What's new in this second edition? Updated information on keeping your system hacker free. Includes endpoint, mobil-device, and wireless security. New chapters on encryption, regulatory compliance, working with auditors, and security-awareness training. New chapter on security and emerging Web 2.0 technologies. Ever wonder how a hacker could break into a computer system simply by using a screwdriver? New technologies for defeating these types of physical attacks are also in this second edition. Moreover, this book not only explains such gimmicks, but it also makes clear why taking care of physical security, creating a readable IT security policy, and maintaining best practices when hiring employees are just as important as understanding the dirty tricks that hackers possess in their toolkits. Social engineering -- the low-tech but most effective way to break into a computer system -- and how to defeat it are described in detail. IT security managers and auditors will find the checklists vital for organizing a comprehensive IT security program. From analyzing risk and securing applications to setting a program for meeting the security challenges of regulatory compliance, there is something useful to any IT professional in The Little Black Book of Computer Security. Handy references to pertinent Web sites and tools are also included.
Book Description
Editorial Reviews
Review
This little book is ideal for widespread distribution to employees as part of a security awareness campaign. Mr. Dubin presents a neat package of valuable reminders about significant security best practices and security assessment questions. --M.E. Kabay, PhD, CISSP-ISSMP, author of the Security Strategies Newsletter online
The 2nd edition of The Little Black Book of Computer Security builds on the original by including the vast changes that have occurred in information security over the past few years. Dubin includes sections specifically devoted to privacy and identity theft, regulatory compliance, and protecting Web servers from the next-generation attacks that have plagued Web sites. --Tony Bradley, CISSP, Microsoft MVP
The 2nd edition of The Little Black Book of Computer Security builds on the original by including the vast changes that have occurred in information security over the past few years. Dubin includes sections specifically devoted to privacy and identity theft, regulatory compliance, and protecting Web servers from the next-generation attacks that have plagued Web sites. --Tony Bradley, CISSP, Microsoft MVP
About the Author
Joel Dubin, CISSP, is an independent computer-security consultant who is based in Chicago. He regularly contributes to information-security publications and has been awarded the Microsoft MVP (Most Valuable Professional) designation in the area of developer security. Joel leads a radio show about IT security, writes a blog about same, and has spoken at several universities on various topics. He has received multiple certifications from Sun Microsystems in the Java programming language as well as BA and MBA degrees from Northwestern University. Joel is also fluent in several languages.
Product Details
Would you like to update product info or give feedback on images?
|
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
6 of 6 people found the following review helpful:
5.0 out of 5 stars
Updated with Current and Relevant Information,
By
This review is from: The Little Black Book of Computer Security, Second Edition (Paperback)
The Little Black Book of Computer Security - 2nd Edition does not teach you computer security. You will have to rely on other resources to teach you the nuts and bolts of information security. However, once you understand the fundamentals, Dubin's book can be an invaluable resource to help you create an action plan and ensure you are covering all of your bases to protect your network and your data.
Dubin's book is like a portable plan of action. Each chapter contains a few brief paragraphs with an overview of the problem and why you should protect your computer. He then provides a checklist, in outline form, that a manager can use to determine if their computers are adequately protected or identify what is missing and plug the holes. Notes, Tips, and Sidebars scattered throughout the checklists highlight the more important information and concepts to ensure you don't miss anything. In addition, Dubin provides references to let you know where you can find more detailed information for really important topics. The 2nd edition of The Little Black Book of Computer Security builds on the original by including the vast changes that have occurred in information security over the past few years. Dubin includes sections specifically devoted to privacy and identity theft, regulatory compliance, and protecting Web servers from the next-generation attacks that have plagued web sites recently. In addition, as if the checklist form of the book isn't compact and concise enough, the book includes a variety of appendices which contain even more compact information. The list of Web Sites to Check Daily, Tools of the Trade, and Common TCP Ports are great reference tools. There are plenty of books on all topics of computer security. Dubin's book is unique in how it helps you apply all of the information from the other books and information resources.
2 of 3 people found the following review helpful:
5.0 out of 5 stars
It Audit looks at IT Security,
By Nutrition Nate "it_auditor" (Central NJ United States) - See all my reviews
This review is from: The Little Black Book of Computer Security, Second Edition (Paperback)
This is a tidy little book. I referred to the first edition often, but the second edition is better. It includes me!
Right there in Chapter 19, "Working with Compliance Auditors and Regulators". It suggests that working with internal auditors is a viable strategy. That IT auditors can help IT security to be in top shape before the regulators come knocking. Nice to hear this from a security guy. Finally!
Share your thoughts with other customers: Create your own review
|
|
Inside This Book
(learn more)
First Sentence:
YOU'RE AN IT MANAGER OR A BUSINESS MANAGER who oversees IT operations, and your network is the heart of your business. Read the first page Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
detecting intrusions, software access controls, data leakage, pen tests, screening router, network perimeter, bastion host, unneeded services Key Phrases - Capitalized Phrases (CAPs): (learn more)
Little Black Book of Computer Security, Social Security, Securing E-mail, Assessing Your System, Windows Vista, Writing Secure Programming Code, Securing Your Web Site, Closing the Holes, Apache Web, Internet Information Services, John the Ripper Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Back Cover | Surprise Me!
YOU'RE AN IT MANAGER OR A BUSINESS MANAGER who oversees IT operations, and your network is the heart of your business. Read the first page Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
detecting intrusions, software access controls, data leakage, pen tests, screening router, network perimeter, bastion host, unneeded services Key Phrases - Capitalized Phrases (CAPs): (learn more)
Little Black Book of Computer Security, Social Security, Securing E-mail, Assessing Your System, Windows Vista, Writing Secure Programming Code, Securing Your Web Site, Closing the Holes, Apache Web, Internet Information Services, John the Ripper Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Back Cover | Surprise Me!
What Other Items Do Customers Buy After Viewing This Item?
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
