chapter 1 Sensitive or Critical Data Access Controls -- chapter 2 An Introduction to Role-Based Access Control -- chapter 3 Smart Cards -- chapter 4 A Guide to Evaluating Tokens -- chapter 5 Identity Management: Benefits and Challenges -- chapter 6 An Examination of Firewall Architectures -- chapter 7 The Five W’s and Designing a Secure, Identity-Based, Self-Defending Network (5W Network) -- chapter 8 Maintaining Network Security: Availability via Intelligent Agents -- chapter 9 PBX Firewalls: Closing the Back Door -- chapter 10 Voice over WLAN -- chapter 11 Spam Wars: How To Deal with Junk E-Mail -- chapter 12 Auditing the Telephony System: Defenses against Communications Security Breaches and Toll Fraud -- chapter 13 The Controls Matrix -- chapter 14 Information Security Governance -- chapter 15 Belts and Suspenders: Diversity in Information Technology Security -- chapter 16 Building Management Commitment through Security Councils, or Security Council Critical Success Factors -- chapter 17 Developing and Conducting a Security Test and Evaluation -- chapter 18 Enterprise Security Management Program -- chapter 19 Technology Convergence and Security: A Simplified Risk Management Model -- chapter 20 People, Processes, and Technology: A Winning Combination -- chapter 21 Building an Effective Privacy Program -- chapter 22 Training Employees To Identify Potential Fraud and How To Encourage Them To Come Forward -- chapter 23 Beyond Information Security Awareness Training: It Is Time To Change the Culture -- chapter 24 Establishing a Successful Security Awareness Program -- chapter 25 System Development Security Methodology -- chapter 26 Software Engineering Institute Capability Maturity Model -- chapter 27 Organized Crime and Malware -- chapter 28 Enabling Safer Deployment of Internet Mobile Code Technologies -- chapter 29 Blind Detection of Steganographic Content in Digital Images Using Cellular Automata -- chapter 30 An Overview of Quantum Cryptography -- chapter 31 Elliptic Curve Cryptography: Delivering High-Performance Security for E-Commerce and Communications -- chapter 32 Enterprise Assurance: A Framework Explored -- chapter 33 Managing Unmanaged Systems -- chapter 34 Understanding Service Level Agreements -- chapter 35 Building Maintenance Processes for Business Continuity Plans -- chapter 36 Identifying Critical Business Functions -- chapter 37 Selecting the Right Business Continuity Strategy -- chapter 38 Contingency at a Glance -- chapter 39 The Business Impact Assessment Process and the Importance of Using Business Process Mapping -- chapter 40 How To Test Business Continuity and Disaster Recovery Plans and How Often -- chapter 41 Sarbanes–Oxley Compliance: A Technology Practitioner’s Guide -- chapter 42 Health Insurance Portability and Accountability Act Security Rule -- chapter 43 The Ethical and Legal Concerns of Spyware -- chapter 44 The Evolution of the Sploit -- chapter 45 Computer Crime -- chapter 46 Phishing: A New Twist to an Old Game -- chapter 47 It’s All about Power: Information Warfare Tactics by Terrorists, Activists, and Miscreants -- chapter 48 DCSA: A Practical Approach to Digital Crime Scene Analysis -- chapter 49 What a Computer Security Professional Needs To Know about E-Discovery and Digital Forensics -- chapter 50 How To Begin a Non-Liturgical Forensic Examination -- chapter 51 Physical Security for Mission-Critical Facilities and Data Centers.