Inside the Security Mind(c) Making the Tough Decisions

Inside the Security Mind: Making the Tough Decisions

ISBN: 0131118293
EAN: 2147483647

Year: 2006
Pages: 119

Authors: Kevin Day

BUY ON AMAZON

Main Page
Table of content
Copyright
About Prentice Hall Professional Technical Reference
Prologue
In the Beginning
Acknowledgments
To the Artists
To the Peer Reviewers
Special Thanks to:
Chapter 1. Introduction
The Security Mind
Where Do We Start?
Where Does It End?
Chapter 2. A New Look at Information Security
Security as an Art Form
What We Know About Security
Understanding the Fear Factor
How to Successfully Implement and Manage Security
Chapter 3. The Four Virtues of Security
Introduction to the Virtues
The Virtue of Daily Consideration
The Virtue of Community Effort
The Virtue of Higher Focus
The Virtue of Education
Using These Virtues
Chapter 4. The Eight Rules of Security (Components of All Security Decisions)
Introduction to the Rules
Rule of Least Privilege
Rule of Change
Rule of Trust
Rule of the Weakest Link
Rule of Separation
Rule of the Three-Fold Process
Rule of Preventative Action (Proactive Security)
Rule of Immediate and Proper Response
Incorporating the Rules
Chapter 5. Developing a Higher Security Mind
The Art of Higher Security
Thinking in Zones
Creating Chokepoints
Layering Security
Working in Stillness
Understanding Relational Security
Understanding Secretless Security
Dividing Responsibilities
Failing Securely
Chapter 6. Making Security Decisions
Using the Rules to Make a Decision
The Decision-Making Process
Example Decision
Chapter 7. Know Thy Enemy and Know Thyself
Understanding the Modern Hacker
Where Modern Vulnerabilities Exist
Modern Targets
Modern Exploits
Neglecting the Rules: A Hacker s Tale
Creating Your Own Security Profile
Becoming Invisible to Your Enemies
Chapter 8. Practical Security Assessments
The Importance of a Security Audit
Understanding Risks and Threats
The Traditional Security Assessment Model
The Relational Security Assessment Model
Relational Security Assessment Model: Risks
Relational Security Assessment Model: Controls
Relational Security Assessment Model: Tactical Audit PROCESS
Analytical Audit Measures
Additional Audit Considerations
Chapter 9. The Security Staff
Building a Successful Security Team
Bringing in Security Consultants
Outsourcing Security Maintenance
Chapter 10. Modern Considerations
Using Standard Defenses
Open Source vs. Closed Source Security
Wireless Networks
Encryption
Virtual Private Networking
Chapter 11. The Rules in Practice
Practicing the Rules
Perimeter Defenses
Internal Defenses
Physical Defenses
Direct Object Defenses
Outbound Internet Access
Logging and Monitoring
Handling Authentication
Chapter 12. Going Forward
The Future of Information Security
Appendix A. Tips on Keeping Up-to-Date
Resources for Staying Informed About Important Security Issues
Resources for Finding Information on New Vulnerabilities, Threats, and Countermeasures
Appendix B. Ideas for Training
25-Minute Basic Security Awareness Class
30-Minute Internet Security for End-Users Class
Appendix C. Additional Recommended Audit Practices
Recommended DesktopWorkstation Auditing Tasks
Recommended Perimeter Auditing Tasks
Recommended Internal Auditing Tasks
Recommended Physical Auditing Tasks
Recommended Controls for Risk Control Policies
Appendix D. Recommended Reading
Appendix E. The Hidden Statistics of Information Security
Looking Up the Crime Rate
The Hidden Statistics
A Closing Thought on Statistics
Index
Index A
Index C
Index D
Index F
Index L
Index Q
Index R
Index S
Index T