Contents at a Glance

Part I Network Security Foundations

1 Network Security Overview

2 Risk Analysis and Defense Models

3 Security Policy Development

4 Security Organization

Part II Access Control

5 Physical Security

6 Authentication and Authorization Controls

7 Data Security Architecture

8 Security Management Architecture

Part III Network Architecture

9 Network Design Considerations

10 Network Device Security

11 Firewalls

12 Virtual Private Network Security

13 Wireless Network Security

14 Intrusion-Detection Systems

15 Integrity and Availability Architecture

16 Network Role-Based Security

Part IV Operating System Security

17 Operating System Security Models

18 Common Unix Vulnerabilities

19 Linux Security

20 Windows Security

21 Novell Security

Part V Application Security

22 Principals of Application Security

23 Writing Secure Software

24 J2EE Security

25 Windows .NET Security

26 Database Security

Part VI Response

27 Disaster Recovery and Business Continuity

28 Attacks and Countermeasures

29 Incident Response and Forensic Analysis

30 Legal Issues: The Laws Affecting Information Security Professionals

Glossary

Index