Synopses & Reviews
This thorough update to the most authoritative volume available on network security covers the latest security standards and regulations.
Network Security: The Complete Reference, Second Edition guides security practitioners through how to plan, implement, and maintain a secure network, protect confidential information, and ensure corporate networks are in compliance with the latest regulations. The book covers essential standards, such as ISO 27001, CoBIT, and SAS 70. Important legal regulations (and their context and relevance), such as Sarbanes-Oxley (SOX), SB 1386, SB 1841, FFIEC, Gramm-Leach-Bliley (GLB), and HIPAA are highlighted throughout where their relevance intersects with topics--enhancing this edition's value and practicality.
This authoritative volume includes contributions from 30+ technical experts and leaders in the security industry. New chapters have been added on VoIP security, controlling application behavior, and operational security. The chapters covering system security, planning and response, and standards compliance have been extensively revised.
The 37 chapters are divided into six parts. Part 1 covers the elements of network security foundations including policies, organization, and defense models. Part II covers access control, including security management, operational security, and data security. Part III gets into key network security aspects, including firewalls, virtual private networks, wireless security, VoIP security, and more. Part IV explains system security, focusing on security models, UNIX, Linux, and Windows Security. Part V covers application security, including J2EE, Windows .NET, database security, writing secure software, and more. Part VI explains planning and response, including disaster recovery, attacks and countermeasures, incident response, as well as legal, regulatory, and standards compliance.
Network Security: The Complete Reference, Second Edition Now presents essential security standards and regulation information paired with related topics throughout the book, greatly enhancing ease-of-use and the ability to readily apply business recommendations Teaches end-to-end IT security concepts and techniques, complete with methodology, analysis, case examples, tips, and all the technical supporting details needed to suit an IT audience's requirements Spans from a beginner to advanced practitioner level Includes detailed updates on how to assure business compliance with IT standards and regulations, including ISO 27001, CoBIT, SAS 70, and SOX Offers completely updated coverage of Linux/UNIX, wireless, secure Windows, VPN, software development, and physical premises Contains comprehensive information on how to design an effective security defense model, develop and deploy computer, personnel, and physical security policies, design and manage authentication and authorization methods, and much more
Synopsis
Develop and implement an effective end-to-end security program
Today's complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security--from concepts to details--this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional.
Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You'll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike.
- Understand security concepts and building blocks
- Identify vulnerabilities and mitigate risk
- Optimize authentication and authorization
- Use IRM and encryption to protect unstructured data
- Defend storage devices, databases, and software
- Protect network routers, switches, and firewalls
- Secure VPN, wireless, VoIP, and PBX infrastructure
- Design intrusion detection and prevention systems
- Develop secure Windows, Java, and mobile applications
- Perform incident response and forensic analysis
Synopsis
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.
Develop and implement an effective end-to-end security program
Today's complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security-from concepts to details-this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional.
Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You'll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike.
- Understand security concepts and building blocks
- Identify vulnerabilities and mitigate risk
- Optimize authentication and authorization
- Use IRM and encryption to protect unstructured data
- Defend storage devices, databases, and software
- Protect network routers, switches, and firewalls
- Secure VPN, wireless, VoIP, and PBX infrastructure
- Design intrusion detection and prevention systems
- Develop secure Windows, Java, and mobile applications
- Perform incident response and forensic analysis