Computer and Information Security Handbook. Edition No. 4

Table of Contents

Part 1: Overview of System and Network Security: A Comprehensive Introduction? 1: Information Security in the Modern Enterprise, 2: Building a Secure Organization 3: A Cryptography Primer 4: Verifying User and Host Identity 5: Detecting System Intrusions 6: Intrusion Detection in Contemporary Environments 7: Preventing System Intrusions 8: Guarding Against Network Intrusions 9: Fault Tolerance and Resilience in Cloud Computing Environments 10: Securing Web Applications, Services and Servers 11: UNIX and Linux Security 12: Eliminating the Security Weakness of Linux and UNIX Operating Systems 13: Internet Security 14: The Botnet Problem 15: Intranet Security 16: Local Area Network Security 17: Wireless Network Security 18: Wireless Sensor Network Security: The Internet of Things 19: Security for the Internet of Things 20: Cellular Network Security 21: Radio Frequency Identification Security 22: Optical Network Security 23: Optical Wireless Security Part 2: Managing Information Security? 24: Information Security Essentials for Information Technology Managers: Protecting Mission-Critical Systems 25: Security Management Systems 26: Policy-Driven System Management 27: Information Technology Security Management 28: The Enemy (The Intruder's Genesis) 29: Social Engineering Deceptions and Defenses 30: Ethical Hacking 31: What Is Vulnerability Assessment? 32: Security Metrics 33: Security Education, Training, and Awareness 34: Risk Management 35: Insider Threats Part 3: Disaster Recovery Security? 36: Disaster Recovery 37: Disaster Recovery Plans for Small and Medium Business (SMB) Part 4: Security Standards And Policies? 38: Security Certification And Standards Implementation 39: Security Policies And Plans Development Part 5: Cyber, Network, and Systems Forensics Security and Assurance? 40: Cyber Forensics 41: Cyber Forensics And Incidence Response 42: Securing e-Discovery 43: Network Forensics 44: Microsoft Office and Metadata Forensics: A Deeper Dive 45: Hard Drive Imaging Part 6: Encryption Technology? 46: Data Encryption 47: Satellite Encryption 48: Public Key Infrastructure 49: Password-based Authenticated Key Establishment Protocols 50: Context-Aware Multifactor Authentication Survey 51: Instant-Messaging Security Part 7: Privacy and Access Management? 52: Online Privacy 53: Privacy-enhancing Technologies 54: Personal Privacy Policies 55: Detection Of Conflicts In Security Policies 56: Supporting User Privacy Preferences in Digital Interactions 57: Privacy and Security in Environmental Monitoring Systems: Issues and Solutions 58: Virtual Private Networks 59: Identity Theft 60: VoIP Security Part 8: Storage Security? 61: SAN Security 62: Storage Area Networking Devices Security? Part 9: Cloud Security? 63: Securing Cloud Computing Systems 64: Cloud Security 65: Private Cloud Security 66: Virtual Private Cloud Security Part 10: Virtual Security? 67: Protecting Virtual Infrastructure 68: SDN and NFV Security Part 11: Cyber Physical Security? 69: Physical Security Essentials 70. Biometrics Part 12: Practical Security? 71: Online Identity and User Management Services 72: Intrusion Detection and Prevention Systems 73: Transmission Control Protocol/Internet Protocol Packet Analysis 74: Firewalls 75: Penetration Testing 76: System Security 77: Access Controls 78: Endpoint Security 79: Assessments and Audits 80: Fundamentals of Cryptography Part 13: Critical Infrastructure Security? 81: Securing the Infrastructure 82: Threat Landscape and Good Practices for the Internet Infrastructure 83: Cyber Attacks Against the Grid Infrastructure 84: Threat Landscape and Good Practices For The Smart Grid Infrastructure 85: Energy Infrastructure Cyber Security 86: Homeland Security 87: Cyber Warfare 88: Cyber Attack Process Part 14: Cyber Security for the Smart City And Smart Homes? 89: Smart Cities: Cyber Security Concerns 90: Community Preparedness Action Groups for Smart City Cyber Security 91: Smart City Disaster Preparedness and Resilience 92: Disaster Preparedness and Resiliency Policy Considerations for the Smart City 93: Cyber Security in Smart Homes 94: Threat Landscape and Good Practices for Smart Homes and Converged Media 95: Future Trends For Cyber Security for Smart- Cities And Homes Part 15: Cyber Security Of Connected And Automated Vehicles? 96: An Overview of Cyber Attacks and Defenses on Intelligent Connected Vehicles 97: An Overview Of Cyber Security Issues In Vehicular Ad-hoc Networks (VANETs) 98: An Overview: Various Cyber Attacks in VANET Part 16: Advanced Security? 99: Security Through Diversity 100: Online e-Reputation Management Services 101: Content Filtering 102: Data Loss Protection 103: Satellite Cyber Attack Search and Destroy 104: Verifiable Voting Systems 105: Advanced Data Encryption 106: Use Of Artificial Intelligence (AI) In Cyber Security Part 17: Future Cyber Security Trends And Directions? 107: New Cyber Security Vulnerabilities And Trends Facing Aerospace And Defense Systems 108: How Aerospace And Defense Companies Will Respond To Future Cyber Security Threats 109: Understanding the Future Trends of the Aviation Cyber Security Threat Landscape 110: Fighting the Rising Trends Of Cyber Attacks on Aviation 111: Future Trends For Cyber Security Hardening of Aviation Systems 112: Future Trends For Cyber Security in the Gaming Industry 113:? Future Trends For Cyber Attacks in the Health Care Industry 114:? Future Trends For Cyber Defense Of Offshore Drilling Rigs 115: Future Trends In Maritime Cyber Security Part 18: Appendices? Appendix A List of Top Information and Network Security Implementation and Deployment Companies? Appendix B List of Security Products? Appendix C List of Security Standards? Appendix D List of Miscellaneous Security Resources? Appendix E Frequently Asked Questions? Appendix F Case Studies? Appendix G Answers to Review Questions/Exercises, Hands-on Projects, Case Projects and Optional Team Case Project by Chapter? Appendix H Glossary Index

Authors

John R. Vacca Information Technology Consultant and Researcher, Pomeroy, OH, USA.. John Vacca is an independent information technology consultant and researcher, professional writer, editor, reviewer, and author based in Pomeroy, Ohio, USA. Since 1982, John has authored, edited, and published more than 85 books, including Smart Cities Policies and Financing: Approaches and Solutions, Elsevier; Cloud Computing Security: Foundations and Challenges, Taylor and Francis/CRC Press; Solving Urban Infrastructure Problems Using Smart City Technologies: Handbook on Planning, Design, Development, and Regulation, Elsevier; Online Terrorist Propaganda, Recruitment, and Radicalization, Taylor and Francis/CRC Press; Nanoscale Networking and Communications Handbook, Taylor and Francis/CRC Press; Handbook of Sensor Networking: Advanced Technologies and Applications, Taylor and Francis/CRC Press; Network and System Security 2/e, Elsevier/Syngress; Cyber Security and IT Infrastructure Protection, Elsevier/Syngress; and Managing Information Security 2/e, Elsevier/Syngress; among many others.
John was a Configuration Management Specialist, Computer Specialist, and the Computer Security Official (CSO) for NASA's space station program (Freedom) and the International Space Station Program from 1988 until his retirement from NASA in 1995. John has also been a security consultant for major motion pictures, including AntiTrust, Collateral, and Identity Theft: The Michelle Brown Story. He received his M.Sc. from Kansas State University and an MBA from Emporia State University and served in the United States Air Force from 1967-1971.