Cover Image
Read Now

Computer and information security handbook

The second edition of this comprehensive handbook of computer and information security serves as a professional reference and practitioner's guide providing the most complete view computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice a...

Full description

Bibliographic Details
Main Author: Vacca, John R.
Format: eBook
Language:English
Published: Amsterdam Morgan Kaufmann Publishers is an imprint of Elsevier [2013], 2013
Edition:2nd ed
Subjects:
Penetration Testing (computer Security) / Fast / (ocolc)fst01789566
Computer Networks / Security Measures
Computers / Security / General / Bisacsh
Computers / Internet / Security / Bisacsh
Computer Networks / Security Measures / Fast / (ocolc)fst00872341
Computers / Networking / Security / Bisacsh
Penetration Testing (computer Security)
Online Access:
Collection: Elsevier ScienceDirect eBooks - Collection details see MPG.ReNa
Table of Contents:
  • Hackers versus Crackers
  • 4.Motives
  • 5.The Crackers' Tools of the Trade
  • 6.Bots
  • 7.Symptoms of Intrusions
  • 8.What Can You Do?
  • 9.Security Policies
  • 10.Risk Analysis
  • 11.Tools of Your Trade
  • 12.Controlling User Access
  • 13.Intrusion Prevention Capabilities
  • 14.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 5.Guarding Against Network Intrusions / Patrick J. Walsh
  • 1.Traditional Reconnaissance and Attacks
  • 2.Malicious Software
  • Protecting Mission-Critical Systems / Albert Caballero
  • 1.Information Security Essentials for IT Managers, Overview
  • 2.Protecting Mission-Critical Systems
  • 3.Information Security from the Ground Up
  • 4.Security Monitoring and Effectiveness
  • 5.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 22.Security Management Systems / James T. Harmening
  • 1.Security Management System Standards
  • 2.Training Requirements
  • 3.Principles of Information Security
  • 5.Fault Tolerance against Crash Failures in Cloud Computing
  • 6.Fault Tolerance against Byzantine Failures in Cloud Computing
  • 7.Fault Tolerance as a Service in Cloud Computing
  • 8.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • Acknowledgments
  • References
  • 8.Securing Web Applications, Services, and Servers / Gerald Beuchelt
  • 1.Setting the Stage
  • 2.Basic Security for HTTP Applications and Services
  • 3.Basic Security for SOAP Services
  • 4.Identity Management and Web Services
  • 5.Authorization Patterns
  • 6.Security Considerations
  • 7.Challenges
  • 8.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 9.Unix and Linux Security / Gerald Beuchelt
  • 1.Unix and Security
  • 2.Basic Unix Security Overview
  • 3.Achieving Unix Security
  • 4.Protecting User Accounts and Strengthening Authentication
  • 5.Limiting Superuser Privileges
  • 6.Securing Local and Network File Systems
  • 7.Network Configuration
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 16.Wireless Sensor Network Security / Thomas M. Chen
  • 1.Introduction to the Wireless Sensor Network (WSN)
  • 2.Threats to Privacy
  • 3.Security Measures for WSN
  • 4.Secure Routing in WSN
  • 5.Routing Classifications in WSN
  • 6.WSN Security Framework and Standards
  • 7.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 17.Cellular Network Security / Kameswari Kotapati
  • 1.Introduction
  • 2.Overview of Cellular Networks
  • 3.The State of the Art of Cellular Network Security
  • 4.Cellular Network Attack Taxonomy
  • 5.Cellular Network Vulnerability Analysis
  • 6.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 18.RFID Security / Hongbing Cheng
  • 1.RFID Introduction
  • 2.RFID Challenges
  • 3.RFID Protections
  • 4.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 19.Optical Network Security / Lauren Collins
  • 1.Optical Networks
  • Includes bibliographical references and index
  • Chapter Review Questions/Exercises
  • Exercise
  • pt. VII Physical Security
  • 54.Physical Security Essentials / William Stallings
  • 1.Overview
  • 2.Physical Security Threats
  • 3.Physical Security Prevention and Mitigation Measures
  • 4.Recovery from Physical Security Breaches
  • 5.Threat Assessment, Planning, and Plan Implementation
  • 6.Example: A Corporate Physical Security Policy
  • 7.Integration of Physical and Logical Security
  • 8.Physical Security Checklist
  • 9.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 55.Disaster Recovery / Lauren Collins
  • 1.Introduction
  • 2.Measuring Risk and Avoiding Disaster
  • 3.The Business Impact Assessment (BIA)
  • 4.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 56.Biometrics / Luther Martin
  • 1.Relevant Standards
  • 2.Biometric System Architecture
  • 3.Using Biometric Systems
  • 4.Security Considerations
  • 5.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • Examining the Cloud Layers
  • 2.Software as a Service (SaaS): Managing Risks in the Cloud
  • 3.Platform as a Service (PaaS): Securing the Platform
  • 4.Infrastructure as a Service (laaS)
  • 5.Leveraging Provider-Specific Security Options
  • 6.Achieving Security in a Private Cloud
  • 7.Meeting Compliance Requirements
  • 8.Preparing for Disaster Recovery
  • 9.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 7.Fault Tolerance and Resilience in Cloud Computing Environments / Vincenzo Piuri
  • 1.Introduction
  • 2.Cloud Computing Fault Model
  • 3.Basic Concepts on Fault Tolerance
  • 4.Different Levels of Fault Tolerance in Cloud Computing
  • Scope and Limitations
  • 11.A Practical Illustration of NIDS
  • 12.Firewalls
  • 13.Dynamic NAT Configuration
  • 14.The Perimeter
  • 15.Access List Details
  • 16.Types of Firewalls
  • 17.Packet Filtering: IP Filtering Routers
  • 18.Application-Layer Firewalls: Proxy Servers
  • 19.Stateful Inspection Firewalls
  • 20.NIDs Complements Firewalls
  • 21.Monitor and Analyze System Activities
  • 22.Signature Analysis
  • 23.Statistical Analysis
  • 24.Signature Algorithms
  • 25.Local Area Network Security Countermeasures Implementation Checklist
  • 26.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 15.Wireless Network Security / Hongbing Cheng
  • 1.Cellular Networks
  • 2.Wireless Ad hoc Networks
  • 3.Security Protocols
  • 4.WEP
  • 5.Secure Routing
  • 6.ARAN
  • 7.SLSP
  • 8.Key Establishment
  • 9.ING
  • 10.Management Countermeasures
  • 11.Summary
  • 3.The Requirements Fulfilled by Identity Management Technologies
  • 4.Identity Management 1.0
  • 5.Social Login and User Management
  • 6.Identity 2.0 for Mobile Users
  • 7.Summary
  • 8.Improving the Security of Linux and Unix Systems
  • 9.Additional Resources
  • 10.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 10.Eliminating the Security Weakness of Linux and Unix Operating Systems / Mario Santana
  • 1.Introduction to Linux and Unix
  • 2.Hardening Linux and Unix
  • 3.Proactive Defense for Linux and Unix
  • 4.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 11.Internet Security / Jesse Walker
  • 1.Internet Protocol Architecture
  • 2.An Internet Threat Model
  • 3.Defending against Attacks on the internet
  • 4.Internet Security Checklist
  • 5.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 12.The Botnet Problem / Xinyuan Wang
  • 1.Introduction
  • 2.Botnet Overview
  • 3.Typical Bot Life Cycle
  • 4.The Botnet Business Model
  • 5.Botnet Defense
  • 6.Botmaster Traceback
  • 7.Preventing Botnets
  • 8.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 13.Intranet Security / Bill Mansoor
  • 5.Survey of Noteworthy Schemes
  • 6.Threats to Verifiable Voting Systems
  • 7.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 70.Advanced Data Encryption / Pramod Pandya
  • 1.Mathematical Concepts Reviewed
  • 2.The RSA Cryptosystem
  • 3.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • Penetration Testing and Vulnerability Assessments
  • 2.Risk Management: Quantitative Risk Measurements
  • 3.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 63.Fundamentals of Cryptography / Scott R. Ellis
  • 1.Assuring Privacy with Encryption
  • 2.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • pt. IX Advanced Security
  • 64.Security Through Diversity / Kevin Noble
  • 1.Ubiquity
  • 2.Example Attacks Against Uniformity
  • 3.Attacking Ubiquity with Antivirus Tools
  • 4.The Threat of Worms
  • 5.Automated Network Defense
  • 6.Diversity and the Browser
  • 7.Sandboxing and Virtualization
  • 8.DNS Example of Diversity Through Security
  • 9.Recovery from Disaster is Survival
  • 10.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 65.Online e-Reputation Management Services / Jean-Marc Seigneur
  • 1.Introduction
  • 2.The Human Notion of Reputation
  • 3.Reputation Applied to the Computing World
  • pt. I Overview of System and Network Security: A Comprehensive Introduction
  • 1.Building a Secure Organization / John Mallery
  • 1.Obstacles to Security
  • 2.Computers are Powerful and Complex
  • 3.Current Trend is to Share, Not Protect
  • 4.Security isn't about Hardware and Software
  • 5.Ten Steps to Building a Secure Organization
  • 6.Preparing for the Building of Security Control Assessments
  • 7.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 2.A Cryptography Primer / Scott R. Ellis
  • 1.What is Cryptography? What is Encryption?
  • 2.Famous Cryptographic Devices
  • 3.Ciphers
  • 4.Modern Cryptography
  • 5.The Computer Age
  • 6.How AES Works
  • 7.Selecting Cryptography: the Process
  • 8.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 3.Detecting System Intrusions / Almantas Kakareka
  • 1.Introduction
  • 2.Monitoring Key Files in the System
  • 3.Security Objectives
  • 4.Oday Attacks
  • 5.Good Known State
  • 6.Rootkits
  • Myth or Reality?
  • 4.Cyber Warfare: Making CW Possible
  • 5.Legal Aspects of CW
  • 6.Holistic View of Cyber Warfare
  • 7.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • pt. VIII Practical Security
  • 59.System Security / Lauren Collins
  • 1.Foundations of Security
  • 2.Basic Countermeasures
  • 3.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 60.Securing the Infrastructure / Lauren Collins
  • 1.Communication Security Goals
  • 2.Attacks and Countermeasures
  • 3.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 61.Access Controls / Lauren Collins
  • 1.Infrastructure Weaknesses: DAC, MAC, and RBAC
  • 2.Strengthening the Infrastructure: Authentication Systems
  • 3.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 62.Assessments and Audits / Lauren Collins
  • NAC and Access Control
  • 4.Measuring Risk: Audits
  • 5.Guardian at the Gate: Authentication and Encryption
  • 6.Wireless Network Security
  • 7.Shielding the Wire: Network Protection
  • 8.Weakest Link in Security: User Training
  • 9.Documenting the Network: Change Management
  • 10.Rehearse the Inevitable: Disaster Recovery
  • 11.Controlling Hazards: Physical and Environmental Protection
  • 12.Know Your Users: Personnel Security
  • 13.Protecting Data Flow: Information and System Integrity
  • 14.Security Assessments
  • 15.Risk Assessments
  • 16.Intranet Security Implementation Process Checklist
  • 17.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 14.Local Area Network Security / Dr. Pramod Pandya
  • 1.Identify Network Threats
  • 2.Establish Network Access Controls
  • 3.Risk Assessment
  • 4.Listing Network Resources
  • 5.Threats
  • 6.Security Policies
  • 4.Roles and Responsibilities of Personnel
  • 5.Security Policies
  • 6.Security Controls
  • 7.Network Access
  • 8.Risk Assessment
  • 9.Incident Response
  • 10.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 23.Policy-driven System Management / Stefano Paraboschi
  • 1.Introduction
  • 2.Security and Policy-based Management
  • 3.Classification and Languages
  • 4.Controls for Enforcing Security Policies in Distributed Systems
  • 5.Products and Technologies
  • 6.Research Projects
  • 7.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • Acknowledgments
  • References
  • 24.Information Technology Security Management / Bhushan Kapoor
  • 1.Information Security Management Standards
  • 2.Other Organizations Involved in Standards
  • 3.Information Technology Security Aspects
  • 4.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 25.Online Identity and User Management Services / Jean-Marc Seigneur
  • 1.Introduction
  • 2.Evolution of Identity Management Requirements
  • 4.State of the Art of Attack-Resistant Reputation Computation
  • 5.Overview of Current Online Reputation Service
  • 6.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • Bibliography
  • 66.Content Filtering (online chapter) / Pete Nicoletti
  • 67.Data Loss Protection / Ken Perkins
  • 1.Precursors of DLP
  • 2.What is DLP?
  • 3.Where to Begin?
  • 4.Data is Like Water
  • 5.You Don't Know What You Don't Know
  • 6.How Do DLP Applications Work?
  • 7.Eat Your Vegetables
  • 8.IT's a Family Affair, Not Just IT Security's Problem
  • 9.Vendors, Vendors Everywhere! Who do you Believe?
  • 10.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • 68.Satellite Cyber Attack Search and Destroy / Jeffrey Bardin
  • 1.Hacks, Interference, and Jamming
  • 2.Summary
  • Chapter Review Questions/Exercises
  • Exercise
  • References
  • 69.Verifiable Voting Systems / Zhe Xia
  • 1.Introduction
  • 2.Security Requirements
  • 3.Verifiable Voting Schemes
  • 4.Building Blocks

Similar Items