This is the must-have book for a must-know field. Today, general security knowledge is mandatory, and, if you who need to understand the fundamentals, Computer Security Basics 2nd Edition is the book to consult.
The new edition builds on the well-established principles developed in the original edition and thoroughly updates that core knowledge. For anyone involved with computer security, including security administrators, system administrators, developers, and IT managers, Computer Security Basics 2nd Edition offers a clear overview of the security concepts you need to know, including access controls, malicious software, security policy, cryptography, biometrics, as well as government regulations and standards.
This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.
Computer security concepts
Security breaches, such as viruses and other malicious programs
Communications and network security
Physical security and biometrics
Wireless network security
Computer security and requirements of the Orange Book
OSI Model and TEMPEST
Security for Today
Chapter 1 Introduction
The New Insecurity
What Is Computer Security?
Threats to Security
Why Buy Security?
What’s a User to Do?
Chapter 2 Some Security History
Information and Its Controls
Computer Security: Then and Now
Early Computer Security Efforts
Building Toward Standardization
Computer Security Mandates and Legislation
Chapter 3 Computer System Security and Access Controls
What Makes a System Secure?
System Access: Logging into Your System
Chapter 4 Viruses and Other Wildlife
Financial Effects of Malicious Programs
Viruses and Public Health
Viruses, Worms, and Trojans (Oh, My!)
Who Writes Viruses?
The Virus Hype
An Ounce of Prevention
Chapter 5 Establishing and Maintaining a Security Policy
Overall Planning and Administration
Separation of Duties
Chapter 6 Web Attacks and Internet Vulnerabilities
About the Internet
What Are the Network Protocols?
The Fragile Web
Chapter 7 Encryption
What Is Encryption?
The Data Encryption Standard
Other Cryptographic Algorithms
Government Cryptographic Programs
Cryptographic Export Restrictions
Chapter 8 Communications and Network Security
What Makes Communication Secure?
Other Types of Security
Chapter 9 Physical Security and Biometrics
Locks and Keys: Old and New
Chapter 10 Wireless Network Security
How We Got Here
Today’s Wireless Infrastructure
How Wireless Works
Playing the Fields
What Is This dB Stuff?
Why Does All This Matter?
Physical Layer Wireless Attacks
Appendix OSI Model
The Problem of Emanations
The TEMPEST Program
Hard As You Try
Appendix The Orange Book, FIPS PUBS, and the Common Criteria
Rick Lehtinen started his career in electronic communications, from installing two-way radios to building television stations and satellite uplink facilities. Frequent contribution of articles to the trade press led to a position as an editor at Broadcast Engineering magazine, as well as a sister publication, Video Systems, which was followed by nationwide travel promoting desktop video production as "Dr. Video".After relocating to Phoenix, Lehtinen researched and produced marketing information for the semiconductor industry. This lead to a survey of computers and networking, which field eventually became a passion. Lehtinen financed his studies by teaching and writing, and is on the adjunct faculty of several community colleges and vocational schools. As a course writer for the Cisco Network Academy, he has worked with materials from conception through post-production, including learner assessment and the creation of annoying multiple choice questions. Lehtinen holds certifications in computer security (CISSP), networking (CCNP, CCDP), and telecommunications design (BICSII RCDD) and is the author of Computer Security Basics, 2/E. His hobbies include spending time with his family, playing the tuba, and writing about complimentary/alternative medical technologies.
G.T. Gangemi, Sr., is Director of Wang Laboratories' Secure Systems Program. The Wang organization mirrors the structure of the U.S. government's Information Security (INFOSEC) program, encompassing computer security (COMPUSEC), communications security (COMSEC), TEMPEST, and physical access. Mr. Gangemi is responsible for all Wang security-related products designed for government and commercial use. He has previously held management positions at Wang in a variety of areas, including research and development, product management and marketing, account management, and business planning. He attended La Salle College and the Program for Senior Executives at Harvard University's Kennedy School of Government. He served in the U.S. Army and is a private pilot.
Comments about oreilly Computer Security Basics, 2nd Edition:
This is a truly great introductory security book. It does a very good job in explaining the basics for those that might be new to the topic of security, and manages to do so without the gross oversimplifications that are all to common in books aimed at the uninitiated. While this is definitely more of an introductory text, I was very happy to see good coverage of topics such as encryption and biometrics, and even an appendix covering TEMPEST. A truly great book for learning security concepts. I'm going to look into switching the present text for this one in one of the introductory security courses that I teach.