Название: Computer Security Principles and Practice 5th Edition Автор: William Stallings, Lawrie Brown Издательство: Pearson Education Год: 2024 Страниц: 1641 Язык: английский Формат: pdf Размер: 33.5 MB
Computer Security, 5th Edition features a balanced presentation of both principles and practice. It incorporates broad and comprehensive coverage of computer and network security with current developments and topics in the field. Principles, design approaches, standards, and real-world examples give you an understanding of both the theory and application of important concepts. Hands-on security education, research, programming and firewall projects give you practice applying the material. Hacking and lab exercises, real-world case studies, and security assessments further your understanding of text concepts.
The objective of this book is to provide an up-to-date survey of developments in computer security. Central problems that confront security designers and security administrators include defining the threats to computer and network systems, evaluating the relative risks of these threats, and developing cost-effective and user friendly countermeasures.
The eight domains are as follows, with an indication of where the topics are covered in this textbook:
• Security and risk management: Confidentiality, integrity, and availability concepts; security governance principles; risk management; compliance; legal and regulatory issues; professional ethics; and security policies, standards, procedures, and guidelines. • Asset security: Information and asset classification; ownership (e.g. data owners, system owners); privacy protection; appropriate retention; data security controls; and handling requirements (e.g., markings, labels, storage). • Security architecture and engineering: Engineering processes using secure design principles; security models; security evaluation models; security capabilities of information systems; security architectures, designs, and solution elements vulnerabilities; web-based systems vulnerabilities; mobile systems vulnerabilities; embedded devices and cyber-physical systems vulnerabilities; cryptography; and site and facility design secure principles; physical security. • Communication and network security: Secure network architecture design (e.g., IP and non-IP protocols, segmentation); secure network components; secure communication channels; and network attacks. • Identity and access management: Physical and logical assets control; identification and authentication of people and devices; identity as a service (e.g. cloud identity); third-party identity services (e.g., on-premise); access control attacks; and identity and access provisioning lifecycle (e.g., provisioning review). • Security assessment and testing: Assessment and test strategies; security process data (e.g., management and operational controls); security control testing; test outputs (e.g., automated, manual); and security architectures vulnerabilities. • Security operations: Investigations support and requirements; logging and monitoring activities; provisioning of resources; foundational security operations concepts; resource protection techniques; incident management; preventative measures; patch and vulnerability management; change management processes; recovery strategies; disaster recovery processes and plans; business continuity planning and exercises; physical security; and personnel safety concerns. • Software development security: Security in the software development lifecycle; development environment security controls; software security effectiveness; and acquired software security impact.
The book is intended for both an academic and a professional audience. As a textbook, it is intended as a one- or two-semester undergraduate course for computer science, computer engineering, and electrical engineering majors.
Скачать Computer Security Principles and Practice 5th Edition