Secure Reads: The Network Security Bible


This article can also be found in the Premium Editorial Download "Information Security magazine: 12 security lessons for CISOs they don't teach you in security school."

Download it now to read this article plus other related content.

Network Security Bible
By Eric Cole, Ronald Krutz and James W. Conley
696 pages, $39.99

Even the most experienced security professionals occasionally need to turn to their personal libraries for guidance, and everyone needs at least one book that covers a little of everything. We recommend Network Security Bible.

Network Security Bible is more of a reference than a tutorial. Rather than assume the reader's depth of knowledge, it provides just enough relevant background information to lay a foundation of understanding. The title suggests that the book concentrates on the network, but it covers a wide range of subjects, including security management, OS security, cryptography and incident response.

The authors do a fine job of identifying the important points and explaining the key issues. The chapter on Web server security, for example, includes background information on HTTP and how it operates. A good working knowledge of HTTP is important because HTTP influences the treatment of cookies, form fields and other security-related matters.

Despite the book's strong points, Network Security Bible has some notable flaws that prevent it from achieving greatness. There are instances in which an important concept is mentioned but not defined or discussed. This is especially obvious in the Windows security chapter, in which the authors present a list of sometimes-cryptic host-hardening measures without explaining what they

    Requires Free Membership to View

mean, their side effects or how to perform them. There are also several instances in which information is duplicated between chapters, or a topic is inexplicably broken up into separate chapters--for instance, the separate chapters on Web browser security and Web server security.

Most noticeably missing is a bibliography. This is a serious omission, given that Network Security Bible is intended to be a foundational security book. The authors give readers no references for learning more about the topics for which they provide limited information.

Network Security Bible is intended to be a "wide angle lens," and makes up in breadth what it lacks in depth. The book covers a variety of topics, and, despite its flaws, the discussions are generally substantive and informative. No matter the question, Network Security Bible will almost certainly have something interesting to say.

Reviewed by David Bianco

This was first published in February 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: