IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives Informatiion Security Today Book Proposal Guidelines IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives Informatiion Security Today Book Proposal Guidelines
IT Today is brought to you by Auerbach Publications

Return to AIMS Table of Contents

Data Security Management

80 Access Control Systems and Methodology

80-10 Access Control Technologies and Methods

Role-Based Access Control in Real Systems
Fundamentals of Remote Access
Working with Cisco Access Lists
Access Security in a Windows NT Environment
Physical Access Control
An Introduction to Secure Remote Access
Getting the Most from CA-ACF2 Part 1
Getting the Most from CA-ACF2 Part 2
A Security Review of MVS/RACF Part 1
A Security Review of MVS/RACF Part 2
Biometrics: What’s New?
System Policies to Group Policies: Issues, Improvements, and Best Practices in Windows 2000
Planning and Designing Group Policy in Windows 2000

80-20 Identification and Authentication Techniques

Strong User Authentication
Effective Management of Unix Passwords
How Smartcards Can Improve Information Systems Security
Managing Distributed Network Systems Using Single Sign on Password Synchronization, and the Authentication Server
Remote Access Authentication
User Authentication: A Secure Networking Environment
Client/Server Security with Mainframe Access
Controlling Unix Permissions and Passwords
A Guide to Evaluating Tokens
Password Security, Part 1
Password Security, Part 2
Single Sign-on for the Enterprise
Centralized Authentication Services (RADIUS, TACACS, DIAMETER)

80-30 Methods of Attack

Employing Proxy Services
Password Hacking
An Introduction to Back Orifice 2000 Backdoor Program
A Primer on Cracking, Part 1
A Primer on Cracking, Part 2
Social Engineering and Reverse Social Engineering
Assessing and Combating the Sniffer Threat

80-40 Monitoring and Penetration Testing

The Self-Hack Audit
Introduction to Penetration Testing
Performing Penetration Testing

81 Telecommunications and Network Security

81-10 E-mail Security

Establishing Business Controls for Electronic Mail Communications
Security and Control of Electronic Mail

81-20 Communications and Network Security

Wireless LAN Security
Solaris TCP/IP Network Security Features
Applets and Network Security: A Management Overview
Securing Your Router
Security and Resource Sharing in a NT Environment
Control of Wide Area Networks
Strategies for Securing Wide Area Networks
The Foundations of Enterprise Network Security
Novell NetWare 4.X Security
Securing NetWare Enterprise Local Area Networks
The Steps to Novell Network Data Fault Tolerance
Planning for Security in the NetWare Local Area Network
Secured Connections to External Networks
Security in Value-Added Networks
Security of Communication Protocols and Services
A Program for Evaluating LAN Security
Secure External Network Communications
Microcomputer Network Controls and Security, Part 1
Microcomputer Network Controls and Security, Part 2
Security of Wireless LAN
Network Technologies for Information Security Practitioners, Part 1
Network Technologies for Information Security Practitioners, Part 2
Modem Management and Security
Introducing Windows 2000 Security: Features and Management
Identifying Information Security Threats

81-30 Internet, Intranet and Extranet Security

Controlling FTP: Providing Secured Data Transfers
Types of Firewalls
Selecting an Internet Firewall
On the Topic of Firewall Testing
Protecting Networks with Firewalls
Virtual Private Networks Security
Virtual Private Networking: An Overview
Firewalls: An Effective Solution for Internet Security
An Introduction to Internet Security and Firewall Policies
Internet Security Architecture
Extranet Security: What’s Right for Your Business
Implementing and Supporting Extranets
Push Technology Security: Part 1
Push Technology Security: Part 2
An Introduction to IPSEC
IPSec Key Management
The IPSec Standard
Security Management for the World Wide Web
Internet Security: Securing the Perimeter
Personal Firewall Showdown: Software versus Appliance
Security of Virtual Private Networks
How to Perform a Security Review of a Checkpoint Firewall

81-40 Network Attacks and Countermeasures

Threats to NetWare Enterprise LANs
Improving Network-Level Security Through Real-time Monitoring and Intrusion Detection
Firewall Management and Internet Attacks

80-50 ISO/OSI Layers and Characteristics

Network Layer Security
Transport Layer Security
Application Layer Security Protocols for Networks
Security of Physical Data

82 Security Management Practices

82-10 Security Awareness

Why Security Fails
The Business Case for Information Security: Selling Management on the Protection of Vital Secrets and Products
Establishing a Security Awareness Program
Making Security Awareness Happen, Part 1
Making Security Awareness Happen, Part 2
Making Security Awareness Happen, Appendices

82-20 Security Management Concepts and Principles

The Effects of Outsourcing on Information Security
The Information Security Program Maturity Grid
Information Protection Organization Model
Security Testing Is Not All the Same: A Reference Taxonomy
Impact of a Year 2000 Conversion on Security
A Strategic Plan for Security
Security Strategies for Distributed Environments
Managing Security in a Multiplatform Environment
The Layers of an Information Protection Program

82-30 Risk Management

The Delphi/Modified Delphi Technique: A Consensus Approach to Information Valuation
Managing Risk in Electronic Commerce
New Trends in Risk Assessment
Risk Assessment and EDI
Risk Assessment and Management, Part 1
Risk Assessment and Management, Part
Facilitated Risk Analysis Process (FRAP)

82-40 Data Classification

Information Classification: A Corporate Implementation Guide

82-50 Policies, Standards, Procedures and Guidelines

The Security Policy Life Cycle: Functions and Responsibilities
Creating Firewall Policy Following a Functional Model
End-User Computing Security Guidelines
Policies for Secure Personal Data
Policies and Procedures: The Backbone to Strong Security Model
Information Security Policies, Procedures, and Standards: Establishing an Essential Code of Conduct

82-60 Change Control Management

Implementing an Application Change Control System
Change Management Systems
Security Review of Unauthorized Microcomputer Software

82-70 Roles and Responsibilities

The Life Cycle of Security Managers

82-80 Employment Policies and Procedures

Information Security and Personnel Practices

83 Applications and Systems Development Security

83-10 Application Issues

Software Tools for Detecting Misuse on UNIX Systems
Implementing AS/400 Security Controls
Securing Tandem Systems
Security Issues under the Solaris Operating System
Windows NT Server Operating System Security Features
Security and Control of Imaging Systems
Evaluating Unix Security
Securing New Information Technology
A Look at Java Security
Security of Applets and Applications Control
An Introduction to Electronic Commerce for Financial Institutions
The Fifth Factor: Behavior Profiling Opens New Possibilities for Web Access Control

83-20 Databases and Data Warehousing

Security Models for Object-Orientated Databases
Establishing Security Controls in a Distributed Database

83-30 Systems Development Controls

The Software Certification Process
Certification of Externally Developed Software

83-40 Malicious Code

The Future of Computer Viruses
Counteracting Viruses in MS-DOS Systems
Microcomputer Virus Disinfection
Controlling Microcomputer Viruses

84 Cryptography

84-10 Cryptography Concepts, Methodologies and Practices

Introduction to Encryption Technology
Cryptographic Key Management Concepts
EDI and EFT Security Using Cryptography, Part 1
EDI and EFT Security Using Cryptography, Part 2
Selecting a Cryptographic System
Comparing Firewall Technologies

84-20 Private Key Algorithms

Private Keys, Trusted Third Parties, and Kerberos
Key Escrow Encryption Policies and Technologies
Principles and Applications of Key Management

84-30 Public Key Algorithms

RSA Public Key Cipher, Public Key Certificates, and E-mail Privacy Protocols

84-40 Public Key Infrastructure (PKI)

Mitigating e-Business Security Risks: PKI in the Real World

85 Security Architecture and Models

85-10 Principles of Computer and Network Operations, Architecture and Designs

Enclaves: The Enterprise as an Extranet
The Building Blocks of Information Security
Security Configuration and Analysis for Windows NT and Windows 2000
Implementing Least Privilege In Windows 2000
AS/400 Security Design
Unix File System Security, Part 1
Unix File System Security, Part 2
Controlling Major Systems Integration Projects
Multi-platform Security: Today’s Biggest Challenge
Introduction to Unix Security for Security Practitioners
A New Security Model for Networks and the Internet
New Trends in Information Risk Management
Reengineering the Business Continuity Planning Process

86 Operations Security

86-10 Concepts

Secure Data Center Operations

86-20 Auditing

Audit and Control of Micro-Mainframe Systems
Auditing the Electronic Commerce Environment

86-30 Intrusion Detection

Intrusion Detection: How to Utilize a Still Immature Technology

86-40 Resource Protection Requirements

Protecting the Portable Computing Environment
Virtual Office (Mobile User) Security
Protecting against Hacker Attacks
Hacker Enticement: What Information Is the Organization Giving Away Today?

87 Business Continuity Planning and Disaster Recovery Planning

87-10 Business Continuity Planning

The Business Impact Assessment Process
Choosing a Hot Site Vendor
Business Continuity in the Distributed Environment
Reengineering the Business Continuity Planning Process
Strategies for Developing and Testing Business Continuity Plans
Overview of Business Continuity Planning

87-20 Disaster Recovery Planning

Restoration of Normal Operations Following a Damaging Event

88 Law, Investigation, and Ethics

88-10 Investigations

Investigating a Computer Security Incident
Computer Forensics
Computer Crime Investigation and Computer Forensics
The Use of Computer Records as Courtroom Evidence
Operational Forensics
CIRT: Responding to Attack
After the Breach: Responding to Computer Intrusions
Establishing a Computer Incident Response Plan

88-20 Ethics

When Technology and Privacy Collide

88-30 Laws

Commercial, Privacy Protection, Regulatory, and Security Implications of Electronic Cash
Jurisdictional Issues in Global Transmissions
Software License Compliance: Big Brother is Watching, Part 1
Software License Compliance: Big Brother is Watching, Part 2
The Legal and Regulatory Environment of the Internet
Legal Protection of Software
Negligence, Litigation, and Information Security

88-40 Major Categories of Computer Crime

Criminal Activity on the Internet

89 Physical Security

89-10 Facility Requirements

Data Center Security

89-20 Technical Controls

Dial-Up Security Controls
Understanding the Important of Real-Time Computing in Electronic Physical Control Environments

89-30 Elements of Physical Security

Introduction to Physical Security
Physical Security: Controlled Access and Layered

Return to AIMS Table of Contents

© Copyright 2012 Auerbach Publications