part DOMAIN 1. INFORMATION SECURITY AND RISK MANAGEMENT: Security Management Concepts and Principles -- chapter 1 Integrated Th reat Management / chapter 2 Understanding Information Security Management Systems / chapter 3 Planning for a Privacy Breach / chapter 4 Using Quasi-Intelligence Resources to Protect the Enterprise / chapter 5 Information Risk Management: A Process Approach to Risk Diagnosis and Treatment / chapter 6 Department-Level Transformation / chapter 7 Setting Priorities in Your Security Program / chapter 8 Why and How Assessment of Organization Culture Shapes Security Strategies / chapter 9 A Look Ahead / part DOMAIN 2. ACCESS CONTROL: Access Control Techniques -- chapter 10 Authentication Tokens / chapter 11 Authentication and the Role of Tokens / chapter 12 Accountability. DEAN R. BUSHMILLER -- chapter 13 Rootkits: Th e Ultimate Malware Th reat / part DOMAIN 3. CRYPTOGRAPHY -- chapter 14 Encryption Key Management in Large-Scale Network Deployments / part DOMAIN 4. PHYSICAL SECURITY: Elements of Physical Security -- chapter 15 Mantraps and Turnstiles / part DOMAIN 5. SECURITY ARCHITECTURE AND DESIGN: Principles of Computer and Network Organizations, Architectures, and Designs -- chapter 16 Service-Oriented Architecture and Web Services Security / chapter 17 Analysis of Covert Channels / chapter 18 Security Architecture of Biological Cells: An Example of Defense in Depth* / chapter 19 ISO Standards Draft Content / chapter 20 Security Frameworks / part DOMAIN 6. TELECOMMUNICATIONS AND NETWORK SECURITY: Communications and Network Security -- chapter 21 Facsimile Security / chapter 22 Network Content Filtering and Leak Prevention. GEORGE J. JAHCHAN -- chapter 23 Th e Ocean Is Full of Phish / part DOMAIN 7. APPLICATION SECURITY: Application Issues -- chapter 24 Neural Networks and Information Assurance Uses / chapter 25 Information Technology Infrastructure Library and Security Management Overview / chapter 26 Adaptation: A Concept for Next-Generation Security Application Development / chapter 27 Quantum Computing: Implications for Security / part DOMAIN 8. LEGAL, REGULATIONS, COMPLIANCE, AND INVESTIGATION: Information Law -- chapter 28 Compliance Assurance: Taming the Beast / chapter 29 Enterprise Incident Response and Digital Evidence Management and Handling / chapter 30 Security Information Management Myths and Facts