Skip to content
You are not logged in |Login  
     
Limit search to available items
Record:   Prev Next
Resources
More Information
Bestseller
BestsellerE-book

Title Managing information security / edited by John R. Vacca.

Publication Info. Amsterdam ; Waltham, MA : Syngress, 2014.

Item Status

Edition 2nd ed.
Description 1 online resource
text file
Summary Managing Information Security offers focused coverage of how to protect mission critical systems, and how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerability assessment, and more. It offers in-depth coverage of the current technology and practice as it relates to information security management solutions. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. Chapters contributed by leaders in the field covering foundational and practical aspects of information security management, allowing the reader to develop a new level of technical expertise found nowhere else. Comprehensive coverage by leading experts allows the reader to put current technologies to work. Presents methods of analysis and problem solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions.
Contents 1. Information Security Essentials for IT Managers / Albert Caballero -- 1. Information Security Essentials for IT Managers, Overview -- 2. Protecting Mission-Critical Systems -- 3. Information Security from the Ground Up -- 4. Security Monitoring and Effectiveness -- 5. Summary -- Chapter Review Questions/Exercises -- Exercise -- 2. Security Management Systems / James T. Harmening -- 1. Security Management System Standards -- 2. Training Requirements -- 3. Principles of Information Security -- 4. Roles and Responsibilities of Personnel -- 5. Security Policies -- 6. Security Controls -- 7. Network Access -- 8. Risk Assessment -- 9. Incident Response -- 10. Summary -- Chapter Review Questions/Exercises -- Exercise -- 3. Information Technology Security Management / Bhushan Kapoor -- 1. Information Security Management Standards -- 2. Other Organizations Involved in Standards -- 3. Information Technology Security Aspects -- 4. Summary -- Chapter Review Questions/Exercises -- Exercise -- 4. Online Identity and User Management Services / Jean-Marc Seigneur -- 1. Introduction -- 2. Evolution of Identity Management Requirements -- 3. Requirements Fulfilled by Identity Management Technologies -- 4. Identity Management 1.0 -- 5. Social Login and User Management -- 6. Identity 2.0 for Mobile Users -- 7. Summary -- Chapter Review Questions/Exercises -- Exercise -- References -- 5. Intrusion Prevention and Detection Systems / Christopher Day -- 1. What is an `Intrusion' Anyway? -- 2. Physical Theft -- 3. Abuse of Privileges (The Insider Threat) -- 4. Unauthorized Access by Outsider -- 5. Malware Infection -- 6. Role of the `0-Day' -- 7. Rogue's Gallery: Attackers and Motives -- 8. A Brief Introduction to TCP/IP -- 9. TCP/IP Data Architecture and Data Encapsulation -- 10. Survey of Intrusion Detection and Prevention Technologies -- 11. Anti-Malware Software -- 12. Network-Based Intrusion Detection Systems -- 13. Network-Based Intrusion Prevention Systems -- 14. Host-Based Intrusion Prevention Systems -- 15. Security Information Management Systems -- 16. Network Session Analysis -- 17. Digital Forensics -- 18. System Integrity Validation -- 19. Summary -- Chapter Review Questions/Exercises -- Exercise -- References -- 6. Firewalls / Dr. Errin W. Fulp -- 1. Introduction -- 2. Network Firewalls -- 3. Firewall Security Policies -- 4. A Simple Mathematical Model for Policies, Rules, and Packets -- 5. First-Match Firewall Policy Anomalies -- 6. Policy Optimization -- 7. Firewall Types -- 8. Host and Network Firewalls -- 9. Software and Hardware Firewall Implementations -- 10. Choosing the Correct Firewall -- 11. Firewall Placement and Network Topology -- 12. Firewall Installation and Configuration -- 13. Supporting Outgoing Services Through Firewall Configuration -- 14. Secure External Services Provisioning.
15. Network Firewalls for Voice and Video Applications -- 16. Firewalls and Important Administrative Service Protocols -- 17. Internal IP Services Protection -- 18. Firewall Remote Access Configuration -- 19. Load Balancing and Firewall Arrays -- 20. Highly Available Firewalls -- 21. Firewall Management -- 22. Summary -- Chapter Review Questions/Exercises -- Exercise -- 7. Penetration Testing / Sanjay Bavisi -- 1. Introduction -- 2. What is Penetration Testing? -- 3. How Does Penetration Testing Differ from an Actual "Hack?" -- 4. Types of Penetration Testing -- 5. Phases of Penetration Testing -- 6. Defining What's Expected -- 7. Need for a Methodology -- 8. Penetration Testing Methodologies -- 9. Methodology in Action -- 10. Penetration Testing Risks -- 11. Liability Issues -- 12. Legal Consequences -- 13. "Get Out of Jail Free" Card -- 14. Penetration Testing Consultants -- 15. Required Skill Sets -- 16. Accomplishments -- 17. Hiring a Penetration Tester -- 18. Why Should a Company Hire You? -- 19. Summary -- Chapter Review Questions/Exercises -- Exercise -- 8. What is Vulnerability Assessment? / Almantas Kakareka -- 1. Introduction -- 2. Reporting -- 3. "It Won't Happen to Us" Factor -- 4. Why Vulnerability Assessment? -- 5. Penetration Testing Versus Vulnerability Assessment -- 6. Vulnerability Assessment Goal -- 7. Mapping the Network -- 8. Selecting the Right Scanners -- 9. Central Scans Versus Local Scans -- 10. Defense in Depth Strategy -- 11. Vulnerability Assessment Tools -- 12. SARA -- 13. SAINT -- 14. MBSA -- 15. Scanner Performance -- 16. Scan Verification -- 17. Scanning Cornerstones -- 18. Network Scanning Countermeasures -- 19. Vulnerability Disclosure Date -- 20. Proactive Security Versus Reactive Security -- 21. Vulnerability Causes -- 22. Diy Vulnerability Assessment -- 23. Summary -- Chapter Review Questions/Exercises -- Exercise -- 9. Cyber Forensics / Scott R. Ellis -- 1. What is Cyber Forensics? -- 2. Analysis of Data -- 3. Cyber Forensics in the Court System -- 4. Understanding Internet History -- 5. Temporary Restraining Orders and Labor Disputes -- 6. First Principles -- 7. Hacking a Windows XP Password -- 8. Network Analysis -- 9. Cyber Forensics Applied -- 10. Tracking, Inventory, Location of Files, Paperwork, Backups, and so on -- 11. Testifying as an Expert -- 12. Beginning to End in Court -- 13. Summary -- Chapter Review Questions/Exercises -- Exercise -- 10. Cyber Forensics and Incident Response / Cem Gurkok -- 1. Introduction to Cyber Forensics -- 2. Handling Preliminary Investigations -- 3. Controlling an Investigation -- 4. Conducting Disk-Based Analysis -- 5. Investigating Information-Hiding Techniques -- 6. Scrutinizing Email -- 7. Validating Email Header Information -- 8. Tracing Internet Access -- 9. Searching Memory in Real Time -- 10. Summary -- Chapter Review Questions/Exercises -- Exercise -- References -- 11. Network Forensics / Yong Guan -- 1. Scientific Overview -- 2. Principles of Network Forensics -- 3. Attack Traceback and Attribution -- 4. Critical Needs Analysis -- 5. Research Directions -- 6. Summary -- Chapter Review Questions/Exercises -- Exercise.
Local Note eBooks on EBSCOhost EBSCO eBook Subscription Academic Collection - North America
Subject Computer security -- Management.
Computer security -- Management.
Electronic data processing departments -- Security measures.
Electronic data processing departments -- Security measures.
Computer networks -- Security measures.
Computer networks -- Security measures.
Genre/Form Electronic books.
Electronic books.
Added Author Vacca, John R.
Other Form: Print version: 9781299808348
ISBN 1299808344 (electronic book)
9781299808348 (electronic book)
9780124166882
0124166881