANAGING CONTAINERIZED APPLICATIONS -- CHAPTER 14-APPLICATION MANAGEMENT IN THE SOFTWARE-DEFINED DATA CENTER -- CHAPTER 15-APPLICATION MANAGEMENT IN THE INTERNET OF THINGS -- CHAPTER 16-THE CASE FOR STANDARDS -- CHAPTER 17-LOOKING AHEAD -- APPENDICES -- APPENDIX A-SERVICE-LEVEL MANAGEMENT -- APPENDIX B-CONFIGURATION MANAGEMENT DATABASE -- APPENDIX C-NIST DEFINITION REPORT -- SUMMARY -- 2 - THE EVOLUTION OF APPLICATION MANAGEMENT -- HISTORICAL PERSPECTIVE -- DEFINITION -- THE EARLY DAYS -- THE 1960S -- THE 1970S -- THE 1980S -- THE 1990S -- THE 21ST CENTURY: THE FIRST DECADE -- THE TEENS (2010-PRESENT) -- SUMMARY -- 3 - MANAGEMENT OF TRADITIONAL APPLICATIONS -- LOOKING BACK -- THE MANAGEMENT IMPERATIVE -- RESPONSIBILITIES -- KNOWING -- FRONTLINE STAFF -- APPLICATION SPECIALISTS -- APPLICATION DEVELOPERS -- CONTROLLING -- FUNCTIONAL PERSPECTIVE -- FAULT -- CONFIGURATION…”

Tabla de Contenidos: “…-- The Evolution of the Computer and Information Security -- Information Security Today -- Applicable Standards and Certifications -- The Role of a Security Program -- Chapter 2: History of Computer Security -- Introduction -- Communication -- World Wars and Their Influence on the Field of Security -- Cypher Machine: Enigma -- Bletchley Park -- Code Breakers -- Some Historical Figures of Importance: Hackers and Phreakers -- Kevin Mitnick -- Chapter Summary -- Part II: Key Principles and Practices -- Chapter 3: Key Concepts and Principles -- Introduction -- Security Threats -- External and Internal Threats -- Information Security Frameworks and Information Security Architecture -- Information Security Management Systems Framework Provided by ISO/IEC 27001:2013 -- NIST Special Publication 800-39 complemented by 800-53 -- SABSA® -- Pillars of Security -- People -- Organization of Information Security -- The Need for Independence -- Specific Roles and Responsibilities -- Audit Committee or Information Security Committee at the Board Level -- Information Security Sponsor or Champion -- Chief Information Security Officer or Information Security Officer -- Information Security Forum -- Information Security Specialists -- Project Managers -- Data Owners -- Data Custodians -- Users of the data -- Authority for Information Security -- Policies, Procedures, and Processes -- Technology -- Information Security Concepts -- CIA Triad -- Confidentiality -- Integrity -- Availability -- Parkerian Hexad -- Implementation of Information Security -- Risk Assessment -- Planning and Architecture -- Gap Analysis…”

Tabla de Contenidos: “…-- Types of vulnerabilities -- USB HID vulnerabilities -- Types of USB HID attacks -- A false sense of security -- Protecting against USB HID attacks -- Managing cybersecurity risks -- Risk identification -- Risk assessment -- Risk response -- Risk monitoring -- The NIST Cybersecurity Framework -- Identify -- Protect -- Detect -- Respond -- Recover -- Creating an effective Business Continuity Plan (BCP) -- Creating a Business Impact Analysis (BIA) -- Business Continuity Planning (BCP) -- Implementing a best-in-class DRP -- Creating a DRP -- Implementing the DRP -- Summary -- Further reading -- Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits -- Creating world-class cybersecurity policies and procedures -- Cybersecurity policies…”

Tabla de Contenidos: “…-- Regulatory frameworks and compliance standards -- GDPR -- HIPAA -- SOC 2 -- Federal Risk and Authorization Management Program -- California Consumer Privacy Act -- California Privacy Rights Act -- Personal Data Protection Act -- Federal Information Security Management Act -- ISO 27001 -- PCI DSS -- NIST Cybersecurity Framework -- Cloud Security Alliance Cloud Controls Matrix -- Center for Internet Security benchmark controls -- Cloud governance frameworks -- AWS WAF -- MCSB -- Adapting cloud governance to the organization's need -- Global versus regional compliance considerations -- Use cases, scenarios, and examples -- Use case #1 - Data protection and privacy -- Use case #2 - Incident reporting and notification -- Use case #3 - Compliance audits -- Challenges, CSPM roles, and future trends -- Challenges in compliance and governance -- CSPM's role in effective compliance management and governance -- Future trends in compliance and governance -- Summary…”

Tabla de Contenidos: “…Account provisioning and deprovisioning -- Directory services -- Privileged access management -- Data and media sanitization -- Network security -- Zero trust networking -- Virtualization security -- Common threats -- Insufficient identity, credential, access, and key management -- Insecure interfaces and APIs -- Misconfiguration and inadequate change control -- Lack of cloud security architecture and strategy -- Insecure software development -- Unsecure third-party resources -- System vulnerabilities -- Accidental cloud data disclosure -- Misconfiguration and exploitation of serverless and container workloads -- Organized crime/hackers/APT -- Cloud storage data exfiltration -- Security hygiene -- Baselining -- Patching -- Comprehending Design Principles of Secure Cloud Computing -- Cloud secure data lifecycle -- Cloud based business continuity (BC) and disaster recovery (DR) planning -- Cost benefit analysis -- Functional security requirements -- Security considerations for different cloud categories -- IaaS security concerns -- PaaS security concerns -- SaaS security concerns -- Evaluating Cloud Service Providers -- Verifying against certification criteria -- ISO/IEC 27001 -- ISO/IEC 27002 -- ISO/IEC 27017 and ISO/IEC 27018 -- SOC 1, SOC 2, and SOC 3 -- Payment Card Industry Data Security Standard (PCI DSS) -- NIST SP 800-53 and FedRAMP -- Meeting system/subsystem product certifications -- Common Criteria -- FIPS 140-2 and FIPS 140-3 -- Chapter 5 Domain 2: Cloud Data Security, Part 1 -- Describing Cloud Data Concepts -- Cloud data lifecycle phases -- Create -- Store -- Use -- Share -- Archive -- Destroy -- Data dispersion -- Data flows -- Designing and Implementing Cloud Data Storage Architectures -- Storage types -- IaaS -- PaaS -- SaaS -- Threats to storage types -- Designing and Applying Data Security Technologies and Strategies…”

Tabla de Contenidos: “…Countermeasure Selection and Implementation -- Types of Controls -- Control Assessments -- Monitoring Risks -- Effectiveness Monitoring -- Change Monitoring -- Compliance Monitoring -- Risk Reporting -- Continuous Improvement -- Supply Chain Risk Management -- Upstream and Downstream Suppliers -- Risks Associated with Hardware, Software, and Services -- Other Third-Party Risks -- Minimum Security Requirements -- Service Level Agreements -- Business Continuity -- Standards and Best Practices -- Making BCM Part of the Enterprise Security Program -- Business Impact Analysis -- Chapter Review -- Quick Review -- Questions -- Answers -- Chapter 3 Compliance -- Laws and Regulations -- Types of Legal Systems -- Common Law Revisited -- Cybercrimes and Data Breaches -- Complexities in Cybercrime -- The Evolution of Attacks -- International Issues -- Data Breaches -- Import/Export Controls -- Transborder Data Flow -- Privacy -- Licensing and Intellectual Property Requirements -- Trade Secret -- Copyright -- Trademark -- Patent -- Internal Protection of Intellectual Property -- Software Piracy -- Compliance Requirements -- Contractual, Legal, Industry Standards, and Regulatory Requirements -- Privacy Requirements -- Liability and Its Ramifications -- Requirements for Investigations -- Administrative -- Criminal -- Civil -- Regulatory -- Chapter Review -- Quick Review -- Questions -- Answers -- Chapter 4 Frameworks -- Overview of Frameworks -- Risk Frameworks -- NIST RMF -- ISO/IEC 27005 -- OCTAVE -- FAIR -- Information Security Frameworks -- Security Program Frameworks -- Security Control Frameworks -- Enterprise Architecture Frameworks -- Why Do We Need Enterprise Architecture Frameworks? …”

Tabla de Contenidos: “…-- About the Author xii -- Preface xiii -- Acknowledgements xv -- Abbreviations xvi -- 1 Introduction 1 -- 1.1 Introduction 1 -- 1.2 Wireless Security 2 -- 1.2.1 Background and Advances 2 -- 1.2.2 Statistics 2 -- 1.2.3 Wireless Threats 4 -- 1.2.4 M2M Environment 9 -- 1.3 Standardization 10 -- 1.3.1 The Open Mobile Alliance (OMA) 10 -- 1.3.2 The International Organization for Standardization (ISO) 12 -- 1.3.3 The International Telecommunications Union (ITU) 14 -- 1.3.4 The European Telecommunications Standards Institute (ETSI) 14 -- 1.3.5 The Institute of Electrical and Electronics Engineers (IEEE) 15 -- 1.3.6 The Internet Engineering Task Force (IETF) 16 -- 1.3.7 The 3rd Generation Partnership Project (3GPP) 16 -- 1.3.8 The 3rd Generation Partnership Project 2 (3GPP2) 25 -- 1.3.9 The GlobalPlatform 25 -- 1.3.10 The SIMalliance 26 -- 1.3.11 The Smartcard Alliance 27 -- 1.3.12 The GSM Association (GSMA) 27 -- 1.3.13 The National Institute of Standards and Technology (NIST) 28 -- 1.3.14 The National Highway Transportation and Safety Administration (NHTSA) 28 -- 1.3.15 Other Standardization and Industry Forums 28 -- 1.3.16 The EMV Company (EMVCo) 29 -- 1.3.17 The Personal Computer/Smartcard (PC/SC) 29 -- 1.3.18 The Health Insurance Portability and Accountability Act (HIPAA) 29 -- 1.3.19 The Common Criteria (CC) 29 -- 1.3.20 The Evaluation Assurance Level (EAL) 30 -- 1.3.21 The Federal Information Processing Standards (FIPS) 31 -- 1.3.22 Biometric Standards 31 -- 1.3.23 Other Related Entities 32 -- 1.4 Wireless Security Principles 32 -- 1.4.1 General 32 -- 1.4.2 Regulation 33 -- 1.4.3 Security Architectures 33 -- 1.4.4 Algorithms and Security Principles 33 -- 1.5 Focus and Contents of the Book 36 -- References 38 -- 2 Security of Wireless Systems 42 -- 2.1 Overview 42 -- 2.1.1 Overall Security Considerations in the Mobile Environment 42 -- 2.1.2 Developing Security Threats 43 -- 2.1.3 RF Interferences and Safety 45 -- 2.2 Effects of Broadband Mobile Data 46 -- 2.2.1 Background 46.…”

Tabla de Contenidos: “…-- The Two Pillars of Cybersecurity -- Prevention -- Recovery -- Cybersecurity Frameworks -- The NIST Cybersecurity Framework -- Chapter 5 Servers and Virtualization -- Understanding Network Operating Systems -- Network services -- File-sharing services -- Multitasking…”

Tabla de Contenidos: “…Cover -- Notation -- Preface -- Contents -- About the Author -- Part One: Background -- Chapter 1 Computer and Network Security Concepts -- 1.1 Computer Security Concepts -- 1.2 The OSI Security Architecture -- 1.3 Security Attacks -- 1.4 Security Services -- 1.5 Security Mechanisms -- 1.6 Fundamental Security Design Principles -- 1.7 Attack Surfaces and Attack Trees -- 1.8 A Model for Network Security -- 1.9 Standards -- 1.10 Key Terms, Review Questions, and Problems -- Chapter 2 Introduction to Number Theory -- 2.1 Divisibility and the Division Algorithm -- 2.2 The Euclidean Algorithm -- 2.3 Modular Arithmetic -- 2.4 Prime Numbers -- 2.5 Fermat's and Euler's Theorems -- 2.6 Testing for Primality -- 2.7 The Chinese Remainder Theorem -- 2.8 Discrete Logarithms -- 2.9 Key Terms, Review Questions, and Problems -- Appendix 2A The Meaning of Mod -- Part Two: Symmetric Ciphers -- Chapter 3 Classical Encryption Techniques -- 3.1 Symmetric Cipher Model -- 3.2 Substitution Techniques -- 3.3 Transposition Techniques -- 3.4 Rotor Machines -- 3.5 Steganography -- 3.6 Key Terms, Review Questions, and Problems -- Chapter 4 Block Ciphers and the Data Encryption Standard -- 4.1 Traditional Block Cipher Structure -- 4.2 The Data Encryption Standard -- 4.3 A DES Example -- 4.4 The Strength of DES -- 4.5 Block Cipher Design Principles -- 4.6 Key Terms, Review Questions, and Problems -- Chapter 5 Finite Fields -- 5.1 Groups -- 5.2 Rings -- 5.3 Fields -- 5.4 Finite Fields of the Form GF(p) -- 5.5 Polynomial Arithmetic -- 5.6 Finite Fields of the Form GF(2n) -- 5.7 Key Terms, Review Questions, and Problems -- Chapter 6 Advanced Encryption Standard -- 6.1 Finite Field Arithmetic -- 6.2 AES Structure -- 6.3 AES Transformation Functions -- 6.4 AES Key Expansion -- 6.5 An AES Example -- 6.6 AES Implementation -- 6.7 Key Terms, Review Questions, and Problems -- Appendix 6A Polynomials with Coefficients in GF(28) -- Chapter 7 Block Cipher Operation -- 7.1 Multiple Encryption and Triple DES -- 7.2 Electronic Codebook -- 7.3 Cipher Block Chaining Mode -- 7.4 Cipher Feedback Mode -- 7.5 Output Feedback Mode -- 7.6 Counter Mode -- 7.7 XTS-AES Mode for Block-Oriented Storage Devices -- 7.8 Format-Preserving Encryption -- 7.9 Key Terms, Review Questions, and Problems -- Chapter 8 Random Bit Generation and Stream Ciphers -- 8.1 Principles of Pseudorandom Number Generation -- 8.2 Pseudorandom Number Generators -- 8.3 Pseudorandom Number Generation Using a Block Cipher -- 8.4 Stream Ciphers -- 8.5 RC4 -- 8.6 True Random Number Generators -- 8.7 Key Terms, Review Questions, and Problems -- Part Three: Asymmetric Ciphers 283 -- Chapter 9 Public-Key Cryptography and RSA -- 9.1 Principles of Public-Key Cryptosystems -- 9.2 The RSA Algorithm -- 9.3 Key Terms, Review Questions, and Problems -- Chapter 10 Other Public-Key Cryptosystems -- 10.1 Diffie-Hellman Key Exchange -- 10.2 Elgamal Cryptographic System -- 10.3 Elliptic Curve Arithmetic -- 10.4 Elliptic Curve Cryptography -- 10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher -- 10.6 Key Terms, Review Questions, and Problems -- Part Four: Cryptographic Data Integrity Algorithms -- Chapter 11 Cryptographic Hash Functions -- 11.1 Applications of Cryptographic Hash Functions -- 11.2 Two Simple Hash Functions -- 11.3 Requirements and Security -- 11.4 Hash Functions Based on Cipher Block Chaining -- 11.5 Secure Hash Algorithm (SHA) -- 11.6 SHA-3 -- 11.7 Key Terms, Review Questions, and Problems -- Chapter 12 Message Authentication Codes -- 12.1 Message Authentication Requirements -- 12.2 Message Authentication Functions -- 12.3 Requirements for Message Authentication Codes -- 12.4 Security of MACs -- 12.5 MACs Based on Hash Functions: HMAC -- 12.6 MACs Based on Block Ciphers: DAA and CMAC -- 12.7 Authenticated Encryption: CCM and GCM -- 12.8 Key Wrapping -- 12.9 Pseudorandom Number Generation Using Hash Functions and MACs -- 12.10 Key Terms, Review Questions, and Problems -- Chapter 13 Digital Signatures -- 13.1 Digital Signatures -- 13.2 Elgamal Digital Signature Scheme -- 13.3 Schnorr Digital Signature Scheme -- 13.4 NIST Digital Signature Algorithm -- 13.5 Elliptic Curve Digital Signature Algorithm -- 13.6 RSA-PSS Digital Signature Algorithm -- 13.7 Key Terms, Review Questions, and Problems -- Part Five: Mutual Trust -- Chapter 14 Key Management and Distribution -- 14.1 Symmetric Key Distribution Using Symmetric Encryption -- 14.2 Symmetric Key Distribution Using Asymmetric Encryption -- 14.3 Distribution of Public Keys -- 14.4 X.509 Certificates -- 14.5 Public-Key Infrastructure -- 14.6 Key Terms, Review Questions, and Problems -- Chapter 15 User Authentication -- 15.1 Remote User-Authentication Principles -- 15.2 Remote User-Authentication Using Symmetric Encryption -- 15.3 Kerberos -- 15.4 Remote User-Authentication Using Asymmetric Encryption -- 15.5 Federated Identity Management -- 15.6 Personal Identity Verification -- 15.7 Key Terms, Review Questions, and Problems -- Part Six: Network And Internet Security -- Chapter 16 Network Access Control and Cloud Security -- 16.1 Network Access Control -- 16.2 Extensible Authentication Protocol -- 16.3 IEEE 802.1X Port-Based Network Access Control -- 16.4 Cloud Computing -- 16.5 Cloud Security Risks and Countermeasures -- 16.6 Data Protection in the Cloud -- 16.7 Cloud Security as a Service -- 16.8 Addressing Cloud Computing Security Concerns -- 16.9 Key Terms, Review Questions, and Problems -- Chapter 17 Transport-Level Security -- 17.1 Web Security Considerations -- 17.2 Transport Layer Security -- 17.3 HTTPS -- 17.4 Secure Shell (SSH) -- 17.5 Key Terms, Review Questions, and Problems -- Chapter 18 Wireless Network Security -- 18.1 Wireless Security -- 18.2 Mobile Device Security -- 18.3 IEEE 802.11 Wireless LAN Overview -- 18.4 IEEE 802.11i Wireless LAN Security -- 18.5 Key Terms, Review Questions, and Problems -- Chapter 19 Electronic Mail Security -- 19.1 Internet Mail Architecture -- 19.2 Email Formats -- 19.3 Email Threats and Comprehensive Email Security -- 19.4 S/MIME -- 19.5 Pretty Good Privacy -- 19.6 DNSSEC -- 19.7 DNS-Based Authentication of Named Entities -- 19.8 Sender Policy Framework -- 19.9 DomainKeys Identified Mail -- 19.10 Domain-Based Message Authentication, Reporting, and Conformance -- 19.11 Key Terms, Review Questions, and Problems -- Chapter 20 IP Security -- 20.1 IP Security Overview -- 20.2 IP Security Policy -- 20.3 Encapsulating Security Payload -- 20.4 Combining Security Associations -- 20.5 Internet Key Exchange -- 20.6 Cryptographic Suites -- 20.7 Key Terms, Review Questions, and Problems -- APPENDICES 696 -- Appendix A Projects for Teaching Cryptography and Network Security -- A.1 Sage Computer Algebra Projects -- A.2 Hacking Project -- A.3 Block Cipher Projects -- A.4 Laboratory Exercises -- A.5 Research Projects -- A.6 Programming Projects -- A.7 Practical Security Assessments -- A.8 Firewall Projects -- A.9 Case Studies -- A.10 Writing Assignments -- A.11 Reading/Report Assignments -- A.12 Discussion Topics -- Appendix B Sage Examples -- B.1 Linear Algebra and Matrix Functionality -- B.2 Chapter 2: Number Theory -- B.3 Chapter 3: Classical Encryption -- B.4 Chapter 4: Block Ciphers and the Data Encryption Standard -- B.5 Chapter 5: Basic Concepts in Number Theory and Finite Fields -- B.6 Chapter 6: Advanced Encryption Standard -- B.7 Chapter 8: Pseudorandom Number Generation and Stream Ciphers -- B.8 Chapter 9: Public-Key Cryptography and RSA -- B.9 Chapter 10: Other Public-Key Cryptosystems -- B.10 Chapter 11: Cryptographic Hash Functions -- B.11 Chapter 13: Digital Signatures…”

“…It contains many new diagrams, exercises, sidebars, and examples, and is mapped to two leading frameworks: the US NIST National Initiative for Cybersecurity Education (NICE) and the UK Cyber Body of Knowledge (CyBOK)…”

“…Santos provides a detailed examination of compliance requirements in different sectors and the NIST Cybersecurity Framework…”

Tabla de Contenidos: “…273 7.2 Electronic Communications Privacy Act 275 7.2.1 Stored Communications Act 276 7.2.1.1 Section 2701: Third-Party Hacking of Stored Communications 278 7.2.1.2 Section 2702: Restrictions on Service Providers' Ability to Disclose Stored Communications and Records to the Government and Private Parties 279 7.2.1.2.1 The Cybersecurity Act of 2015: Allowing Service Providers to Disclose Cybersecurity Threats to the Government 282 7.2.1.3 Section 2703: Government's Ability to Force Service Providers to Turn Over Stored Communications and Customer Records 284 7.2.2 Wiretap Act 286 7.2.3 Pen Register Act 290 7.2.4 National Security Letters 291 7.3 Communications Assistance for Law Enforcement Act (CALEA) 293 7.4 Encryption and the All Writs Act 294 8 Cybersecurity and Federal Government Contractors 299 8.1 Federal Information Security Management Act 300 8.2 NIST Information Security Controls for Government Agencies and Contractors 301 8.3 Classified Information Cybersecurity 306 8.4 Covered Defense Information and Controlled Unclassified Information 309 9 Privacy Laws 317 9.1 Section 5 of the FTC Act and Privacy 318 9.2 Health Insurance Portability and Accountability Act 324 9.3 Gramm-Leach-Bliley Act and California Financial Information Privacy Act 326 9.4 CAN-SPAM Act 327 9.5 Video Privacy Protection Act 328 9.6 Children's Online Privacy Protection Act 330 9.7 California Online Privacy Laws 332 9.7.1 California Online Privacy Protection Act (CalOPPA) 332 9.7.2 California Shine the Light Law 333 9.7.3 California Minor "Eraser Law" 335 9.8 Illinois Biometric Information Privacy Act 337 10 International Cybersecurity Law 339 10.1 European Union 340 10.2 Canada 346 10.3 China 350 10.4 Mexico 353 10.5 Japan 356 Appendix A: Text of Section 5 of the FTC Act 361 Appendix B: Summary of State Data Breach Notification Laws 369 Appendix C: Text of Section 1201 of the Digital Millennium Copyright Act 413 Appendix D: Text of the Computer Fraud and Abuse Act 425 Appendix E: Text of the Electronic Communications Privacy Act 433 Index 485.…”

“…Saunders has served as a research engineer for 17 years at the Boeing Scientific Research Laboratories, 20 years as a consultant to the Advisory Committee for Nuclear Safeguards, 10 years as a consultant to NIST, was a principal in the consulting firms Mathematical Analysis Research Corporation and Scientific Consulting Service; and was for 26 years a professor of Applied Mathematics/Statistics at Washington State University. …”

“…What You’ll Learn: Manage security with the Azure Security Center and the Office 365 Compliance Center Configure information protection for document and electronic communications Monitor security for your business in the cloud Understand Mobile Application Management (MAM) and Mobile Device Management (MDM) Prevent data loss in Office 365 Configure and manage the compliance manager tools for NIST and GDPR This book is for IT managers and compliance and cybersecurity officers who have responsibility for compliance and data security in their business. …”

“…He demonstrates his methodology by working through NIST, the Open Group, and a generic view of Zero Trust from principles to architecture. …”

“…., he led numerous advanced analytics, decision support, and information systems research projects funded by DoD, NASA, NIST, and DOE. His research has appeared in Decision Support Systems, Communications of the ACM , and many other leading journals. …”

“…What is it suitable for? What is NIST? What does it do? What do accredited certification labs do? …”