Description
Teaches end-to-end network security concepts and techniques. Includes comprehensive information on how to design a comprehensive security defense model. Plus, discloses how to develop and deploy computer, personnel, and physical security policies, how to design and manage authentication and authorization methods, and much more.
Back Cover
The Most Authoritative Volume Available on Network Security
Includes a Security Dictionary and contributions from topical experts!
The solution to todays computer system security ills will only be solved when organizations obtain and implement a network security program. This comprehensive resource provides all the information necessary to formulate strategies to reach that goal. Learn to plan, implement, and maintain a secure network, and protect confidential information such as customer lists, credit card numbers, and stockholder names, and addresses. Prevent the attack or theft of specialized information such as trade secrets, formulas, production details, and other intellectual property. Network Security: The Complete Reference provides critical strategies, concepts, techniques, and solutions to keep your network system secure.
Learn what it takes to build a solid security architecture
Manage and control all access points to your digital data
Anticipate incidents using risk analysis, threat definition, and vulnerability assessment
Secure confidentiality, integrity, privacy, and availability
Understand how HIPAA, Gramm-Leach-Bliley and other security legislation affects you
Learn about a California law that requires compliance from all organizations, no matter what state they reside in
Technical Experts:
Dr. Nick Efford & Steve Wright, Windows .NET Security
Ken Pfeil, Physical Security
Ben Rothke, Operating System Security
Roger A. Grimes, Intrusion Detection
Anil Desai & Rob Kraft, Database Security
Ole Drews Jensen, Router & Device Security
Dr. Andrew A. Vladimirov & Stephen Prendergast, Wireless Security
Michael Howard, Secure Software
Thaddeus Fortenberry & Eric Maiwald, VPN Security
Michael ODea, Windows Security
Brian Buege, Michael Judd & Jim Keogh, J2EE Security
Bernard Chapple, Disaster Recovery
Glen Carty & Steve Thomas, Novell Security
Christian Genetski & Curtis Karnow, Legal Issues
Curtis W. Rose, Incident Response & Computer Forensics
Thomas Knox & Robert Clugston, Linux/UNIX Security
Barak Weicheselbaum, Application Security
art 1 Information Security Foundations
Ch. 1: Introduction
Ch. 2: Network Security Overview
Ch. 3: Security Policy Development
Part 2 Security Architecture Components
Ch. 4: Network Security Architecture
Ch. 5: Computer Security Architecture
Ch. 6: Authentication and Authorization Methods
Ch. 7: Application Security
Ch. 8: Unix Security
Ch. 9: Windows Security
Ch. 10: Novell NetWare
Ch. 11: J2EE Security
Ch. 12: Database Security
Ch. 13: Virtual Private Networks (VPNs)
Ch. 14: Wireless Network Security
Ch. 15: Data Security Architecture
Part 3 Managing the Security Infrastructure
Ch. 16: Security Management Architecture
Ch. 17: Security Organization
Ch. 18: Integrity and Availability Architecture
Ch. 19: Disaster Recovery and Business Continuity
Ch. 20: Incident Response and Forensic Analysis
Ch. 21: Physical Security
Part 4 Appendices
Appendix A: Organization Certification, System Evaluation and Assurance
Appendix B: HIPAA Preparation
Appendix C: Gramm-Leach-Bliley Act (GLB) Preparation
Appendix D: Dictionary of IT Security Terms
Author Biography
Roberta Bragg (CISSP, MCSE: Security; Security+, ETI Client Server, Certified Technical Trainer, IBM Certified Trainer, DB2-UDB, Citrix Certified Administrator) has been a Security Advisor columnist for Microsoft Certified Professional Magazine for five years, is a Security Expert for SearchWin2000.com, and writes for the 'SecurityWatch' newsletter, which has more than 55,000 subscribers. Roberta designed, planned, produced, and participated in the first Windows Security Summit, held in Seattle, Washington, in 2002. In September and October of 2002, Roberta was an instructor for four sessions of SANS Gold Standard Windows 2000 Training. Roberta has participated in numerous security audits and is a security evangelist traveling all over the world consulting, assessing, and training on network and Windows security. Roberta has served as adjunct faculty at Seattle Pacific University and at Johnson County Community College teaching courses on Windows 2000 Security Design and Network Security Design.
Mark Rhodes-Ousley (CISSP) has been a practicing security professional for more than ten years. Mark has advised, designed, and installed security technologies and policies for dozens of companies, including Fortune 500 companies, large, medium-sized, and many small companies. All this experience with companies in different stages of growth leads to a unique perspective on how to manage security for a growing company--where to begin, what to do when moving forward, and how to plan for future growth. Mark holds certifications from the International Information Systems Security Certification Consortium, known as (ISC)2, Cisco Systems, Security Dynamics, Raptor Systems, Hewlett Packard, and Digital Equipment Corporation, along with a Bachelor degree in Applied Mathematics and Electrical Engineering from the University of California, San Diego (UCSD).
Keith Strassberg (CPA, CISSP) is an independent security consultant with more than seven years of experience in information security. Most recently, he worked as a senior security engineer for a mid-sized technology consulting company. Keith's professional experiences cover all facets of information security, including, but not limited to, designing and deploying secure infrastructures, implementing firewalls and intrusion detection systems, performing computer forensic investigations, developing policies and procedures, and performing vulnerability testing.
