Information Security Management Handbook, Fourth Edition, Volume II

Introduction

DOMAIN 1ACCESS CONTROL SYSTEMS AND METHODOLOGY
Single Sign OnCentralized Authentication Services (RADIUS, TACACS, DIAMETER)

DOMAIN 2TELECOMMUNICATIONS AND NETWORK SECURITY
E-Mail Security
Integrity and Security of ATM
An Introduction to Secure Remote Access
Packet Sniffers and Network Monitors
Enclaves: The Enterprise as an Extranet
IPSec Virtual Private Networks

DOMAIN 3SECURITY MANAGEMENT PRACTICES
Penetration Testing
The Building Blocks of Information Security
The Business Case for Information Security: Selling Management on the Protection of Vital Secrets and Products

DOMAIN 4APPLICATIONS AND SYSTEMS DEVELOPMENT SECURITY
Peoplesoft Security
World Wide Web Application Security
Common System Design Flaws and Security
Issues
Data Marts and Data Warehouses: Keys to the Future or Keys to the Kingdom?
Mitigating E-business Security Risks: Public Key Infrastructures in the Real World

DOMAIN 5:CRYPTOGRAPHY
Introduction to Encryption
Three New Models for the Application of Cryptography
Methods of Attacking and Defending Cryptosystems
Message Authentication

DOMAIN 6:SECURITY ARCHITECTURE AND MODELSIntroduction to UNIX Security for Security Practitioners

DOMAIN 7:OPERATIONS SECURITYHacker Tools and Techniques
An Introduction to Hostile Code and Its Control

DOMAIN 8:BUSINESS CONTINUITY PLANNING AND DISASTER RECOVERY PLANNING
The Business Impact Assessment Process

DOMAIN 10:LAW, INVESTIGATIONS, AND ETHICS
Computer Crime Investigations: Managing a Process without Any Golden Rules CIRT: Responding to Attack
Improving Network Level Security through Real Time Monitoring and Intrusion Detection
Operational Forensics