Information security book excerpts and reviews

Visit the Information Security Bookshelf for book reviews and free chapter downloads.

Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides Written by Cameron H. Malin, Eoghan Casey, James M. Aquilina Published by Syngress In this excerpt from chapter three of Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides, authors Cameron H. Malin, Eoghan Casey and James M. Aquilina discuss postmortem forensics and how to discover and extract malware and associated artifacts...

from Linux systems. >>READ AN EXCERPT FROM CHAPTER 3, Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides

 

Computer Incident Response and Forensics Team Management cover

Computer Incident Response and Forensics Team Management
Written by
Leighton R. Johnson III
Published by Syngress
In this excerpt from chapter 4 of Computer Incident Response and Forensics Team Management, author Leighton R. Johnson III explains the personal skills team members need to successfully handle a security incident.
>> READ AN EXCERPT FROM CHAPTER 4, COMPUTER INCIDENT RESPONSE AND FORENSICS TEAM MANAGEMENT

 

Digital Forensics Processing and Procedures coverDigital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements
Written by
David Watson and Andrew Jones
Published by Syngress
In this excerpt from chapter 3 of Digital Forensics Processing and Procedures, authors David Watson and Andrew Jones provide insight on areas that will need to be considered while setting up a forensic laboratory, including documentation requirements and competence, awareness and training.
>> READ AN EXCERPT FROM CHAPTER 3, DIGITAL FORENSICS PROCESSING AND PROCEDURES

 

Investigating Internet Crimes coverInvestigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace
Written by
Todd G. Shipley and Art Bowker
Published by Syngress
In this excerpt from chapter 8 of Investigating Internet Crimes, authors Todd G. Shipley and Art Bowker discuss tracing IP addresses through the Internet, including the online tools used for tracing IP addresses, available Internet tools, and finding the geolocation of an IP address.
>> READ AN EXCERPT FROM CHAPTER 8, INVESTIGATING INTERNET CRIMES: AN INTRODUCTION TO SOLVING CRIMES IN CYBERSPACE

 

FISMA Compliance Handbook coverFISMA Compliance Handbook
Written by
Laura P. Taylor
Published by
Syngress
In this excerpt from chapter 3 of the FISMA Compliance Handbook, author Laura P. Taylor discusses the five methodologies that agencies use as a basis to carry out FISMA compliance.
>> READ AN EXCERPT FROM CHAPTER 3, FISMA COMPLIANCE HANDBOOK

 

Unified Communications Forensics coverUnified Communications Forensics: Anatomy of Common UC Attacks
Written by
Nicholas Grant and Joseph W. Shaw II
Published by Syngress
In this excerpt from chapter 7 of Unified Communications Forensics: Anatomy of Common UC Attacks, authors Nicholas Grant and Joseph W. Shaw II discuss how hackers gain initial access into UC systems and how to scan the network for potential vulnerabilities.
>> READ AN EXCERPT FROM CHAPTER 7, UNIFIED COMMUNICATIONS FORENSICS

 

Linux Malware Incident Response coverLinux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data
Written by
Cameron Malin, Eoghan Casey and James Aquilina
Published by Syngress
In this excerpt from Linux Malware Incident Response, authors Cameron Malin, Eoghan Casey and James Aquilina discuss volatile data collection methodology, steps and preservation.
>> READ AN EXCERPT FROM LINUX MALWARE INCIDENT RESPONSE

 

 

Placing the Subject Behind the Keyboard coverPlacing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects
Written by
Brett Shavers
Published by Syngress
In this excerpt from chapter 11 of Placing the Suspect Behind the Keyboard, author Brett Shavers describes the life and casework of a cyber-investigator.
>> READ AN EXCERPT FROM CHAPTER 11, PLACING THE SUSPECT BEHIND THE KEYBOARD

 

Social Media Security coverSocial Media Security: Leveraging Social Networking While Mitigating Risk
Written by
Michael Cross
Published by Syngress
In this excerpt from chapter 10 of Social Media Security, author Michael Cross explains how to keep track of social media accounts, how to conduct security reviews, and offers a number of strategies to help ensure social media security.
>> READ AN EXCERPT FROM CHAPTER 3, SOCIAL MEDIA SECURITY


 

Risk Management Framework coverRisk Management Framework: A Lab-Based Approach to Securing Information Systems
Written by
James Broad
Published by Syngress
In this excerpt from chapter 3 of Risk Management Framework, author James Broad discusses the four components of risk management.
>> READ AN EXCERPT FROM CHAPTER 3, RISK MANAGEMENT FRAMEWORK


 

CISSP All-in-One Exam Guide, Sixth Edition
Written by
Shon Harris
Published by McGraw-Hill Osborne Media
This excerpt from chapter 1 of CISSP All-in-One Exam Guide, Sixth Edition, has been updated to completely cover the latest releases from (ISC)2, including references for government employees and contractors subject to new requirements. Also, get several brand-new CISSP exam practice questions when you download the full chapter.
>>READ AN EXCERPT FROM CHAPTER 1, CISSP ALL-IN-ONE EXAM GUIDE

 

Network Forensics: Tracking Hackers Through Cyberspace
Written by
Sherri Davidoff and Jonathan Ham
Published by Prentice Hall Publishing
In this excerpt from chapter 10 of Network Forensics: Tracking Hackers Through Cyberspace, authors Sherri Davidoff and Jonathan Ham discuss Web proxies and caching and how these technologies can benefit forensic analysts.
>>READ AN EXCERPT FROM CHAPTER 10, NETWORK FORENSICS: TRACKING HACKERS THROUGH CYBERSPACE

 

The CERT Guide to Insider Threats 
Written by
Dawn M Cappelli, Andrew P Moore, and Randall F. Trzeciak 
Published by Addison-Wesley Professional
In this excerpt from chapter 3 of The CERT Guide to Insider Threats, authors Dawn M Cappelli, Andrew P Moore, and Randall F. Trzeciak describe entitlement-based attack models and how to implement controls to prevent entitled assailants from gaining access to critical information.
>>READ AN EXCERPT FROM CHAPTER 3, INSIDER THEFT OF INTELLECTUAL PROPERTY

 

Web Application Security: A Beginner’s Guide 
Written by
Bryan Sullivan and Vincent Liu 
Published by McGraw-Hill
In this excerpt from chapter 5 of Web Application Security: A Beginner’s Guide, authors Bryan Sullivan and Vincent Liu describe the intricacies of using script code within the framework of a same-origin policy and detail key exceptions to the effectiveness of this procedure.
>>READ AN EXCERPT FROM CHAPTER 5, BROWSER SECURITY PRINCIPLES: THE SAME ORIGIN POLICY

 

Security Metrics: A Beginner’s Guide 
Written by
Caroline Wong
Published by McGraw-Hill
In this excerpt from chapter 10 of Security Metrics: A Beginner’s Guide, author Caroline Wong offers key strategies for managing a team of stakeholders in order to control buy-in and implement a security metrics project.
>>READ AN EXCERPT FROM CHAPTER 10, OBTAINING BUY-IN FROM STAKEHOLDERS



Securing the Clicks: Network Security in the Age of Social Media
 
Written by Gary Bahadur, Jason Inasi, and Alex de Carvalho
Published by
McGraw-Hill
In this excerpt from chapter 6 of Securing the Clicks: Network Security in the Age of Social Media, author Gary Bahadur offers insights on effective social media policy and illustrates different strategies for managing in-house and external applications 
>>READ AN EXCERPT FROM CHAPTER 6, SECURITY MEDIA POLICY BEST PRACTICES


Mike Myer's CompTIA Security+ Certification Passport                                        
Written by
T.J. Samuelle
Published by McGraw-Hill
Questions and answers for a CompTIA security practice exam are included in CompTIA Security+ Certification Passport. In this excerpt from chapter 7, author T,J, Samuelle describes several authentication models and discusses identity management.
>> READ AN EXCERPT FROM CHAPTER 7: AUTHENTICATION AND IDENTITY MANAGEMENT
 

Bookmark this page

Find the best information security and compliance book chapter excerpts and download right here: http://searchsecurity.com/bookshelf

IT Auditing: Using Controls to Protect Information Assets
Written by Chris Davis, Mike Schiller and Kevin Wheeler
Published by McGraw-Hill
This chapter from Securing the Clicks: Network Security in the Age of Social Media discusses auditing virtualized environments, and begins with an overview of common virtualization technologies and key controls.
>> READ AN EXCERPT FROM CHAPTER 11: AUDITING VIRTUALIZED ENVIRONMENTS
 

Gray Hat Hacking: The Ethical Hacker's Handbook, 3rd ed.
Written by Allen Harper, Shon Harris, Jonathan Ness, Chris Eagle, Gideon Lenkey and Terron Williams
Published by McGraw-Hill
In this chapter from Gray Hat Hacking: The Ethical Hacker's Handbook, 3rd ed., learn how to detect and work to prevent content-type attacks in your environment.
>> READ AN EXCERPT FROM CHAPTER 16: UNDERSTANDING AND DETECTING CONTENT-TYPE ATTACKS
 

The Tips and Tricks Guide to Managed File Transfer
Written by Don Jones
Published by RealTime Publishers
In this excerpt from Volume 1 of The Tips and Tricks Guide to Managed File Transfer, author Don Jones explains what steps your enterprise should take to ensure secure managed file transfers that also meet compliance requirements.
>> READ AN EXCERPT FROM VOLUME 1: TIP, TRICK, TECHNIQUE 4: HOW DOES MANAGED FILE TRANSFER HELP ME MEET AND MAINTAIN COMPLIANCE REQUIREMENTS?
 

Surreptitious Software
Written by
Christian Collberg and Jasvir Nagra
Published by Addison-Wesley Professional
In Surreptitious Software, authors Christian Collberg and Jasvir Nagra review the indispensible techniques that software developers can use to protect vital intellectual property. The techniques reviewed in the book include cryptography, steganography, watermarking, software metrics, reverse engineering, and compiler optimization. Learn to master the techniques that both attackers and defenders use to analyze programs.
>> READ AN EXCERPT FROM CHAPTER 7: SOFTWARE TAMPERING
>> PODCAST: AUTHORS JASVIR NAGRA AND CHRISTIAN COLLBERG REVEAL WHY THE BOOK IS NOT JUST FOR PROFESSIONALS WHO MAY NOT HAVE AN INTEREST IN CODE.

The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives
Written by
Rebecca Herold
Published by RealTime Publishers
The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives is your "Rosetta Stone" of data protection for all levels of corporate staff. In this four-chapter ebook, author Rebecca Herold reviews what IT operations teams, commpliance leaders, corporate business leaders and information security leaders specifically need to know about enterprise data protection.
>> READ AN EXCERPT FROM CHAPTER 2: WHAT CORPORATE COMPLIANCE LEADERS NEED TO KNOW ABOBUT DATA PROTECTION

Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century
Written by Ryan Trost
Published by Addison-Wesley Professional
Practical Intrusion Analysis explores state-of-the-art intrusion detection and prevention techniques, including network behavioral analysis, data visualization and geospatial analysis on wired and wireless networks and physical devices. In his book, author Ryan Trost reviews cutting-edge IDS technologies that use new visualization tools to report data.
>> READ AN EXCERPT FROM CHAPTER 4: LIFECYCLE OF A VULNERABILITY
>> PODCAST: AUTHOR RYAN TROST REVIEWS THE LATEST ADVANCEMENTS IN INTRUSION DETECTION.

Chained Exploits: Advanced hacking from start to finish
Written by
Andrew Whitaker, Keatron Evans, Jack B. Voth
Published by Addison-Wesley | Pearson Education
Three security pros have put together a guide on how to perform and prevent today's toughest chained attacks. The book presents detailed examples of real-world attack strategies and actual high-value targets, including credit card and healthcare data.
>> READ AN EXCERPT FROM CHAPTER 2: DISCOVER WHAT YOUR BOSS IS LOOKING AT
>> AUTHOR KEATRON EVANS EXPLAINS AN INNOVATIVE WAY THAT PHISHERS CAN TRICK EMPLOYEES INTO DOWNLOADING MALWARE.

The Truth about Identity Theft
Written by
Jim Stickley
Published by Addison-Wesley | Pearson Education
Author Jim Stickley was hired to test corporations' security, particularly how well they were protect against identity theft. In The Truth about Identity Theft, Stickley reveals how he was able to steal credit cards, hack Social Security numbers and break into banks.
>> READ AN EXCERPT FROM CHAPTER 11: SOCIAL ENGINEERING
>> PODCAST: AUTHOR JIM STICKLEY REVEALS JUST HOW EASY IT IS FOR A CYBERCRIMINAL TO STEAL A PASSWORD.

IPv6 Security
Written by
Scott Hogg and Eric Vyncke
Published by Addison-Wesley | Pearson Education
IPv6 is on the way, and networking professionals going through the protocol transition need to have a strong understanding of the security challenges. In this title, two leading Internet security practitioners review how to address specific security deficiencies that occur within IPv6 environments.
>> READ AN EXCERPT FROM CHAPTER 7 AND WATCH AN INTERVIEW WITH AUTHOR ERIC VYNCKE

 

Applied Security Visualization
Written by Raffael Marty
Published by Addison-Wesley | Pearson Education
By taking advantage of available data visualization techniques, author Raffael Marty explains how you can gain a a better understanding of what's happening on your network at any moment. Applied Security Visualization explains how to transform the most complex network data into crystal-clear graphs, tables and visual representations.
>> AUTHOR RAFFAEL MARTY DISCUSSES HOW TO BUILD THE BRIDGE BETWEEN THE SECURITY AND THE VISUALIZATION TEAM.

 

Voice over IP Security
Written by
Patrick Park
Published by
Addison-Wesley | Pearson Education
Firewalls and network devices alone will not protect voice networks from recent innovative attacks and fraud. In Voice over IP security, author Patrick Park reviews a new set of emerging threats to VoIP networks.
>> READ AN EXCERPT FROM CHAPTER 2
>> PODCAST: AUTHOR PATRICK PARK REVEALS TWO OF THE BIGGEST VOIP MYTHS AROUND.

The New School of Information Security
Written by
Adam Shostack and Andrew Stewart
Published by Addison-Wesley | Pearson Education
Security experts Adam Shostack and Andrew Stewart offer honest and perhaps troubling answers to today's information security questions. The New School of Information Security explains why professionals have taken to studying economics, not cryptography--and why you should, too. See why the authors are saying that security breach notices are the best thing to ever happen to information security.
>> READ AN EXCERPT FROM CHAPTER 7

The Shortcut Guide to Extended Validation SSL Certificates
Written by Dan Sullivan
Published by Realtimepublishers
The Internet has rapidly become an integral part of day-to-day business and is now a critical component to business operations, posing unique security challenges for any organization. The risks of unchecked security weaknesses can range from fraud and identity theft which may ultimately damage a company's brand and reputation. This guide addresses one method for establishing trust: the use of Extended Validation Secure Sockets Layer SSL (EV SSL) certificates.
>> READ AN EXCERPT FROM CHAPTER 2

Geekonomics: The Real Cost of Insecure Software
Written by
David Rice
Published by Addison-Wesley
Software has become crucial to the very survival of civilization. But badly written, insecure software is hurting people -- and costing businesses and individuals billions of dollars every year. In Geekonomics, David Rice reveals how people can revamp the software industry's incentives to get the reliability and security that users need and deserve.
>> READ AN EXCERPT FROM CHAPTER 1
>> AUTHOR DAVID RICE EXPLAINS WHY THE NEED FOR FEATURES HAS LED TO BAD SOFTWARE.

The Craft of System Security
Written by
Sean Smith and John Marchesini
Published by Addison-Wesley
The Craft of System Security introduces the modern security practitioner's toolkit and reveals why each particular tool exists. Authors Sean Smith and John Marchesini discuss the new threat landscape and use real-life anecdotes to illustrate the evolution of today's security challenges and responses.
>> READ AN EXCERPT FROM CHAPTER 16

>> LISTEN TO AUTHOR SEAN SMITH TELL REAL-LIFE ANECDOTES OF PRIVACY LOSS DISASTERS.

Virtual Honeypots: From Botnet Tracking to Intrusion Detection
Written by
Niels Provos and Thorsten Holz
Published by Addison-Wesley
Honeypots have demonstrated immense value in Internet security, but physical honeypot deployment can be prohibitively complex, time-consuming and expensive. Now there's a breakthrough solution. In this hands-on book, two leading honeypot pioneers explain exactly how to implement, configure, use and maintain virtual honeypots.
>> READ AN EXCERPT FROM CHAPTER 11
>> LISTEN TO AUTHOR NIELS PROVOS DEMONSTRATE HOW VIRTUAL HONEYPOTS CAN COLLECT MALWARE

Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
Written by
Peter Thermos and Ari Takanen
Published by Addison-Wesley
As Voice-over-IP (VoIP) becomes more important to service providers, carriers, commercial organizations and residential users, protecting VoIP communications becomes increasingly urgent. Drawing on case studies from extensive fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers and security specialists.
>> READ AN EXCERPT FROM CHAPTER 6
>> LISTEN TO AUTHOR PETER THERMOS REVEAL THE ATTACKS RELATED TO TELEPHONY SERVICES

Fuzzing: Brute Force Vulnerability Discovery
Written by
Michael Sutton, Adam Greene and Pedram Amini
Published by Addison-Wesley
Fuzzing has evolved into one of today's most effective approaches to test software security, and this book introduces state-of-the-art fuzzing techniques that can find vulnerabilities in network protocols, file formats and Web applications. Throughout each chapter, the three authors also present several insightful case histories that show the bug-finding technique at work.
>> READ AN EXCERPT FROM CHAPTER 21
>> LISTEN TO AUTHOR MICHAEL SUTTON DEFINE THE PHASES OF FUZZING

Security Metrics: Replacing Fear, Uncertainty, and Doubt
Written by
Andrew Jaquith
Published by Addison-Wesley
Using sample charts, graphics, case studies and war stories, Yankee Group security expert Andrew Jaquith demonstrates how to establish effective metrics that fit your organization's unique requirements. Jaquith explains how to quantify hard-to-measure security activities, compile and analyze all relevant data, set cost-effective priorities for improvement, and craft compelling messages for senior management.
>> READ AN EXCERPT FROM CHAPTER 6
>> LISTEN TO AUTHOR ANDREW JAQUITH EXPLAIN THE FEATURES OF A SECURITY SCORECARD

The Art of Software Security Testing: Identifying Software Security Flaws
Written by
Chris Wysopal, Lucas Nelson, Dino Dai Zovi and Elfriede Dustin
Published by Addison-Wesley
The deck is stacked heavily against the software developer, and malicious hackers are ready to exploit today's many coding and design vulnerabilities. In this book, authors Chris Wysopal, Lucas Nelson, Dino Dai Zovi and Elfriede Dustin deliver in-depth, up-to-date, battle-tested techniques that can identify software security problems before the bad guys do.
>> READ AN EXCERPT FROM CHAPTER 11
>> HEAR CO-AUTHOR CHRIS WYSOPAL IDENTIFY COMMON SOFTWARE FLAWS

Endpoint Security
Written by
Mark S. Kadrich
Published by Addison-Wesley
Despite massive investments in security technology and training, hackers are increasingly succeeding in attacking networks at their weakest links: their endpoints. Now, leading security expert Mark Kadrich introduces a breakthrough, "one-size-does-not-fit-all" approach to protecting all of your endpoint devices, from desktops and notebooks to PDAs and cell phones.

>> READ AN EXCERPT FROM CHAPTER 3

>> HEAR AUTHOR MARK S. KADRICH EXPLAIN HOW TO ENABLE NETWORK ACCESS

The Shortcut Guide to Protecting Business Internet Usage
Written by
Dan Sullivan
Published by
Realtime Publishers
The complexity of today's Internet threats demands that information security pros not only understand how they occur, but also how to combat them while avoiding costly countermeasures that provide more protection than an organization needs. In this eBook, author Dan Sullivan examines the critical business drivers enterprise security professionals must address to keep their corporations' information assets and its infrastructure secure.
>> READ EXCERPTS FROM CHAPTER 3

How to Cheat at Managing Information Security
Written by Mark Osborne
Published by Syngress Publishing
For information security managers, having a solid understanding of all major security issues is integral to effectively managing their departments and keeping privileged information safe. From designing remote access options to implementing security policies, author Mark Osborne provides in-depth information required to become a successful security manager.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 7

Business Continuity and Disaster Recovery for InfoSec Managers
Written by
John W. Rittinghouse and James F. Ransome
Published by Digital Press, a division of Elsevier
Every information security officer would like to avoid a disaster, however its best to be prepared should the unforeseeable happen. In this book, authors John W. Rittinghouse and James F. Ransome provide operational security management techniques information security managers can use to establish and maintain an effective business continuity plan.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 1



Implementing Database Security and Auditing
Written by Ron Ben Natan
Published by Digital Press, a division of Elsevier
Because the database stores an enterprise's most valuable asset, its security should be a priority. From encryption to access controls, author Ron Ben Natan examines a wide variety of database security topics to protect databases and avoid a security breach.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 9



Securing Storage: A Practical Guide to SAN and NAS Security
Written by Himanshu Dwivedi
Published by Addison-Wesley Professional
Storage security is a crucial to protecting sensitive information and complying with regulations, yet it's often overlooked by security pros. In this book, author Himanshu Dwivedi explains the dangers of unsecured SAN and NAS systems and offers practical solutions for locking them down and keeping attackers from gaining access.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 2



Preventing Web Attacks with Apache
Written by Ryan C. Barnett
Published by Addison-Wesley Professional
Considered mandatory reading for anyone running Apache, this book provides step-by-step guidance on the exploits that target Apache servers and Web applications and how to defend against them.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 7




How to Break Web Software: Functional and Security Testing of Web Applications and Web Services
Written by Mike Andrews and James A. Whittaker
Published by Addison-Wesley
If your Web sites, applications and services are vulnerable to attack, you need to find out before a hacker does. In this hands-on guide, Mike Andrews and James A. Whittaker explain where to look for potential threats and how to conduct tests to prevent attacks.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 4



Software Security: Building Security In
Written by Gary McGraw
Published by Addison-Wesley Professional
In this book, author Gary McGraw begins where he left off in his best-selling book, "Building Secure Software," and teaches you methods for adding security to your development processes. He provides detailed explanations of risk management frameworks and processes, code review, architectural risk analysis, pen testing, security testing and abuse case development, and explains how to make them work for you.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 5



Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, Second Edition
Written by Ed Skoudis and Tom Liston
Published by Prentice Hall
In the updated version of this best-selling network security guide, security expert Ed Skoudis teams up with Tom Liston to provide the latest information on hacker tools and techniques, and arm you with tactics for recognizing and preventing them.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 7




The Little Black Book of Computer Security
Written by Joel Dubin
Published by 29th Street Press
This book is a concise guide to network security for IT managers and security practitioners. Topics are presented in an easy-to-read checklist format, making it a quick reference guide on a variety of strategies for securing enterprise networks and systems.
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 5, TAKING CARE OF PHYSICAL SECURITY
>> READ AN EXCERPT AND DOWNLOAD CHAPTER 6, MANAGING HUMAN RESOURCES




Rootkits: Subverting the Windows Kernel
Written by Greg Hoglund & James Butler
Published by Addison-Wesley
Considered a "must read" for all security professionals, this book provides a detailed guide to understanding, detecting and preventing Rootkit attacks.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> SHARE YOUR OPINION OF THIS BOOK




Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day
Written by Ira Winkler
Published by Wiley
Using personal examples, Ira Winkler explains how easy it can be for anyone to infiltrate any company's confidential information and he offers advice on how to protect your organization.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> SHARE YOUR OPINION OF THIS BOOK



Information Nation Warrior: Information Compliance Management Boot Camp
Written by Randolph A. Kahn, Esq. & Barclay T. Blair
Published by AIIM Publishing
This book uses real-life stories to address the compliance needs of executives in the four key areas – IT, legal, business and records management. It offers handy checklists and tips to arms readers with tools for battling the compliance challenge.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> SHARE YOUR OPINION OF THIS BOOK


 


Information Security Policies Made Easy, Version 10
Written by Charles Cresson Wood
Published by Information Shield
Often touted as the definitive guide to information security policies, this book provides more than 1,360 pre-written policies organized in ISO 17799 format.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> SHARE YOUR OPINION OF THIS BOOK



Cryptography for Dummies
Written by Chey Cobb
Published by John Wiley & Sons
Learn the ins-and-outs of cryptography, from crypto basics to deciding what you really need.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> SHARE YOUR OPINION OF THIS BOOK

 

The Black Book on Corporate Security
Published by Larstan Publishing
This collection of essays focuses on security management topics ranging from intellectual property protection to identity theft. Each essay is written by a different author -- many of them vendors -- whose contact information is also included.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> READ A REVIEW OF THIS BOOK
>> SHARE YOUR OPINION OF THIS BOOK



The Art of Computer Virus Research and Defense
Written by Peter Szor
Published by Symantec Press
This book provides the computer science and mathematical theories underlying computer viruses as well as their history, starting with the "Creeper" virus in the early 1970s.
>> READ AN EXCERPT AND DOWNLOAD A CHAPTER FROM THE BOOK
>> READ A REVIEW OF THIS BOOK



The Executive Guide to Information Security: Threats, Challenges and Solutions
Written by Mark Egan with Tim Mather
Published by Symantec Press
Written for C-level executives, this summary of security challenges and practices provides concise, nontechnical, business-driven explanations of what information security really is and how it should be managed in the enterprise.
>> READ AN EXCERPT FROM THE BOOK
>> READ A REVIEW OF THIS BOOK
>> SHARE YOUR OPINION OF THIS BOOK



Outsourcing Information Security
Written by C. Warren Axelrod
Published by Artech House
This book provides an overview of outsourcing and the associated information security risks. In addition to discussions regarding the justification, risks, costs, benefits and evaluation of outsourcing, the author addresses the business decision process.
>> READ AN EXCERPT FROM THE BOOK
>> READ A REVIEW OF THIS BOOK
>> SHARE YOUR OPINION OF THIS BOOK



Information Protection Made Easy: A guide for employees and contractors
Written by David J. Lineman
Published by Information Shield Inc.
In this excerpt of Chapter 3: Security rules to live by from Information Protection Made Easy: A guide for employees and contractors, author David J. Lineman examines how complying with enterprise and federal laws and regulations affects information security and provides guidelines practitioners can use to protect themselves and their organization.
>> READ AN EXCERPT FROM THE BOOK

 

More chapters and reviews

 

Information Security: Design, Implementation, Measurement, and Compliance

PGP & GPG: Email for the Practical Paranoid

Hacker's Challenge 3

The Case for ISO 27001

The Shortcut Guide to Automating Network Management and Compliance

Nine Steps to Success: An ISO 27001 Implementation Overview

Network Security: A Practical Approach

Sarbanes-Oxley for Dummies

Intrusion Prevention Fundamentals

A Business Guide to Information Security

Web Security Privacy and Commerce, Second Edition

InfoSec Career Hacking: Sell Your Skillz, Not Your Soul

Curing the Patch Management Headache

Silence on the Wire

Mergers and Acquisitions Security

The Art of Deception: Controlling the Human Element of Security

Cybercrime: Incident Respose and Digital Forensics

High-Tech Crimes Revealed

Hacking Exposed, Fifth Edition: Network Security Secrets & Solutions

Phishing: Cutting the Identity Theft Line

sendmail Milters: A Guide for Fighting Spam

Exploiting Software: How to Break Code

Honeynet security consoles and honeypot legal issues

Hacking for Dummies

Intrusion Detection & Prevention

Know Your Enemy -- Learning About Security Threats

Malware: Fighting Malicious Code

Network Security: The Complete Reference











































































 

This was first published in May 2011

Dig deeper on CISSP Certification

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

1 comment

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close