Нашли опечатку? Выделите ее мышкой и нажмите Ctrl+Enter
Название: Techno Security's Guide to Managing Risks for IT Managers, Auditors, and Investigators
Авторы: Wiles J., Long J., Rogers R.
How much do you know about getting and staying secure in a rapidly changing techno world? Before you answer that, let's ask a much more important question. "How much don't you know about staying secure?" This book will help re-enforce many of the threats that you already know about, as well as introducing you to at least a few that you probably never even thought of. The experts who share their experiences through its chapters come from many different areas with different security concerns. All of them are senior level managers who have been thru the trenches in reacting to a multitude of security risks, threats, vulnerabilities and countermeasures. Many are considered by their piers to be among the best security minds in the world today. If you take the time to read their chapters, you will learn something that will help you remain secure in a rapidly changing technical world. Some of the topics shared by our experts include: The Physical Side of Technical Security Social Engineering - Here's How I Broke Into Their Buildings Risk Management - Are you At Risk? - How Do You Know? A Senior Managers Guide For Making Security Work for Thousands of People Effective Employee Awareness Training - The Most Cost Effective Countermeasure Industry and Law Enforcement Working Together - When Should You Call Them? Steganography - A Growing High-tech Threat Intrusion Detection - How Will You Know If They Are Knocking At Your Door? Incident Response - What Are You Going To Do When They Do Come Knocking At Your Door? Computer Forensics - What Are You Going To Do AFTER They've Come Thru The Door? Cell Phone Forensics - Now We're Really Getting High-tech Hackers - Good Guys or bad Guys? Much, much more. . . . . . ..
• Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30 experience in the worlds of both physical and technical security.
• Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise.
• Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.
• Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.
• Kevin O'Shea on Seizure of Digital Information discusses collecting hardware and information from the scene.
• Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.
• Dennis O'Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.
• Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards.
• Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist's responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.
• Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and can't do, and arms you with the information you need to set your career path.
• Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company.