Craig Schiller,
Craig (CISO for Portland State University and President of Hawkeye Security Training, LLC) Schiller,
Seth Fogie,
Seth (Vice President, Airscanner, Dallas, TX, USA) Fogie,
Colby DeRodeff,
Colby (<b>GCIA, GCNA</b> Manager, Technical Marketing, ArcSight, Inc., CA) DeRodeff,
Michael Gregg,
Michael (President, Superior Solutions, Inc.) Gregg
e.a.
Elsevier Science
e druk, 2007
9781597492249
InfoSecurity 2008 Threat Analysis
Specificaties
Paperback, blz.
|
Engels
Elsevier Science |
e druk, 2007
ISBN13: 9781597492249
Rubricering
Juridisch
:
Verwachte levertijd ongeveer 9 werkdagen
Samenvatting
An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking.
Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.
Specificaties
ISBN13:9781597492249
Taal:Engels
Bindwijze:Paperback
Uitgever:Elsevier Science
Hoofdrubriek:Automatisering algemeen, Computer en informatica
Inhoudsopgave
<br>Foreword</br><br>Part I: Botnets</br><br> Chapter 1 Botnets: A Call to Action</br><br> Introduction</br><br> The Killer Web App</br><br> How Big is the Problem?</br><br> The Industry Responds</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br> Chapter 2 Botnets Overview</br><br> What is a Botnet?</br><br> The Botnet Life Cycle</br><br> What Does a Botnet Do?</br><br> Botnet Economic</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Part II Cross Site Scripting Attacks</br><br> Chapter 3 Cross-site Scripting Fundamentals</br><br> Introduction</br><br> Web Application Security</br><br> XML and AJAX Introduction</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br> Chapter 4 XSS Theory</br><br> Introduction</br><br> Getting XSS'ed</br><br> DOM-based XSS in Detail</br><br> Redirection</br><br> CSRF</br><br> Flash, QuickTime, PDF, Oh My</br><br> HTTP Response Injection</br><br> Source vs. DHTML Reality</br><br> Bypassing XSS Length Limitations</br><br> XSS Filter Evasion</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br> Chapter 5 XSS Attack Methods</br><br> Introduction</br><br> History Stealing</br><br> Intranet Hacking</br><br> XSS Defacements</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br> References</br><br>Part III Physical and Logical Security Convergence</br><br> Chapter 6 Protecting Critical</br><br> Infrastructure: Process Control and SCADA</br><br> Introduction</br><br> Technology Background: Process Control Systems</br><br> Why Convergence?</br><br> Threats and Challenges</br><br> Conclusion </br><br> Chapter 7 Final Thought</br><br> Introduction</br><br> Final Thoughts from William Crower</br><br> Final Thoughts from Dan Dunkel</br><br> Final Thoughts from Brian Contos </br><br> Final Thoughts from Colby DeRodeoff</br><br>Part IV PCI Compliance</br><br> Chapter 8 Why PCi is Important</br><br> Introduction</br><br> What is PCI?</br><br> Overview of PCI Requirements</br><br> Risks and Consequences</br><br> Benefits of Compliance</br><br> Summary </br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br> Chapter 9 Protect Cardholder Data </br><br> Protecting Cardholder Data</br><br> PCI Requirement 3: Protect Stored Cardholder Data </br><br> PCI Requirement 4~Encrypt Transmission of Cardholder Data Across Open, Public Networks</br><br> Using Compensating Controls</br><br> Mapping Out a Strategy</br><br> The Absolute Essentials</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Part V Asterisk and VolP Hacking</br><br> Chapter 10 Understanding and Taking Advantage of VolP Protocols</br><br> Introduction </br><br> Your Voice to Data</br><br> Making Your Voice Smaller</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br> Chapter 11 Asterisk Hardware Ninjutsu</br><br> Introduction</br><br> Serial</br><br> Motion</br><br> Modems</br><br> Fun with Dialing</br><br> Legalities and Tips</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Part VI Hack the Stack</br><br> Chapter 12 Social Engineering</br><br> Introduction</br><br> Attacking the People Layer</br><br> Defending the People Layer</br><br> Making the Case for Stronger Security</br><br> People Layer Security Project</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions </br><br>Index</br><br></br>
Net verschenen
Rubrieken
- aanbestedingsrecht
- aansprakelijkheids- en verzekeringsrecht
- accountancy
- algemeen juridisch
- arbeidsrecht
- bank- en effectenrecht
- bestuursrecht
- bouwrecht
- burgerlijk recht en procesrecht
- europees-internationaal recht
- fiscaal recht
- gezondheidsrecht
- insolventierecht
- intellectuele eigendom en ict-recht
- management
- mens en maatschappij
- milieu- en omgevingsrecht
- notarieel recht
- ondernemingsrecht
- pensioenrecht
- personen- en familierecht
- sociale zekerheidsrecht
- staatsrecht
- strafrecht en criminologie
- vastgoed- en huurrecht
- vreemdelingenrecht
