Normal view MARC view ISBD view

Computer security : (Record no. 10395)

MARC details
000 -LEADER
fixed length control field	21898cam a2200421 i 4500
001 - CONTROL NUMBER
control field	18083047
005 - DATE AND TIME OF LATEST TRANSACTION
control field	20210418121105.0
008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION
fixed length control field	140327s2015 maua b 001 0 eng
010 ## - LIBRARY OF CONGRESS CONTROL NUMBER
LC control number	2014012092
020 ## - INTERNATIONAL STANDARD BOOK NUMBER
International Standard Book Number	9781292066172
020 ## - INTERNATIONAL STANDARD BOOK NUMBER
International Standard Book Number	1292066172
040 ## - CATALOGING SOURCE
Original cataloging agency	DLC
Language of cataloging	eng
Description conventions	rda
Transcribing agency	DLC
Modifying agency	DLC
042 ## - AUTHENTICATION CODE
Authentication code	pcc
050 00 - LIBRARY OF CONGRESS CALL NUMBER
Classification number	QA76.9.A25
Item number	S685 2015
082 00 - DEWEY DECIMAL CLASSIFICATION NUMBER
Classification number	005.8
Edition number	23
Item number	S.W.C
100 1# - MAIN ENTRY--PERSONAL NAME
Personal name	Stallings, William,
Relator term	author.
245 10 - TITLE STATEMENT
Title	Computer security :
Remainder of title	principles and practice /
Statement of responsibility, etc	William Stallings, Lawrie Brown, UNSW Canberra at the Australian Defence Force Academy.
250 ## - EDITION STATEMENT
Edition statement	Third edition.
264 #1 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT)
Place of publication, distribution, etc	Boston :
Name of publisher, distributor, etc	Pearson,
Date of publication, distribution, etc	[2015]
300 ## - PHYSICAL DESCRIPTION
Extent	840 pages :
Other physical details	illustrations ;
Dimensions	24 cm
336 ## - CONTENT TYPE
Content type term	text
Content type code	txt
Source	rdacontent
337 ## - MEDIA TYPE
Media type term	unmediated
Media type code	n
Source	rdamedia
338 ## - CARRIER TYPE
Carrier type term	volume
Carrier type code	nc
Source	rdacarrier
500 ## - GENERAL NOTE
General note	computer bookfair2016
504 ## - BIBLIOGRAPHY, ETC. NOTE
Bibliography, etc	Includes bibliographical references and index.
505 0# - FORMATTED CONTENTS NOTE
Formatted contents note	Chapter 0 Guide for Readers and Instructors<br/><br/> 0.1 Outline of This Book<br/><br/> 0.2 A Roadmap for Readers and Instructors<br/><br/> 0.3 Support for CISSP Certification<br/><br/> 0.4 Support for NSA/DHS Certification<br/><br/> 0.5 Support for ACM/IEEE Computer Science Curricula 2013<br/><br/> 0.6 Internet and Web Resources<br/><br/> 0.7 Standards<br/><br/> <br/><br/>Chapter 1 Overview<br/><br/> 1.1 Computer Security Concepts<br/><br/> 1.2 Threats, Attacks, and Assets<br/><br/> 1.3 Security Functional Requirements<br/><br/> 1.4 Fundamental Security Design Principles<br/><br/> 1.5 Attack Surfaces and Attack Trees<br/><br/> 1.6 Computer Security Strategy<br/><br/> 1.7 Recommended Reading<br/><br/> 1.8 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES<br/><br/>Chapter 2 Cryptographic Tools<br/><br/> 2.1 Confidentiality with Symmetric Encryption<br/><br/> 2.2 Message Authentication and Hash Functions<br/><br/> 2.3 Public-Key Encryption<br/><br/> 2.4 Digital Signatures and Key Management<br/><br/> 2.5 Random and Pseudorandom Numbers<br/><br/> 2.6 Practical Application: Encryption of Stored Data<br/><br/> 2.7 Recommended Reading<br/><br/> 2.8 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 3 User Authentication<br/><br/> 3.1 Electronic User Authentication Principles<br/><br/> 3.2 Password-Based Authentication<br/><br/> 3.3 Token-Based Authentication<br/><br/> 3.4 Biometric Authentication<br/><br/> 3.5 Remote User Authentication<br/><br/> 3.6 Security Issues for User Authentication<br/><br/> 3.7 Practical Application: An Iris Biometric System<br/><br/> 3.8 Case Study: Security Problems for ATM Systems<br/><br/> 3.9 Recommended Reading<br/><br/> 3.10 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 4 Access Control<br/><br/> 4.1 Access Control Principles<br/><br/> 4.2 Subjects, Objects, and Access Rights<br/><br/> 4.3 Discretionary Access Control<br/><br/> 4.4 Example: UNIX File Access Control<br/><br/> 4.5 Role-Based Access Control<br/><br/> 4.6 Attribute-Based Access Control<br/><br/> 4.7 Identity, Credential, and Access Management<br/><br/> 4.8 Trust Frameworks<br/><br/> 4.9 Case Study: RBAC System for a Bank<br/><br/> 4.10 Recommended Reading<br/><br/> 4.11 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 5 Database and Cloud Security<br/><br/> 5.1 The Need for Database Security<br/><br/> 5.2 Database Management Systems<br/><br/> 5.3 Relational Databases<br/><br/> 5.4 SQL Injection Attacks<br/><br/> 5.5 Database Access Control<br/><br/> 5.6 Inference<br/><br/> 5.7 Database Encryption<br/><br/> 5.8 Cloud Computing<br/><br/> 5.9 Cloud Security Risks and Countermeasures<br/><br/> 5.10 Data Protection in the Cloud<br/><br/> 5.11 Cloud Security as a Service<br/><br/> 5.12 Recommended Reading<br/><br/> 5.13 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 6 Malicious Software<br/><br/> 6.1 Types of Malicious Software<br/><br/> 6.2 Advanced Persistent Threat<br/><br/> 6.2 Propagation – Infected Content - Viruses<br/><br/> 6.3 Propagation – Vulnerability Exploit - Worms<br/><br/> 6.4 Propagation – Social Engineering – SPAM E-Mail, Trojans<br/><br/> 6.5 Payload – System Corruption<br/><br/> 6.6 Payload – Attack Agent – Zombie, Bots<br/><br/> 6.7 Payload – Information Theft – Keyloggers, Phishing, Spyware<br/><br/> 6.8 Payload – Stealthing – Backdoors, Rootkits<br/><br/> 6.9 Countermeasures<br/><br/> 6.10 Recommended Reading<br/><br/> 6.11 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 7 Denial-of-Service Attacks<br/><br/> 7.1 Denial-of-Service Attacks<br/><br/> 7.2 Flooding Attacks<br/><br/> 7.3 Distributed Denial-of-Service Attacks<br/><br/> 7.4 Application-Based Bandwidth Attacks<br/><br/> 7.5 Reflector and Amplifier Attacks<br/><br/> 7.6 Defenses Against Denial-of-Service Attacks<br/><br/> 7.7 Responding to a Denial-of-Service Attack<br/><br/> 7.8 Recommended Reading<br/><br/> 7.9 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 8 Intrusion Detection<br/><br/> 8.1 Intruders<br/><br/> 8.2 Intrusion Detection<br/><br/> 8.3 Analysis Approaches<br/><br/> 8.4 Host-Based Intrusion Detection<br/><br/> 8.5 Network-Based Intrusion Detection<br/><br/> 8.6 Distributed or Hybrid Intrusion Detection<br/><br/> 8.7 Intrusion Detection Exchange Format<br/><br/> 8.8 Honeypots<br/><br/> 8.9 Example System: Snort<br/><br/> 8.10 Recommended Reading<br/><br/> 8.11 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 9 Firewalls and Intrusion Prevention Systems<br/><br/> 9.1 The Need for Firewalls<br/><br/> 9.2 Firewall Characteristics and Access Policy<br/><br/> 9.3 Types of Firewalls<br/><br/> 9.4 Firewall Basing<br/><br/> 9.5 Firewall Location and Configurations<br/><br/> 9.6 Intrusion Prevention Systems<br/><br/> 9.7 Example: Unified Threat Management Products<br/><br/> 9.8 Recommended Reading<br/><br/> 9.9 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>PART TWO SOFTWARE SECURITY AND TRUSTED SYSTEMS<br/><br/>Chapter 10 Buffer Overflow<br/><br/> 10.1 Stack Overflows<br/><br/> 10.2 Defending Against Buffer Overflows<br/><br/> 10.3 Other Forms of Overflow Attacks<br/><br/> 10.4 Recommended Reading<br/><br/> 10.5 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 11 Software Security<br/><br/> 11.1 Software Security Issues<br/><br/> 11.2 Handling Program Input<br/><br/> 11.3 Writing Safe Program Code<br/><br/> 11.4 Interacting with the Operating System and Other Programs<br/><br/> 11.5 Handling Program Input<br/><br/> 11.6 Recommended Reading<br/><br/> 11.7 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 12 Operating System Security<br/><br/> 12.1 Introduction to Operating System Security<br/><br/> 12.3 System Security Planning<br/><br/> 12.3 Operating Systems Hardening<br/><br/> 12.4 Application Security<br/><br/> 12.5 Security Maintenance<br/><br/> 12.6 Linux/UNIX Security<br/><br/> 12.7 Windows Security<br/><br/> 12.8 Virtualization Security<br/><br/> 12.9 Recommended Reading<br/><br/> 12.10 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 13 Trusted Computing and Multilevel Security<br/><br/> 13.1 The Bell-LaPadula Model for Computer Security<br/><br/> 13.2 Other Formal Models for Computer Security<br/><br/> 13.3 The Concept of Trusted Systems<br/><br/> 13.4 Application of Multilevel Security<br/><br/> 13.5 Trusted Computing and the Trusted Platform Module<br/><br/> 13.6 Common Criteria for Information Technology Security Evaluation<br/><br/> 13.7 Assurance and Evaluation<br/><br/> 13.8 Recommended Reading<br/><br/> 13.9 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>PART THREE MANAGEMENT ISSUES<br/><br/>Chapter 14 IT Security Management and Risk Assessment<br/><br/> 14.1 IT Security Management<br/><br/> 14.2 Organizational Context and Security Policy<br/><br/> 14.3 Security Risk Assessment<br/><br/> 14.4 Detailed Security Risk Analysis<br/><br/> 14.5 Case Study: Silver Star Mines<br/><br/> 14.6 Recommended Reading<br/><br/> 14.7 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 15 IT Security Controls, Plans and Procedures<br/><br/> 15.1 IT Security Management Implementation<br/><br/> 15.2 Security Controls or Safeguards<br/><br/> 15.3 IT Security Plan<br/><br/> 15.4 Implementation of Controls<br/><br/> 15.5 Monitoring Risks<br/><br/> 15.6 Case Study: Silver Star Mines<br/><br/> 15.7 Recommended Reading<br/><br/> 15.8 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 16 Physical and Infrastructure Security<br/><br/> 16.1 Overview<br/><br/> 16.2 Physical Security Threats<br/><br/> 16.3 Physical Security Prevention and Mitigation Measures<br/><br/> 16.4 Recovery from Physical Security Breaches<br/><br/> 16.5 Example: A Corporate Physical Security Policy<br/><br/> 16.6 Integration of Physical and Logical Security<br/><br/> 16.7 Recommended Reading<br/><br/> 16.8 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 17 Human Resources Security<br/><br/> 17.1 Security Awareness, Training, and Education<br/><br/> 17.2 Employment Practices and Policies<br/><br/> 17.3 E-Mail and Internet Use Policies<br/><br/> 17.4 Computer Security Incident Response Teams<br/><br/> 17.5 Recommended Reading<br/><br/> 17.6 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 18 Security Auditing<br/><br/> 18.1 Security Auditing Architecture<br/><br/> 18.2 The Security Audit Trail<br/><br/> 18.3 Implementing the Logging Function<br/><br/> 18.4 Audit Trail Analysis<br/><br/> 18.5 Example: An Integrated Approach<br/><br/> 18.6 Recommended Reading<br/><br/> 18.7 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 19 Legal and Ethical Aspects<br/><br/> 19.1 Cybercrime and Computer Crime<br/><br/> 19.2 Intellectual Property<br/><br/> 19.3 Privacy<br/><br/> 19.4 Ethical Issues<br/><br/> 19.5 Recommended Reading<br/><br/> 19.6 Key Terms, Review Questions, and Problems<br/><br/> Appendix 19A: Information Privacy Standard of Good Practice<br/><br/> <br/><br/>PART FOUR CRYPTOGRAPHIC ALGORITHMS<br/><br/>Chapter 20 Symmetric Encryption and Message Confidentiality<br/><br/> 20.1 Symmetric Encryption and Message Confidentiality<br/><br/> 20.2 Data Encryption Standard<br/><br/> 20.3 Advanced Encryption Standard<br/><br/> 20.4 Stream Ciphers and RC4<br/><br/> 20.5 Cipher Block Modes of Operation<br/><br/> 20.6 Location of Symmetric Encryption Devices<br/><br/> 20.7 Key Distribution<br/><br/> 20.8 Recommended Reading<br/><br/> 20.9 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 21 Public-Key Cryptography and Message Authentication<br/><br/> 21.1 Secure Hash Functions<br/><br/> 21.2 HMAC<br/><br/> 21.3 The RSA Public-Key Encryption Algorithm<br/><br/> 21.4 Diffie-Hellman and Other Asymmetric Algorithms<br/><br/> 21.5 Recommended Reading<br/><br/> 21.6 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>PART FIVE NETWORK SECURITY<br/><br/>Chapter 22 Internet Security Protocols and Standards<br/><br/> 22.1 Secure Email and S/MIME<br/><br/> 22.2 DomainKeys Identified Mail<br/><br/> 22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)<br/><br/> 22.4 HTTPS<br/><br/> 22.5 IPv4 and IPv6 Security<br/><br/> 22.6 Recommended Reading<br/><br/> 22.7 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 23 Internet Authentication Applications<br/><br/> 23.1 Kerberos<br/><br/> 23.2 X.509<br/><br/> 23.3 Public-Key Infrastructure<br/><br/> 23.4 Federated Identity Management<br/><br/> 23.5 Recommended Reading<br/><br/> 23.6 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 24 Wireless Network Security<br/><br/> 24.1 Wireless Security Overview<br/><br/> 24.2 Mobile Device Security<br/><br/> 24.3 IEEE 802.11 Wireless LAN Overview<br/><br/> 24.4 IEEE 802.11i Wireless LAN Security<br/><br/> 24.5 Recommended Reading<br/><br/> 24.6 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>APPENDICES<br/><br/>Appendix A Projects and Other Student Exercises for Teaching Computer Security<br/><br/> A.1 Hacking Project<br/><br/> A.2 Laboratory Exercises<br/><br/> A.3 Security Education (SEED) Projects<br/><br/> A.4 Research Projects<br/><br/> A.5 Programming Projects<br/><br/> A.6 Practical Security Assessments<br/><br/> A.7 Firewall Projects<br/><br/> A.8 Case Studies<br/><br/> A.9 Reading/Report Assignments<br/><br/> A.10 Writing Assignments<br/><br/> A.11 Webcasts for Teaching Computer Security<br/><br/> <br/><br/>REFERENCES<br/><br/>INDEX<br/><br/>LIST OF ACRONYMS<br/><br/> <br/><br/>ONLINE CHAPTERS AND APPENDICES<br/><br/>Online chapters, appendices, and other documents are Premium Content, available via the access card printed in the front of the book.<br/><br/> <br/><br/>Chapter 25 Linux Security<br/><br/> 25.1 Introduction<br/><br/> 25.2 Linux's Security Model<br/><br/> 25.3 The Linux DAC in Depth: Filesystem Security<br/><br/> 25.4 Linux Vulnerabilities<br/><br/> 25.5 Linux System Hardening<br/><br/> 25.6 Application Security<br/><br/> 25.7 Mandatory Access Controls<br/><br/> 25.8 Recommended Reading<br/><br/> 25.9 Key Terms, Review Questions, and Problems<br/><br/> <br/><br/>Chapter 26 Windows and Windows Vista Security<br/><br/> 26.1 Windows Security Architecture<br/><br/> 26.2 Windows Vulnerabilities<br/><br/> 26.3 Windows Security Defenses<br/><br/> 26.4 Browser Defenses<br/><br/> 26.5 Cryptographic Services<br/><br/> 26.6 Common Criteria<br/><br/> 26.7 Recommended Reading<br/><br/> 26.8 Key Terms, Review Questions, Problems, and Projects<br/><br/>
505 0# - FORMATTED CONTENTS NOTE
Formatted contents note	Chapter 5 Database and Cloud Security<br/> 5.1 The Need for Database Security<br/> 5.2 Database Management Systems<br/> 5.3 Relational Databases<br/> 5.4 SQL Injection Attacks<br/> 5.5 Database Access Control<br/> 5.6 Inference<br/> 5.7 Database Encryption<br/> 5.8 Cloud Computing<br/> 5.9 Cloud Security Risks and Countermeasures<br/> 5.10 Data Protection in the Cloud<br/> 5.11 Cloud Security as a Service<br/> 5.12 Recommended Reading<br/> 5.13 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 6 Malicious Software<br/> 6.1 Types of Malicious Software<br/> 6.2 Advanced Persistent Threat<br/> 6.2 Propagation – Infected Content - Viruses<br/> 6.3 Propagation – Vulnerability Exploit - Worms<br/> 6.4 Propagation – Social Engineering – SPAM E-Mail, Trojans<br/> 6.5 Payload – System Corruption<br/> 6.6 Payload – Attack Agent – Zombie, Bots<br/> 6.7 Payload – Information Theft – Keyloggers, Phishing, Spyware<br/> 6.8 Payload – Stealthing – Backdoors, Rootkits<br/> 6.9 Countermeasures<br/> 6.10 Recommended Reading<br/> 6.11 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 7 Denial-of-Service Attacks<br/> 7.1 Denial-of-Service Attacks<br/> 7.2 Flooding Attacks<br/> 7.3 Distributed Denial-of-Service Attacks<br/> 7.4 Application-Based Bandwidth Attacks<br/> 7.5 Reflector and Amplifier Attacks<br/> 7.6 Defenses Against Denial-of-Service Attacks<br/> 7.7 Responding to a Denial-of-Service Attack<br/> 7.8 Recommended Reading<br/> 7.9 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 8 Intrusion Detection<br/> 8.1 Intruders<br/> 8.2 Intrusion Detection<br/> 8.3 Analysis Approaches<br/> 8.4 Host-Based Intrusion Detection<br/> 8.5 Network-Based Intrusion Detection<br/> 8.6 Distributed or Hybrid Intrusion Detection<br/> 8.7 Intrusion Detection Exchange Format<br/> 8.8 Honeypots<br/> 8.9 Example System: Snort<br/> 8.10 Recommended Reading<br/> 8.11 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 9 Firewalls and Intrusion Prevention Systems<br/> 9.1 The Need for Firewalls<br/> 9.2 Firewall Characteristics and Access Policy<br/> 9.3 Types of Firewalls<br/>
505 0# - FORMATTED CONTENTS NOTE
Formatted contents note	9.4 Firewall Basing<br/> 9.5 Firewall Location and Configurations<br/> 9.6 Intrusion Prevention Systems<br/> 9.7 Example: Unified Threat Management Products<br/> 9.8 Recommended Reading<br/> 9.9 Key Terms, Review Questions, and Problems<br/> <br/>PART TWO SOFTWARE SECURITY AND TRUSTED SYSTEMS<br/>Chapter 10 Buffer Overflow<br/> 10.1 Stack Overflows<br/> 10.2 Defending Against Buffer Overflows<br/> 10.3 Other Forms of Overflow Attacks<br/> 10.4 Recommended Reading<br/> 10.5 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 11 Software Security<br/> 11.1 Software Security Issues<br/> 11.2 Handling Program Input<br/> 11.3 Writing Safe Program Code<br/> 11.4 Interacting with the Operating System and Other Programs<br/> 11.5 Handling Program Input<br/> 11.6 Recommended Reading<br/> 11.7 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 12 Operating System Security<br/> 12.1 Introduction to Operating System Security<br/> 12.3 System Security Planning<br/> 12.3 Operating Systems Hardening<br/> 12.4 Application Security<br/> 12.5 Security Maintenance<br/> 12.6 Linux/UNIX Security<br/> 12.7 Windows Security<br/> 12.8 Virtualization Security<br/> 12.9 Recommended Reading<br/> 12.10 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 13 Trusted Computing and Multilevel Security<br/> 13.1 The Bell-LaPadula Model for Computer Security<br/> 13.2 Other Formal Models for Computer Security<br/> 13.3 The Concept of Trusted Systems<br/> 13.4 Application of Multilevel Security<br/> 13.5 Trusted Computing and the Trusted Platform Module<br/> 13.6 Common Criteria for Information Technology Security Evaluation<br/> 13.7 Assurance and Evaluation<br/> 13.8 Recommended Reading<br/> 13.9 Key Terms, Review Questions, and Problems<br/> <br/>PART THREE MANAGEMENT ISSUES<br/>Chapter 14 IT Security Management and Risk Assessment<br/> 14.1 IT Security Management<br/> 14.2 Organizational Context and Security Policy<br/> 14.3 Security Risk Assessment<br/> 14.4 Detailed Security Risk Analysis<br/> 14.5 Case Study: Silver Star Mines<br/> 14.6 Recommended Reading<br/> 14.7 Key Terms, Review Questions, and Problems<br/>
505 0# - FORMATTED CONTENTS NOTE
Formatted contents note	Chapter 15 IT Security Controls, Plans and Procedures<br/> 15.1 IT Security Management Implementation<br/> 15.2 Security Controls or Safeguards<br/> 15.3 IT Security Plan<br/> 15.4 Implementation of Controls<br/> 15.5 Monitoring Risks<br/> 15.6 Case Study: Silver Star Mines<br/> 15.7 Recommended Reading<br/> 15.8 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 16 Physical and Infrastructure Security<br/> 16.1 Overview<br/> 16.2 Physical Security Threats<br/> 16.3 Physical Security Prevention and Mitigation Measures<br/> 16.4 Recovery from Physical Security Breaches<br/> 16.5 Example: A Corporate Physical Security Policy<br/> 16.6 Integration of Physical and Logical Security<br/> 16.7 Recommended Reading<br/> 16.8 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 17 Human Resources Security<br/> 17.1 Security Awareness, Training, and Education<br/> 17.2 Employment Practices and Policies<br/> 17.3 E-Mail and Internet Use Policies<br/> 17.4 Computer Security Incident Response Teams<br/> 17.5 Recommended Reading<br/> 17.6 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 18 Security Auditing<br/> 18.1 Security Auditing Architecture<br/> 18.2 The Security Audit Trail<br/> 18.3 Implementing the Logging Function<br/> 18.4 Audit Trail Analysis<br/> 18.5 Example: An Integrated Approach<br/> 18.6 Recommended Reading<br/> 18.7 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 19 Legal and Ethical Aspects<br/> 19.1 Cybercrime and Computer Crime<br/> 19.2 Intellectual Property<br/> 19.3 Privacy<br/> 19.4 Ethical Issues<br/> 19.5 Recommended Reading<br/> 19.6 Key Terms, Review Questions, and Problems<br/> Appendix 19A: Information Privacy Standard of Good Practice<br/> <br/>PART FOUR CRYPTOGRAPHIC ALGORITHMS<br/>Chapter 20 Symmetric Encryption and Message Confidentiality<br/> 20.1 Symmetric Encryption and Message Confidentiality<br/> 20.2 Data Encryption Standard<br/> 20.3 Advanced Encryption Standard<br/> 20.4 Stream Ciphers and RC4<br/> 20.5 Cipher Block Modes of Operation<br/> 20.6 Location of Symmetric Encryption Devices<br/> 20.7 Key Distribution<br/>
505 0# - FORMATTED CONTENTS NOTE
Formatted contents note	20.8 Recommended Reading<br/> 20.9 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 21 Public-Key Cryptography and Message Authentication<br/> 21.1 Secure Hash Functions<br/> 21.2 HMAC<br/> 21.3 The RSA Public-Key Encryption Algorithm<br/> 21.4 Diffie-Hellman and Other Asymmetric Algorithms<br/> 21.5 Recommended Reading<br/> 21.6 Key Terms, Review Questions, and Problems<br/> <br/>PART FIVE NETWORK SECURITY<br/>Chapter 22 Internet Security Protocols and Standards<br/> 22.1 Secure Email and S/MIME<br/> 22.2 DomainKeys Identified Mail<br/> 22.3 Secure Sockets Layer (SSL) and Transport Layer Security (TLS)<br/> 22.4 HTTPS<br/> 22.5 IPv4 and IPv6 Security<br/> 22.6 Recommended Reading<br/> 22.7 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 23 Internet Authentication Applications<br/> 23.1 Kerberos<br/> 23.2 X.509<br/> 23.3 Public-Key Infrastructure<br/> 23.4 Federated Identity Management<br/> 23.5 Recommended Reading<br/> 23.6 Key Terms, Review Questions, and Problems<br/> <br/>Chapter 24 Wireless Network Security<br/> 24.1 Wireless Security Overview<br/> 24.2 Mobile Device Security<br/> 24.3 IEEE 802.11 Wireless LAN Overview<br/> 24.4 IEEE 802.11i Wireless LAN Security<br/> 24.5 Recommended Reading<br/> 24.6 Key Terms, Review Questions, and Problems<br/> <br/>APPENDICES<br/>Appendix A Projects and Other Student Exercises for Teaching Computer Security<br/> A.1 Hacking Project<br/> A.2 Laboratory Exercises<br/> A.3 Security Education (SEED) Projects<br/> A.4 Research Projects<br/> A.5 Programming Projects<br/> A.6 Practical Security Assessments<br/> A.7 Firewall Projects<br/> A.8 Case Studies<br/> A.9 Reading/Report Assignments<br/> A.10 Writing Assignments<br/> A.11 Webcasts for Teaching Computer Security<br/> <br/>REFERENCES<br/>INDEX<br/>LIST OF ACRONYMS<br/> <br/><br/>
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
Topical term or geographic name as entry element	Computer security.
650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
Topical term or geographic name as entry element	Computer networks
General subdivision	Security measures.
700 1# - ADDED ENTRY--PERSONAL NAME
Personal name	Brown, Lawrie,
Relator term	author.
906 ## - LOCAL DATA ELEMENT F, LDF (RLIN)
a	7
b	cbc
c	orignew
d	1
e	ecip
f	20
g	y-gencatlg
942 ## - ADDED ENTRY ELEMENTS (KOHA)
Source of classification or shelving scheme	Dewey Decimal Classification
Koha item type	Books

Holdings
Lost status	Source of classification or shelving scheme	Damaged status	Not for loan	Collection code	Home library	Current library	Shelving location	Date acquired	Source of acquisition	Cost, normal purchase price	Acquisition method	Total Checkouts	Full call number	Barcode	Date last seen	Price effective from	Koha item type
	Dewey Decimal Classification			Computers & Information Technology ( Computer Science )	Main library	Main library	A2	11/02/2016	Mediterranean Publishers Services	330.00	Purchase		005.8 S.W.C	00012733	19/02/2025	11/02/2016	Books