Cargando…
Security automation essentials : streamlined enterprise security management & monitoring with SCAP /
Annotation
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
New York :
McGraw-Hill,
[2012]
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 a 4500 | ||
|---|---|---|---|
| 001 | OR_ocn811552094 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||||||| | ||
| 008 | 120930s2012 nyua o 001 0 eng | ||
| 040 | |a SINTU |b eng |e pn |c SINTU |d B24X7 |d S4S |d CDX |d OCLCO |d UMI |d OCLCQ |d COO |d DEBSZ |d OCLCO |d IDEBK |d OCLCQ |d OCLCO |d OCLCF |d OCLCO |d OCLCQ |d OCLCA |d EBLCP |d COCUF |d OCLCQ |d D6H |d LIV |d TOH |d RDF |d OCLCQ |d VT2 |d OCLCQ |d HS0 |d YDX |d OCLCQ |d OCLCO |d CZL |d OCLCO |d OCLCQ | ||
| 019 | |a 812416848 |a 817105279 |a 817741626 |a 1129356106 |a 1152977121 |a 1164976690 |a 1192340265 |a 1262688625 | ||
| 020 | |a 9780071772518 | ||
| 020 | |a 0071772510 | ||
| 020 | |a 1280998636 | ||
| 020 | |a 9781280998638 | ||
| 020 | |a 9786613770240 | ||
| 020 | |a 6613770248 | ||
| 020 | |a 0071772529 | ||
| 020 | |a 9780071772525 | ||
| 029 | 1 | |a AU@ |b 000050240089 | |
| 029 | 1 | |a AU@ |b 000053283001 | |
| 029 | 1 | |a AU@ |b 000065313116 | |
| 029 | 1 | |a DEBSZ |b 378275143 | |
| 035 | |a (OCoLC)811552094 |z (OCoLC)812416848 |z (OCoLC)817105279 |z (OCoLC)817741626 |z (OCoLC)1129356106 |z (OCoLC)1152977121 |z (OCoLC)1164976690 |z (OCoLC)1192340265 |z (OCoLC)1262688625 | ||
| 037 | |a 0071772510 |b 00020047 | ||
| 050 | 4 | |a QA76.9.A25 |b W595 2012 | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Witte, Greg. | |
| 245 | 1 | 0 | |a Security automation essentials : |b streamlined enterprise security management & monitoring with SCAP / |c Greg Witte, Melanie Cook, Matt Kerr, Shane Shaffer. |
| 264 | 1 | |a New York : |b McGraw-Hill, |c [2012] | |
| 300 | |a 1 online resource (xviii, 269 pages) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 500 | |a Includes index. | ||
| 520 | 8 | |a Annotation |b This guide provides IT security managers in both government agencies and private organisations with full details on the capabilities of security content automation protocol (SNAP) technologies. SCAP reduces dozens of individual security-related tasks to simple, streamlined, and automated tasks that produce standardised results. | |
| 546 | |a English. | ||
| 505 | 0 | |a Intro -- Security Automation Essentials -- About the Authors -- About the Technical Editor -- Contents at a Glance -- Contents -- Foreword -- Acknowledgments -- Introduction -- Why This Book? -- Who Should Read This Book -- What This Book Covers -- How to Use This Book -- How Is This Book Organized? -- Part I: Security Automation Essentials -- Chapter 1: The Security Management Problem -- Security Management Challenges -- The Number and Variety of Systems and Software to Secure -- The Need for Continuous Security Management -- The Need for a Comprehensive Picture of Enterprise Security -- The Need for Standardization in Security -- Security Requirements from Regulations and Other Sources -- The Security Automation Solution -- Security Automation Basics -- Knowledge About Individual Security Elements -- Using Checklists to Achieve Compliance -- The Evolution of Security Automation Technologies and Standards -- Enumeration Standards -- Language Standards -- Risk Measurement Standards -- Chapter 2: What Is SCAP? -- The History of SCAP -- The Parts of SCAP -- Component Specifications -- How the SCAP Component Specifications Fit Together -- The SCAP Protocol -- SCAP Content -- The Value of SCAP -- Inventorying Installed Software -- Identifying Security Issues -- Monitoring the Security State -- Security Measures and Metrics -- Quantifying Risk -- Fostering Common Terminology -- Part II: Using SCAP -- Chapter 3: SCAP Checklist and Check Languages -- Extensible Checklist Configuration Description Format -- Data Model and Syntax -- Benchmark -- Items -- Profile -- TestResult -- Open Vulnerability and Assessment Language -- Data Model -- Generator -- Definition -- Test -- Object -- State -- Variables -- OVAL Results -- Open Checklist Interactive Language -- OCIL Data Model -- Questions -- Question_Test_Action Elements -- Questionnaires. | |
| 505 | 8 | |a Putting It All Together -- Chapter 4: Asset Management -- Asset Identification -- Literal and Synthetic Identifiers -- Correlation -- AI Elements -- Helper Elements -- Asset Reporting Format -- Relationship Terms -- ARF Example -- Assessment Summary Results -- System-Ident Model -- Chapter 5: Enumerations -- Automation Enumerations and Their Purposes -- Enumerations Included in SCAP -- Common Configuration Enumeration -- CCE History -- The Purpose of CCE -- CCE Entries -- CCE Submission Process -- CC E and the National Vulnerability Database -- Common Platform Enumeration -- The New CPE 2.3 Stack -- Common Vulnerability and Exposures -- The Birth of CVE -- CVE Editorial Board -- CVE Identifiers -- Common Vulnerability Scoring System -- Other Related Enumerations and Expressions -- Common Weakness Enumeration -- Common Attack Pattern Enumeration and Classification -- Common Malware Enumeration -- Common Event Expression -- Distributed Audit Service -- Common Remediation Enumeration -- Chapter 6: SCAP Vulnerability Measurement -- Common Vulnerability Scoring System -- CVSS History -- CVSS Use Cases -- Vulnerability Characteristics -- CVSS Scoring -- Base Scoring -- Temporal Scores -- Environmental Scores -- Base, Temporal, Environmental Vectors -- CVSS Equations -- Your Mileage May Vary -- Common Vulnerability Reporting Framework (CVRF) -- Common Misuse Scoring System (CMSS) -- Common Configuration Scoring System -- Vulnerability Management in the Enterprise -- Part III: Putting It All Together -- Chapter 7: Building Automated Security Content -- Working with Files -- XML Editors -- Content Maintenance Tools -- Enhanced SCAP Editor (eSCAPe) -- The eSCAPe Wizards -- Opening and Navigating an SCAP Data Stream -- Example: Finding Malware with SCAP -- Example: Creating Content to Check for Malicious File -- Using the Regex Validator Tool. | |
| 505 | 8 | |a Using the Merge OVAL Documents Tool -- Some Useful Tips for Creating Content -- Explain Yourself -- Make Sure It Works -- Version Your Artifacts -- Reuse of Artifacts -- Content Correctness -- Least Version Principle -- Design for People -- Follow the Rules of the Road -- Minimize Extension Depth -- Granularity -- Customization -- Performance -- Regular Expressions -- Chapter 8: Putting Security Automation to Work in the Enterprise -- How Organizations Are Using Security Automation -- Automated Hardware and Software Inventory -- Security Configuration Management (SCM) -- OpenSCAP Security Automation Software in Linux Distributions -- Use of Security Automation to Track Management and Operational Security -- Security Automation to Discover Malicious Software -- Continuous Monitoring by Integrating Security Systems -- Device Health Monitoring -- Building a Healthy and Resilient Cyber Ecosystem -- Chapter 9: Conclusion -- The Road Ahead -- Appendix: XCCDF, OVAL, OCIL, and Supporting Enumerations Usage -- Index. | |
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer networks |x Security measures |x Standards. | |
| 650 | 0 | |a Computer security |x Management. | |
| 650 | 0 | |a SCAP (Computer network protocol) | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures |x Normes. | |
| 650 | 6 | |a Sécurité informatique |x Gestion. | |
| 650 | 6 | |a SCAP (Protocole de réseaux d'ordinateurs) | |
| 650 | 7 | |a Computer networks |x Security measures |x Standards. |2 fast |0 (OCoLC)fst00872345 | |
| 650 | 7 | |a Computer security |x Management. |2 fast |0 (OCoLC)fst00872493 | |
| 650 | 7 | |a SCAP (Computer network protocol) |2 fast |0 (OCoLC)fst01895302 | |
| 776 | 0 | 8 | |i Print version: |t Security automation essentials : streamlined enterprise security management & monitoring with SCAP. |d New York : McGraw-Hill, ©2012 |z 9780071772518 |z 0071772510 |w (DLC) 2012021956 |w (OCoLC)768172591 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780071772518/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Books 24x7 |b B247 |n bks00047620 | ||
| 938 | |a Coutts Information Services |b COUT |n 22976639 |c 60.00 USD | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL4960621 | ||
| 938 | |a ProQuest MyiLibrary Digital eBook Collection |b IDEB |n 377024 | ||
| 938 | |a YBP Library Services |b YANK |n 16840663 | ||
| 994 | |a 92 |b IZTAP | ||