Information Security Management Handbook, Sixth Edition (2012)
DOMAIN 1: ACCESS CONTROL
DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY
DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT
Chapter 4. The Information Security Auditors Have Arrived, Now What?
Chapter 5. Continuous Monitoring: Extremely Valuable to Deploy within Reason
Chapter 7. Insider Threat Defense
Chapter 8. Risk Management in Public Key Certificate Applications
Chapter 9. Server Virtualization: Information Security Considerations
Chapter 10. Security Requirements Analysis
Chapter 11. CERT Resilience Management Model: An Overview
Chapter 12. Managing Bluetooth Security
Chapter 13. Slash and Burn: In Times of Recession, Do Not Let Emotions Drive Business Decisions
Chapter 14. A “Zero Trust” Model for Security
DOMAIN 4: APPLICATION DEVELOPMENT SECURITY
Chapter 15. Application Whitelisting
Chapter 16. Design of Information Security for Large System Development Projects
Chapter 17. Building Application Security Testing into the Software Development Life Cycle
Chapter 18. Twenty-Five (or Forty) Years of Malware History
DOMAIN 5: CRYPTOGRAPHY
Chapter 19. Format Preserving Encryption
Chapter 20. Elliptic Curve Cryptosystems
Chapter 21. Pirating the Ultimate Killer App: Hacking Military Unmanned Aerial Vehicles
DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN
Chapter 22. Service-Oriented Architecture
Chapter 24. Enterprise Zones of Trust
DOMAIN 7: OPERATIONS SECURITY
Chapter 25. Complex Event Processing for Automated Security Event Analysis
Chapter 26. Records Management
DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING
Chapter 27. Data Backup Strategies: Traditional versus Cloud
DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS
Chapter 28. Managing Advanced Persistent Threats
Chapter 29. Virtualization Forensics
DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY
Chapter 30. Terrorism: An Overview
Chapter 31. Countermeasure Goals and Strategies