Another fine study tool brought to you by The CISSP Open Study Guides Web Site in collaboration with Auerbach. ENJOY!! Clement Dupuis ( [email protected] )

To access the contents, click the chapter and section titles.

Handbook of Information Security Management
(Imprint: Auerbach Publications)
(Publisher: CRC Press LLC)
Authors: Micki Krause, Harold F. Tipton
ISBN: 0849399475


Domain 1—Access Control
Section 1-1—Access Control Principles and Objectives
Chapter 1-1-1—Types of Information Security Controls
Chapter 1-1-2—Purposes of Information Security Management
Section 1-2—Access Control Issues
Chapter 1-2-1—Biometric Identification
Chapter 1-2-2—When Technology and Privacy Collide
Chapter 1-2-3—Relational Data Base Access Controls Using SQL
Section 1-3—Access Control Administration
Chapter 1-3-1—Implementation of Access Controls
Chapter 1-3-2—Implementing Kerberos in Distributed Systems

Domain 2—Communications Security
Section 2-1—Telecommunications Security Objectives, Threats, and Countermeasures
Chapter 2-1-1—The Self-Hack Audit
Section 2-2—Network Security
Chapter 2-2-1—A New Security Model for Networks and the Internet
Chapter 2-2-2—An Introduction to LAN/WAN Security
Section 2-3—Internet Security
Chapter 2-3-1—Security Management for the World Wide Web
Chapter 2-3-2—Internet Firewalls

Domain 3—Risk Management and Business Continuity Planning
Section 3-1—Risk Analysis
Chapter 3-1-1—Risk Analysis and Assessment
Section 3-2—Business Continuity Planning
Chapter 3-2-1—Business Continuity in Distributed Environments
Section 3-3—Distributed Systems BCP
Chapter 3-3-1—The Business Impact Assessment Process

Domain 4—Policy, Standards, and Organization
Section 4-1—Information Classification
Chapter 4-1-1—Information Classification: A Corporate Implementation Guide
Section 4-2—Security Awareness
Chapter 4-2-1—Information Warfare and the Information Systems Security Professional
Section 4-3—Organization Architecture
Chapter 4-3-1—New Organizational Model for IP Practitioners
Chapter 4-3-2—Enterprise Security Architecture
Section 4-4—Policy Development
Chapter 4-4-1—Policy Development

Domain 5—Computer Architecture and System Security
Section 5-1—Computer Organization and Configuration
Chapter 5-1-1—Secure Systems Architecture
Section 5-2—Microcomputer and LAN Security
Chapter 5-2-1—Microcomputer and LAN Security
Section 5-3—System Security
Chapter 5-3-1—Systems Integrity Engineering

Domain 6—Law, Investigation, and Ethics
Section 6-1—Legal and Regulatory Issues
Chapter 6-1-1—Computer Abuse Methods and Detection
Chapter 6-1-2—Federal and State Computer Crime Laws
Section 6-2—Investigation
Chapter 6-2-1—Computer Crime Investigation and Computer Forensics
Section 6-3—Information Ethics
Chapter 6-3-1—Computer Ethics

Domain 7—Application Program Security
Section 7-1—Application Security
Chapter 7-1-1—Role-Based Access Control in Real Systems
Chapter 7-1-2—Security Models for Object-Oriented Data Bases

Domain 8—Cryptography
Section 8-1—Cryptography Applications and Uses
Chapter 8-1-1—Cryptography and Escrowed Encryption

Domain 9—Computer Operations Security
Section 9-1—Operator, Hardware, and Media Controls
Chapter 9-1-1—Operations Security and Controls

Domain 10—Physical Security
Section 10-1—Threats and Facility Requirements
Chapter 10-1-1—Physical Security
Section 10-2—Personnel Physical Access Control
Chapter 10-2-1—Information Security and Personnel Practices
Section 10-3—Microcomputer Physical Security
Chapter 10-3-1—Protecting the Portable Computing Environment

The CISSP Open Study Guide Web Site

We are proud to bring to all of our members a legal copy of this outstanding book. Of course this version is getting a bit old and may not contain all of the info that the latest version are covering, however it is one of the best tool you have to review the basics of security. Investing in the latest version would help you out in your studies and also show your appreciation to Auerbach for letting me use their book on the site.