Principles of Computer Security CompTIA Security+ and Beyond (Exam SY0-301)

Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklins interests are information security, systems theory, and secure software design. Greg White (San Antonio, TX), Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA, and was the author of the first edition of the Security+ All-in-One Exam Guide from McGraw-Hill. Roger L. Davis is a Senior Internal Audit Manager at NuSkin Enterprises and is responsible for evaluating global business operations in over 35 countries. He is a retired Air Force Colonel with over 20 years of military and information security experience. Mr. Davis is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from George Washington University. Chuck Cothren is a Research Scientist at University of Texas at San Antonio (UTSA) Center for Infrastructure Assurance and Security (CIAS) and currently serves on the Information Security Associations Alamo Chapter Board of Directors. Mr. Cothren has a wide array of security experience including performing controlled penetration testing, network security policies, computer intrusion forensics, and computer training. He is a Certified Information Systems Security Professional (CISSP) and has co-authored other McGraw-Hill/Osborne titles. Mr. Cothren holds a B.S. in Industrial Distribution from Texas A&M University. Corey D. Schou, Ph.D., is the University Professor of Informatics and the Associate Dean of the College of Business at Idaho State University. He has been involved in establishing computer security and information assurance training and standards for 25 years. His research interests include information assurance, ethics, privacy, and collaborative decision making. He was responsible for compiling and editing computer security standards and training materials for the Committee on National Security Systems (CNSS). Throughout his career, Dr. Schou has remained an active classroom teacher despite his research and service commitments. He is the founding director of the Informatics Research Institute and the National Information Assurance Training and Education Center (NIATEC) that was designated the National Center of Excellence in Information Assurance Education. In 1996, his research center was cited by the Information Systems Security Association (ISSA) for Outstanding Contributions to the Security Profession and he was selected as the Educator of the Year by the Federal Information Systems Security Educators Association (FISSEA). In 1997, the Masie Institute and TechLearn Consortium recognized his contributions to distance education. In 2001, Dr. Schou was honored by the International Information Systems Security Certification Consortium [(ISC)2] with the Tipton award for his work in professionalization of computer security and his development of the generally accepted common body of knowledge (CBK) used in the certification of information assurance professionals. Dr. Schou serves as the chair of the Colloquium for Information Systems Security Education (CISSE). Under his leadership, the Colloquium creates an environment for exchange and dialogue among leaders in government, industry, and academia concerning information security and information assurance education. In addition, he is the editor of Information Systems Security and serves on the board of several professional organizations.

Chapter 1: Introduction and Security Trends
Chapter 2: General Security Concepts
Chapter 3: Operational/Organizational Security
Chapter 4: The Role of People in Security
Chapter 5: Cryptography
Chapter 6: Public Key Infrastructure
Chapter 7: Standards and Protocols
Chapter 8: Physical Security
Chapter 9: Network Fundamentals
Chapter 10: Infrastructure Security
Chapter 11: Authentication and Remote Access
Chapter 12: Wireless
Chapter 13: Intrusion Detection Systems and Network Security
Chapter 14: Baselines
Chapter 15: Types of Attacks and Malicious Software
Chapter 16: E-mail and Instant Messaging
Chapter 17: Web Components
Chapter 18: Secure Software Development
Chapter 19: Disaster Recovery, Business Continuity, and Organizational Policies
Chapter 20: Risk Management
Chapter 21: Change Management
Chapter 22: Privilege Management
Chapter 23: Computer Forensics
Chapter 24: Legal Issues and Ethics
Chapter 25: Privacy
Appendix A: Objective Map
Appendix B: About the CD
Glossary
Index