Warehouse Stock Clearance Sale

Grab a bargain today!

Principles of Computer Security


Product Description
Product Details

Table of Contents

Instructor Website
Chapter 1 Introduction and Security Trends
   The Computer Security Problem
   Threats to Security
   Attributes of Actors
   Security Trends
   Targets and Attacks
   Approaches to Computer Security
   Additional References
   Chapter 1 Review
Chapter 2 General Security Concepts
   Basic Security Terminology
   Formal Security Models
   Additional References
   Chapter 2 Review
Chapter 3 Operational and Organizational Security
   Policies, Procedures, Standards, and Guidelines
   Organizational Policies
   Security Policies
   Human Resources Policies
   Security Awareness and Training
   Standard Operating Procedures
   Third-Party Risk Management
   Interoperability Agreements
   Chapter 3 Review
Chapter 4 The Role of People in Security
   People—A Security Problem
   Poor Security Practices
   People as a Security Tool
   Chapter 4 Review
Chapter 5 Cryptography
   Cryptography in Practice
   Cryptographic Objectives
   Historical Perspectives
   Hashing Functions
   Symmetric Encryption
   Asymmetric Encryption
   Quantum Cryptography
   Lightweight Cryptography
   Homomorphic Encryption
   For More Information
   Chapter 5 Review
Chapter 6 Applied Cryptography
   Cryptography Use
   Cipher Suites
   Secure Protocols
   Secure Protocol Use Cases
   Cryptographic Attacks
   Other Standards
   Chapter 6 Review
Chapter 7 Public Key Infrastructure
   The Basics of Public Key Infrastructures
   Certificate Authorities
   Trust Models
   Digital Certificates
   Certificate Lifecycles
   Certificate Repositories
   Centralized and Decentralized Infrastructures
   Certificate-Based Threats
   PKIX and PKCS
   Chapter 7 Review
Chapter 8 Physical Security
   The Security Problem
   Physical Security Safeguards
   Environmental Controls
   Fire Suppression
   Electromagnetic Environment
   Power Protection
   Chapter 8 Review
Chapter 9 Network Fundamentals
   Network Architectures
   Network Topology
   Security Zones
   Network Protocols
   Internet Protocol
   IPv4 vs. IPv6
   Packet Delivery
   Software-Defined Networking (SDN)
   Quality of Service (QoS)
   Traffic Engineering
   Route Security
   For More Information
   Chapter 9 Review
Chapter 10 Infrastructure Security
   Security Devices
   Security Device/Technology Placement
   Storage Area Networks
   Removable Media
   Security Concerns for Transmission Media
   Physical Security Concerns
   Chapter 10 Review
Chapter 11 Authentication and Remote Access
   User, Group, and Role Management
   Account Policies
   Authentication Methods
   Biometric Factors
   Biometric Efficacy Rates
   Multifactor Authentication
   Remote Access
   Preventing Data Loss or Theft
   Database Security
   Cloud vs. On-premises Requirements
   Connection Summary
   For More Information
   Chapter 11 Review
Chapter 12 Wireless Security and Mobile Devices
   Connection Methods and Receivers
   Wireless Protocols
   Wireless Systems Configuration
   Wireless Attacks
   Mobile Device Management Concepts
   Mobile Application Security
   Mobile Devices
   Policies for Enforcement and Monitoring
   Deployment Models
   Chapter 12 Review
Chapter 13 Intrusion Detection Systems and Network Security
   History of Intrusion Detection Systems
   IDS Overview
   Network-Based IDSs
   Host-Based IDSs
   Intrusion Prevention Systems
   Network Security Monitoring
   Deception and Disruption Technologies
   Indicators of Compromise
   For More Information
   Chapter 13 Review
Chapter 14 System Hardening and Baselines
   Overview of Baselines
   Hardware/Firmware Security
   Operating System and Network Operating System Hardening
   Secure Baseline
   Endpoint Protection
   Network Hardening
   Application Hardening
   Data-Based Security Controls
   Alternative Environments
   Industry-Standard Frameworks and Reference Architectures
   Benchmarks/Secure Configuration Guides
   For More Information
   Chapter 14 Review
Chapter 15 Types of Attacks and Malicious Software
   Avenues of Attack
   Malicious Code
   Attacking Computer Systems and Networks
   Advanced Persistent Threat
   Password Attacks
   Chapter 15 Review
Chapter 16 Security Tools and Techniques
   Network Reconnaissance and Discovery Tools
   File Manipulation Tools
   Shell and Script Environments
   Packet Capture and Replay Tools
   Forensic Tools
   Tool Suites
   Penetration Testing
   Vulnerability Testing
   Chapter 16 Review
Chapter 17 Web Components, E-mail, and Instant Messaging
   Current Web Components and Concerns
   Web Protocols
   Code-Based Vulnerabilities
   Application-Based Weaknesses
   How E-mail Works
   Security of E-mail
   Mail Gateway
   Mail Encryption
   Instant Messaging
   Chapter 17 Review
Chapter 18 Cloud Computing
   Cloud Computing
   Cloud Types
   Cloud Service Providers
   Cloud Security Controls
   Security as a Service
   Cloud Security Solutions
   Fog Computing
   Edge Computing
   Thin Client
   Serverless Architecture
   Chapter 18 Review
Chapter 19 Secure Software Development
   The Software Engineering Process
   Secure Coding Concepts
   Application Attacks
   Application Hardening
   Code Quality and Testing
   Compiled Code vs. Runtime Code
   Software Diversity
   Secure DevOps
   Version Control and Change Management
   Provisioning and Deprovisioning
   Integrity Measurement
   For More Information
   Chapter 19 Review
Chapter 20 Risk Management
   An Overview of Risk Management
   Risk Management Vocabulary
   What Is Risk Management?
   Security Controls
   Business Risks
   Third-party Risks
   Risk Mitigation Strategies
   Risk Management Models
   Risk Assessment
   Qualitatively Assessing Risk
   Quantitatively Assessing Risk
   Qualitative vs. Quantitative Risk Assessment
   Risk Management Best Practices
   Additional References
   Chapter 20 Review
Chapter 21 Business Continuity, Disaster Recovery, and Change Management
   Business Continuity
   Continuity of Operations Planning (COOP)
   Disaster Recovery
   Why Change Management?
   The Key Concept: Separation of Duties
   Elements of Change Management
   Implementing Change Management
   The Purpose of a Change Control Board
   The Capability Maturity Model Integration
   Secure Baseline
   Integrity Measurement
   Chapter 21 Review
Chapter 22 Incident Response
   Foundations of Incident Response
   Attack Frameworks
   Threat Intelligence
   Incident Response Process
   Stakeholder Management
   Communication Plan
   Data Sources
   Log Files
   Data Collection Models
   Standards and Best Practices
   For More Information
   Chapter 22 Review
Chapter 23 Computer Forensics
   Chain of Custody
   Forensic Process
   Message Digest and Hash
   Host Forensics
   Device Forensics
   Network Forensics
   Legal Hold
   Chapter 23 Review
Chapter 24 Legal Issues and Ethics
   Chapter 24 Review
Chapter 25 Privacy
   Data Handling
   Organizational Consequences of Privacy Breaches
   Data Sensitivity Labeling and Handling
   Data Roles
   Data Destruction and Media Sanitization
   U.S. Privacy Laws
   International Privacy Laws
   Privacy-Enhancing Technologies
   Privacy Policies
   Privacy Impact Assessment
   Web Privacy Issues
   Privacy in Practice
   For More Information
   Chapter 25 Review
Appendix A CompTIA Security+ Exam Objectives: SY0-601
Appendix B About the Online Content
   System Requirements
   Your Total Seminars Training Hub Account
   Single User License Terms and Conditions
   TotalTester Online
   Technical Support

About the Author

Greg White (San Antonio, TX), CompTIA Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA.

Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University.

Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University.

Ask a Question About this Product More...
Look for similar items by category
Home » Books » Computers » Security » Networking
People also searched for
Item ships from and is sold by Fishpond World Ltd.

Back to top
We use essential and some optional cookies to provide you the best shopping experience. Visit our cookies policy page for more information.