Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   

Поиск по указателям

Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure
Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure

Читать книгу

Скачать книгу с нашего сайта нельзя

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Inside Network Security Assessment: Guarding your IT Infrastructure

Авторы: Gregg M., Kim D.


As an IT professional, you need to know how to perform network security assessments. Inside Network Security Assessments: A Brick by Brick Approach to Securing a Network Infrastructure is a collection of utilities and templates that will take you through the assessment process. Written by two highly qualified authors with close ties to the International Information Systems Security Certification Consortium, this book was developed with the goal of being a text for the CISSP continuing education class on Network Security Assessment. You will be provided with step-by-step training on assessing security, from paperwork to penetration testing to ethical hacking. The supporting website will also provide you with access to a variety of tools, checklists, and templates to make your job even easier. You'll save everyone time and money by learning to perform security assessments yourself with the help of Inside Network Security Assessment.

Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2005

Количество страниц: 336

Добавлена в каталог: 20.08.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
Предметный указатель
legal information for scope definition      
Legal issues      
legal issues, criminal breach guidelines for data collection      
legal issues, current risk assessment laws, list of      
legal issues, financial record confidentiality      
legal issues, mandates      
legal issues, medical data      [See HIPPA]
legal issues, privacy laws      
legal issues, regulatory documents      
legal issues, U.S. Code 1029      
letters of understanding (LOUs)      
level I assessments      
level I assessments, account management      2nd
level I assessments, categories of policy control, table of      
level I assessments, COBIT      
level I assessments, common policy problems      2nd 3rd
level I assessments, communication security      
level I assessments, defined      2nd
level I assessments, document review process      [See reviewing documentation]
level I assessments, education training and awareness      2nd
level I assessments, guidelines for      2nd
level I assessments, identification and authentication      2nd
level I assessments, interviewing process      2nd 3rd 4th
level I assessments, ISO 17799      2nd
level I assessments, labeling systems      
level I assessments, maintenance documentation      
level I assessments, malicious code protection category      
level I assessments, management controls      2nd 3rd 4th 5th
level I assessments, media controls      2nd
level I assessments, networking connectivity      
level I assessments, operational controls      2nd 3rd 4th
level I assessments, personal security      
level I assessments, physical security      
level I assessments, RFC 2196      
level I assessments, scoping phase policy review      
level I assessments, security auditing      
level I assessments, session controls      2nd
level I assessments, system assurance      2nd
level I assessments, system demonstrations      2nd 3rd
level I assessments, technical controls      2nd 3rd 4th 5th 6th
level II assessments      
level II assessments, access options and controls form template      2nd
level II assessments, audit controls form template      
level II assessments, caveats      
level II assessments, defined      2nd
level II assessments, form templates for      
level II assessments, importance of      
level II assessments, OSSTMM for      
level II assessments, password controls form template      
level II assessments, vulnerability scans for      2nd
level III assessments      
level III assessments, defined      2nd
level III assessments, disadvantages of      
level III assessments, management, communicating with      
level III assessments, NIST 800-42      
level III assessments, scheduling      
level III assessments, tools required for      
level III assessments, vulnerability exploitation      2nd
level of control, determining      2nd 3rd
liking-based social engineering      
limitation of liability      
limited warranty      
log review policy      
logical diagrams      
LOUs (letters of understanding)      
MAC (mandatory access control)      2nd
maintaining policies      
maintenance, documentation review for      
malformed data attacks      2nd
malicious code protection      
malicious code protection, documentation review for      
malware attacks      
malware, defined      
management controls      
management controls, configuration management      2nd
management controls, contingency planning      2nd
management controls, defined      
management controls, INFOSEC documentation      2nd
management controls, INFOSEC roles and responsibilities      2nd
management controls, table of      
management documentation categories      
Management of Information Security Standard      [See MITS]
management policies      
management policies, defined      
management, scope definition meetings      2nd 3rd 4th
mandate, defined      
Mandatory access control (MAC)      2nd
Matrix, the      
media controls      
media controls, documentation review      2nd
medical privacy      [See HIPPA]
mergers, due diligence for      
META Security Group      
META Security Group, architecture elements      
Metasploit      2nd
methodology, defined      
minimum acceptable level of risk      
minimum acceptable level of risk, defined      
minimum acceptable level of risk, importance of setting      
mission statements      
mission statements, purpose of      
mitigating risk      
mitigating risk, defined      
MITS (Canadian Management of Information Security Standard)      
MITS (Canadian Management of Information Security Standard), defined      
multidisciplinary security      
multidisciplinary security, defined      
National Infrastructure Protection Center      
National Institute of Standards and Technology (NIST)      
National Institute of Standards and Technology (NIST), urls for      2nd 3rd
Nessus      2nd 3rd
NETBIOS names      
NETBIOS names, enumerating      
NetStumbler      2nd
network discovery      
network discovery, defined      
network evaluations      [See network vulnerability assessments] [See level II assessments]
network ingress filtering      
network systems      
network systems, asset nature of      
network vulnerability assessments      
network vulnerability assessments, compliance with law      
network vulnerability assessments, conceptual hierarchy, GASSP      
network vulnerability assessments, defined      
network vulnerability assessments, driving causes of      2nd 3rd
network vulnerability assessments, due diligence reason for      
network vulnerability assessments, goals of      2nd
network vulnerability assessments, inter-departmental cooperation      
network vulnerability assessments, ISO 17799      2nd
network vulnerability assessments, management of      
network vulnerability assessments, network evaluations      [See level II assessments]
network vulnerability assessments, NIST 800-26      2nd
network vulnerability assessments, penetration tests      [See level III assessments]
network vulnerability assessments, policies, role of      2nd 3rd
network vulnerability assessments, policy assessments      [See level I assessments]
network vulnerability assessments, procedures governing      2nd
network vulnerability assessments, purpose of      
network vulnerability assessments, scheduling issues      2nd
network vulnerability assessments, scope of      [See scope]
network vulnerability assessments, security breaches causing      
network vulnerability assessments, summary      2nd
network vulnerability assessments, types of      2nd 3rd
networking connectivity      
networking connectivity, documentation review for      
NIPC (National Infrastructure Protection Center)      
NIST (National Institute of Standards and Technology)      
NIST 800-14      
NIST 800-14, configuration management      
NIST 800-26      
NIST 800-26, operational control definitio      
NIST 800-26, policy categories      2nd
NIST 800-26, risk assessment methology      2nd
NIST 800-26, technical controls      
NIST 800-42      
NIST 800-42, defined      
NIST 800-42, level III assessment guidance      
NIST, documentation categories      
NIST, urls for      2nd 3rd
NOCs (network operations centers)      
NOCs (network operations centers), defined      
NOCs (network operations centers), incident classification      2nd
NOCs (network operations centers), security workflow definitions      2nd 3rd 4th
NOCs (network operations centers), security workflow procedures      2nd 3rd 4th
nonattribution, defined      
notice sections of final reports      
NSA IAM      
NSA IAM, defined      
NSA IAM, documentation categories      
NULL scans      
null sessions      
null sessions, causes of      
null sessions, defined      
OICM (organization information criticality matrix)      
OICMs (Organizational Information Criticality Matrices)      
OICMs (Organizational Information Criticality Matrices), building      2nd 3rd 4th 5th
OICMs (Organizational Information Criticality Matrices), defined      
OICMs, final reports, including in      2nd
one-time passwords      
Open Source Security Testing Methodology Manual      
Open Source Security Testing Methodology Manual, urls for      
Operating systems      
operating systems, asset nature of      
operational controls      
operational controls, defined      
operational controls, education training and awareness      2nd
operational controls, labeling systems      
operational controls, media controls      2nd
operational controls, personal security      
operational controls, physical security      
operational controls, table of      
operational documentation categories      
operational policies      
operational policies, defined      
Ophcrack      2nd
Organization Information Criticality Matrices      [See OICMs]
organization information criticality matrix (OICM)      
OS fingerprinting      
OS fingerprinting, countermeasures for      
OS fingerprinting, tools for      
OS identification      
OS identification, defined      2nd
OS identification, Xprove 2      
OSSTMM risk assessment methology      2nd 3rd
OSSTMM, tests and questions provided      
OTPs      [See one-time passwords]
passive fingerprinting      
passive fingerprinting, defined      
password auditing tools      
password auditing tools, brute force attacks      
password auditing tools, Cain      
password auditing tools, dictionary attacks      
password auditing tools, hybrid attacks      
password auditing tools, John the Ripper      
password auditing tools, LOphtCrack      
password auditing tools, Ophcrack      
password auditing tools, RainbowCrack technique      
password auditing tools, urls for      
password controls form template      
passwords, countermeasures for      2nd
passwords, cracking      
passwords, dictionary attacks      
passwords, guessing      
passwords, one-time passwords      
passwords, overview of      2nd
passwords, sniffing      
passwords, tokens      2nd
patch management      
patch management, automating      
patch management, steps for      2nd
patches      [See software patches]
PCAOB (Public Company Accounting Oversight Board)      
PDD 63      
penetration testing      [See network vulnerability assessments]
penetration tests      [See level III assessments]
penetration tests, defined      
personal security      
personal security, documentation review      
personal security, nondisclosure agreements      
personal security, practices, types of      
PGP (Pretty Good Privacy)      
phishing, attacks using      
phishing, defined      
phreakers, defined      
physical diagrams      
Physical security      
physical security, documentation review      
Ping of Death      2nd
PING, countermeasures for      
PING, reconnaissance for attacks with      2nd
pivoting, defined      
PKI (Public Key Infrastructure)      
policies, advisory documents      
policies, defining objectives of      2nd
policies, deployment overview      2nd
policies, employee awareness development      
policies, employee buy-in      
policies, evaluation of      
policies, goals for      
policies, hierarchical structure for      
policies, implementation overview      
policies, importance of      
policies, informative documents      
policies, INFOSEC documentation      
policies, ISO 17799      
policies, life cycle issues      
policies, maintenance issues      
policies, management category      
policies, network vulnerability assessment role of      2nd 3rd
policies, NIST 800-26      2nd
policies, operational category      
policies, overview of      2nd
policies, regulatory      
policies, responsibility, defining      
policies, scope of, defining      
policies, technical category      
policies, template for, SANS      
policies, types of      2nd
1 2 3 4 5 6 7
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2019
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте