Computer Security Basics, 2/e

Rick Lehtinen, G. T., Sr. Gangemi

  • 出版商: O'Reilly
  • 出版日期: 2006-07-18
  • 售價: $1,680
  • 貴賓價: 9.5$1,596
  • 語言: 英文
  • 頁數: 312
  • 裝訂: Paperback
  • ISBN: 0596006691
  • ISBN-13: 9780596006693
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

商品描述

Description

This is the must-have book for a must-know field. Today, general security knowledge is mandatory, and, if you who need to understand the fundamentals, Computer Security Basics 2nd Edition is the book to consult.

The new edition builds on the well-established principles developed in the original edition and thoroughly updates that core knowledge. For anyone involved with computer security, including security administrators, system administrators, developers, and IT managers, Computer Security Basics 2nd Edition offers a clear overview of the security concepts you need to know, including access controls, malicious software, security policy, cryptography, biometrics, as well as government regulations and standards.

This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.

Topics include:
  • Computer security concepts
  • Security breaches, such as viruses and other malicious programs
  • Access controls
  • Security policy
  • Web attacks
  • Communications and network security
  • Encryption
  • Physical security and biometrics
  • Wireless network security
  • Computer security and requirements of the Orange Book
  • OSI Model and TEMPEST

 

Table of Contents

Preface

Part I. Security for Today

1. Introduction

     The New Insecurity

     What Is Computer Security?

     Threats to Security

     Why Buy Security?

     What's a User to Do?

2. Some Security History

     Information and Its Controls

     Computer Security: Then and Now

     Early Computer Security Efforts

     Building Toward Standardization

     Computer Security Mandates and Legislation

Part II. Computer Security

3. Computer System Security and Access Controls

     What Makes a System Secure?

     System Access: Logging into Your System

4. Viruses and Other Wildlife

     Financial Effects of Malicious Programs

     Viruses and Public Health

     Viruses, Worms, and Trojans (Oh, My!)

     Who Writes Viruses?

     Remedies

     The Virus Hype

     An Ounce of Prevention

5. Establishing and Maintaining a Security Policy

     Administrative Security

     Overall Planning and Administration

     Day-to-Day Administration

     Separation of Duties

6. Web Attacks and Internet Vulnerabilities

     About the Internet

     What Are the Network Protocols?

     The Fragile Web

Part III. Communications Security

7. Encryption

     Some History

     What Is Encryption?

     The Data Encryption Standard

     Other Cryptographic Algorithms

     Message Authentication

     Government Cryptographic Programs

     Cryptographic Export Restrictions

8. Communications and Network Security

     What Makes Communication Secure?

     Modems

     Networks

     Network Security

Part IV. Other Types of Security

9. Physical Security and Biometrics

     Physical Security

     Locks and Keys: Old and New

     Biometrics

     Gentle Reminder

10. Wireless Network Security

     How We Got Here

     Today's Wireless Infrastructure

     How Wireless Works

     Playing the Fields

     What Is This dB Stuff?

     Why Does All This Matter?

     Encouraging Diversity

     Physical Layer Wireless Attacks

Part V. Appendixes

A. OSI Model

B. TEMPEST

C. The Orange Book, FIPS PUBS, and the Common Criteria

Index

商品描述(中文翻譯)

描述





這是一本必讀的書籍,涵蓋了必須了解的領域。如今,一般的安全知識已成為必要,如果您需要了解基礎知識,《計算機安全基礎》第二版是您需要參考的書籍。


新版建立在原版所建立的成熟原則之上,並全面更新了核心知識。對於任何與計算機安全有關的人,包括安全管理員、系統管理員、開發人員和IT經理,《計算機安全基礎》第二版提供了您需要了解的安全概念的清晰概述,包括訪問控制、惡意軟件、安全策略、加密、生物識別,以及政府法規和標準。


本手冊以簡單的術語描述了複雜的概念,如可信系統、加密和強制訪問控制。它告訴您了解計算機安全基礎所需的知識,並幫助您說服您的員工進行安全計算。


主題包括:



  • 計算機安全概念

  • 安全漏洞,如病毒和其他惡意程序

  • 訪問控制

  • 安全策略

  • 網絡攻擊

  • 通信和網絡安全

  • 加密

  • 物理安全和生物識別

  • 無線網絡安全

  • 計算機安全和橙皮書的要求

  • OSI模型和TEMPEST



 



目錄



前言


第一部分. 今日的安全


1. 簡介

     新的不安全性


     什麼是計算機安全?

   
 安全威脅

     為什麼要購買安全?


     用戶應該怎麼做?


2. 一些安全歷史

     信息及其控制


     計算機安全:從過去到現在


     早期的計算機安全努力


     朝著標準化的努力


     計算機安全的法規和立法


第二部分. 計算機安全


3. 計算機系統安全和訪問控制

   
 什麼使系統安全?

     系統訪問:登錄系統


4. 病毒和其他野生動物

     惡意程序的財務影響


     病毒和公共衛生

     病毒、蠕蟲和特洛伊木馬


     誰寫病毒?

     解決方案


     病毒炒作

     預防為主


5. 建立和維護安全策略

     管理安全


     整體規劃和管理

     日常管理


     職責分離


6. 網絡攻擊和互聯網漏洞

   
 關於互聯網

```