Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   

Поиск по указателям

Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure
Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure

Читать книгу

Скачать книгу с нашего сайта нельзя

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Inside Network Security Assessment: Guarding your IT Infrastructure

Авторы: Gregg M., Kim D.


As an IT professional, you need to know how to perform network security assessments. Inside Network Security Assessments: A Brick by Brick Approach to Securing a Network Infrastructure is a collection of utilities and templates that will take you through the assessment process. Written by two highly qualified authors with close ties to the International Information Systems Security Certification Consortium, this book was developed with the goal of being a text for the CISSP continuing education class on Network Security Assessment. You will be provided with step-by-step training on assessing security, from paperwork to penetration testing to ethical hacking. The supporting website will also provide you with access to a variety of tools, checklists, and templates to make your job even easier. You'll save everyone time and money by learning to perform security assessments yourself with the help of Inside Network Security Assessment.

Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2005

Количество страниц: 336

Добавлена в каталог: 20.08.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
Предметный указатель
policy assessments      [See level I assessments]
policy control      
policy control categories, table of      
policy control, categories and classes, table of      
policy control, defined      
policy control, purpose of      
policy control, ratings system for      
policy control, risk score calculation, in      
policy document categories      2nd
policy, risk assessment      
policy, risk assessment as design basis      
port knocking      2nd
port scanning      
port scanning, attacker use of      
port scanning, countermeasures for      
port scanning, defined      
port scanning, hacker use of      
port scanning, inverse SYN cookies      2nd
port scanning, Nmap      
port scanning, Scanrand      
port scanning, stateless scanning      
port scanning, SuperScan      
port scanning, TCP handshakes      
port scanning, TCP scan techniques      
port scanning, THC-Amap      
port scanning, urls for tools      
ports, defined      
post assessment activities      
post assessment activities, defined      
post assessment recommendation      2nd
post-assessment activities      
post-assessment activities, assigning responsibilities      [See responsibility assignments]
post-assessment activities, documentation      [See IT security architecture and framework]
post-assessment activities, legal compliance, importance of      
post-assessment activities, managing vulnerabilities      [See vulnerability management]
post-assessment activities, overview of      2nd
post-assessment activities, response procedures      2nd
post-assessment activities, response teams      [See SIRT]
post-assessment activities, staff      [See training staff]
post-assessment activities, summary of      2nd
Pretty Good Privacy (PGP)      
prevention element of security as a process      
privacy, GLBA requirements      
privacy, legal issues      
privacy, medical confidentiality      2nd
Private information      
private information, defined      
privilege escalation      [See also escalation stage of attacks]
privilege escalation, defined      
privilege escalation, disgruntled employee threat      
probability scales      2nd 3rd
procedures governing vulnerability assessments      2nd
procedures, defined      
procurement, announcing bids      
procurement, award announcements      
procurement, best practices      2nd 3rd 4th
procurement, bid document creation      
procurement, bidders conferences      
procurement, consultants v. vendors      
procurement, contract completion      
procurement, due dates for RFPs      
procurement, evaluation completion      
procurement, evaluation methodology for RFPs      
procurement, evaluation teams, RFP      
procurement, fixed fee contracts      
procurement, format development for RFPs      
procurement, format specification      
procurement, instruction creation      
procurement, invitations to bid      
procurement, letters of understanding      
procurement, mandatory minimum requirements reviews      
procurement, objectivity      
procurement, performance guarantees      
procurement, personality issues      
procurement, product tie-in issues      
procurement, project teams, RFP      
procurement, protest periods      
procurement, rates negotiations      
procurement, references      
procurement, requests for information      
procurement, requests for proposals      2nd 3rd 4th 5th 6th 7th
procurement, requests for quotations      
procurement, requirements creation, RFP      
procurement, resources required by consultants      
procurement, resumes of individuals      
procurement, selection criteria creation      
procurement, statements of work      2nd
procurement, steps in      2nd 3rd 4th 5th 6th
procurement, terminology      2nd 3rd
productivity losses      
program crackers      
program crackers, defined      
Project management      
project management, scope definition      2nd
proportionality, defined      
Public Company Accounting Oversight Board (PCAOB)      
public information      
public information, defined      
Public key encryption      
publicly traded corporations security law      [See Sarbanes-Oxley Act]
qualitative analysis      
qualitative analysis, defined      2nd
qualitative assessments      
qualitative assessments, defined      
qualitative risk assessment approaches      
qualitative risk assessment approaches, advantages of      
qualitative risk assessment approaches, best practices      2nd
qualitative risk assessment approaches, data classification standards for      
qualitative risk assessment approaches, defined      
qualitative risk assessment approaches, purpose of      
qualitative risk assessment approaches, sample scenario      2nd
qualitative risk assessment approaches, team membership      
qualitative type assesments      
qualitative valuations      
qualitative valuations, assigned      
quantitative risk assessment approaches      
quantitative risk assessment approaches, advantages of      
quantitative risk assessment approaches, ALE calculation step      2nd
quantitative risk assessment approaches, Annualized Loss Expectancy      
quantitative risk assessment approaches, Annualized Rate of Occurrence (ARO)      
quantitative risk assessment approaches, ARO calculation step      
quantitative risk assessment approaches, asset identification      
quantitative risk assessment approaches, assets value determination      
quantitative risk assessment approaches, best practices      2nd
quantitative risk assessment approaches, data needed for      
quantitative risk assessment approaches, defined      
quantitative risk assessment approaches, exposure factor scaling      
quantitative risk assessment approaches, exposure factor valuation      
quantitative risk assessment approaches, Single Loss Expectancy      
quantitative risk assessment approaches, single loss expectancy calculation      2nd 3rd
quantitative risk assessment approaches, steps in      
quantitative risk assessment approaches, threat likelihood      
quantitative valuations      
quantitative valuations, assigned      
RAID (redundant array of inexpensive disks)      
RAID (redundant array of inexpensive disks), defined      
Rainbow Series      
Rainbow series, DoD      
Rainbow series, DoD, urls for      
Rainbow Series, system assurance aspect of      
RainbowCrack technique      
rate limiting network traffic      
raw risk      
raw risk, calculating      2nd
raw risk, components of      
raw risk, defined      
raw risk, impact rating      2nd
raw risk, presentation of      
raw risk, probability scales      
raw risk, rankings matrices      
raw risk, risk score calculation, in      
raw risk, subjectivity of      
raw risk, total risk score      
RBAC (role-based access control)      2nd
reciprocation-based social engineering      
recommendations sections      
reconnaissance tools      2nd 3rd 4th 5th
red teams      2nd 3rd
red-team exercises      [See network vulnerability assessments]
regulatory documents      
remote access areas      2nd 3rd
reports, final      [See final reports]
reports, SIRT incident reports      
requests for information (RFIs)      
requests for proposals (RFPs)      [See RFPs (requests for proposals)]
requests for quotations (RFQs)      
residual risk      
residual risk, defined      
responding to attacks      2nd
response element of security as a process      2nd
responses to risks, types of      2nd
responsibility assignments      
responsibility assignments, department placement      
responsibility assignments, LAN areas      2nd
responsibility assignments, LAN-to-WAN areas      2nd 3rd
responsibility assignments, remote access areas      2nd 3rd
responsibility assignments, requirements list      2nd
responsibility assignments, separation of duties      
responsibility assignments, seven areas of      2nd 3rd 4th 5th 6th 7th
responsibility assignments, systems/applications areas      2nd 3rd
responsibility assignments, user areas      2nd
responsibility assignments, WAN areas      2nd 3rd
responsibility assignments, workstation areas      2nd
responsibility for policies, defining      
reverse DNS lookup      
reviewing documentation      
reviewing documentation, acceptance of policies by employees      
reviewing documentation, account management      2nd
reviewing documentation, change management      
reviewing documentation, COBIT      
reviewing documentation, common policy problems      2nd 3rd
reviewing documentation, communication security      
reviewing documentation, configuration management      2nd
reviewing documentation, contingency planning      2nd
reviewing documentation, data custodians      
reviewing documentation, data owners      
reviewing documentation, education training and awareness      2nd
reviewing documentation, guidelines for      2nd
reviewing documentation, identification and authentication controls      2nd
reviewing documentation, INFOSEC documentation      2nd
reviewing documentation, ISO 17799      2nd
reviewing documentation, labeling systems      
reviewing documentation, maintenance      
reviewing documentation, malicious code protection category      
reviewing documentation, management controls      2nd 3rd 4th 5th
reviewing documentation, media controls      2nd
reviewing documentation, networking connectivity      
reviewing documentation, operational controls      2nd 3rd 4th
reviewing documentation, period reviews of policies      
reviewing documentation, personal security      
reviewing documentation, physical security      
reviewing documentation, policy development      
reviewing documentation, RFC 2196      
reviewing documentation, roles and responsibilities      2nd
reviewing documentation, scheduling implementation      
reviewing documentation, security auditing      
reviewing documentation, security auditors      
reviewing documentation, session controls      2nd
reviewing documentation, system assurance      2nd
reviewing documentation, technical controls      2nd 3rd 4th 5th 6th
reviewing documentation, testing      
reviewing documentation, users      
RFC 2196      
RFC 2196, reviewing documentation      
RFC-2196, purpose of      
RFIs (requests for information)      
RFPs (requests for proposals)      
RFPs (requests for proposals), award announcements      
RFPs (requests for proposals), bid document creation      
RFPs (requests for proposals), bidders conferences      
RFPs (requests for proposals), contract completion      
RFPs (requests for proposals), defined      
RFPs (requests for proposals), due dates for      
RFPs (requests for proposals), evaluation completion      
RFPs (requests for proposals), evaluation methodology      
RFPs (requests for proposals), evaluation team assembly      
RFPs (requests for proposals), format development      
RFPs (requests for proposals), importance of      
RFPs (requests for proposals), instructions for      
RFPs (requests for proposals), intent to submit response, submitting      
RFPs (requests for proposals), mandatory minimum requirements reviews      
RFPs (requests for proposals), objective of      
RFPs (requests for proposals), project team assembly      
RFPs (requests for proposals), protest periods      
RFPs (requests for proposals), public announcements of      
RFPs (requests for proposals), requirements creation      
RFQs (requests for quotations)      
Rijndael      2nd
risk acceptance      
risk acceptance, defined      
Risk analysis      
risk analysis approach to assessments      
risk analysis approach to assessments, life cycle of      2nd
risk analysis, attacker use of      2nd
risk analysis, defined      
Risk assessment      
risk assessment methodologies      
risk assessment methodologies, asset valuation approach      2nd 3rd
risk assessment methodologies, defense-in-depth approach      2nd 3rd
risk assessment methodologies, overview      2nd
risk assessment methodologies, qualitative approach      2nd 3rd 4th 5th
risk assessment methodologies, quantitative approach      2nd 3rd 4th 5th
risk assessment methodologies, quantitative v. qualitative approaches      2nd
risk assessment methodologies, requirements      2nd
risk assessment methodologies, risk analysis approach      2nd
risk assessment methodologies, risk management      2nd
risk assessment methodologies, threats, listing      
risk assessment methologies      
risk assessment methologies, bottom-up approach      2nd
risk assessment methologies, hybrid approach      2nd
risk assessment methologies, ISO 17799      2nd 3rd
risk assessment methologies, NIST 800-26      2nd
risk assessment methologies, OSSTMM      2nd 3rd
risk assessment methologies, summary      2nd
risk assessment methologies, templates for      2nd 3rd 4th
risk assessment methologies, top-down approach      2nd
risk assessment process      
risk assessment process, defined      
risk assessment process, flow diagram      
risk assessment process, reasons for developing      
risk assessment process, timing of, key points      2nd
risk assessment terminology      
risk assessment terminology, acceptable risk      
risk assessment terminology, countermeasures      
risk assessment terminology, exposure      
risk assessment terminology, overview      2nd
risk assessment terminology, residual risk      
risk assessment terminology, risk analysis      
risk assessment terminology, risk management      
1 2 3 4 5 6 7
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2019
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте