Discusses proven ways to design and develop secure systemsBuilds safeguards into the system upfront - rather than adding them later Provides the tools, techniques, and methodologies for creating the most secure systemsSupplies effective access controls as well as various models and techniques for user verification and automated intrusion detectionExplains how to implement and manage network-based controlsPuts the theory of communications security into practice Covers OSI and ISDN protocolsUses cryptography to secure communications and control EDI transactions Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for use by practitioners to conduct the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Preparing for the examination is a major effort because it requires a thorough understanding of the topics contained in the Common Body of Knowledge (CBK) for the field as specified in the Generally Accepted Systems Security Principles (GASSP). The handbook is one of the most important references used by candidates preparing for the exam.The Information Security Management Handbook maps the ten domains of the Common Body of Knowledge tested on the certification examination: access control issues and methodology, telecommunications and network security, security management practices, applications and systems development security, cryptography, security architecture and models, operations security, business continuity planning and disaster recovery planning, law, investigations, and ethics, and physical security. The Information Security Management Handbook is a must have book, whether you're preparing for the CISSP exam or need a comprehensive, up-to-date reference, or both.