Information Security: The Complete Reference, Second Edition

Paperback | April 24, 2013

byMark Rhodes-Ousley

not yet rated|write a review

Develop and implement an effective end-to-end security program

Today’s complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security—from concepts to details—this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional.

Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You’ll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike.

  • Understand security concepts and building blocks
  • Identify vulnerabilities and mitigate risk
  • Optimize authentication and authorization
  • Use IRM and encryption to protect unstructured data
  • Defend storage devices, databases, and software
  • Protect network routers, switches, and firewalls
  • Secure VPN, wireless, VoIP, and PBX infrastructure
  • Design intrusion detection and prevention systems
  • Develop secure Windows, Java, and mobile applications
  • Perform incident response and forensic analysis

Pricing and Purchase Info

$74.30 online
$76.95 list price
In stock online
Ships free on orders over $25

From the Publisher

Develop and implement an effective end-to-end security programToday’s complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only co...

Mark Rhodes-Ousley has 20 years of experience with every aspect of security, from program management to technology. That experience includes risk management, security policies, security management, technology implementation and operations, physical security, disaster recovery, and business continuity planning. He holds two core beliefs...

other books by Mark Rhodes-Ousley

Network Security: The Complete Reference
Network Security: The Complete Reference

Kobo ebook|Nov 10 2003

$70.79 online$91.86list price(save 22%)
Information Security The Complete Reference, Second Edition
Information Security The Complete Reference, Second Edi...

Kobo ebook|Apr 3 2013

$70.79 online$91.86list price(save 22%)
Network Security: The Complete Reference
Network Security: The Complete Reference

Kobo ebook|Nov 10 2003

$70.79 online$91.86list price(save 22%)
Format:PaperbackDimensions:9.1 × 7.3 × 1.8 inPublished:April 24, 2013Publisher:McGraw-Hill EducationLanguage:English

The following ISBNs are associated with this title:

ISBN - 10:0071784357

ISBN - 13:9780071784351

Customer Reviews of Information Security: The Complete Reference, Second Edition

Reviews

Extra Content

Table of Contents

Part 1: Network Security Foundations
1 Overview
2 Risk Analysis and Defense Models
3 Security Policies
4 Security Organization

Part 2: Access Control
5 Security Management
6 Physical Security
7 Operational Security
8 Authentication and Authorization Controls
9 Data Security

Part 3: Network Security
10 Network Design Considerations
11 Network Device Security
12 Firewalls
13 Virtual Private Networks
14 Wireless Network Security
15 Intrusion Detection Systems
16 Integrity and Availability
17 Network Role-Based Security
18 Voice-Over-IP (VOIP) Security

Part 4: System Security
19 Operating System Security Models
20 Unix Security
21 Linux Security
22 Windows Security

Part 5: Application Security
23 Principles of Application Security
24 Controlling Application Behavior
25 Writing Secure Software
26 J2EE Security
27 Windows .NET Security
28 Database Security

Part 6: Planning and Response
29 Disaster Recovery and Business Continuity
30 Attacks and Countermeasures
31 Incident Response and Forensic Analysis
32 Legal, Regulatory, and Standards Compliance