Language : English
Published : 2016-09-06
Pages : 768
Cryptography and Network Security: Principles and Practice 7th Global Edition
For courses in Cryptography, Computer Security, and Network Security The Principles and Practice of Cryptography and Network Security Stallings’ Cryptography and Network Security, Seventh Edition, introduces students to the compelling and evolving field of cryptography and network security. In an age of viruses and hackers, electronic eavesdropping, and electronic fraud on a global scale, security is paramount. The purpose of this book is to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practical applications that have been implemented and are in use to provide network security. The Seventh Edition streamlines subject matter with new and updated material – including Sage, one of the most important features of the book. Sage is an open-source, multiplatform, freeware package that implements a very powerful, flexible, and easily learned mathematics and computer algebra system. It provides hands-on experience with cryptographic algorithms and supporting homework assignments. With Sage, students learn a powerful tool that can be used for virtually any mathematical application. The book also provides an unparalleled degree of support for instructors and students to ensure a successful teaching and learning experience.
Building on the successful top-down approach of previous editions, the Sixth Edition of Computer Networking continues with an early emphasis on application-layer paradigms and application programming interfaces (the top layer), encouraging a hands-on experience with protocols and networking concepts, before working down the protocol stack to more abstract layers.
This book has become the dominant book for this course because of the authors’ reputations, the precision of explanation, the quality of the art program, and the value of their own supplements.
For one-semester, undergraduate- or graduate-level courses in Cryptography, Computer Security, and Network Security A practical survey of cryptography and network security with unmatched support for instructors and students In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience. Teaching and Learning Experience To provide a better teaching and learning experience, for both instructors and students, this program will: *Support Instructors and Students: An unparalleled support package for instructors and students ensures a successful teaching and learning experience. *Apply Theory and/or the Most Updated Research: A practical survey of both the principles and practice of cryptography and network security. *Engage Students with Hands-on Projects: Relevant projects demonstrate the importance of the subject, offer a real-world perspective, and keep students interested.
Uses standards such as NIST 800-53, ISO 27001, and COBIT, and regulations such as HIPAA and PCI DSS as the foundation for the content
Reviews industry standards and presents representative procedures
Provides examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards
Covers terminology, methods, concepts, and document structures
Discusses the key elements that make up each kind of document
Information Security Policies, Procedures, and Standards: A Practitioner’s Reference gives you a blueprint on how to develop effective information security policies and procedures. It uses standards such as NIST 800-53, ISO 27001, and COBIT, and regulations such as HIPAA and PCI DSS as the foundation for the content. Highlighting key terminology, policy development concepts and methods, and suggested document structures, it includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.
The author explains how and why procedures are developed and implemented rather than simply provide information and examples. This is an important distinction because no two organizations are exactly alike; therefore, no two sets of policies and procedures are going to be exactly alike. This approach provides the foundation and understanding you need to write effective policies, procedures, and standards clearly and concisely.
Developing policies and procedures may seem to be an overwhelming task. However, by relying on the material presented in this book, adopting the policy development techniques, and examining the examples, the task will not seem so daunting. You can use the discussion material to help sell the concepts, which may be the most difficult aspect of the process. Once you have completed a policy or two, you will have the courage to take on even more tasks. Additionally, the skills you acquire will assist you in other areas of your professional and private life, such as expressing an idea clearly and concisely or creating a project plan.
The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk
Uncertainty and risk, meet planning and action.
Reinforce your organization’s security posture using the expert information contained in this tactical guide. The Computer Incident Response Planning Handbook: Executable Plans for Protecting Information at Risk shows you how to build and manage successful response plans for the cyber incidents that have become inevitable for organizations of any size. Find out why these plans work. Learn the step-by-step process for developing and managing plans built to address the wide range of issues organizations face in times of crisis.
- Contains the essentials for developing both data breach and malware outbreak response plans—and best practices for maintaining those plans
- Features ready-to-implement CIRPs—derived from living incident response plans that have survived the rigors of repeated execution and numerous audits
- Clearly explains how to minimize the risk of post-event litigation, brand impact, fines and penalties—and how to protect shareholder value
- Supports corporate compliance with industry standards and requirements, including PCI, HIPAA, SOX, and CA SB-24
About the Author
N.K. McCarthy previously managed the Information Security Operations / Threat & Vulnerability Management for a Fortune 50 Corporation for several years. His international staff performed round-the-clock security event monitoring and response. His responsibilities included: security patch remediation, vulnerability scans, and remediation, penetration testing, system configuration monitoring and remediation, maintaining the various Computer Incident Response Plans (CIRP), and an active threat portfolio for key business functions, users, application platforms and persistent vulnerabilities.
With a career in over 20 plus years in IT, Mr. McCarthy has held a wide range of roles within IT including systems programming, IT consultant, technical management, and IT sales. He recently retired after 30 plus years as a Marine Corps reservist obtaining the rank of Lieutenant Colonel. His last reserve assignment of five years was with the U.S. Cyber Command. After 9/11, Lt. Col. McCarthy was mobolized and spent almost four years on active duty as an Information Warfare Officer working at the U.S. Strategic Command, the Pentagon, and the National Security Agency (NSA). Mr. McCarthy also has 17 years of experience as a volunteer reserve police officer. In this capacity he was able to attend U.S. DOJ (Law Enforcement Only) training in computer forensics and advanced Internet investigations. He was also certified by FEMA for its Incident Command System (ICS) and the National Incident Management System (NIMS). Mr. McCarthy is currently on the Board of Directors of the San Francisco Bay Area and Silicon Valley chapter of the FBI’s Infragard program.
Mr. McCarthy has a B.S. degree in Computer Science, an M.B.A. and a CISSP. He is also the CEO of an SDVOB S-corporation with established and developing business in California and Nevada.
Dr. Matthew Todd is the Chief Security Officer and Vice President of Risk and Technical Operations for Financial Engines (NASDAQ: FNGN), a financial advisor with more than $47 billion in assets under management. At Financial Engines, he is responsible for security, privacy, business continuity, audit, and risk management for the firm.
In addition to his work at Financial Engines, Dr. Todd is the president of the San Francisco Bay Area InfraGard chapter, representing more than 1000 volunteer InfraGard members. He has been a local mentor for the SANS Institute, is a CISM and CIPP, and holds the GSEC certification. He has more than 20 years of experience in the technology space and has been actively involved in information security for the last 15 years. He obtained his Ph.D. from Northwestern University and was a fellow of both the National Science Foundation (U.S.) and the Danish National Science Foundation.
Jeff Klaben is an Adjunct Professor with Santa Clara University’s College of Engineering, where he currently teaches Information Assurance and Computer Forensics. He is also a principal with Neohapsis, helping Fortune 500 organizations and leading security technology providers overcome global challenges in technology risk management, competitive strategy, product engineering, compliance, and trusted collaboration to achieve break-through innovation. Previously, Jeff served as Group Director of Technology Risk Management at SanDisk, Chief Information Security Officer for Life Technologies, Engineering Group Director with Cadence Design Systems, and Senior Manager of Enterprise Architecture, IT Security, and Compliance at Applied Materials. He also led product management, professional services delivery, and start-up incubation at Accenture.
Jeff is a frequent speaker at industry conferences, and for the past decade, has served on the board of directors of the San Francisco Bay Area InfraGard, a 501(c)(3) nonprofit and public/private partnership dedicated to information sharing for critical infrastructure protection. He assisted the White House as town hall moderator for the rollout of the National Strategy to Secure Cyberspace and was recognized by the U.S. Department of Justice with awards for Dedicated Service and Exceptional Service in the Public Interest. He also received the Belotti Award for Outstanding Business Policy in High Technology Firms from Santa Clara University’s Leavey School of Business. Jeff earned an M.B.A. from Santa Clara University, a B.S. in Information Systems from Wright State University, and the credentials of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA).