Book description
"Ajay and Scott take an interesting approach in filling Defend I.T. with case studies and using them to demonstrate important security principles. This approach works well and is particularly valuable in the security space, where companies and consultants are often hesitant to discuss true security incidents for potential embarrassment and confidentiality reasons. Defend I.T. is full of engaging stories and is a good read."
--Fyodor, author of the Nmap Security Scanner and Insecure.Org
"Defend I.T. answers reader demand for scenario-driven examples. Security professionals will be able to look at these case studies and relate them to their own experiences. That sets this book apart."
--Lance Hayden, Cisco Systems
"This is an exciting book! It's like reading several mysteries at once from different viewpoints, with the added benefit of learning forensic procedures along the way. Readers will benefit from the procedures, and the entertaining presentation is a real plus."
--Elizabeth Zinkann, Equilink Consulting
The battle between IT professionals and those who use the Internet for destructive purposes is raging--and there is no end in sight. Reports of computer crime and incidents from the CERT Coordination Center at Carnegie Mellon University more than double each year and are expected to rise. Meanwhile, viruses and worms continue to take down organizations for days.
Defend I.T.: Security by Example draws on detailed war stories to identify what was done right and what was done wrong in actual computer-security attacks, giving you the opportunity to benefit from real experiences. Approaches to securing systems and networks vary widely from industry to industry and organization to organization. By examining a variety of real-life incidents companies are too embarrassed to publicly share, the authors explain what could have been done differently to avoid the losses incurred--whether creating a different process for incident response or having better security countermeasures in place to begin with.
Inside, you'll find in-depth case studies in a variety of categories:
Basic Hacking: Blackhat bootcamp, including mapping a network, exploiting vulnerable architecture, and launching denial-of-service attacks
Current Methods: The latest in malicious deeds, including attacks on wireless networks, viruses and worms, and compromised Web servers
Additional Items on the Plate: Often overlooked security measures such as developing a security policy, intrusion-detection systems, disaster recovery, and government regulations
Old School: Classic means of compromising networks--war dialing and social engineering
Forensics: How to investigate industrial espionage, financial fraud, and network intrusion
Aimed at both information-security professionals and network administrators, Defend I.T. shows you how to tap the best computer-security practices and industry standards to deter attacks and better defend networks.
Table of contents
- Copyright
- Preface
- About the Authors
- Introduction
- I. Basic Hacking
- II. Current Methods
-
III. Additional Items on the Plate
- 8. Protecting Borders: Perimeter Defense with an IDS
- 9. Disaster All Around
- 10. Security Is the Best Policy
- 11. HIPAA: Security by Regulation
- IV. Old School
-
V. Computer Forensics
- 14. Industrial Espionage
- 15. Executive Fraud
- 16. Cyber Extortion
- Conclusion
-
Recommended Reading
- General Topics
- Nmap
- Secure Architecture
- Denial of Service
- Wireless
- Viruses
- Web Security
- Intrusion Detection Systems
- Disaster Recovery
- Security Policy
- HIPAA
- War Dialing
- Social Engineering
- Computer Forensics
- Public Key Infrastructure
- Identity Management
- Biometrics
- Firewalls and VPNs
- Home Security
- Identify Theft
Product information
- Title: Defend I.T.: Security by Example
- Author(s):
- Release date: May 2004
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780321197672
You might also like
book
Mapping Security: The Corporate Security Sourcebook For Today's Global Economy
Praise for Tom Patterson's Mapping Security "Tom Patterson captures a compelling and practical view of security …
book
Emerging Trends in ICT Security
Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT …
article
Have ChatGPT Ask You Questions
ChatGPT Shortcuts shows future prompt engineers how to harness the full potential of the state-of-the-art AI …
book
Microsoft® Exchange Server 2003 Unleashed
The most extensive Exchange 2003 reference found on the market today from one of the world's …