Slashdot Mirror

← Back to Stories (view on slashdot.org)

Book Review: Elementary Information Security

Posted by samzenpus on from the read-all-about-it dept.

benrothke writes "Elementary Information Security, based on its title, weight and page length, I assumed was filled with mindless screen shots of elementary information security topics, written with a large font, in order to jack up the page count. Such an approach is typical of far too many security books. With that, if there ever was a misnomer of title, Elementary Information Security is it." Read below for the rest of Ben's review Elementary Information Security author Richard E. Smith pages 800 publisher Jones & Bartlett Learning rating 10/10 reviewer Ben Rothke ISBN 978-1449648206 summary Information security magnum opus For anyone looking for a comprehensive information security reference guide - Elementary Information Security is it. While the title may say elementary, for the reader who spends the time and effort to complete the book, they will come out with a complete overview of every significant information security topic.

The book is in fact a textbook meant to introduce the reader to the topic of information security. But it has enough content to be of value to everyone; security notices or experienced professional.

Author Richard Smith notes that if you want to get a solid understanding of information security technology, you have to look closely at the underlying strengths and weakness of information technology itself, which requires a background in computer architecture, operating systems and computing networking.

With that, Elementary Information Security is a tour de force that covers every information security topic, large and small. The book also provides a relevant overview of the peripheral topics that are embedded into information security.

In 17 chapters covering over 800 pages, the book is well organized and progressively gets more complex. Two large chapters of the book are freely available online, with chapter 3 here and chapter 9 here. The early chapters focus on the fundamentals of computers and networking, and the core aspects of information security. The chapters progress in complexity and deal with distributed systems and more complex security topics. The mid-chapters deal with cryptography, starting with an introduction to the topic, into more complex topics and scenarios. One is hard-pressed to find an information security topic not covered in the book.

Chapter 1 is on Security from the Ground Up and lays the groundwork for what security is. Various topics around risk are detailed; such as identifying, prioritizing and assessing risks.

Chapter 2 is on Controlling a Compute rand reviews the underlying architecture around computers.

For some people, much of their learning about information security is based on rote memorization. In the book, Smith eschews this and each chapter closes with a glossary of topics, and penetrating questions. There are also problem definitions which detail practical situations with the hope that the reader can create and adequate security solution. The reader who spends extra time reviewing the questions will find that it will significantly help in their mastering the myriad topics.

The goal of the questions and exercises is to make the knowledge real. Some of the exercises include watching movies with computer security related topics such as The Falcon and the Snowman, Crimson Tide, and others. For example, in The Falcon and the Snowman, the author asks the reader to identify two types of security measure that would have helped prevent theft of the crypto keys. In Crimson Tide, it asks the reader to consider the missile launch procedures portrayed in the film and asks if it is possible for a single person to launch a nuclear missile. Another scenario is that under what circumstances a recipient should accept an unauthenticated message. It also asks the reader to give an example of a circumstance in which accepting an unauthenticated message would yield the wrong result.

The book is not meant as a For Dummies guide to the topic, and it assumes a college-level comprehension of relevant mathematical concepts. Note though that the requisite math is detailed in the sections on encryption and cryptography.

The book is also the first textbook certified by the NSA to comply with the NSTISSI 4011 standard, which is the federal training standard for information security professionals. The author notes on his blog that in order to gain that certification, he had to map each topic required by the standard to the information as it appears in the textbook.

Given the value of the book, (ISC) should consider using this title as a reference for their CISSP certification. With all of the CISSP preparation guides available, even the Official (ISC)2 Guide to the CISSP CBK, one is hard pressed to find a comprehensive all-embracing security reference such as this. Some may even want to simply use this book as their definitive CISSP study guide.

For those looking for a single encyclopedic reference on information security, they should look no further than Elementary Information Security. Richard Smith has written a magnum opus on the topic, which will be of value for years to come.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Elementary Information Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

56 comments

  1. I don't need an elementary security book by Anonymous Coward · · Score: 0

    How about a book for those of us who need a post-graduate book on information security?

    1. Re:I don't need an elementary security book by JoeMerchant · · Score: 1

      How about a book for those of us who need a post-graduate book on information security?

      That's not a book, that's a self-study course.

    2. Re:I don't need an elementary security book by Anonymous Coward · · Score: 0

      amazong....50 comments and not one on target, or even close to the book topic or rewivew....

      who read slashdo now?

    3. Re:I don't need an elementary security book by Anonymous Coward · · Score: 0

      By the time u r post grad, you need to review the fundamentals...so read this book! :)

  2. Well you know what they say: by Anne_Nonymous · · Score: 3, Insightful

    Never judge a book by its title, weight and page length.

  3. Re:Old women by Anonymous Coward · · Score: 0

    that is sick sick sick sicks!!!

    I mean it.

  4. GRRR Amazon :/ by Heebie · · Score: 0

    Amazon has it, and won't ship it to Ireland for some reason. It's not like I never buy stuff from them. :/ It sounds like a good read.

    1. Re:GRRR Amazon :/ by JoeMerchant · · Score: 1

      Amazon has it, and won't ship it to Ireland for some reason.

      Sounds like the US Dept of Commerce's idea, not Amazon's...

    2. Re:GRRR Amazon :/ by Heebie · · Score: 0

      I'm in Ireland trying to get it from Amazon.co.uk. (They don't have a .IE one.. the gobshites) :/ The U.S. Dept of Commerce would have sweet F.A. to do with it.

    3. Re:GRRR Amazon :/ by JoeMerchant · · Score: 1

      I'm in Ireland trying to get it from Amazon.co.uk. (They don't have a .IE one.. the gobshites) :/
      The U.S. Dept of Commerce would have sweet F.A. to do with it.

      Unless they've blocked export of the book, or made it otherwise unattractive to Amazon as a company to export it.

    4. Re:GRRR Amazon :/ by Jeng · · Score: 2

      Amazing, a book review on /. that someone will actually purchase.

      Most of the time these book reviews, even when it's a glowing review, no one is interested in the book.

      btw, since it is NSA certified, that might be part of why you can't get it.

      --
      Don't know something? Look it up. Still don't know? Then ask.
    5. Re:GRRR Amazon :/ by aheath · · Score: 1

      If you Amazon won't ship to you, you can usually find an independent bookseller that will ship to you. I prefer to use my local independent bookstore for new books. However, I will also use Alibris for used books and the occasional new book. Alibris has a copy that is listed as shipping from Hampshire, UK. Kennys.ie has a copy shipping from the UK.

    6. Re:GRRR Amazon :/ by SilverJets · · Score: 1

      Ummm. If the US blocked the export of the book it wouldn't be available on UK Amazon.

    7. Re:GRRR Amazon :/ by JoeMerchant · · Score: 1

      OK OK... let's call it the Home Office restricting flow of *dangerous* information to the radicals in the NorthWest, then?

      Anyway, I was just intimately exposed to the foolishness of the U.S. policies on export of encryption technologies - it's amazing what they come up with... basically a codex of law so thick that it is entirely open to interpretation and mainly serves to suppress trade in the items potentially controlled just because of the morass of paper to plow through.

    8. Re:GRRR Amazon :/ by Heebie · · Score: 0

      I ended up ordering it from bookunlimited.ie. Several other companies didn't have it, or didn't even have online stores, just a brochure site. I thought that was rather strange in this day & age.

    9. Re:GRRR Amazon :/ by Anonymous Coward · · Score: 0

      tons of copies available for about $40 US on amazon used books.
      most will ship intl.

  5. Powerful! by Anonymous Coward · · Score: 0

    Boy, that's a lot of amps in the author's name!

    1. Re:Powerful! by Anonymous Coward · · Score: 0

      i think u mean in the publshers names...html tagging gone bad!

  6. Expensive by b0bby · · Score: 2

    At $125 it is priced like a textbook too. It looks interesting but I won't be dropping that.

    1. Re:Expensive by Anonymous Coward · · Score: 0

      Lots of copies available uses on Amazon for under $40-...go for it!

    2. Re:Expensive by Anonymous Coward · · Score: 0

      Sucks your poor.

    3. Re:Expensive by Anonymous Coward · · Score: 0

      What sucks his poor?

    4. Re:Expensive by Anonymous Coward · · Score: 0

      in soviet russia... oh fuck it

    5. Re:Expensive by mcrbids · · Score: 4, Insightful

      Complaining about the price ($125) for a book like this is penny-wise and pound-foolish, IMHO. Spending a few hundred dollars every so often at the local book store on good, meaty howto books that you take the time to read is one of the best investments you could ever make. It basically doesn't matter how much you know already, knowing more pretty much always pays!

      20 years ago, I got started in the tech industry with a $60 book, "Upgrading and repairing PCs". Although it was somewhat wordy and tended to repeat itself annoyingly, studying that book carefully gave me the tools I needed to start a successful computer repair store. (back when knowing how to dumper the IO address of a controller card was something you needed to do to get it working)

      I've switched around the business several times, and make a very, comfortable living today based primarily on the knowledge I obtained by reading beefy, knowledge-packed "expensive" books like this.

      Knowledge is power, and in today's world, that translates to $$cash$$.

      --
      I have no problem with your religion until you decide it's reason to deprive others of the truth.
    6. Re:Expensive by Anonymous Coward · · Score: 0

      excellent point!

      don't be cheap!

      also, the book is available used, and in good condition on amazon for $39.58

    7. Re:Expensive by Anonymous Coward · · Score: 0

      People with money don't get that way by wasting all their money on overpriced stuff.

    8. Re:Expensive by Anonymous Coward · · Score: 0

      Hey dood there's this cool new thang called the Internet. I heard you can find valuable information to help you learn on there -- and for FREE ! ! !

    9. Re:Expensive by Anonymous Coward · · Score: 0

      Complaining about the price ($125) for a book like this is penny-wise and pound-foolish, IMHO.

      That might be a valid point about a book that is acknowledged to be the best in its field, or a classic. Unfortunately, a string of good reviews, whether astroturfed or sincere, do not guarantee a worthwhile purchase, as anyone knows who's ordered books from Amazon on a regular basis after reading a set of glowing reviews. A reasonable price (such as usually the case with books from publishers such as O'Reilly and Manning) helps make up for the inevitable personal hit rate falling short of 100 percent.

    10. Re:Expensive by b0bby · · Score: 1

      Oh, if I were doing this stuff on a regular basis or was taking a class on it, I would buy it in a heartbeat. But I'm just an interested amateur, so I won't be buying it.
      It's an interesting question, though, whether or not they would make more money at a lower price by expanding their market beyond those who have to have it to those who'd just like to.

  7. Jones & Bartlett L by Anonymous Coward · · Score: 3, Funny

    Are there any other good books by this "Jones & Bartlett Learning" publisher? Maybe one on HTML formatting?

  8. Re:Old women by Anonymous Coward · · Score: 0

    Wait, do you like women who are called grandma, or do you like being called grandma? It's not very clear.

  9. Re:Old women by Jeremiah+Cornelius · · Score: 1

    I guess it depends on when she tops or bottoms.

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  10. htmlentities abused by Anonymous Coward · · Score: 0

    publisher Jones & Bartlett Learning

    seriously?

  11. 10/10 by Anonymous Coward · · Score: 0

    Wellp, another review that I don't need to read.

  12. Why are people ADVERTISING on slashdot? by Anonymous Coward · · Score: 0

    This is my subject. I looked at one of the example chapters. It was rambling, and didn't strike me as efficient teaching. It would be even less use as a reference book. I'd give it 3/10...

    1. Re:Why are people ADVERTISING on slashdot? by Anonymous Coward · · Score: 0

      don't be such a troll!

      why r u an anonymous expoer?

    2. Re:Why are people ADVERTISING on slashdot? by Anonymous Coward · · Score: 0

      u missed the point...this book is for those who are now experts, and need an intro.

  13. Re:Old women by Anonymous Coward · · Score: 0

    what does that have to do with anything...??

    that is why people are not going to slashdot so much anymore, cuz of comments like that.

  14. $91.96 for the Kindle Edition? by Anonymous Coward · · Score: 0

    Seriously??

    Fuck this writing software shit! I'm going to write books about IT and software!
    It's so much more profitable and no user support headaches!

  15. you're saving $30 by Chirs · · Score: 1

    How much do you think it actually costs to print an 800-page book?

    1. Re:you're saving $30 by Anonymous Coward · · Score: 0

      What is this 'print' thing you speak of?

    2. Re:you're saving $30 by Anonymous Coward · · Score: 0

      $12.76, I did the calculations in my head.

  16. Text book for my next class by rotorr00t · · Score: 1

    I'm starting a course next month that is using this book, I was surprised to see it on /., looking forward to it now.

    1. Re:Text book for my next class by Anonymous Coward · · Score: 0

      what is so surprising to see this book on slashdot?

      why did that surprise you?

  17. Re:Jones & Bartlett L by sco08y · · Score: 1

    Are there any other good books by this "Jones & Bartlett Learning" publisher? Maybe one on HTML formatting?

    There apparently aren't any better books on Infosec at all, since this is the "Information security magnum opus", or maybe it's a "tour de force", or whatever cliche the reviewer could dredge up to establish that it is, in fact, a really big book. Which, by the way, is eight hundred pages! Like, that's a hundred pages longer than 700 pages! Amazing!

    But if you aren't sure what this HUGE HUGE book is:

    The book is in fact a textbook meant to introduce the reader to the topic of information security.

    Thank you, Captain Obvious!

  18. Where can i buy the .epub version? by Anonymous Coward · · Score: 0

    .. not buying anything else anymore!

    1. Re:Where can i buy the .epub version? by Anonymous Coward · · Score: 0

      what is /epub mean?

  19. Re:Jones & Bartlett L by Anonymous Coward · · Score: 0

    More to the point, why does the amp bomb stop after 7 recursions?

  20. Re:Jones & Bartlett L by Anonymous Coward · · Score: 0

    Maybe they're the creators of the >Salvation Army USA Widget - Bottom Box (best viewed with Javascript disabled)

  21. Re:Why Buy Accessories With regard to Sunglasses? by Anonymous Coward · · Score: 0

    yo moderator...where is the delete for this???delete, delete,,,,talk about spam!

  22. Re:Old women by Anonymous Coward · · Score: 0

    Can't the moderator do something about these comments?

    Slashdot will slip into irrelevance if these type of silly comments continue.

  23. Why you need a beats headphone ? by Anonymous Coward · · Score: 0

    Why you need a beats headphone ?

    "Monst People aren't hearing all the music" --- Dr.Dre

    buy beats studio earphone from www.studio-earphone.com

    Artists and producers work hard in the studio perfection their sound, But most people can not really hear it with normal earphones. other brands earphones can not handle the bass, yes they not be good in bass sound, and the detail the dynamics, Bottom line, so that the music doesn't move you. Choose beats headphones, let your ears enjoy soothing sounds, If you have beats headphones, you are going to hear as same as the artists hear, and listen to the music they way they should they way i do.