Network Security Principles and Practices (CCIE Professional Development)

Book Description

Expert solutions for securing network infrastructures and VPNs

Build security into the network by defining zones, implementing secure routing protocol designs, and building safe LAN switching environments
Understand the inner workings of the Cisco PIX Firewall and analyze in-depth Cisco PIX Firewall and Cisco IOS Firewall features and concepts
Understand what VPNs are and how they are implemented with protocols such as GRE, L2TP, and IPSec
Gain a packet-level understanding of the IPSec suite of protocols, its associated encryption and hashing functions, and authentication techniques
Learn how network attacks can be categorized and how the Cisco IDS is designed and can be set upto protect against them
Control network access by learning how AAA fits into the Cisco security model and by implementing RADIUS and TACACS+ protocols
Provision service provider security using ACLs, NBAR, and CAR to identify and control attacks
Identify and resolve common implementation failures by evaluating real-world troubleshooting scenarios

As organizations increase their dependence on networks for core business processes and increase access to remote sites and mobile workers via virtual private networks (VPNs), network security becomes more and more critical. In today's networked era, information is an organization's most valuable resource. Lack of customer, partner, and employee access to e-commerce and data servers can impact both revenue and productivity. Even so, most networks do not have the proper degree of security. Network Security Principles and Practices provides an in-depth understanding of the policies, products, and expertise that brings organization to this extremely complex topic and boosts your confidence in the performance and integrity of your network systems and services. Written by a CCIE engineer who participated in the development of the CCIE Security exams, Network Security Principles and Practices is the first book that provides a comprehensive review of topics important to achieving CCIE Security certification.

Network Security Principles and Practices is a comprehensive guide to network security threats and the policies and tools developed specifically to combat those threats. Taking a practical, applied approach to building security into networks, the book shows you how to build secure network architectures from the ground up. Security aspects of routing protocols, Layer 2 threats, and switch security features are all analyzed. A comprehensive treatment of VPNs and IPSec is presented in extensive packet-by-packet detail. The book takes a behind-the-scenes look at how the Cisco PIX(r) Firewall actually works, presenting many difficult-to-understand and new Cisco PIX Firewall and Cisco IOS® Firewall concepts. The book launches into a discussion of intrusion detection systems (IDS) by analyzing and breaking down modern-day network attacks, describing how an IDS deals with those threats in general, and elaborating on the Cisco implementation of IDS. The book also discusses AAA, RADIUS, and TACACS+ and their usage with some of the newer security implementations such as VPNs and proxy authentication. A complete section devoted to service provider techniques for enhancing customer security and providing support in the event of an attack is also included. Finally, the book concludes with a section dedicated to discussing tried-and-tested troubleshooting tools and techniques that are not only invaluable to candidates working toward their CCIE Security lab exam but also to the security network administrator running the operations of a network on a daily basis.

Customer Reviews:

Great book to learn Cisco's implementation of IPSec - not just for CCIEs.......2006-02-03

CiscoPress's "Network Security Principles and Practices" by Malik is truly an awesome work. The book weighs in at over 750 pages, and not a page is wasted. The book is split up over multiple sections (Intro to Network Security, Building Security into the Network, Firewalls, VPNs, IDS, AAA and ISP Security). I have found this book of value as I pursue my CCIE Routing & Switchng lab and to better enhance my basic understanding of Cisco's vision towards network security. I also used this book to prepare for my CCSP and CISSP studies.

Practically on every page is either a diagram or detailed configuration explaining the subject at hand. In particular, the configuration examples are extremely helpful as the configs, themselves, are appended with detailed notes of their syntax. Chapter 13, IPSec, is probably the best one-chapter discussion on Cisco's implementation of IPSec and VPN I have found anywhere (and I have over 50 CiscoPress books). Another testament to it's superb level of expertise is the few and far between typos or errors that I have found.

One item to note - you will need to block off a few weeks (or months) to fully understand and appreciate the value of this book. I reference this book often, as I find information in this book I cannot find documented or presented the same way in other books.

I give this book 5 pings out of 5:
!!!!!

Lucid, clear, and useful.......2005-08-19

Very clear explanations of the core security technologies. The author doesn't shy away from the hard subjects, and makes them quite accessible. The IPSec chapter is the best explanation of the subject I have seen anywhere.

I used this book to pass the CCIE security written exam, and highly recommend it. It is also a very good reference for practicing consultants and network security architects.

To be added to your 'essentials' list of books.......2005-06-09

Very, VERY good. The IPSec chapter alone is worth the book, and the AAA chapters are _great_. Saadat has been able to explain in a great technical level and very clearly subjects which you're going to find in your day to day work - if working with Cisco and security. But not only that: chapters about IPSec, RADIUS, TACACS, are of value even if you do not use Cisco gear.

Missing from the book: a better chapter on NAT, PPTP. Saadat should write the 2nd edition adding those two topics, updating the IDS section, IPSec (including NAT-T), maybe add a little something about SSL VPNs, PIX 7.0 ? The section on ISP security could also benefit from a refresher (CoPP, uRPF?)

4.5 starts because it shows it age - otherwise, 5 stars for sure.

A must read for Cisco Security Certifications.......2005-04-26

This is one of the first books I read for anyone preparing for CCIE Security. I found this book to be very comprehensive in its approach. The author has combined all the network security technologies in one book and now this is tough. It starts with an Introduction and then builds on that. It covers the whole nine yards VPN's Firewalls, IDS, Access Control. The Troubleshooting part of the book is very helpul to working professionals as it starts with troubleshooting NAT and then covers everything from Firewalls (PIX and IOS), VPN's, IDS and AAA. A lot of issues can be resolved just using this part of the book. I recommend this book as it will surely help everyone looking for everthing about security. This book is a must read for professionals pursuing the CCSP and CCIE Security Certifications.
Niloufer Tamboly, CISSP

Best ever book from Cisco.......2004-09-18

Not only for exam preparation, this book is for every Cisco lover. Covers a lot of stuff, took me over 2 months to finish but I feel way more knowledgeable now.

Computer Forensics: Principles and Practices (Prentice Hall Security Series)

Average customer rating:

Computer Forensics: Principles and Practices

Computer Forensics: Principles and Practices (Prentice Hall Security Series)
Linda Volonino , Reynaldo Anzaldua , and Jana Godwin
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback

Culture | Business & Culture | Computers & Internet | Subjects | Books

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Hacking | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

Forensics | Security & Encryption | Computers & Internet | Subjects | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

File System Forensic Analysis
Maintaining & Repairing PCs (5th Edition)
Windows Forensics: The Field Guide for Corporate Computer Investigations
Computer Evidence: Collection & Preservation (Networking Series)
Forensic Discovery (Addison-Wesley Professional Computing Series)

ASIN: 0131547275

Customer Reviews:

Computer Forensics: Principles and Practices.......2007-08-15

A nonsense book. It should have been useful 6-7 years ago but, at the present it doesn't say anything which can help you both to learn computer forenics and to perform your day-by-day analisys.
Buy something other

Disaster Recovery: Principles and Practices (Prentice Hall Security Series)

Average customer rating:

Disaster Recovery: Principles and Practices (Prentice Hall Security Series)
April Wells , Charlyne Walker , Timothy Walker , and David Abarca
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books
ASIN: 013171127X

Book Description

For advanced information security courses on disaster recovery

With real world examples, this text provides an extensive introduction to disaster recovery focusing on planning the team, planning for the disaster and practicing the plan to make sure that, if ever needed, it will work.

Security Policies and Procedures: Principles and Practices (Prentice Hall Security Series)

Average customer rating:

Excellent condition

Security Policies and Procedures: Principles and Practices (Prentice Hall Security Series)
Sari Greene
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback

Leadership | Management & Leadership | Business & Investing | Subjects | Books

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

Public Policy | Government | Nonfiction | Subjects | Books

Technology & Public Policy | Technology | Science | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

Look Inside Nonfiction Books | Trip | Specialty Stores | Books

Look Inside Science Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Nonfiction | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Guide to Disaster Recovery
Information Security Policies and Procedures: A Practitioner's Reference, Second Edition
Information Security: Principles and Practices (Prentice Hall Security Series)
Guide to Computer Forensics and Investigations, Second Edition
Hardening Network Security

ASIN: 0131866915

Book Description

Security Policies and Procedures: Principles and Practices was created to teach information security policies and procedures and provide students with hands-on practice developing a security policy.This book provides an introduction to security policy, coverage of information security regulation and framework, and policies specific to industry sectors, including financial, healthcare and small business.

Customer Reviews:

Excellent condition .......2007-10-05

This book was a requirement for my University. By purchasing it used at Amazon, I saved alot of money. The book was in excellent condition. I would not be able to tell if it was new or used.

Principles and Practice of Information Security

Average customer rating:

Information Security in a Nutshell
Concise, clear, balanced, & useful coverage of IT security

Principles and Practice of Information Security
Linda Volonino , and Stephen R. Robinson
Manufacturer: Pearson Higher Education
ProductGroup: Book
Binding: Paperback

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Operating Systems | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Security+ Guide to Networking Security Fundamentals, Second Edition
Survivor's Guide to Finance (with CD-ROM)
CyberEthics
Economics and Contemporary Issues (with InfoTrac 1-Semester, Economic Applications Online Product Printed Access Card)
e-Commerce Law: Issues for Business

ASIN: 0131840274

Book Description

This book provides professionals with the necessary managerial, technical, and legal background to support investment decisions in security technology. It discusses security from the perspective of hackers (i.e., technology issues and defenses) and lawyers (i.e., legal issues and defenses). This cross-disciplinary book is designed to help users quickly become current on what has become a fundamental business issue. This book covers the entire range of best security practices—obtaining senior management commitment, defining information security goals and policies, transforming those goals into a strategy for monitoring intrusions and compliance, and understanding legal implications. Topics also include computer crime, electronic evidence, cyber terrorism, and computer forensics. For professionals in information systems, financial accounting, human resources, health care, legal policy, and law. Because neither technical nor legal expertise is necessary to understand the concepts and issues presented, this book can be required reading for everyone as part of an enterprise-wide computer security awareness program.

Customer Reviews:

Information Security in a Nutshell.......2004-03-31

This was a wonderfully concise, readable and intelligent book on the characterization and management of all the issues surrounding information security. Rather than focusing on the bits and bytes, this book identifies, explains and suggests how to go about managing issues related to Information Security.

There is a particularly good and unique discussion of the legal implications surrounding information security management/mis-management. This is an area that is increasingly important for everyone who touches a system with any kind of business information. Sometimes we don't always appreciate all of the implications associated with access to business information. Included are invaluable citations of related case law, statutes and legal precedents. After reading this book, I can't imagine not having read it! I will continue to encourage my management, colleagues and reports to read it for a compulsory grounding in the implications of the information that they are handling.

I found this book to be an invaluable companion volume for preparation for the CISSP. After reading this book, I developed a clear information security intuition that made many of the CISSP study questions easier to answer.

Paul Mundell
Symantec Corporation

Concise, clear, balanced, & useful coverage of IT security.......2004-03-15

This book is short (good!) and full of information. The coverage seems very complete. The authors are careful not to get too involved in the details of the technology (also good, since said details will be obsolete in a year).

Instead they explain what security issues are significant, what the associated risks are, and what kind of cost effective responses are available. The emphasis throughout is on cost-effective responses: perfection is unaffordable, but not having a security policy is unacceptable. Volonino and Robinson focus on striking a middle ground.

I also liked their top down approach to IT security: 1) get high level commitment 2) lay out appropriate policies (& make sure everyone has signed off) 3) develop corresponding procedures 4) then, decide what mix of hardware, software, & network tools best implement those procedures. This starts with the people (most security problems can be traced back to human err) and avoids "vendor-driven security", which is seldom optimal for a specific situation. My favorite factoid from the book is that the quality of the security at a company is directly proportional to the rank of the chief security officer, i.e. to how seriously the company takes security.

All in all, "Principles and Practice of Information Security" is a very good place to start if you want to get a handle on IT security. And I think it will also function well as a way to review how balanced and thorough your existing security plans are.

Information Security: Principles and Practices (Prentice Hall Security Series)
Average customer rating:

Information Security for the Practical Mind

Information Security: Principles and Practices (Prentice Hall Security Series)
Mark Merkow , and James Breithaupt
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback

Privacy | Business & Culture | Computers & Internet | Subjects | Books
Network Security | Networking | Computers & Internet | Subjects | Books
General | Computers & Internet | Subjects | Books
General | Databases | Computers & Internet | Subjects | Books
General | Software | Computers & Internet | Subjects | Books
General | E-commerce | Industries & Professions | Business & Investing | Subjects | Books
All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books
Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books
Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Security Policies and Procedures: Principles and Practices (Prentice Hall Security Series)

Contemporary Management Science with Spreadsheets

Manager's Guide to Making Decisions about Information Systems

An Object-Oriented Approach to Programming Logic and Design

Network Defense and Countermeasures: Principles and Practices (Prentice Hall Security Series)

ASIN: 0131547291

Book Description

For an introductory course in information security covering principles and practices.

This text covers the ten domains in the Information Security Common Body of Knowledge, which are Security Management Practices, Security Architecture and Models, Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP), Law, Investigations, and Ethics, Physical Security, Operations Security, Access Control Systems and Methodology, Cryptography, Telecommunications, Network, and Internet Security.

Customer Reviews:

Information Security for the Practical Mind.......2005-09-29

If you're new to IT Security or beginning to get stuck in the mire that pervades most books on the topic, this is the resource you need. Between those books that are a mile wide and an inch-deep or those an inch wide and a mile-deep, readers are left with too little knowledge of the breadth of Information and Network Security and may become discouraged to learn enough about Information Security to make an informed decisions -- career or technology wise.

Because Information Security is a broad career choice where it's impossible to become an expert in all areas, this book uses the industry-accepted Common Body of Knowledge (CBK) defined by the International Information Systems Security Certifications Consortium, Inc. (...) as the organizing framework to describe the 10 domains of knowledge at a principles and practices level without over-complicating these topics with implementation details or product-specific bias.

If you're in the market for materials to fast-track your understanding of information systems security, look no further!

Firewalls and VPNs: Principles and Practices (Prentice Hall Security Series)

Average customer rating:

Firewalls and VPNs: Principles and Practices (Prentice Hall Security Series)
Richard Tibbs , and Edward Oakes
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Intranets & Extranets | Networking | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Firewalls | Security & Encryption | Computers & Internet | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Introduction to Probability and Statistics (with CD-ROM)
Distributed Systems: Concepts and Design (4th Edition) (International Computer Science Series)
Computer Security Fundamentals (Prentice Hall Security Series)
Network Intrusion Detection (3rd Edition)
Malware: Fighting Malicious Code

ASIN: 0131547313

Book Description

This book solves the need for a resource that illustrates the principles underlying security technology, as well as provides complete hands-on exercises that will serve as valuable practice for users. Based on open-source software, this book is oriented toward the first-time networking reader. Progressive, practical exercises build confidence; SOHO (small-office-home-office) users will also be impressed with the information provided, as for these users the affordability of open-source solutions can be critical. Comprehensive coverage includes: TCP/IP and related protocols, open-source firewalls, services support and applications that firewalls protect, IPsec and TLS-based VPNs, and firewall log and log servers. An excellent reference and resource for network administrators, security administrators, chief security officers, and anyone with the following certifications: SANS, GSEC, MCSE, MCSA, CNE, A+, and Security+.

Cryptography and Network Security: Principles and Practice (2nd Edition)

Average customer rating:

It's definitely a CompSci textbook
A one-step guide
Fantastic Primer for this Subject Area
Smooth and Quick Transaction
Excellent

Cryptography and Network Security: Principles and Practice (2nd Edition)
William Stallings
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Hardcover

General | Certification Central | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Programming | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

Networking | Computer Science & Information Systems | New & Used Textbooks | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition
Network Security: Private Communication in a Public World, Second Edition
Network Security Essentials: Applications and Standards (3rd Edition)
Cryptography and Network Security (4th Edition)
Security in Computing (4th Edition)

ASIN: 0138690170

Customer Reviews:

It's definitely a CompSci textbook.......2007-04-03

The variability in textbook reviews are interesting. I would consider this text "math heavy" whereas other reviewers believe you'll need another serious text on the matter to round out your collection.

I bought this to learn the high level details/processes behind encryption and cryptography but after flipping through the detailed treatment of each, the book got really short, really fast. If you're looking for "Hey here's DES in a nutshell" then this book isn't for you. It is in the sense that the three paragraphs preceding the several-page detailed discussion of the DES algorithm are for you, but the rest isn't.

A one-step guide.......2006-03-01

I was able to use this book as an introduction, and more than an introduction, on the world of cryptography. I started reading it with no knowledge on cryptographic algorithms, ad I learned the principles behind cryptographic algorithms and how they are linked with pratical implementation on security products.

The area of network security is less developed than the cryptography area, but still valuable.

Fantastic Primer for this Subject Area.......2006-01-13

I adored this book! It's one of my favourite texts of all time. I used it for a computer security subject and it's a great primer. It covers a middle ground in computer encryption and network security that serves wonderfully as a primer for the novice and a reference for the experienced.

The contents are roughly evenly split between detailed descriptions of currently used encyrption protocols, and descriptions of network security protocols. For a complete reference library on this field, you would also need a book on network communications protocols, a mathematics-heavy text on the design of encryption algorithms and a programming-heavy text on encryption algorithm implementation.

But if you have prior knowledge of network comms, aren't ineterested in encryption design or maths, and can do the coding yourself, then this book has all you need to understand practical encryption and security currently used in industry and to implement the protocols yourself.

Stallings has a great writing style and explains concepts in clear and interesting English. You can't go wrong with this book. As a primer for the primer, I'd recommend The Code Book by Simon Singh (very readable) or any of Stallings' other books specifically dealing with data comms.

Smooth and Quick Transaction .......2005-10-22

Completely satisfied with delivery of book. It came on the date that the seller promised.

I would do business again the future.

Excellent.......2005-02-07

Cryptography and Network Security: Principles and Practice by Stallings is a very good book on crypto.

It is not as detailed as Schneier's Applied Cryptography, but is still a great book.

Network Defense and Countermeasures: Principles and Practices (Prentice Hall Security Series)

Average customer rating:

Boring
Pretty good coverage

Network Defense and Countermeasures: Principles and Practices (Prentice Hall Security Series)
Chuck Easttom
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Certification Central | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Achieving Business Value From Technology
Security Policies and Procedures: Principles and Practices (Prentice Hall Security Series)
Information Security: Principles and Practices (Prentice Hall Security Series)
Web Services: A Technical Introduction
MCSE Self-Paced Training Kit (Exam 70-294): Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Second Edition

ASIN: 0131711261

Book Description

KEY BENEFIT: Network Defense and Countermeasures fills a void left by other books with complete coverage of a wide range of defense strategies, forms of attacks, and policies related to computer security. KEY TOPICS: This comprehensive volume covers practical applications of firewalls, intrusion detection systems, encryption fundamentals, operating system hardening, defending against virus attacks, Trojan horses and spyware, security policies and security standards. For network administrators, network security professionals and security audit professionals.

Customer Reviews:

Boring.......2007-04-12

I really hate this book, I thik it has the right Ideas, but the author use the wrong strategy to implement the ideas. This book has a lack of important information. so if you're looking to buy a security book, I'm sure you'll find something better than this.

Pretty good coverage.......2005-12-02

This book gives good coverage of a broad range of topics. It gives technical details to various network threats, and countermeasures. The problem is the book is to short. It needs about 100 more pages with more detail on each topic.

Computer Security: Principles and Practice

Average customer rating:

High level book on computer security lacks sufficient detail

Computer Security: Principles and Practice
William Stallings , and Lawrie Brown
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Hardcover

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

Designing Network Security, Second Edition
TCP/IP Protocol Suite (McGraw-Hill Forouzan Networking)

ASIN: 0136004245

Book Description

In recent years, the need for education in computer security and related topics has grown dramatically – and is essential for anyone in the fields of Computer Science or Computer Engineering. This is the only book available that provides integrated, comprehensive, up-to-date coverage of the broad range of topics in this subject.

Comprehensive treatment of user authentication and access control. Unified approach to intrusion detection and firewalls, giving readers a solid understanding of the threats and countermeasures. More detailed coverage of software security than other books. Exploration of management issues. Systematic, comprehensive discussion of malicious software and denial of service attacks. Coverage of Linux and Windows Vista. Up-to-date coverage of database security. Thorough overview of cryptography, authentication, and digital signatures. Coverage of Internet security. For system engineers, programmers, system managers, network managers, product marketing personnel, system support specialists; a solid, up-to-date reference or tutorial for self-study.

Customer Reviews:

High level book on computer security lacks sufficient detail.......2007-09-30

The author of this book also wrote the widely used text "Cryptography and Network Security". I like that book well enough, but you have to use outside resources to understand what's going on in that book, and I would say that is even more true for this textbook. That is because the author is basically taking subjects discussed in the Cryptography and Network Security book and adding topics like management issues and security of specific operating systems - without getting specific enough that you could actually solve too many problems. To me the best parts of the book are the appendices. The information on number theory is quite good, as are the suggestions for projects and labs. Unfortunately, this book does not contain sufficient information to perform those projects and labs. The contents make a good starting point for the study of computer security, but if you are an instructor be prepared to use lots of supplemental material or your students are going to be left high and dry. Currently the table of contents is not shown, so I include it next. This book is just under 900 pages long, so its 24 chapters are covering their subject matter in under 40 pages each, which does not give much room for detail.

Chapter 1 Overview

PART ONE COMPUTER SECURITY TECHNOLOGY AND PRINCIPLES
Chapter 2 Cryptographic Tools
Chapter 3 User Authentication
Chapter 4 Access Control
Chapter 5 Database Security
Chapter 6 Intrusion Detection
Appendix 6A:The Base-Rate Fallacy
Chapter 7 Malicious Software
Chapter 8 Denial of Service
Chapter 9 Firewalls and Intrusion Prevention Systems
Chapter 10 Trusted Computing and Multilevel Security

PART TWO SOFTWARE SECURITY
Chapter 11 Buffer Overflow
Chapter 12 Other Software Security Issues

PART THREE MANAGEMENT ISSUES
Chapter 13 Physical and Infrastructure Security
Chapter 14 Human Factors
Appendix 14A: Security Awareness Standard of Good Practice
Appendix 14B: Security Policy Standard of Good Practice
Chapter 15 Security Auditing
Chapter 16 IT Security Management and Risk Assessment
Chapter 17 IT Security Controls, Plans and Procedures
Chapter 18 Legal and Ethical Aspects
Appendix 18A: Information Privacy Standard of Good Practice

PART FOUR CRYPTOGRAPHIC ALGORITHMS
Chapter 19 Symmetric Encryption and Message Confidentiality
Chapter 20 Public-Key Cryptography and Message Authentication

PART FIVE INTERNET SECURITY
Chapter 21 Internet Security Protocols and Standards
Chapter 22 Internet Authentication Applications

PART SIX OPERATING SYSTEM SECURITY
Chapter 23 Linux Security
Chapter 24 Windows Security

APPENDICES
Appendix A Some Aspects of Number Theory
A.1 Prime and Relatively Prime Numbers
A.2 Modular Arithmetic
A.3 Fermat's and Euler's Theorems
Appendix B Random and Pseudorandom Number Generation
B.1 The Use of Random Numbers
B.2 Pseudorandom Number Generators (PRNGs)
B.3 True Random Number Generators
Appendix C Projects for Teaching Computer Security
C.1 Research Projects
C.2 Programming Projects
C.3 Laboratory Exercises
C.4 Writing Assignments
C.5 Reading/Report Assignments

ONLINE APPENDICES
Appendix D Standards and Standard-Setting Organizations
Appendix E TCP/IP Protocol Architecture
Appendix F Glossary

Books:

Books Index

Books Home

Recommended Books