About the Ronald L. Krutz is a senior information system security consultant. He has over 30 years of experience in distributed computing systems, computer architectures, real-time systems, information assurance methodologies, and information security training. He holds B.S., M.S., and Ph.D. degrees in Electrical and Computer Engineering and is the author of best selling texts in the area of information system security. He co-authored the CISSP Prep Guide for John Wiley and Sons and is co-author of the Wiley Advanced CISSP Prep Guide, the CISSP Prep Guide, Gold Edition, the Security+Certification Guide, the CISM Prep Guide, the CISSP Prep Guide, 2nd Edition: Mastering CISSP and ISSEP, the Network Security Bible, the CISSP and CAP Prep Guide, Platinum Edition: Mastering CISSP and CAP, the Certified Ethical Hacker (CEH) Prep Guide, and the Certified Secure Software Lifecycle Prep Guide. He is also the author of Securing SCADA Systems and of three textbooks in the areas of microcomputer system design, computer interfacing, and computer architecture. Dr. Krutz has seven patents in the area of digital systems and has published over 40 technical papers. Dr. Krutz also serves as consulting Editor for John Wiley and Sons Information Security Certification Series, is a Distinguished Visiting Lecturer in the University of New Haven Henry C. Lee College of Criminal Justice and Forensic Sciences, and is an Adjunct Professor in Midway College, Kentucky. Dr. Krutz is a Registered Professional Engineer in Pennsylvania. ix x About the Authors Russell Dean Vines has been in the information systems industry for over 20 years, and has a unique ability to disseminate complex security issues to a wider audience, from CEOs to home Internet surfers. He is also the author or co-author of 10 previous books, including the CISSP Prep Guide, which reached #25 on Amazon’s best-sellers list. He co-authored the Advanced CISSP Prep Guide, the CISSP Prep Guide, Gold Edition, the Security+Certification Guide, the CISM Prep Guide, the CISSP Prep Guide, 2nd Edition: Mastering CISSP and ISSEP, the CISSP and CAP Prep Guide, Platinum Edition: Mastering CISSP and CAP, and the Certified Ethical Hacker (CEH) Prep Guide. He is also the author of Wireless Security Essentials, and Composing Digital Music for Dummies. In addition to being a Certified Information Systems Security Professional (CISSP), Mr. Vines is a Certified Information Systems Manager (CISM), a Certified Ethical Hacker (CEH), certified in CompTIA’s Security+ program, and is a Payment Card Industry (PCI) Qualified Security Assessor (QSA). Russ also has vendor security certifications from RSA, Websense, McAfee, Citrix, VMware, Microsoft, and Novell, and has been trained in the NSA’s Information Assurance Methodology (IAM). Mr. Vines is a frequent contributor to Web and trade publications; dis- cusses Information Security Threats and Countermeasures as a member of SearchSecurityChannel.com’s Ask the Experts panel, frequently speaks at industry events such as Comdex and Networld+Interop, and teaches CISSP, CEH, and Websense classes.