Our search has the following Google-type functionality:
If you use '+' at the start of a word, that word will be present in the search results.
eg. Harry +Potter
Search results will contain 'Potter'.
If you use '-' at the start of a word, that word will be absent in the search results.
eg. Harry -Potter
Search results will not contain 'Potter'.
If you use 'AND' between 2 words, then both those words will be present in the search results.
eg. Harry AND Potter
Search results will contain both 'Harry' and 'Potter'.
NOTE: AND will only work with single words not phrases.
If you use 'OR' between 2 single words, then either or both of those words will be present in the search results.
eg. 'Harry OR Potter'
Search results will contain just 'Harry', or just 'Potter', or both 'Harry' and 'Potter'.
NOTE: OR will only work with single words not phrases.
If you use 'NOT' before a word, that word will be absent in the search results. (This is the same as using the minus symbol).
eg. 'Harry NOT Potter'
Search results will not contain 'Potter'.
NOTE: NOT will only work with single words not phrases.
If you use double quotation marks around words, those words will be present in that order.
eg. "Harry Potter"
Search results will contain 'Harry Potter', but not 'Potter Harry'.
NOTE: "" cannot be combined with AND, OR & NOT searches.
If you use '*' in a word, it performs a wildcard search, as it signifies any number of characters. (Searches cannot start with a wildcard).
Search results will contain words starting with 'Pot' and ending in 'er', such as 'Potter'.
James S. Tiller, CISM, CISA, CISSP, is the Head of Security Consulting, Americas, HP Enterprise Security Services, Hewlett-Packard Company. Formerly Vice President of Security North America for BT Global Services, Jim has provided security solutions for global organizations for the past 20 years. He is the author of the following books published by Auerbach: CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits; Adaptive Security Management Architecture; and A Technical Guide to IPSec Virtual Private Networks. Richard O'Hanley is the Publisher for Information and Communications Technology, Business, and Security at CRC Press. Mr. O'Hanley can be reached at firstname.lastname@example.org
DOMAIN 1: ACCESS CONTROL Access Control Administration What Business Associates Need to Know About Protected Health Information Under HIPAA and HITECH; Rebecca Herold DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY Internet, Intranet, Extranet Security E-mail Security; Terence Fernandes DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT Security Management Concepts and Principles Appreciating Organizational Behavior and Institutions to Solidify Your Information Security Program; Robert Pittman Risk Management The Information Security Auditors Have Arrived, Now What?; Todd Fitzgerald Continuous Monitoring: Extremely Valuable to Deploy Within Reason; Foster J. Henderson and Mark A. Podracky Social Networking; Sandy Bacik Insider Threat Defense; Sandy Bacik Risk Management in Public Key Certificate Applications; Alex Golod Server Virtualization: Information Security Considerations; Thomas A. Johnson Security Management Planning Security Requirements Analysis; Sean M. Price CERT Resilience Management Model: An Overview; Bonnie A. Goins Pilewski and Christopher Pilewski Managing Bluetooth Security; E. Eugene Schultz, Matthew W. A. Pemble, and Wendy Goucher Employment Policies and Practices Slash and Burn: In Times of Recession, Do Not Let Emotions Drive Business Decisions; Seth Kinnett A Zero Trust Model for Security; Ken Shaurette and Thomas J. Schleppenbach DOMAIN 4: APPLICATION DEVELOPMENT SECURITY System Development Controls Application Whitelisting; Georges Jahchan Design of Information Security for Large System Development Projects; James C. Murphy Building Application Security Testing into the Software Development Life Cycle; Sandy Bacik Malicious Code Twenty-Five (or Forty) Years of Malware History; Robert M. Slade DOMAIN 5: CRYPTOGRAPHY Cryptographic Concepts, Methodologies, and Practices Format Preserving Encryption; Ralph Spencer Poore Elliptic Curve Cryptosystems; Jeff Stapleton Pirating the Ultimate Killer APP: Hacking Military Unmanned Aerial Vehicles; Sean P. Mcbride DOMAIN 6: SECURITY ARCHITECTURE AND DESIGN Principles of Computer and Network Organizations, Architectures, and Designs Service-Oriented Architecture; Walter B. Williams Cloud Security; Terry Komperda Enterprise Zones of Trust; Sandy Bacik DOMAIN 7: OPERATIONS SECURITY: OPERATIONS CONTROLS Complex Event Processing for Automated Security Event Analysis; Rob Shein Records Management; Sandy Bacik DOMAIN 8: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Business Continuity Planning Data Backup Strategies: Traditional Versus Cloud: Carl B. Jackson DOMAIN 9: LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATIONS Major Categories of Computer Crime Managing Advanced Persistent Threats; Eugene Schultz and Cuc Du Incident Handling Virtualization Forensics; Paul A. Henry DOMAIN 10: PHYSICAL (ENVIRONMENTAL) SECURITY Elements of Physical Security Terrorism: An Overview; Frank Bolz, Kenneth J. Dudonis, and David P. Schulz Technical Controls Countermeasure Goals and Strategies; Thomas L. Norman Index