|
Table of Contents
- Chapter 1: Security Triad
- Confidentiality
- Integrity
- Availability
- Chapter 2: Principles of Secure Design
- Principles
- Principles and Reality
- Chapter 3: Risk Management
- Assets
- Threats, Vulnerabilities, and Risk
- Asset Value and Loss
- Countermeasures
- Chapter 4: Security Policies
- Types of Security Policies
- Administering Security Policies
- Chapter 5: Business Continuity Planning
- Business Continuity Planning
- Business Impact Analysis
- BCP Development
- Testing a BCP
- BCP Life Cycle
- Chapter 6: Operational Security
- Operational Security Defined
- Origins of OPSEC
- Laws of OPSEC
- Know Your Adversary
- Intelligence Gathering
- Physical Security
- Administrative Controls
- Chapter 7: Access Controls Models
- Confidentiality Access Control Model
- Integrity Access Control Model
- Access Control Models
- Chapter 8: Communicating Security
Effectively
- Information Technology Staff Security Communications
- Other Staff Security Communications
- Training
- Management and Executive Staff Security Communications
- Chapter 9: Security Architecture
- Security Architecture Theory
- System Security Architecture
- Secure Network Architecture
- Chapter 10: Intrusion Detection
- Intrusion Defined
- Types of Intruders
- Intrusion Detection Concepts
- Types of Intrusion Detection
- Intrusion Detection Systems
- Chapter 11: Cryptography
- A Brief History of Cryptography
- How Encryption Works
- Encryption Algorithms
- Internet Key Exchange
- Chapter 12: Baselining and Penetration
Testing
- Baselining
- Penetration Testing
- Chapter 13: Access Control Technologies
- Authentication Methods
- Access Control Methods
- Access Control Technologies
- Administering Access Control
- Accountability
- Chapter 14: Small-Network Security
- Remote Office/Branch Office
- Remote Users
- Small Businesses
- Home Users
- Chapter 15: Intranets, Extranets,
and Virtual Corporations
- Intranets
- Extranets
- Virtual Corporations
- Chapter 16: Securing the Enterprise
- Security Goals and Functions
|
