This is the must-have book for a must-know field. Today, general security knowledge is mandatory, and, if you who need to understand the fundamentals, Computer Security Basics 2nd Edition is the book to consult.
The new edition builds on the well-established principles developed in the original edition and thoroughly updates that core knowledge. For anyone involved with computer security, including security administrators, system administrators, developers, and IT managers, Computer Security Basics 2nd Edition offers a clear overview of the security concepts you need to know, including access controls, malicious software, security policy, cryptography, biometrics, as well as government regulations and standards.
This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.
Computer security concepts
Security breaches, such as viruses and other malicious programs
Communications and network security
Physical security and biometrics
Wireless network security
Computer security and requirements of the Orange Book
OSI Model and TEMPEST
Table of Contents
- Computer Security Basics, 2nd Edition
I. Security for Today
- The New Insecurity
- What Is Computer Security?
Threats to Security
- Why Buy Security?
- What’s a User to Do?
2. Some Security History
- Information and Its Controls
- Computer Security: Then and Now
- Early Computer Security Efforts
- Building Toward Standardization
- Computer Security Mandates and Legislation
- 1. Introduction
II. Computer Security
3. Computer System Security and Access Controls
- What Makes a System Secure?
System Access: Logging into Your System
- Identification and Authentication
- Login Processes
- Access Control in Practice
- Directory Services
- Identity Management
- 4. Viruses and Other Wildlife
5. Establishing and Maintaining a Security Policy
- Administrative Security
Overall Planning and Administration
- Analyzing Costs and Risks
- Planning for Disaster
- Setting Security Rules for Employees
- Training Users
- Day-to-Day Administration
- Separation of Duties
6. Web Attacks and Internet Vulnerabilities
- About the Internet
- What Are the Network Protocols?
- The Fragile Web
- 3. Computer System Security and Access Controls
III. Communications Security
- Some History
- What Is Encryption?
- The Data Encryption Standard
- Other Cryptographic Algorithms
- Message Authentication
- Government Cryptographic Programs
- Cryptographic Export Restrictions
8. Communications and Network Security
- What Makes Communication Secure?
- Access Control Methods
- Perimeters and Gateways
- Security in Heterogeneous Environments
- Encrypted Communications
- Through the Tunnel
- Network Security Tasks
- Securing Communications
- 7. Encryption
IV. Other Types of Security
9. Physical Security and Biometrics
- Physical Security
- Locks and Keys: Old and New
- Gentle Reminder
10. Wireless Network Security
- How We Got Here
- Today’s Wireless Infrastructure
- How Wireless Works
- Playing the Fields
- What Is This dB Stuff?
- Why Does All This Matter?
- Encouraging Diversity
- Physical Layer Wireless Attacks
- 9. Physical Security and Biometrics
- A. OSI Model
- B. TEMPEST
C. The Orange Book, FIPS PUBS, and the Common Criteria
- About the Orange Book
- Rating by the Book
- Summary of Orange Book Classes
- FIPS by the Numbers
- I Don’t Want You Smelling My Fish
- About the Authors