REVIEW: "Principles of Information Security", Michael E. Whitman/Herbert J. Mattord

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jun 30, 2004.

  1. BKPRINSC.RVW 20040531

    "Principles of Information Security", Michael E. Whitman/Herbert J.
    Mattord, 2003, 0-619-06318-1
    %A Michael E. Whitman
    %A Herbert J. Mattord
    %C 25 Thomson Place, Boston, MA 02210
    %D 2003
    %G 0-619-06318-1
    %I Thomson Learning Inc.
    %O U$67.95/C$93.17 www.course.com
    %O http://www.amazon.com/exec/obidos/ASIN/0619063181/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/0619063181/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/0619063181/robsladesin03-20
    %P 532 p.
    %T "Principles of Information Security"

    The introduction, in chapter one, seems to be a compilation of
    security views from a variety of sources. While this could be
    interesting for the experienced professional, the lack of structure
    and guidance is likely to confuse the beginning student, the audience
    at which the book is aimed. Each chapter starts with a fictional
    scenario: the stories do very little to add to the understanding of
    the topic. Review questions and exercises at the end of the chapters
    are generally either simplistic or open-ended. Chapter two lists
    various types of threats and attacks: classifications and groupings
    are unclear and are likely to lead students into erroneous assumptions
    about the different exploits. Most of the textual material on legal
    and ethical issues, in chapter three, deals with (primarily old) US
    laws. Actually, a substantial portion of the chapter is given over to
    screenshots of numerous computer related agencies and organizations.
    Risk management is broken into two chapters, four, which gives a
    pedestrian but not bad overview of analysis and assessment, and five,
    which is another unstructured amalgam of topics, some of which should
    have been covered in four. Chapter six is a wandering discussion of
    policy, spending a lot of space listing the NIST (US National
    Institutes of Standards and Technology) guides. Business continuity
    planning, in chapter seven, concentrates on incident response, and has
    an odd mention of the involvement of law enforcement. Chapter eight
    lists network security tools and also has simplistic coverage of
    cryptography, extended with an appendix that gets the mathematics of
    asymmetric encryption mostly right, but the implementation seriously
    wrong. Physical security is dealt with reasonably well in chapter
    nine, although the fire suppression content may be confusing. Generic
    project planning advice is in chapter ten. Chapter eleven's review of
    personnel security lists job titles, security related certifications,
    and some general principles. Security maintenance, in chapter twelve,
    is limited to patch and change management as well as risk re-
    assessment advice that probably should have been included with chapter
    four.

    An introductory security text need not contain the depth, or even
    breadth, of a reference for professionals. However, this one could
    use a lot more structure in the presentation of the content, and more
    than a little care with facts and implications.

    copyright Robert M. Slade, 2004 BKPRINSC.RVW 20040531

    --
    ======================

    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Partial/recent: http://groups.yahoo.com/group/techbooks/
    Security Educ.: http://groups.yahoo.com/group/comseced/
    Review mailing list: send mail to
    or
    Rob Slade, doting grandpa of Ryan and Trevor, Jun 30, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Alan Browne

    Minolta DSLR coming - Herbert Keppler et al declare

    Alan Browne, Dec 12, 2003, in forum: Digital Photography
    Replies:
    19
    Views:
    642
    Matthias Andree
    Dec 22, 2003
  2. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Desktop Witness", Michael A. Caloyannides

    Rob Slade, doting grandpa of Ryan and Trevor, Sep 9, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    647
    Rob Slade, doting grandpa of Ryan and Trevor
    Sep 9, 2003
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Biometrics", Samir Nanavati/Michael Thieme/Raj Nanavati

    Rob Slade, doting grandpa of Ryan and Trevor, Nov 26, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    827
    Rob Slade, doting grandpa of Ryan and Trevor
    Nov 26, 2003
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Systems Reliability and Failure Prevention", Herbert Hecht

    Rob Slade, doting grandpa of Ryan and Trevor, Sep 17, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    705
    Rob Slade, doting grandpa of Ryan and Trevor
    Sep 17, 2004
  5. ASAAR

    Herbert Keppler, 1925-2008

    ASAAR, Jan 8, 2008, in forum: Digital Photography
    Replies:
    10
    Views:
    522
    Alan Meyer
    Jan 9, 2008
Loading...

Share This Page