The Handbook of Information Security, Volume III
Threats, Vulnerabilities, Prevention, Detection and Management
Contents
Part 1: Threats and Vulnerabilities to Information and Computing Infrastructures
Part 2: Prevention: Keeping the Hackers and Crackers at Bay
Part 3: Detection, Recovery, Management and Policy Considerations
Threats, Vulnerabilities, Prevention, Detection and Management
Contents
Part 1: Threats and Vulnerabilities to Information and Computing Infrastructures
| 132. | Internal Security Threats |
| 133. | Physical Security Threats |
| 134. | Fixed-Line Telephone System Vulnerabilities |
| 135. | E-Mail Threats and Vulnerabilities |
| 136. | E-Commerce Vulnerabilities |
| 137. | Hacking Techniques in Wired Networks |
| 138. | Hacking Techniques in Wireless Networks |
| 139. | Computer Viruses and Worms |
| 140. | Trojan Horse Programs |
| 141. | Hoax Viruses and Virus Alerts |
| 142. | Hostile Java Applets |
| 143. | Spyware |
| 144. | Mobile Code and Security |
| 145. | Wireless Threats and Attacks |
| 146. | WEP Security |
| 147. | Bluetooth Security |
| 148. | Cracking WEP |
| 149. | Denial of Service Attacks |
| 150. | Network Attacks |
| 151. | Fault Attacks |
| 152. | Side-Channel Attacks |
Part 2: Prevention: Keeping the Hackers and Crackers at Bay
| 153. | Physical Security Measures |
| 154. | RFID and Security |
| 155. | Cryptographic Privacy Protection Techniques |
| 156. | Cryptographic Hardware Security Modules |
| 157. | Smart Card Security |
| 158. | Client-Side Security |
| 159. | Server-Side Security |
| 160. | Protecting Web Sites |
| 161. | Database Security |
| 162. | Medical Records Security |
| 163. | Access Control: Principles and Solutions |
| 164. | Password Authentication |
| 165. | Computer and Network Authentication |
| 166. | Antivirus Technology |
| 167. | Biometric Basics and Biometric Authentication |
| 168. | Issues and Concerns in Biometric IT Security |
| 169. | Firewall Basics |
| 170. | Firewall Architectures |
| 171. | Packet Filtering and Stateful Firewalls |
| 172. | Proxy Firewalls |
| 173. | E-Commerce Safeguards |
| 174. | Digital Signatures and Electronic Signatures |
| 175. | E-mail Security |
| 176. | Security for ATM Networks |
| 177. | VPN Basics |
| 178. | VPN Architecture |
| 179. | IP-Based VPN |
| 180. | Identity Management |
| 181. | Use of Deception Techniques: Honeypots and Decoys |
| 182. | Active Response to Computer Intrusions |
Part 3: Detection, Recovery, Management and Policy Considerations
| 183. | Intrusion Detection Systems Basics |
| 184. | Host-Based Intrusion Detection Systems |
| 185. | Network-Based Intrusion Detection Systems |
| 186. | Use of Agent Technology for Intrusion Detection |
| 187. | Contingency Planning Management |
| 188. | Computer Security Incident Response Teams (CSIRTs) |
| 189. | Implementing a Security Awareness Program |
| 190. | Risk Assessment for Risk Management |
| 191. | Security Insurance and Best Practices |
| 192. | Auditing Information Systems Security |
| 193. | Evidence Collection and Analysis Tools |
| 194. | Information Leakage: Detection and Countermeasures |
| 195. | Digital Rights Management |
| 196. | Web Hosting |
| 197. | Managing a Network Environment |
| 198. | E-Mail and Internet Use Policies |
| 199. | Forward Security: Adoptive Cryptography Time Evolution |
| 200. | Security Policy Guidelines |
| 201. | The Asset-Security Goals Continuum: A Process for Security |
| 202. | Multilevel Security |
| 203. | Multilevel Security Models |
| 204. | Security Architectures |
| 205. | Quality of Security Service: Adaptive Security |
| 206. | Security Policy Enforcement |
| 207. | Guidelines for a Comprehensive Security System |
