Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   

Поиск по указателям

Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure
Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Inside Network Security Assessment: Guarding your IT Infrastructure

Авторы: Gregg M., Kim D.


As an IT professional, you need to know how to perform network security assessments. Inside Network Security Assessments: A Brick by Brick Approach to Securing a Network Infrastructure is a collection of utilities and templates that will take you through the assessment process. Written by two highly qualified authors with close ties to the International Information Systems Security Certification Consortium, this book was developed with the goal of being a text for the CISSP continuing education class on Network Security Assessment. You will be provided with step-by-step training on assessing security, from paperwork to penetration testing to ethical hacking. The supporting website will also provide you with access to a variety of tools, checklists, and templates to make your job even easier. You'll save everyone time and money by learning to perform security assessments yourself with the help of Inside Network Security Assessment.

Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2005

Количество страниц: 336

Добавлена в каталог: 20.08.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
Предметный указатель
risk assessment terminology, safeguards      
risk assessment, defined      
risk assessments      
risk assessments, asset types      2nd
risk assessments, asset valuations      
risk assessments, assets      
risk assessments, best practices      2nd 3rd 4th 5th
risk assessments, categorizing components based on criticality      
risk assessments, CVE list for      
risk assessments, detection element      
risk assessments, elements of risk      
risk assessments, final report preparation      
risk assessments, FISMA requirments      
risk assessments, fundamental problem of software      
risk assessments, goals of      2nd
risk assessments, goals, setting      2nd
risk assessments, implementing organizational changes      
risk assessments, importance of      
risk assessments, inventorying assets      
risk assessments, legal issue requirements      
risk assessments, methodology identification      
risk assessments, performance step      
risk assessments, policy creation      
risk assessments, prevention element      
risk assessments, prioritizing recommendations      
risk assessments, response element      2nd
risk assessments, Sarbanes-Oxley Act requirements      
risk assessments, security as a process steps      2nd 3rd
risk assessments, security process definition goal      2nd 3rd
risk assessments, software patches      
risk assessments, stages of vulnerability      2nd
risk assessments, standards for measuring      
risk assessments, statistics on vulnerability      
risk assessments, summary      2nd
risk assessments, threat types      2nd
risk assessments, threats      2nd
risk assessments, vulnerability      2nd
risk assessments, vulnerability types, list of      
risk avoidance      
risk avoidance, defined      
Risk management      
risk management, defined      
risk management, ongoing      
risk management, purpose of      2nd
risk management, system development phase      
risk mitigation      
risk mitigation, defined      
risk score      
risk score, defined      
Risk scores      
risk scores, calculating      2nd 3rd 4th 5th
risk scores, defined      2nd
risk scores, impact rating      2nd
risk scores, matrices for      
risk scores, presentation of      
risk scores, probability scales      
risk scores, subjectivity      
risk transference      
risk transference, defined      
risk, application systems as assets      
risk, backup systems as assets      
risk, defined      2nd
risk, documentation as assets      
risk, elements of      
risk, intellectual property as assets      
risk, network systems as assets      
risk, operating systems as assets      
risk, security systems as assets      
risk, server systems as assets      
risk, telecommunication systems as assets      
risk, threats as causes of      2nd 3rd
risk, vulnerability component of      2nd
risk, workstations as assets      
rogue access points      
rogue access points, defined      
Role-based access control (RBAC)      2nd
Roles      [See also responsibility assignments]
roles, LAN areas      
roles, LAN-to-WAN areas      
roles, remote access areas      
roles, systems/applications areas      
roles, WAN areas      
roles, workstation areas      
safeguards, defined      
sample final reports      [See final reports; templates for]
SANS, url for      
Sarbanes-Oxley Act      
Sarbanes-Oxley Act, authentication issues      
Sarbanes-Oxley Act, certification of internal controls      
Sarbanes-Oxley Act, COBIT      
Sarbanes-Oxley Act, Control Environment      
Sarbanes-Oxley Act, COSO      
Sarbanes-Oxley Act, management structures requirements      2nd
Sarbanes-Oxley Act, monitoring requirements      2nd
Sarbanes-Oxley Act, network security      
Sarbanes-Oxley Act, oversight of      
Sarbanes-Oxley Act, PCAOB      
Sarbanes-Oxley Act, physical security      
Sarbanes-Oxley Act, purpose of      
Sarbanes-Oxley Act, risk assessment requirements      
Sarbanes-Oxley Act, scope of      
Sarbanes-Oxley Act, Section 302      
Sarbanes-Oxley Act, Section 404      2nd
Sarbanes-Oxley Act, security policies      
Sarbanes-Oxley Act, security standards      
Sarbanes-Oxley Act, segregation of duties      
Sarbanes-Oxley Act, user account management      
Sasser worm      2nd
SATAN (Security Administrator Tool for Analyzing Networks)      
scanning tools      2nd 3rd 4th 5th
scanning tools, banner grabbing      
scanning tools, inverse SYN cookies      2nd
scanning tools, network discovery      
scanning tools, Nmap      
scanning tools, OS identification      2nd
scanning tools, port scanning      
scanning tools, Scanrand      
scanning tools, stateless scanning      
scanning tools, steps for using      
scanning tools, SuperScan      
scanning tools, TCP scan techniques      
scanning tools, THC-Amap      
scanning tools, urls for tools      
scanning tools, Xprobe2      
Scanrand      2nd
scarcity-based social engineering      
scheduling issues      
scheduling issues, overview of      2nd
scheduling issues, timeline construction      2nd
scheduling risk assessments      
scheduling risk assessments, key points for      2nd
SCM (systems criticality matrix)      
SCMs (systems criticality matrices)      2nd 3rd
SCMs, final reports, including in      
scope creep      2nd 3rd 4th
scope, administrative information for      
scope, breaches in security as drivers      
scope, business reasons for      
scope, compliance as driver for      
scope, critical systems identification      
scope, defining for assessments, overview of      2nd
scope, driving events for defining      2nd 3rd
scope, due diligence as driver      
scope, importance of      
scope, information request forms      2nd 3rd
scope, key personnel identification      
scope, kickoff meetings      2nd 3rd
scope, legal information for      
scope, logistical approval      
scope, management, meeting with      2nd 3rd 4th
scope, merger events      
scope, project management      2nd
scope, reviewing      
scope, security information for      
scope, staffing issues      2nd 3rd
scope, technical information for      
scope, timeline construction      2nd 3rd
scope, written approvals for      
SCORE (Security Consensus Operational Readiness Evaluation)      
SCORE (Security Consensus Operational Readiness Evaluation), purpose of      2nd
screensaver locks      
screensaver locks, defined      
Script kiddies      
script kiddies, defined      
SEC filings      
SEC filings, information-gathering with      
second greatest threat      2nd
secret information      
secret information, defined      
Secure Shell (SSH)      
Secure Sockets Layer (SSL)      
Security Administrator Tool for Analyzing Networks (SATAN)      
security as a process      
security as a process, defining      2nd 3rd
security as a process, detection element      
security as a process, prevention element      
security as a process, response element      2nd
security as a process, steps for      2nd 3rd
security assessment forms      
security assessment forms, access options and controls template      2nd
security assessment forms, audit controls template      
security assessment forms, document tracking form template      2nd
security assessment forms, information request form template      2nd 3rd 4th 5th
security assessment forms, level II assement form templates      
security assessment forms, organization information criticality matrix      
security assessment forms, password controls template      
security assessment forms, systems criticality matrix      
security auditing      
security auditing, centralizing logging      
security auditing, clipping levels      
security auditing, coverage determination      
security auditing, defined      
security auditing, exporting audit logs      
security auditing, log review policy      
security auditing, process automation      
security auditors      
security auditors, defined      
security audits      
security audits, tool recommended for      
security baselines      
security baselines, final report recommendations on      
security bulletins      
security countermeasures      [See countermeasures]
security defects      
security defects, defined      
security defects, hacker detection of      
security design      
security design, step in process      
Security Incident Response Teams      [See SIRTs]
security information for scope definition      
security limits, hacker detection of      
security systems      
security systems, asset nature of      
security tool web sites      2nd 3rd
security tools      [See assessment tools]
security workflow definitions      2nd
security workflow definitions, defined      
security workflow procedures      2nd
security, attack personnel      [See attackers]
security, definition of      
security-usability tradeoff graph      
segregation of duties      
segregation of duties, Sarbanes-Oxley Act on      
Sensitive information      
sensitive information, defined      
separation of duties      
separation of duties, defined      
separation of duties, importance of      
server systems      
server systems, asset nature of      
service level agreements      
service level agreements, violations due to attacks      
session controls      
session controls, account lockouts      
session controls, reviewing documentation      2nd
session controls, screensaver locks      
session controls, system timeouts      
session controls, warning banners      
seven areas of information security      
seven areas of information security, list of      2nd
sharing media      
Simple Network Management Protocol      [See SNMP]
single loss expectancy      [See SLE (single loss expectancy)]
SIRT Team Incident Report template      2nd 3rd 4th 5th
SIRTs (Security Incident Response Teams)      
SIRTs (Security Incident Response Teams), purpose of      
SIRTs (Security Incident Response Teams), responding to attacks      2nd
SIRTs, authority required by      
SIRTs, composition of      
SIRTs, confidentiality agreements for      
SIRTs, documentation      
SIRTs, purpose of      2nd
SIRTs, reports      
SIRTs, response procedures      2nd
SIRTs, team leader responsibilities      
SLAs      [See Software Licensing Agreements]
SLAs (service level agreements)      
SLAs (service level agreements), defined      
SLE (Single Loss Expectancy)      
SLE (single loss expectancy), calculating      2nd 3rd
SLE (single loss expectancy), defined      
SLEs (Single Loss Expectancies)      
SLEs (Single Loss Expectancies), defined      
SMART process      
SMART process, defined      
Smurf attack      2nd
sniffers, defined      
SNMP (Simple Network Management Protocol)      2nd
SNMP (Simple Network Management Protocol), community strings      
SNMP (Simple Network Management Protocol), defined      
SNMP (Simple Network Management Protocol), probing      
Social engineering      2nd 3rd
social engineering, defined      2nd
social engineering, phishing attacks      
social validation      
SOCs (security operations centers)      
SOCs (security operations centers), defined      
software bugs      
software bugs, defined      
software flaws      
software flaws, defined      
Software Licensing Agreements (SLAs)      
Software Licensing Agreements (SLAs), disclaimers, reasons for      
software patches      
software patches, defined      
software patches, time to patch problem      2nd
software vulnerabilities      
software vulnerabilities, hacker knowledge of of      
software vulnerability standards      
1 2 3 4 5 6 7
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2020
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте