Contents
Chapter 1: Accountability and Access Control
Identification and Authentication Techniques
Access Control Methodologies and Implementation
Chapter 2: Attacks and Monitoring
Chapter 3: ISO Model, Protocols, Network Security, and Network Infrastructure
Communications and Network Security
Internet/Intranet/Extranet Components
Remote Access Security Management
Network and Protocol Security Mechanisms
Avoiding Single Points of Failure
Chapter 4: Communications Security and Countermeasures
Miscellaneous Security Control Characteristics
Network Attacks and Countermeasures
Chapter 5: Security Management Concepts and Principles
Security Management Concepts and Principles
Chapter 6: Asset Value, Policies, and Roles
Employment Policies and Practices
Policies, Standards, Baselines, Guidelines, and Procedures
Chapter 7: Data and Application Security Issues
Databases and Data Warehousing
Chapter 8: Malicious Code and Application Attacks
Chapter 9: Cryptography and Symmetric Key Algorithms
Historical Milestones in Cryptography
Chapter 10: PKI and Cryptographic Applications
Chapter 11: Principles of Computer Design
Security Protection Mechanisms
Chapter 12: Principles of Security Models
Understanding System Security Evaluation
Common Flaws and Security Issues
Chapter 13: Administrative Management
Chapter 14: Auditing and Monitoring
Monitoring Tools and Techniques
Penetration-Testing Techniques
Indistinct Threats and Countermeasures
Chapter 15: Business Continuity Planning
Chapter 16: Disaster Recovery Planning
Chapter 17: Law and Investigations
Chapter 18: Incidents and Ethics
Major Categories of Computer Crime
Chapter 19: Physical Security Requirements
Forms of Physical Access Controls