The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'Enterprise Information Security'

TitleEnterprise Information Security
Author(s)Peter Gregory
ISBN0273661574
LanguageEnglish
PublishedAugust 2002
PublisherPearson Professional Education
Web links for this book
Search at Bookcrossing.com
Wikipedia booksources
Shop for this book
At Amazon.com
At Amazon.co.uk

Back to shelf Business and Management
Back to shelf Computer networks
Amazon.com info for Enterprise Information Security

Score:

Vote for this book

The Virtual Bookcase Reviews of 'Enterprise Information Security':

Reviewer Rob Slade wrote:
The executive summary states that this book is intended to present information security to executives. The introduction certainly shows that it isn't intended for technical people, who would ask what the difference was between access over the Internet and remote access, or a network using TCP/IP and the Internet. Chapter one asserts that the events of September 11, 2001 woke executives up to the importance of security. (Yeah, right.) However, there is a good analysis of the reasons that the Code Red/Nimda worm was successful. The definition of a threat, in chapter two, is pretty bad, and the definitions of various types of malicious software are really bad. The section on hacking lists a variety of attacks (heavy on social engineering), the "hacker profiles" concentrate on system exploits, there is a random list of security problems, and then an surprisingly good definition of vulnerability. Authentication and authorization are reasonably handled, but confused with extraneous details in chapter three. Access control is equated with firewalls, and the discussion of cryptography is all right but full of minor errors. (RC 2 and RC 4 have been compromised, Skipjack has been released for limited review, a digital signature does need a key but not necessarily an additional password, the loss of a key is not sufficient to repudiate a digital signature, and the ping-of-death does not compromise integrity.) The material on antivirus protection refers only to scanning, and the material on audit deals only with logs. Chapter four is supposed to be about policies, but actually concentrates on procedures, containing random thoughts and many gaps. People are the weak link in security, we are told in chapter five, and, as with other sections it uses non-standard terms in the discussion. More haphazard thoughts are in chapter six, while chapter seven has a poor definition of privacy and a grab bag of topics. In chapter eight a casual list of topics seem to be indiscriminately assigned to the standard important/urgent quadrant chart. OK, this is not intended for professionals; it is intended for managers. But, even if we give full reign to the usual jokes -- those who can't, do; those who are incapable of mastering anything, go into management -- it's still bad form to deliberately mislead them this way. copyright Robert M. Slade, 2002
Add my review for Enterprise Information Security
Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (111)
Computer networks (382)
Computer programming (215)
Computer security (269)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (70)
History (135)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (83)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (55)
Technology (12)
Travel guides (307)
War and weapons (29)
World Wide Web (211)
Zen (5)
Other books (88)
The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail webmaster@virtualbookcase.com.
Site credits
Copyright © 2000-2010 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement