Skip to content

Principles of Computer Security Security+ and Beyond

Spend $50 to get a free DVD!

ISBN-10: 0072255099

ISBN-13: 9780072255096

Edition: 2005

Authors: Wm. Arthur Conklin, Gregory White, Chuck Cothren, Dwayne Williams, Roger L. Davis

List price: $161.00
Blue ribbon 30 day, 100% satisfaction guarantee!
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Customers also bought

Book details

List price: $161.00
Copyright year: 2005
Publisher: McGraw-Hill Higher Education
Publication date: 3/15/2004
Binding: Hardcover
Pages: 800
Size: 7.25" wide x 9.00" long x 2.00" tall
Weight: 2.596
Language: English

Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklin’s interests are information security, systems theory, and secure software design.

Greg White (San Antonio, TX), Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA, and was the author of the first edition of the Security+ All-in-One Exam Guide from McGraw-Hill.

Acknowledgments
Foreword
Preface
Introduction
Introduction and Security Trends
The Security Problem
Avenues of Attack
Chapter Review
General Security Concepts
Basic Security Terminology
Security Models
Chapter Review
Operational/ Organizational Security
Security Operations in Your Organization
Physical Security
Social Engineering
Environment
Wireless
Electromagnetic Eavesdropping
Location
Chapter Review
The Role of People in Security
People--A Security Problem
People as a Security Tool
Chapter Review
Cryptography
Algorithms
Hashing
Symmetric Encryption
Asymmetric Encryption
Usage
Chapter Review
Public Key Infrastructure
The Basics of Public Key Infrastructures
Certificate Authorities
Registration Authorities
Certificate Repositories
Trust and Certificate Verification
Digital Certificates
Centralized or Decentralized Infrastructures
Private Key Protection
Public Certificate Authorities
In-House Certificate Authorities
Outsourced Certificate Authorities
Tying Different PKIs Together
Certificate Usage
Chapter Review
Standards and Protocols
PKIX/PKCS
X.509
SSL/TLS
ISAKMP
CMP
XKMS
S/MIME
PGP
HTTPS
IPSec
CEP
FIPS
Common Criteria (CC)
WTLS
WEP
ISO 17799
Chapter Review
The Impact of Physical Security on Network Security
The Problem
Physical Security Safeguards
Chapter Review
Network Fundamentals
Network Architectures
Network Topology
Network Protocols
Packet Delivery
Chapter Review
Infrastructure Security
Devices
Media
Security Concerns for Transmission Media
Removable Media
Security Topologies
Tunneling
Chapter Review
Remote Access
The Remote Access Process
Telnet
SSH
L2TP and PPTP
IEEE 802.11
VPN
IPSec
IEEE 802.1x
RADIUS
TACACS+
Vulnerabilities
Connection Summary
Chapter Review
Wireless and Instant Messaging
Wireless
Instant Messaging
Chapter Review
Intrusion Detection Systems
History of Intrusion Detection Systems
IDS Overview
Host-Based Intrusion Detection Systems
Network-Based Intrusion Detection Systems
Signatures
False Positives and Negatives
IDS Models
Chapter Review
Security Baselines
Overview Baselines
Password Selection
Operating System and Network Operating System Hardening
Network Hardening
Application Hardening
Chapter Review
Attacks and Malware
Attacking Computer Systems and Networks
Auditing
Chapter Review
E-mail
Security of E-mail Transmissions
Malicious Code
Hoax E-mails
Unsolicited Commercial E-mail (Spam)
Mail Encryption
Chapter Review
Web Components
Current Web Components and Concerns
Protocols
Code-Based Vulnerabilities
Chapter Review
Software Development
The Software Engineering Process
Good Practices
Chapter Review
Disaster Recovery, Business Continuity, and Organizational Policies
Disaster Recovery
Policies and Procedures
Chapter Review
Risk Management
An Overview of Risk Management
What Is Risk Management?
Business Risks
Risk Management Models
Qualitatively Assessing Risk
Quantitatively Assessing Risk
Qualitative vs. Quantitative Risk Assessment
Tools
Chapter Review
Change Management
Why Change Management?
The Key Concept: Segregation of Duties
Elements of Change Management
Implementing Change Management
The Capability Maturity Model
Chapter Review
Privilege Management
User, Group, and Role Management
Single Sign-On
Centralized vs. Decentralized Management
Auditing (Privilege, Usage, and Escalation)
Handling Access Control (MAC, DAC, and RBAC)
Chapter Review
Computer Forensics
Evidence
Collecting Evidence
Chain of Custody
Free Space vs. Slack Space
What's This Message Digest and Hash?
Analysis
Chapter Review
Security and Law
Import/Export Encryption Restrictions
Digital Signature Laws
Digital Rights Management
Privacy Laws
Computer Trespass
Ethics
Chapter Review
About the CD-ROM
System Requirements
LearnKey Online Training
Installing and Running MasterExam
Help
Removing Installation(s)
Technical Support
About the Security+ Exam
SSCP Exam
SSCP Body of Knowledge
Glossary
Index