Cargando…
Cybersecurity Operations Handbook : the definitive reference on operational cybersecurity.
Cybersecurity Operations Handbook is the first book for daily operations teams who install, operate and maintain a range of security technologies to protect corporate infrastructure. Written by experts in security operations, this book provides extensive guidance on almost all aspects of daily opera...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Burlington :
Elsevier Science,
2003.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Front Cover; Cybersecurity Operations Handbook; Copyright Page; Contents; List of Figures; List of Tables; Foreword; Preface; Acknowledgments; Disclaimer; Chapter 1. Why Worry about Security? I; 1.1 Threats to personal privacy; 1.2 Fraud and theft; 1.3 Employee sabotage; 1.4 Infrastructure attacks; 1.5 Malicious hackers; 1.6 Malicious code; 1.7 Industrial espionage; 1.8 The 1996 National Information Infrastructure Protection Act; 1.9 President's executive order on critical infrastructure protection; 1.10 The USA Patriot Act of 2001; 1.11 The Homeland Security Act of 2002; 1.12 Chapter summary.
- 1.13 EndnotesChapter 2. Network Security Management Basics; 2.1 Foundations of information assurance; 2.2 Defense-in-depth strategy; 2.3 Overview of RFC 2196 (Site Security Handbook); 2.4 The Common Criteria model; 2.5 Privacy standards and regulations; 2.6 Password management; 2.7 Incident handling; 2.8 Information warfare and information operations; 2.9 Web security overview; 2.10 Chapter summary; 2.11 Endnotes; Chapter 3. Security Foundations; 3.1 Access control; 3.2 Purpose of access control; 3.3 Access control entities; 3.4 Fundamental concepts of access control.
- 3.5 Access control criteria3.6 Access control models; 3.7 Uses of access control; 3.8 Access control administration models; 3.9 Access control mechanisms; 3.10 Physical and environmental security controls; 3.11 Applications development security; 3.12 Standardization of application security features; 3.13 Techniques to enforce application security ; 3.14 Security architecture; 3.15 Security and the law; 3.16 Investigations; 3.17 Ethics; 3.18 Operations security; 3.19 Host-based intrusion detection; 3.20 Network-based detection efforts; 3.21 Chapter summary; 3.22 Endnotes.
- Chapter 4. Firewalls and Perimeters4.1 Firewall environments; 4.2 Perimeter concepts; 4.3 How intruders break; 4.4 What is a firewall?; 4.5 Static packet filtering; 4.6 Edge, or boundary, routers and packet filters; 4.7 Stateful filtering and inspection; 4.8 Proxy servers; 4.9 Circuit gateways; 4.10 Application gateway; 4.11 Chapter summary; 4.12 Endnotes; Chapter 5. VPNs and Remote Access; 5.1 Historical evolution of the VPN; 5.2 VPN basics; 5.3 Why is a VPN needed?; 5.4 VPN security essentials; 5.5 VPN tunneling and protocols; 5.6 Business benefits of VPNs; 5.7 A case study.
- 5.8 Chapter summary5.9 Endnotes; Chapter 6. Intrusion Detection in Depth; 6.1 Basic intrusion detection concepts; 6.2 Types of IDSs; 6.3 IDS detectable attack types; 6.4 Understanding TCP/IP for intrusion detection; 6.5 Tcpdump overview; 6.6 Case study-Kevin Mitnik; 6.7 Chapter summary; 6.8 Endnotes; Chapter 7. Securing Communications; 7.1 Cryptography; 7.2 Cryptographic techniques; 7.3 Cryptographic keys; 7.4 Cryptographic hash functions; 7.5 Digital signatures; 7.6 Secret-key cryptography; 7.7 Public-key cryptography; 7.8 OpenPGP; 7.9 Cryptanalysis and cryptographic attack techniques.