Chapter 18

Ten Essential Reference Books

Information security is a hot topic, and new books on this important subject are being published every day. Some of those books are better than others. Many outstanding information security books have been written, and many more are likely to be published, so this chapter doesn’t give you all the books you may ever want to read on the subject. However, the following list contains ten (well, actually, twelve) books that we highly recommend:

Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition, by Bruce Schneier (John Wiley & Sons, Inc.). In case our chapter on Cryptography just whet your appetite and you’re chomping at the bit to find out more, this book (written by one of cryptography’s living legends) is the deep dive you’re looking for!

Building Internet Firewalls, 2nd Edition, by Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman, and Deborah Russell (O’Reilly Media, Inc.). This book contains the principles of deploying firewalls to implement an effective security strategy — and how to build an actual firewall.

Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition, by Albert J. Marcella, Jr., and Doug Menendez (Auerbach Publications). If you’re tired of just watching CSI, this book will help you to properly conduct investigations!

Incident Response: Investigating Computer Crime, Second Edition, by Kevin Mandia and Chris Prosise (McGraw-Hill/Osborne Media Group). This book has thorough coverage of investigations and evidence gathering.

Information Security: Protecting the Global Enterprise, by Donald L. Pipkin (Prentice Hall). This book includes step-by-step guidance regarding important security management practices.

Network Intrusion Detection: An Analyst’s Handbook, 3rd Edition, by Stephen Northcutt and Judy Novak (New Riders Publishing); and Intrusion Signatures and Analysis, by Stephen Northcutt, Mark Cooper, Matt Fearnow, and Karen Frederick (New Riders Publishing). Okay, we technically just recommended two books, but (ISC)2 includes only the first one on its website’s Suggested Study Materials list. The second book is an excellent (and logical) companion to the first — not listing both is like having yin but no yang, or mo but no jo. Both books are from the SANS Institute and provide practical, in-depth information.

Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition, by Ross Anderson (John Wiley & Sons, Inc.). Read this book for excellent, in-depth coverage of some very complex subjects.

Security Warrior, by Cyrus Peikari and Anton Chuvakin (O’Reilly Media, Inc.). The nuts and bolts of cracking software, network attacks, and operating system exploits — oh, and how to defend yourself from the bad guys!

The CERT Guide to System and Network Security Practices, by Julia H. Allen (Addison-Wesley). Read this book to discover how to secure your systems and networks, step by step.

The Tao of Network Security Monitoring: Beyond Intrusion Detection and Extrusion Detection: Security Monitoring for Internal Intrusions, both by Richard Bejtlich (Addison-Wesley). These two companion books are definitely worth your time and belong together. Two great tastes that taste great together — like peanut butter and chocolate, or peanut butter and jelly, or peanut butter and pickles!