UID:
almahu_9948026404602882
Umfang:
1 online resource (877 p.)
Ausgabe:
1st edition
ISBN:
1-282-16870-3
,
9786612168703
,
0-08-092194-9
Serie:
Morgan Kaufmann series in computer security
Inhalt:
Presents information on how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to physical and network threats. Also imparts the skills and knowledge needed to identify and counter some fundamental security risks and requirements, including Internet security threats and measures (audit trails IP sniffing/spoofing etc.) and how to implement security policies and procedures. In addition, this book covers security and network design with respect to particular vulnerabilities and threats. It also covers risk assessme
Anmerkung:
Description based upon print version of record.
,
Front Cover; Computer and Information Security Handbook; Copyright Page; Contents; Foreword; Preface; Acknowledgments; About the Editor; Contributors; I. Overview of System and Network Security: A Comprehensive Introduction; 1. Building a Secure Organization; 1. Obstacles to security; Security Is Inconvenient; Computers Are Powerful and Complex; Computer Users Are Unsophisticated; Computers Created Without a Thought to Security; Current Trend Is to Share, Not Protect; Data Accessible from Anywhere; Security Isn't About Hardware and Software; The Bad Guys Are Very Sophisticated
,
Management Sees Security as a Drain on the Bottom Line2. Ten steps to building a secure organization; A. Evaluate the Risks and Threats; Threats Based on the Infrastructure Model; Threats Based on the Business Itself; Threats Based on Industry; Global Threats; B. Beware of Common Misconceptions; C. Provide Security Training for IT Staff-Now and Forever; D. Think "Outside the Box"; E. Train Employees: Develop a Culture of Security; F. Identify and Utilize Built-In Security Features of the Operating System and Applications; G. Monitor Systems; H. Hire a Third Party to Audit Security
,
I. Don't Forget the BasicsChange Default Account Passwords; Use Robust Passwords; Close Unnecessary Ports; J. Patch, Patch, Patch; Use Administrator Accounts for Administrative Tasks; Restrict Physical Access; Don't Forget Paper!; 2. A Cryptography Primer; 1. What is cryptography? what is encryption?; How Is Cryptography Done?; 2. Famous cryptographic devices; The Lorenz Cipher; Enigma; 3. Ciphers; The Substitution Cipher; The Shift Cipher; The Polyalphabetic Cipher; The Kasiski/Kerckhoff Method; 4. Modern cryptography; The Vernam Cipher (Stream Cipher); The One-Time Pad; Cracking Ciphers
,
The XOR Cipher and Logical OperandsBlock Ciphers; 5. The computer age; Data Encryption Standard; Theory of Operation; Implementation; Rivest, Shamir, and Adleman (RSA); Advanced Encryption Standard (AES or Rijndael); 3. Preventing System Intrusions; 1. So, what is an intrusion?; 2. Sobering numbers; 3. Know your enemy: hackers versus crackers; 4. Motives; 5. Tools of the trade; 6. Bots; 7. Symptoms of intrusions; 8. What can you do?; Know Today's Network Needs; Network Security Best Practices; 9. Security policies; 10. Risk analysis; Vulnerability Testing; Audits; Recovery
,
11. Tools of your tradeFirewalls; Intrusion Prevention Systems; Application Firewalls; Access Control Systems; Unified Threat Management; 12. Controlling user access; Authentication, Authorization, and Accounting; What the User Knows; What the User Has; Tokens; The User Is Authenticated, But Is She Authorized?; Accounting; Keeping Current; 13. Conclusion; 4. Guarding Against Network Intrusions; 1. Traditional reconnaissance and attacks; 2. Malicious software; Lures and "Pull" Attacks; 3. Defense in depth; 4. Preventive measures; Access Control; Vulnerability Testing and Patching
,
Closing Ports
,
English
Weitere Ausg.:
ISBN 0-12-374354-0
Sprache:
Englisch
