Managing A Network Vulnerability Assessment.

Managing A Network Vulnerability Assessment. By Thomas R. Peltier, Justin Peltier, and John A. Blackley; published by Auerbach Publications, 800/272-7737 (phone), www.crcpress.com (Web); 312 pages; $59.95.

 Multitasking. This oft-used term applies to the security management profession as much as it does to any other field. Today's security professionals are charged with supervising multiple tasks and duties for their employers, some of which fall outside of the traditional duties normally associated with security.

With the evolution of IT technology, security managers are faced with the ever-evolving, intimidating responsibility to protect the organization's computer and network infrastructure. That's the impetus behind this book.

The three authors apply techniques and concepts often used in physical security assessments to computers and networks. Readers will find detailed definitions, thorough explanations, step-by-step procedures, and sample reports to guide them through a network vulnerability assessment (NVA). In addition, the authors offer two methods to conduct an NVA--one top-down, the other bottom-up. The dual approach benefits the reader by providing a better understanding of the process as a whole.

Another attribute of the book is the writing style. It is clear and easy to read, conveying the authors' outstanding grasp of the material. Despite the extremely detailed content, the presentation is not too technical or confusing. Numerous graphs, sample reports, and computer illustrations effectively support the text.

The authors acknowledge that the material in the text may not identify or protect against all attacks. That sort of statement almost goes without saying in the rapidly changing world of computers, but the candor is refreshing.

Of the many readers who would benefit from this work, security managers responsible for computer protection will learn how to conduct an NVA. IT professionals will benefit from the exposure to detailed security concepts and procedures. Finally, college instructors and students will find that the work serves as an excellent educational resource.

Reviewer: Joseph J. Jaksa, M.A., CPP, is vice president of business development at Teachout Security Services in Flint, Michigan. He is a doctoral student at Oakland University and serves as vice president of the Criminal Justice Alumni Board of Directors at Michigan State University. He is a member of ASIS International.