Flylib.com
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138
Authors:
Michael Gregg
,
David Kim
BUY ON AMAZON
Introduction to Assessing Network Vulnerabilities
Introduction to Assessing Network Vulnerabilities
What Security Is and Isnt
Process for Assessing Risk
Four Ways in Which You Can Respond to Risk
Network Vulnerability Assessment
Foundations and Principles of Security
Foundations and Principles of Security
Basic Security Principles
Security Requires Information Classification
The Policy Framework
The Role Authentication, Authorization, and Accountability Play in a Secure Organization
Encryption
Security and the Employee (Social Engineering)
Why Risk Assessment
Why Risk Assessment
Risk Terminology
Laws, Mandates, and Regulations
Risk Assessment Best Practices
Understanding the IT Security Process
The Goals and Objectives of a Risk Assessment
Risk-Assessment Methodologies
Risk-Assessment Methodologies
Risk-Assessment Terminology
Quantitative and Qualitative Risk-Assessment Approaches
Best Practices for Quantitative and Qualitative Risk Assessment
Choosing the Best Risk-Assessment Approach
Common Risk-Assessment Methodologies and Templates
Scoping the Project
Scoping the Project
Defining the Scope of the Assessment
Reviewing Critical Systems and Information
Compiling the Needed Documentation
Making Sure You Are Ready to Begin
Understanding the Attacker
Understanding the Attacker
Who Are the Attackers?
What Do Attackers Do?
Reducing the Risk of an Attack
How to Respond to an Attack
Performing the Assessment
Performing the Assessment
Introducing the Assessment Process
Level I Assessments
Level II Assessments
Level III Assessments
Tools Used for Assessments and Evaluations
Tools Used for Assessments and Evaluations
A Brief History of Security Tools
Putting Together a Toolkit
Determining What Tools to Use
Preparing the Final Report
Preparing the Final Report
Preparing for Analysis
Ranking Your Findings
Building the Final Report
Contents of a Good Report
Determining the Next Step
Audit and Compliance
Post-Assessment Activities
Post-Assessment Activities
IT Security Architecture and Framework
Roles, Responsibilities, and Accountabilities
Security Incident Response Team (SIRT)
Vulnerability Management
Training IT Staff and End Users
Appendix A. Security Assessment Resources
Security Standards
General Security Websites
Security Tool Websites
Appendix B. Security Assessment Forms
Information Request Form
Document Tracking Form
Critical Systems and Information Forms
Level II Assessment Forms
Appendix C. Security Assessment Sample Report
Appendix C. Security Assessment Sample Report
Notice
Executive Summary
Statement of Work
Analysis
Recommendations
Conclusions
Appendix D. Dealing with Consultants and Outside Vendors
Appendix D. Dealing with Consultants and Outside Vendors
Procurement Terminology
Typical RFP Procurement Steps
Procurement Best Practices
Appendix E. SIRT Team Report Format Template
Appendix E. SIRT Team Report Format Template
SIRT Incident Report
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138
Authors:
Michael Gregg
,
David Kim
BUY ON AMAZON
High-Speed Signal Propagation[c] Advanced Black Magic
The Concept of Resonance
Performance Regions
LC Region (Constant-Loss Region)
Useful Fourier Transform-Pairs
The Underlying Simulation Engine
Snort Cookbook
Logging in PCAP Format (TCPDump)
Ignoring Some Alerts
Prioritizing Alerts
Thresholding Alerts
Snort as a Virus Detection Tool
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Building a Complex application Using Boost.Build
Storing Pointers in a vector
Comparing Ranges
Introduction
Working with Polar Coordinates
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Crash Course in the Internet Protocol Suite
Unauthorized Activity II
Cisco Secure IDS
Data Correlation
Laws, Standards, and Organizations
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Overview of Captology
Computers as Persuasive Tools
Computers as Persuasive Media Simulation
Computers as Persuasive Social Actors
Captology Looking Forward
User Interfaces in C#: Windows Forms and Custom Controls
Creating Usable Interfaces
Forms
Modern Controls
Dynamic User Interface
Help and Application-Embedded Support
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies