دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش: Fourth edition. نویسندگان: Boyle. Randall, Panko. Raymond R. سری: ISBN (شابک) : 9781292066592, 1292066598 ناشر: Pearson سال نشر: 2015 تعداد صفحات: 673 زبان: English فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) حجم فایل: 12 مگابایت
کلمات کلیدی مربوط به کتاب امنیت کامپیوتر شرکت.: امنیت رایانه، شبکه های رایانه ای -- اقدامات امنیتی، بخش پردازش داده های الکترونیکی -- اقدامات امنیتی، رایانه ها -- اینترنت -- امنیت، رایانه ها -- شبکه -- امنیت، رایانه ها -- امنیت -- عمومی، شبکه های رایانه ای -- اقدامات امنیتی، امنیت رایانه، بخش پردازش داده های الکترونیکی - اقدامات امنیتی
در صورت تبدیل فایل کتاب Corporate computer security. به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب امنیت کامپیوتر شرکت. نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
Cover......Page 1
Contents......Page 4
Preface......Page 20
About the Authors......Page 26
Chapter 1: The Threat Environment......Page 28
The Threat Environment......Page 29
CounterMeasures......Page 30
Why Employees are Dangerous......Page 36
Employee Sabotage......Page 38
Employee Financial Theft and Theft of Intellectual Property......Page 39
Employee Extortion......Page 40
Internet Abuse......Page 41
Data Loss......Page 42
Viruses......Page 43
Worms......Page 45
Nonmobile Malware......Page 47
Remote Access Trojans......Page 48
Spyware......Page 49
Social Engineering in Malware......Page 50
Phishing......Page 51
Spear Phishing......Page 53
Traditional Motives......Page 54
Target Selection......Page 55
Reconnaissance Probes......Page 56
Spoofing......Page 57
Social Engineering in an Attack......Page 58
Denial-of-Service Attacks......Page 60
Skill Levels......Page 62
Cybercrime......Page 63
International Gangs......Page 64
Black Markets and Market Specialization......Page 65
Financial and Intellectual Property Theft......Page 68
Extortion Against Corporations......Page 69
Identity Theft......Page 70
Corporate Identity Theft......Page 71
Commercial Espionage......Page 72
Denial-of-Service Attacks......Page 73
Cyberwar......Page 74
Cyberterror......Page 75
1.8 Conclusion......Page 76
Thought Questions......Page 77
Hands-on Projects......Page 78
Case Study......Page 79
Perspective Questions......Page 80
Chapter 2: Planning and Policy......Page 81
Defense......Page 82
Weakest-Links Failures......Page 83
The Need to Protect Many Resources......Page 84
The Need for a Disciplined Security Management Process......Page 85
Protection......Page 86
Response......Page 87
Viewing Security as an Enabler......Page 88
Strategic IT Security Planning......Page 90
Driving Forces......Page 91
Sarbanes–Oxley......Page 92
Privacy Protection Laws......Page 94
The Federal Trade Commission......Page 97
FISMA......Page 98
Locating Security Within It......Page 99
Top Management Support......Page 101
All Corporate Departments......Page 102
E-mail Outsourcing......Page 103
Managed Security Service Provider......Page 106
Reasonable Risk......Page 108
Annualized Probability (or Rate) of Occurrence......Page 109
Annualized Countermeasure Cost and Net Value......Page 110
Total Cost of Incident......Page 112
Many-To-Many Relationships Between Countermeasures and Resources......Page 113
The Problem With “Hard-Headed Thinking”......Page 114
Risk Avoidance......Page 115
Technical Security Architectures......Page 116
Defense in Depth Versus Weakest Links......Page 117
Single Points of Vulnerability......Page 118
Elements of a Technical Security Architecture......Page 119
2.6 Policy-Driven Implementation......Page 120
Clarity......Page 121
Major Policies......Page 122
Policies for Specific Countermeasures or Resources......Page 123
Standards and Guidelines......Page 125
Processes......Page 127
Accountability......Page 128
Ethics......Page 129
Exception Handling......Page 130
Policies and Oversight......Page 131
Security Metrics......Page 132
Anonymous Protected Hotline......Page 133
Fraud......Page 135
Sanctions......Page 136
2.7 Governance Frameworks......Page 137
The Coso Framework......Page 138
Coso Framework Components......Page 139
CobiT......Page 140
Dominance in the United States......Page 141
ISO/IEC 27002......Page 142
Other 27000 Standards......Page 143
Hands-on Projects......Page 144
Project Thought Questions......Page 145
Case Study......Page 146
Perspective Questions......Page 147
Chapter 3: Cryptography......Page 148
3.1 What is Cryptography?......Page 149
Encryption and Ciphertext......Page 150
The Simple Cipher......Page 151
Cryptanalysis......Page 152
Transposition Ciphers......Page 153
Ciphers and Codes......Page 154
Key Length......Page 156
Human Issues in Cryptography......Page 158
RC4......Page 160
Block Encryption......Page 161
112-Bit 3DES......Page 162
Other Symmetric Key Encryption Ciphers......Page 163
Negotiation......Page 166
Ongoing Communication......Page 167
Cipher Suite Options......Page 168
Authentication Terminology......Page 169
Hashing......Page 170
On The Supplicant’s Machine: Hashing......Page 171
On The Verifier Server......Page 172
Padlock and Key Analogy......Page 173
RSA and ECC......Page 174
Symmetric Key Keying Using Public Key Encryption......Page 175
Symmetric Key Keying Using Diffie–Hellman Key Agreement......Page 176
Public Key Encryption for Authentication......Page 177
Signing the Message Digest to Produce the Digital Signature......Page 178
Sending the Message with Confidentiality......Page 179
Public Key Encryption for Confidentiality and Authentication......Page 180
Certificate Authorities......Page 181
Verifying the Digital Certificate......Page 182
The Roles of the Digital Certificate and Digital Signature......Page 184
Creating and Testing the HMAC......Page 185
Nonrepudiation......Page 187
3.8 Quantum Security......Page 189
3.9 Cryptographic Systems......Page 190
Host-to-Host VPNs......Page 191
Site-to-Site VPNs......Page 192
Nontransparent Protection......Page 193
SSL/TLS Gateways and Remote Access VPNs......Page 194
Browser on the Client......Page 195
Advanced Services Require Administrator Privileges on PCs......Page 197
Attractions of IPsec......Page 198
IPsec in Both IPv4 and IPv6......Page 199
IPsec in Transport Mode and Firewalls......Page 200
Less Expensive than Transport Mode......Page 201
Separate SAs in the Two Directions......Page 202
3.12 Conclusion......Page 203
Thought Questions......Page 205
Hands-on Projects......Page 206
Project Thought Questions......Page 207
Case Study......Page 208
Perspective Questions......Page 209
Chapter 4: Secure Networks......Page 210
Confidentiality......Page 211
Death of the Perimeter......Page 212
Rise of the City......Page 213
Faulty Coding......Page 214
Methods of DoS Attacks......Page 215
Direct and Indirect Attacks......Page 217
Intermediary......Page 219
Reflected Attack......Page 221
Sending Malformed Packets......Page 222
Defending Against Denial-of-Service Attacks......Page 223
Black Holing......Page 224
Rate Limiting......Page 225
Normal ARP Operation......Page 226
ARP Poisoning......Page 228
Static Tables......Page 230
Limit Local Access......Page 231
Access Control Threats......Page 233
Ethernet and 802.1X......Page 234
Immediate Changes......Page 235
EAP Operation......Page 236
RADIUS Servers......Page 237
4.6 Wireless Security......Page 238
Unauthorized Network Access......Page 239
Preventing Unauthorized Access......Page 240
Evil Twin Access Points......Page 242
Flood the Frequency......Page 243
Wireless LAN Security with 802.11i......Page 245
Adding Security to EAP......Page 246
EAP-TLS and PEAP......Page 247
Shared Keys and Operational Security......Page 248
Exploiting WEP’s Weakness......Page 249
Wi-Fi Protected Access (WPA™)......Page 250
Pre-Shared Key (PSK) Mode......Page 253
Wireless Intrusion Detection Systems......Page 255
Implementing 802.11i or WPA Is Easier......Page 256
4.7 Conclusion......Page 257
Hands-on Projects......Page 259
Case Study......Page 260
Perspective Questions......Page 262
Chapter 5: Access Control......Page 263
Authentication, Authorizations, and Auditing......Page 264
Individual and Role-Based Access Control......Page 265
Military and National Security Organization Access Controls......Page 267
Multilevel Security......Page 268
Physical Entry Controls......Page 269
Securing Offices, Rooms, and Facilities......Page 270
Protecting Against External and Environmental Threats......Page 271
Equipment Siting and Protection......Page 274
Removal of Property......Page 275
Monitoring Equipment......Page 276
Notebook Security......Page 277
Password Use and Misuse......Page 278
Not Using the Same Password at Multiple Sites......Page 279
Disabling Passwords that are No Longer Valid......Page 280
Lost Passwords......Page 281
Password Auditing......Page 283
The End of Passwords?......Page 284
Access Cards......Page 285
Tokens......Page 286
Two-Factor Authentication......Page 287
Biometrics......Page 290
Subsequent Access Attempts......Page 291
Acceptance or Rejection......Page 292
False Acceptance Rate......Page 293
Failure to Enroll......Page 294
Identification......Page 295
Watch Lists......Page 296
Fingerprint Recognition......Page 297
IRIS Recognition......Page 298
Face Recognition......Page 299
Hand Geometry......Page 300
Key Points from Chapter 3......Page 304
Creating Public Key–Private Key Pairs......Page 305
The Prime Authentication Problem......Page 306
The Principle of Least Permissions......Page 307
Regular Log Reading......Page 309
The Need for Centralized Authentication......Page 310
Kerberos......Page 311
5.10 Directory Servers......Page 312
Hierarchical Data Organization......Page 313
Active Directory Domains......Page 314
Trust......Page 316
Other Directory Servers and Metadirectories......Page 317
Federated Identity Management......Page 318
Perspective......Page 319
What is Identity?......Page 320
Identity Management......Page 321
Trust and Risk......Page 322
5.12 Conclusion......Page 323
Hands-on Projects......Page 325
Case Study......Page 327
Case Discussion Questions......Page 328
Perspective Questions......Page 329
Chapter 6: Firewalls......Page 330
Basic Firewall Operation......Page 331
The Danger of Traffic Overload......Page 335
6.2 Static Packet Filtering......Page 337
Usefulness of Static Packet Filtering......Page 338
States......Page 340
Stateful Packet Inspection with Two States......Page 341
Packets That Do Not Attempt to Open Connections......Page 342
UDP and ICMP Connections......Page 345
Packets That Do Attempt to Open a Connection......Page 346
Access Control Lists (ACLs) for Connection-Opening Attempts......Page 347
Well-Known Port Numbers......Page 348
Ports and Server Access......Page 349
Disallow All Connections......Page 350
6.4 Network Address Translation......Page 351
Restoration......Page 352
Operational Details......Page 353
Two Common Uses......Page 354
Application Content Filtering in Stateful Packet Inspection Firewalls......Page 355
Application Content Filtering for HTTP......Page 356
Client Protections......Page 357
Server Protections......Page 358
Other Protections......Page 360
False Positives (False Alarms)......Page 361
Intrusion Prevention Systems......Page 363
6.7 Antivirus Filtering and Unified Threat Management......Page 364
Host Firewalls......Page 369
The Demilitarized Zone (DMZ)......Page 370
Hosts in the DMZ......Page 371
Examples of Policies......Page 372
Central Firewall Management Systems......Page 374
Firewall Policy Database......Page 375
Reading Firewall Logs......Page 376
Sorting the Log File by Rule......Page 377
Echo Probes......Page 378
Perspective......Page 379
6.10 Firewall Filtering Problems......Page 380
Avoiding the Border Firewall......Page 381
Attack Signatures versus Anomaly Detection......Page 382
6.11 Conclusion......Page 383
Thought Questions......Page 385
Hands-on Projects......Page 386
Case Study......Page 388
Perspective Questions......Page 390
Chapter 7: Host Hardening......Page 391
The Elements of Host Hardening......Page 392
Security Baselines and Images......Page 393
Virtualization......Page 394
Virtualization Analogy......Page 395
Systems Administrators......Page 396
The Windows Server User Interface......Page 402
Microsoft Management Consoles (MMCs)......Page 403
UNIX (Including Linux) Servers......Page 404
Many Versions......Page 405
Linux......Page 406
UNIX User Interfaces......Page 407
Fixes......Page 408
Patches......Page 412
The Number of Patches......Page 413
Patch Management Servers......Page 414
The Importance of Groups in Security Management......Page 415
Managing Accounts......Page 416
Windows Groups......Page 417
Permissions......Page 418
Directory Permissions......Page 419
Directory Organization......Page 420
Assigning Groups and Permissions in UNIX......Page 421
7.6 Creating Strong Passwords......Page 422
Storing Passwords......Page 423
Brute-Force Guessing......Page 424
Dictionary Attacks on Common Word Passwords......Page 426
Hybrid Dictionary Attacks......Page 427
Truly Random Passwords......Page 428
Other Password Threats......Page 429
7.7 Testing for Vulnerabilities......Page 430
The Windows Action Center......Page 431
Windows Firewall......Page 432
Automatic Updates......Page 433
Antivirus and Spyware Protection......Page 434
Audit Policies......Page 435
Backup......Page 437
Centralized PC Security Management......Page 438
Windows Group Policy Objects......Page 439
7.8 Conclusion......Page 442
Hands-on Projects......Page 443
Case Study......Page 444
Perspective Questions......Page 446
Chapter 8: Application Security......Page 447
Buffer Overflow Attacks......Page 448
Executing Attack Code......Page 449
Few Operating Systems, Many Applications......Page 450
Understand the Server’s Role and Threat Environment......Page 451
Minimize Applications......Page 452
Create a Secure Configuration......Page 453
Securing Custom Applications......Page 454
Buffer Overflow Attacks......Page 455
SQL Injection Attacks......Page 456
Training in Secure Computing......Page 457
E-Commerce Service......Page 460
External Access......Page 461
Website Defacement......Page 462
The Directory Traversal with Hexadecimal Character Escapes......Page 463
E-Commerce Software Vulnerabilities......Page 464
Website Error Logs......Page 465
Production Servers......Page 466
Mobile Code......Page 467
Other Client-Side Attacks......Page 469
Security Tab......Page 471
Privacy Tab......Page 475
Spam......Page 476
Personally Identifiable Information......Page 477
Where to Do E-Mail Malware and Spam Filtering......Page 478
Message Encryption......Page 479
Sending Voice between Phones......Page 481
SIP Proxy Servers......Page 482
Eavesdropping......Page 483
Hacking and Malware Attacks......Page 484
New Threats......Page 485
Authentication......Page 486
Separation: Anticonvergence......Page 487
The Skype VoIP Service......Page 488
Instant Messaging......Page 489
TCP/IP Supervisory Applications......Page 491
8.7 Conclusion......Page 492
Hands-on Projects......Page 493
Case Study......Page 495
Perspective Questions......Page 496
Chapter 9: Data Protection......Page 497
Sony Data Breaches......Page 498
Scope of Backup......Page 499
Shadowing......Page 500
Full Versus Incremental Backups......Page 502
Local Backup......Page 503
Continuous Data Protection......Page 505
Mesh Backup......Page 506
Magnetic Tape......Page 507
Disk Arrays—RAID......Page 508
No Raid......Page 509
Raid 1......Page 510
Raid 5......Page 512
Media Storage Location Policies......Page 515
Access Control Policies......Page 516
The Dangers of Retention......Page 517
U.S. Federal Rules of Civil Procedure......Page 518
User Training......Page 520
Vault Server Access Control......Page 521
9.5 Database Security......Page 522
Limiting the View of Data......Page 523
SQL Injection Attacks......Page 527
What to Audit......Page 528
Triggers......Page 529
Database Placement and Configuration......Page 530
Key Escrow......Page 531
Data Collection......Page 533
Data Masking......Page 534
Information Triangulation......Page 536
Buy or Sell Data......Page 537
Digital Rights Management......Page 538
Data Loss Prevention Systems......Page 539
Watermarks......Page 541
Removable Media Controls......Page 542
Social Networking......Page 543
Nominal Deletion......Page 544
Basic File Deletion......Page 545
Destruction......Page 546
Thought Questions......Page 547
Hands-on Projects......Page 548
Case Study......Page 549
Perspective Questions......Page 551
Chapter 10: Incident and Disaster Response......Page 552
Walmart and Hurricane Katrina......Page 553
Major Incidents......Page 554
Disasters......Page 556
So is Accuracy......Page 557
Rehearsal......Page 558
Detection......Page 559
Continuing to Collect Data......Page 561
Restoration from Backup Tapes......Page 562
Punishing Employees......Page 563
Collecting and Managing Evidence......Page 564
Organization of the CSIRT......Page 566
Criminal versus Civil Law......Page 567
Jurisdictions......Page 568
U.S. State and Local Laws......Page 569
International Law......Page 570
Evidence and Computer Forensics......Page 572
Computer Hacking, Malware Attacks, Denial-of-Service Attacks, and Other Attacks (18 U.S.C. § 1030)......Page 573
Damage Thresholds......Page 574
10.3 Intrusion Detection Systems......Page 575
Logging (Data Collection)......Page 576
Support for Interactive Manual Log Analysis......Page 577
Batch Versus Real-Time Data Transfer......Page 578
Weaknesses of NIDSs......Page 579
Attraction of HIDSs......Page 580
Integrated Logs......Page 581
Manual Analysis......Page 583
Tuning for Precision......Page 584
Honeypots......Page 585
10.4 Business Continuity Planning......Page 590
Communication, Communication, Communication......Page 592
Testing and Updating the Plan......Page 593
10.5 It Disaster Recovery......Page 594
Site Sharing with Continuous Data Protection......Page 595
Location of the Sites......Page 596
Restoration of Data and Programs......Page 599
10.6 Conclusion......Page 600
Hands-on Projects......Page 601
Case Study......Page 602
Perspective Questions......Page 604
A.1 Introduction......Page 605
The Access Router......Page 606
UTP Wiring......Page 607
A Building LAN......Page 608
A Firm’s Wide Area Networks......Page 609
The Internet......Page 611
Applications......Page 613
Security in Older Versions of the Standard......Page 614
A.4 Core Layers in Layered Standards Architectures......Page 615
The TCP/IP Standards Architecture......Page 616
A.6 Single-Network Standards......Page 617
Optical Fiber......Page 618
Switch Supervisory Frames......Page 619
A.7 Internetworking Standards......Page 620
The First Row......Page 621
The Third Row......Page 622
Masks......Page 623
IP Version 6......Page 624
IPsec......Page 625
Connectionless and Connection-Oriented Protocols......Page 626
Reliability......Page 628
Sequence Number Field......Page 629
Window Field......Page 630
Port Numbers on Servers......Page 631
Sockets......Page 632
A.10 The User Datagram Protocol......Page 633
Internet Control Message Protocol......Page 635
The Domain Name System......Page 636
Dynamic Host Configuration Protocol......Page 637
Dynamic Routing Protocols......Page 638
Simple Network Management Protocol......Page 639
HTTP and HTML......Page 640
E-Mail......Page 641
Hands-on Projects......Page 642
Perspective Questions......Page 644
Glossary......Page 645
Index......Page 662