Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010319086 | TK5105.59 C94 2013 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Based on related courses and research on the cyber environment in Europe, the United States, and Asia, Cyberspace and Cybersecuritysupplies complete coverage of cyberspace and cybersecurity. It not only emphasizes technologies but also pays close attention to human factors and organizational perspectives.
Detailing guidelines for quantifying and measuring vulnerabilities, the book also explains how to avoid these vulnerabilities through secure coding. It covers organizational-related vulnerabilities, including access authorization, user authentication, and human factors in information security. Providing readers with the understanding required to build a secure enterprise, block intrusions, and handle delicate legal and ethical issues, the text:
Explaining how to secure a computer against malware and cyber attacks, the text's wide-ranging coverage includes security analyzers, firewalls, antivirus software, file shredding, file encryption, and anti-loggers. It reviews international and U.S. federal laws and legal initiatives aimed at providing a legal infrastructure for what transpires over the Internet. The book concludes by examining the role of the U.S. Department of Homeland Security in our country's cyber preparedness.
Exercises with solutions, updated references, electronic presentations, evaluation criteria for projects, guidelines to project preparations, and teaching suggestions are available upon qualified course adoption.
Author Notes
Dr. George K. Kostopoulosis a faculty member at the University of Maryland University College, where he serves and teaches as a faculty mentor in the master's degree programs in cybersecurity and information assurance. Dr. Kostopoulos has an extensive international academic career, having taught in seventeen universities around the world, including Boston University, Texas A&M International University, Florida Atlantic University, the University of Heidelberg (Germany), and the American University of Sharjah (UAE). He is the author of numerous scholarly papers and two other books, Digital Engineering and Greece and the European Economic Community.Dr. Kostopoulos received his master's and PhD degrees in electrical and computer engineering from the Arizona State University, and a master's in economics from California State Polytechnic University. He is the founder and editor-in-chief of the Journal of Cybersecurity and Information Assurance and a reviewer of numerous scientific conferences.
Reviews 1
Choice Review
In the second edition of Cyberspace and Cybersecurity, Kostopoulos (Univ. of Maryland University College) provides a robust primer on the varied aspects of cyberspace and cybersecurity in a highly readable format suitable for laypeople and students. Despite the complexities of the topic, Kostopoulos succeeds in providing a text for "non-cybersecurity techies" without sacrificing content. He begins by examining the vulnerabilities in information systems from the triangular view of people, hardware, and software before offering information on securing and defending these systems. Following this is an overview of related topics, including international and US cybersecurity law, war and homeland security, digital currencies, and cybercrime. Topics often overlooked in preliminary textbooks on cybersecurity, such as human factors and cyber ethics, are also addressed. The second edition is updated throughout with a new passage on encryption key management; updates to many topics, including mobile telephony and ransomware defense; and a new, much-needed chapter on digital currencies. Well organized and concise with complete references, this is an essential read for anyone interested in learning the fundamentals of cybersecurity. Summing Up: Highly recommended. Lower-division undergraduates, technical program students, and professionals. --Kelly Marie Robinson, Embry-Riddle Aeronautical University
Table of Contents
Vulnerabilities in Information Systems |
Introduction |
Measuring Vulnerability |
Avoiding Vulnerabilities through Secure Coding |
Mistakes Can Be Good |
Threats Classification |
Threat Modeling Process |
Security Starts at Home |
Security in Applications |
International Awareness |
Exercises |
Vulnerabilities in the Organization |
Introduction |
Common Organizational Vulnerabilities |
Access Authorization and Authentication |
Human Factors |
Security Services |
External Technologies |
Wireless Networks |
Bluetooth |
Passive Vulnerabilities |
Active Vulnerabilities |
Precautions |
Wireless Fidelity |
Wi-Fi Precautions at Home |
Wi-Fi Precautions at the Hotspot |
Wi-Fi Precautions at the Enterprise |
Worldwide Interoperability Microwave Access |
WiMAX Features |
Cloud Computing |
Exercises |
Risks in Information Systems Infrastructure |
Introduction |
Risks in Hardware |
Risks in Software |
Risks in People |
Risks in Laptops |
Risks in Cyberspace |
Risk Insurance in Cyberspace |
Exercises |
Secure Information Systems |
Introduction |
Assets Identification |
Assets Communication |
Assets Storage |
Resource Access Control Facility |
Securing the Email Communications |
Email Server Side |
Email Client Side |
Information Security Management |
Exercises |
Cybersecurity and the CIO |
Introduction |
CIO: Personality |
Trust and Ethics |
Communication and Intelligence |
Leadership and Entrepreneurship |
Courage and Limitations |
CIO: Education |
University Degrees |
Certifications |
CIO: Experience |
Experience |
CIO: Responsibilities |
Data Backup and Archiving |
Culture of Security |
Cyber Training |
Contingency Plans |
Liability |
CIO: Information Security |
Internal Information Security Components |
Access Control-Electronic |
Access Control-Physical |
Cyber Policies |
Cyber Awareness and Training |
Training |
Business Continuity |
CIO: The Changing Role |
Exercises |
Building a Secure Organization |
Introduction |
Business Continuity Planning |
Business Impact Analysis (BIA) |
Business Recovery Strategy (BRS) |
Drafting of the BCP |
Testing of the BCP |
Training in the BCP Implementation |
BCP Performance Indicators |
System Access Control |
System Development and Maintenance |
Physical and Environmental Security |
Compliance |
Personnel Security |
Security Organization |
Computer and Network Management |
Asset Classification and Control |
Security Policy |
Exercises |
Cyberspace Intrusions |
Introduction |
IDPS Configuration |
Sensors |
Processor |
Consoles |
Network |
IDPS Capabilities |
Information Acquisition |
Information Loggings |
Detection Techniques |
Prevention Actions |
IDPS Management |
Implementation |
Step One: Features |
Step Two: Architecture |
Step Three: Installation |
Step Four: Testing |
Step Five: Activation |
Operation |
Maintenance |
IDPS Classification |
Host-Based IDPS |
Network-Based IDPS |
Network Behavior Analysis System |
Wireless IDPS |
IDPS Comparison |
Exercises |
Cyberspace Defense |
Introduction |
File Protection Applications |
File Backup |
Disaster Recovery |
History Deletion |
Shredding and Wiping |
File Undelete |
File Encryption |
Loggers |
Anti-Loggers |
PC Performance Applications |
Registry Repair |
Anti-Rootkits |
Antivirus |
Junk Files |
Fragmentation |
Protection Tools |
Security Analyzer |
Password Analyzer |
Firewalls |
Packet-Level Filtering |
Circuit-Level Filtering |
Application-Level Gateway |
Email Protection |
Exercises |
Cyberspace and the Law |
Introduction |
International Laws |
Europe |
United Nations |
North Atlantic Treaty Organization |
INTERPOL |
Impediments to Cyber Law Enforcement |
Cyber-Related Laws in the United States |
The Commercial Privacy Bill of Rights Act of 2011 |
The Cybersecurity Act of 2010 |
The Federal Information Security Management Act of 2002 |
The USA PATRIOT Act of 2001 |
The Communications Assistance for Law Enforcement Act of 1994 |
Computer Security Act of 1987 |
The Privacy Act of 1974 |
Cybercrime |
Trends in Cyber Abuse |
Combating Cybercrime |
Exercises |
Cyber Warfare and Homeland Security |
Introduction |
Cyber Warfare |
Cyber Weapons Convention |
Cyber Terrorism |
Cyber Espionage |
Homeland Security |
National Cyber Security Division |
Cybersecurity Preparedness |
Challenges |
Distributed Defense |
Countermeasures |
The Cyber Defense Ecosystem |
Cybersecurity Training |
Cyber Simulation and Exercises |
Exercises |
References |
Index |