Flylib.com
Critical Incident Management
Critical Incident Management
ISBN: 084930010X
EAN: 2147483647
Year: 2004
Pages: 144
Authors:
Alan B. Sterneckert
BUY ON AMAZON
Table of Contents
BackCover
Critical Incident Management
Preface
Chapter 1: Risk Management
Critical Incidents: Damaging Critical Assets
Risk Definitions: No Dictionaries, Please
Yes, Sir. I m Motivated Fear, Uncertainty, and Doubt
PDD 63 (President s Decision Directive)
The Law Is the Law
CIA: Not the Central Intelligence Agency
Down to Risk-Business
GOOOAAALLL
Plan to Plan
Risk Assessments
A Little Organization, Please
Best Practices in Risk Assessments
The Facts and Only the Facts
Ask Good Questions of Good People and You Will Get Good Answers
And Now a Word about Asset Criticality
Mathematics Can Be Simple, even for the Mathematically Challenged
Are You Threatening Me?
Protection Strategies
Disaster Recovery Plans: Murphy s Law
Who s in Charge Here, Anyway?
Risk Assessment Reports
Suggestions
Chapter 2: Policies and Procedures
Et Tu, Policy
Trust Models: Trust Me, I m a Good Person
The Policy of Policy Development
Policy Writing Techniques
Policy Distributions
Enhancements to Written Policies
E-Mail Policy: Avoiding Hidden Risks
Information Tsunami
To Keep or Not to Keep, that Is the Question
What s in that Cute Little E-Mail Mailbox?
Employees Must Think before Clicking the Send Button: Is There an Undelete Button?
Employee Privacy Expectations and Legal Rights
Connecting to the Internet: Policies and Procedures of Survivability
Systems Development Lifecycle (SDLC)
Physical and Environmental Safety
Network Management Policies
Forensics Policy: Looking for Evidence
Wireless Network Security
Network Vulnerability Assessment Policies: Why Am I Hearing about My Network Leaking Sensitive Information on the News?
Vendor Policies and Procedures
Policies and Procedures Involving Outsourcing: What Is Yours and What Is Mine?
Employee Privacy Policy
Internet Firewall Policy
Intrusion Detection Policies
Web Server Security Policies and Procedures
Web Server Policies and Procedures
Information Systems Support Policies
Securing Systems
The Auditors Are Coming. The Auditors Are Coming.
Information Technology Human Resources Management Policies: Yes, Virginia, IT Employees Really Are Different
Employee Training
Conclusion
Chapter 3: Auditing
Auditors: Who Are They?
Controls
Subsystem Interaction and Reliability
Evidence Collection: Evidence Is not just Evidence
Audit Management Planning
Audit Conferences: More (but Important) Meetings You Need to Attend
Vulnerability Self-Assessments
Specialized Auditing Matters
Network Vulnerability Assessments: The Practical Examination of Your System
Web Application Vulnerability Assessments
Auditing Remote System Administration
Firewall Auditing: First We Build an Impregnable Barrier, then We Punch Holes in It
Auditing Wireless Networks: Who Is Listening to My Network Traffic?
Auditing Security Measures Preventing Automated Attacks
Auditing E-Commerce Web Sites
Chapter 4: Critical Incident Response and CIRT Development
Critical Incident Detection: How to Know What Is Serious and What Is Not
Collecting Evidence
Performing Forensic Duplication: When a Clone Really Is a Clone
Forensic Investigation: Not Exactly a Needle in a Haystack
Responding to Windows NT Incidents
Examining the Evidence: Taking a Look when You Have Time
UNIX-Based Investigations
Types of Malicious Code Attacks: Even Kevlar Will not Stop all Attacks
Forming a Critical Incident Response Team
CIRT Composition: What Kind of Skills and Talent Do I Need for a CIRT?
Chapter 5: Legal Matters
Investigators Goals
Common Types of Unlawful Acts
Copyrights, Trademarks, Service Marks, Patents, and Trade Secrets Comprising Intellectual Property
Fraud in the Workplace
Evidence, Its Collection, Preservation, Analysis, and Introduction at Trial
The Cost of Computer Crime
Criminal Law
Civil Suits
Chapter 6: Privacy
Privacy Protection
Employee Privacy: Is Monitoring the Same as Spying?
Industry-Specific Privacy Issues
Appendix A:
Well-Known Port Numbers
References
Appendix B: Site Security Handbook RFC 2196 1
Abstract
1. Introduction
2. Security Policies
3. Architecture
4. Security Services and Procedures
5. Security Incident Handling
6. Ongoing Activities
7. Tools and Locations
8. Mailing Lists and Other Resources
9. References
Appendix C:
Vulnerability Lists
Bulletins and Listservs
Index
Index_B
Index_C
Index_D
Index_E
Index_F
Index_G
Index_H
Index_I
Index_J
Index_K
Index_L
Index_M
Index_N
Index_O
Index_P
Index_Q
Index_R
Index_S
Index_T
Index_U
Index_V
Index_W
Index_Y
Index_Z
List of Exhibits
Critical Incident Management
ISBN: 084930010X
EAN: 2147483647
Year: 2004
Pages: 144
Authors:
Alan B. Sterneckert
BUY ON AMAZON
Java I/O
Flushing Output Streams
Input Streams
Skipping Bytes
Object Streams
File Dialogs
Interprocess Communications in Linux: The Nooks and Crannies
Semaphore Operations
Out of Band Messages
A.3. Standard Linux System Calls
D.1. Introduction
D.3. Generating Profile Data
Beginning Cryptography with Java
Symmetric Key Cryptography
Asymmetric Key Cryptography
Object Description in Cryptography Using ASN.1
Key and Certificate Management Using Keystores
Appendix A Solutions to Exercises
Adobe After Effects 7.0 Studio Techniques
Selections: The Key to Compositing
Understanding Rendering Order
Conclusion
Conclusion
Floating Point
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
Working Within the Visio Environment
Working with Groups
Creating Project Schedules
Customizing the Layout of Organization Charts
Storing Information with Network Shapes
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
Windows Programming
Windows Controls
ASP.NET Web Applications
Security and Cryptography
Useful COM Interop
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies