Paquet W, Saxe W. — Business Case for Network Security: Advocacy, Governance, and ROI :: Электронная библиотека попечительского совета мехмата МГУ

Главная Ex Libris Книги Журналы Статьи Серии Каталог Wanted Загрузка ХудЛит Справка Поиск по индексам Поиск Форум

Авторизация

Поиск по указателям

Paquet W, Saxe W. — Business Case for Network Security: Advocacy, Governance, and ROI

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: Business Case for Network Security: Advocacy, Governance, and ROI

Авторы: Paquet W, Saxe W.

Аннотация:

The Business Case for Network Security: Advocacy, Governance, and ROI addresses the needs of networking professionals and business executives who seek to assess their organization's risks and objectively quantify both costs and cost savings related to network security technology investments. This book covers the latest topics in network attacks and security. It includes a detailed security-minded examination of return on investment (ROI) and associated financial methodologies that yield both objective and subjective data. The book also introduces and explores the concept of return on prevention (ROP) and discusses the greater implications currently facing corporations, including governance and the fundamental importance of security, for senior executives and the board.

Язык:

Рубрика: Экономика и финансы/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2004

Количество страниц: 408

Добавлена в каталог: 22.05.2005

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID

Предметный указатель

(annual-loss expectancy)
(annualized rate of occurrence)
(antivirus) software      2nd 3rd 4th
(certificate authority)
(denial of service)
(IDS)
(intrusion-detection systems)
(intrusion-prevention systems)
(network interface cards)
(personal identification numbers)
(private virtual LANs)
(Public Key Infrastructure)
(return on prevention)
(Security Agent)
(security)
(service level agreements)
(single-loss expectancy)      2nd
2nd      [See ROP (return on prevention)]
A Security Blueprint for Enterprise Networks (SAFE
abuse
ACCESS
access attacks
access cards
Access Control lists
access control servers      2nd
access control servers (ACSs)
access crads
access integrity
access issues
access points
access policies
access strategems
access warnings
access-control policies      2nd 3rd 4th 5th 6th
accounting      2nd 3rd 4th
accounting for
acknowledging      2nd 3rd
ACSs (access control servers)
adjusting
advanced filtering      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th
advances in
ALE      2nd 3rd 4th 5th
ALE (annual-loss expectancy)      2nd 3rd 4th 5th
Alternatives      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
analog Internet access
Analysis
analyzing      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
angry employees
annual-loss expectancy (ALE)      [See costs;attacks;ALE (annual-loss expectancy)]
annualized rate of occurrence (ARO)      [See costs;attacks;ARO (annualized rate of occurrence)]
answerability issues
antivirus software
APM      2nd
APM (automated patch management)      2nd 3rd 4th 5th
application layer attacks
application targets
applications
ArcSight      2nd
ARO      2nd 3rd
ARO (annualized rate of occurence)      2nd 3rd
ARO (annualized rate of occurrence)      2nd 3rd
as invasion targets
as learned behavior      2nd
assessing      2nd 3rd 4th 5th 6th 7th 8th 9th
assessment tools      2nd 3rd
asset-value estimations      2nd 3rd 4th
assets
attack costs
attack detection      2nd 3rd
attack threads      2nd 3rd
Attacks
audit tools      2nd
Auditing
audits      2nd 3rd 4th
Authentication      2nd
Authorization
authorization and licensing
authorization servers
automated patch management (APM)      2nd 3rd 4th 5th
AV
AV engines
Availability
awareness levels
backup data handling
bandwidth consumption      2nd 3rd 4th 5th 6th
baseline determination      2nd 3rd
baselines
basic filtering      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th
basic network security topology
basic network topology
basic network topology (SAFE)
basic traffic filtering      2nd 3rd 4th
bio-tokens
black-box hackers
braggarts
brute-force attacks
budgeting for
Buffer overflow      2nd 3rd 4th 5th 6th
Bugs
Building      2nd
Building Scalable Cisco Internetworks (BSCI) (I),      2nd Edition
business continuity planning      2nd 3rd
business relationships
CA
Calculating      2nd 3rd
calssifying
carelss employees
cassification
Categories      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th 30th 31st 32nd 33rd 34th
CCNP Self-Study
Centre for Safe and Responsible Internet Use (CSRIU)
CERT
Certificate authority (CA)      [See CA (certificate authority)]
certificates
change control
change implementations
Characteristics      2nd 3rd 4th 5th 6th
choosing
Cisco NAC (network admission control)      2nd
Cisco SA (Security Agent)
Cisco SAFE blueprint
Cisco SAFE Blueprint white papers
Cisco security wheel
Cisco security wheel monitor
classifications      2nd 3rd 4th 5th
classifying      2nd 3rd
clean-desk policies      2nd 3rd
clever hackers      2nd 3rd 4th
closed-blind policies
code red virus
collateral damage
combo-malware
communications
compared
Compliance
components
comprehensive backup data handling
comprehensive network security topology      2nd 3rd 4th
comprehensive network topology      2nd 3rd 4th
comprehensive network topology (SAFE)      2nd 3rd 4th
Computer Crime and Security Survey 2003
Computer Security Handbook (i), 4th Edition
conducting      2nd 3rd 4th 5th 6th 7th
Confidentiality
confidentiality levels
confidnetiality
constancy issues
consulting      2nd 3rd
contactless cards
Content

content filtering      2nd
continuity planning      2nd 3rd
continuity, or continuity of operations (CoOP)
Cookies
CoOP (continuity, or continuity of operations)
corporate compliance
corporate goals      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
corporate organizations
corporates mandates
Correcting
correlation tools      2nd 3rd 4th
costs
Creating      2nd 3rd 4th 5th 6th
criteria
CSI/FBI Computer Crime and Security Survey 2004
CSRIU (Centre for Safe and Responsible Internet Use)
Cultures
curious hackers      2nd 3rd 4th
custom software      2nd 3rd
custom-written software
Data collection
data sensitivity policies      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
data transfers
data-driven attacks
DDoS (Distributed Denial of Service)
DDoS (Distributed Denial of Service) attacks      2nd 3rd 4th 5th
decentralized policy enforcement      2nd
Defining      2nd 3rd 4th 5th 6th
deliverables
delivering to      2nd
demilitarized-zone (DMZ) web server      [See DMZ (demilitarized zone) web servers]
departing employees
Departments
design issues
detecting
Detection
determining      2nd 3rd
devices
dialup and analog      2nd 3rd 4th 5th 6th 7th 8th 9th 10th
dialup and analog policies
dialup Internet access
dialup workstations
Digital certificates
Digital signatures      2nd
diminishing returns
directing
directives
Disciplined Security
discount factor
discussing      2nd
discussing with management      2nd
disgruntled employees
distribution
DMZ (demilitarized-zone) web servers
DMZ servers
doing just enough state
doing too much state
domain name hijackings      2nd
Don't Panic. Plan
DoS (denial of service) attacks      2nd 3rd
DoS attacks
drive-by spamming
e-mail
e-mail content filtering      2nd 3rd
eavesdropping      2nd 3rd 4th
eavesdropping attacks      2nd 3rd
effects on
Efficiency
employee hackers      2nd 3rd 4th 5th 6th 7th 8th
employee sabotage
employees
encrypted VPN
Encryption
encryption concerns      2nd
encryption keys
encryption policies
enforcement
engagement methods      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd
Enterprise)      2nd 3rd 4th 5th 6th
Environments
Equipment
equipment paths      2nd
establishing      2nd 3rd
ethics policies      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th
evolution of
examining
executive involvement
expectation levels      2nd
Exploitation      2nd
exploitation attacks
Exposure
exposure factor
Extending the Security Blueprint to Small, Midsize, and Remote-User Networks (SAFE
external attacks
external hacking
external threats
extranets
extrapolating policy intent
False positives
fax line use
fax lines
FBI/CSI (Federal Bureau of Investigation/Computer Security Institute)
Federal Bureau of Investigation/Computer Security Institute (FBI/CSI)
Figuring
file encryption      2nd
Filtering      2nd 3rd
Filters
finance department
financial modeling
Financial Modernization Act of 1999, The (i)
FirewallAnalyzer
firewalling
Firewalls      2nd
Footprinting      2nd 3rd
forensic analysis      2nd
forensic analysis tools
former employees
formulating
frequency jamming
future of      2nd
generating      2nd 3rd 4th 5th 6th
GNU-PGP
Governance
Gramm-Leach-Bliley Act (i)
Guidelines
hackers
Hacking      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
Hacking Exposed
hacking into
handling      2nd
hardening dev ices
hardening devices
Hardware
Hashing
header-modified requests
Health Insurance Portability and Accountability Act (HIPAA)
HIDs      2nd 3rd 4th 5th
HIDS (host-based IDS)      2nd
homeland
honeypots
host targets      2nd 3rd
host-based IDS (HIDS)      2nd
Hosts
human issues
human nature      2nd 3rd
IDS Deployment, Tuning, and Logging in Depth (SAFE
IDS)
IDSs      2nd
IDSs (intrusion-detection systems      2nd 3rd
IDSs (intrusion-detection systems)

1 2 3

О проекте