Information Security: The Complete Reference (The Complete Reference 2nd Revised edition)

Information Security: The Complete Reference (The Complete Reference 2nd Revised edition)

By: Mark Rhodes-Ousley (author)Paperback

Only 1 in stock

£34.44 RRP £52.99  You save £18.55 (35%) With FREE Saver Delivery


This thorough update to the most authoritative volume available on network security covers the latest security standards and regulations. Network Security: The Complete Reference, Second Edition guides security practitioners through how to plan, implement, and maintain a secure network, protect confidential information, and ensure corporate networks are in compliance with the latest regulations. The book covers essential standards, such as ISO 27001, CoBIT, and SAS 70. Important legal regulations (and their context and relevance), such as Sarbanes-Oxley (SOX), SB 1386, SB 1841, FFIEC, Gramm-Leach-Bliley (GLB), and HIPAA are highlighted throughout where their relevance intersects with topics--enhancing this edition's value and practicality. This authoritative volume includes contributions from 30+ technical experts and leaders in the security industry. New chapters have been added on VoIP security, controlling application behavior, and operational security. The chapters covering system security, planning and response, and standards compliance have been extensively revised. The 37 chapters are divided into six parts. Part 1 covers the elements of network security foundations including policies, organization, and defense models. Part II covers access control, including security management, operational security, and data security. Part III gets into key network security aspects, including firewalls, virtual private networks, wireless security, VoIP security, and more. Part IV explains system security, focusing on security models, UNIX, Linux, and Windows Security. Part V covers application security, including J2EE, Windows .NET, database security, writing secure software, and more. Part VI explains planning and response, including disaster recovery, attacks and countermeasures, incident response, as well as legal, regulatory, and standards compliance. Network Security: The Complete Reference, Second Edition Now presents essential security standards and regulation information paired with related topics throughout the book, greatly enhancing ease-of-use and the ability to readily apply business recommendations Teaches end-to-end IT security concepts and techniques, complete with methodology, analysis, case examples, tips, and all the technical supporting details needed to suit an IT audience's requirements Spans from a beginner to advanced practitioner level Includes detailed updates on how to assure business compliance with IT standards and regulations, including ISO 27001, CoBIT, SAS 70, and SOX Offers completely updated coverage of Linux/UNIX, wireless, secure Windows, VPN, software development, and physical premises Contains comprehensive information on how to design an effective security defense model, develop and deploy computer, personnel, and physical security policies, design and manage authentication and authorization methods, and much more

Create a review

About Author

Mark Rhodes-Ousley has 20 years of experience with every aspect of security, from program management to technology. That experience includes risk management, security policies, security management, technology implementation and operations, physical security, disaster recovery, and business continuity planning. He holds two core beliefs: that business processes are just as important as technology because security relies on people; and that security should be a business enabler with a goal of enhancing the customer experience. Mark is CISSP, CISM, and MCSE certified.


Part 1: Network Security Foundations 1 Overview 2 Risk Analysis and Defense Models 3 Security Policies 4 Security Organization Part 2: Access Control 5 Security Management 6 Physical Security 7 Operational Security 8 Authentication and Authorization Controls 9 Data Security Part 3: Network Security 10 Network Design Considerations 11 Network Device Security 12 Firewalls 13 Virtual Private Networks 14 Wireless Network Security 15 Intrusion Detection Systems 16 Integrity and Availability 17 Network Role-Based Security 18 Voice-Over-IP (VOIP) Security Part 4: System Security 19 Operating System Security Models 20 Unix Security 21 Linux Security 22 Windows Security Part 5: Application Security 23 Principles of Application Security 24 Controlling Application Behavior 25 Writing Secure Software 26 J2EE Security 27 Windows .NET Security 28 Database Security Part 6: Planning and Response 29 Disaster Recovery and Business Continuity 30 Attacks and Countermeasures 31 Incident Response and Forensic Analysis 32 Legal, Regulatory, and Standards Compliance

Product Details

  • publication date: 01/04/2013
  • ISBN13: 9780071784351
  • Format: Paperback
  • Number Of Pages: 896
  • ID: 9780071784351
  • weight: 1422
  • ISBN10: 0071784357
  • edition: 2nd Revised edition

Delivery Information

  • Saver Delivery: Yes
  • 1st Class Delivery: Yes
  • Courier Delivery: Yes
  • Store Delivery: Yes

Prices are for internet purchases only. Prices and availability in WHSmith Stores may vary significantly