Atnaujinkite slapukų nuostatas

El. knyga: Official (ISC)2 Guide to the SSCP CBK 2nd edition [Taylor & Francis e-book]

Edited by , , (HFT Associates, Villa Park, California, USA)
  • Formatas: 468 pages, 3 Tables, black and white; 40 Illustrations, black and white
  • Serija: ISC2 Press
  • Išleidimo metai: 08-Dec-2010
  • Leidėjas: Auerbach
  • ISBN-13: 9780429228360
Kitos knygos pagal šią temą:
  • Taylor & Francis e-book
  • Kaina: 110,79 €*
  • * this price gives unlimited concurrent access for unlimited time
  • Standartinė kaina: 158,27 €
  • Sutaupote 30%
Official (ISC)2 Guide to the SSCP CBK 2nd editionDidesnis paveikslėlis
  • Formatas: 468 pages, 3 Tables, black and white; 40 Illustrations, black and white
  • Serija: ISC2 Press
  • Išleidimo metai: 08-Dec-2010
  • Leidėjas: Auerbach
  • ISBN-13: 9780429228360
Kitos knygos pagal šią temą:
Taylor & Francis e-booksMore info about Taylor & Francis e-books
Partnerių interneto svetainė: https://www.taylorfrancis.com/books/9780429228360
The (ISC)²® Systems Security Certified Practitioner (SSCP®) certification is one of the most important credentials an information security practitioner can have. Having helped thousands of people around the world obtain this distinguished certification, the bestselling Official (ISC)2 Guide to the SSCP CBK® has quickly become the book that many of todays security practitioners depend on to attain and maintain the required competence in the seven domains of the (ISC)² CBK.

Picking up where the popular first edition left off, the Official (ISC)2 Guide to the SSCP CBK, Second Edition brings together leading IT security tacticians from around the world to discuss the critical role that policy, procedures, standards, and guidelines play within the overall information security management infrastructure. Offering step-by-step guidance through the seven domains of the SSCP CBK, the text:











Presents widely recognized best practices and techniques used by the world's most experienced administrators Uses accessible language, bulleted lists, tables, charts, and diagrams to facilitate a clear understanding Prepares you to join the thousands of practitioners worldwide who have obtained (ISC)² certification

Through clear descriptions accompanied by easy-to-follow instructions and self-assessment questions, this book will help you establish the product-independent understanding of information security fundamentals required to attain SSCP certification. Following certification it will be a valuable guide to addressing real-world security implementation challenges.
Foreword vii
Editor ix
About the Authors xi
Introduction xiii
1 Access Controls
1(42)
Paul Henry
Access Control Concepts
3(9)
What Is a Subject?
4(1)
Subject Group Considerations
5(1)
What Is an Object?
5(1)
Object Group Considerations
6(1)
Discretionary Access Control
6(1)
Rule Set-Based Access Controls
7(1)
Role-Based Access Controls
7(1)
Constrained User Interface
8(1)
Content-Dependent Access Control
9(1)
Context-Based Access Control
10(1)
Temporal Isolation (Time-Based) Access Control
10(1)
Nondiscretionary Access Control
11(1)
Mandatory Access Control
11(1)
Separation of Duties
11(1)
Architecture Models
12(2)
Bell---LaPadula
12(1)
Biba
12(1)
Clark---Wilson
13(1)
Other Considerations of Clark-Wilson
13(1)
Brewer---Nash: Chinese Wall
13(1)
Identification, Authentication, Authorization, and Accountability
14(19)
Identity (Who Is the Subject?)
14(1)
Methods (User ID, PIN, Account Number)
14(1)
Registration of New Users
15(1)
Periodic Review of Access Levels
15(1)
Clearance
15(1)
Authentication (Proof of Identity
15(1)
Knowledge
16(1)
Ownership
16(2)
Characteristic
18(4)
Multifactor Authentication
22(1)
Two-Factor vs. Three-Factor Authentication
22(2)
Dual Control
24(1)
Continuous Authentication
24(1)
Reverse Authentication
25(1)
Certificate-Based Authentication
25(1)
Authorization
25(1)
Access to Systems vs. Data, Networks
26(1)
Access Control Lists/Matrix
26(1)
Directories
27(1)
Single Sign-On
28(4)
Accountability
32(1)
Standard Format Logs
32(1)
Remote Access Methods
33(3)
Centralized Remote Access
33(1)
Remote Authentication Dial-In User Services
33(1)
Terminal Access Controller Access Control System
34(1)
Extended Terminal Access Controller Access Control System
34(1)
Terminal Access Controller Access Control System Plus
34(1)
Diameter
35(1)
Decentralized Remote Access
35(1)
Password Authentication Protocol/Challenge Handshake Authentication Protocol
36(1)
Other Access Control Areas
36(3)
Physical Security
36(1)
Portable Device Security
36(1)
Mobile Phones
36(1)
USB, CD, and DVD Drives
37(1)
Bypass of Logical Security
38(1)
Access to Computers and Equipment
38(1)
Clear Desk/Clean Screen
39(1)
Sample Questions
39(4)
2 Cryptography
43(36)
Christopher M. Nowell
The Basics
45(10)
Block Ciphers
47(1)
Electronic Codebook
48(1)
Cipher Block Chaining
48(2)
Cipher Feedback
50(1)
Output Feedback
51(1)
Counter
52(3)
Symmetric Cryptography
55(9)
Stream Ciphers
55(1)
One- Time Pads
56(1)
Introduction to Public Key
57(1)
Hashes and Digital Signatures
58(1)
Public Key Infrastructure
59(1)
Certificates
60(1)
Key Distribution
61(1)
Key Recovery
62(2)
Key Repository
64(1)
General Cryptography
64(10)
Problems, Weaknesses, and Concerns
64(3)
Algorithms, Ciphers, and Types
67(1)
Data Encryption Standard and Triple Data Encryption Standard
67(1)
Advanced Encryption Standard
67(1)
International Data Encryption Algorithm
68(1)
Blowfish
68(1)
Twofish
68(1)
RSA
68(1)
Skipjack
69(1)
Digital Signature Algorithm and Digital Signature Standard
69(1)
Elliptical Curve Cryptography
69(1)
Public Key Cryptography Standards
70(1)
Rivest Ciphers 2, 4, and 5
70(1)
Feistel Cipher
70(1)
Specific Hashes
71(1)
Message Digest 2, 4, and 5
71(1)
Secure Hash Algorithm 0, 1, and 2
71(1)
HAVAL
71(1)
RIPEMD-160
72(1)
Specific Protocols
72(1)
Diffie---Hellman Key Exchange
72(1)
SSL and TLS
72(1)
Secure Shell
72(1)
IP Security, Internet Key Exchange, and Internet Security Association and Key Management Protocol
73(1)
X.509
74(1)
Sample Questions
74(5)
3 Malicious Code
79(64)
Ken Dunham
Introduction to Windows Malcode Security Management
82(2)
CIA Triangle: Applicability to Malcode
84(1)
Malcode Naming Conventions and Types
84(13)
CARO-Like Naming Standards
84(4)
Cross-Referencing Malcode Names
88(1)
Common Malware Enumeration
88(1)
Public Multiscanners
89(1)
VGrep
89(1)
Malcode Types
89(2)
Vector
91(1)
Payload
91(1)
Virus
91(1)
Logic Bomb
91(1)
Worm
92(1)
Trojan
92(1)
Dropper
92(1)
Keylogger
92(1)
Bot
92(1)
File Infector
92(1)
Macro Viruses
93(1)
Boot Sector Virus
93(1)
Windows Rootkit
94(1)
Adware, Spyware, and Potentially Unwanted Programs
95(1)
Polymorphic
96(1)
Proof of Concept
97(1)
Brief History of Malcode
97(8)
The Internet Worm
97(1)
Notable Firsts
98(1)
Polymorphism and Virus Creation Kits
98(1)
Michelangelo
98(1)
Mac Viruses
99(1)
Hacktivism Moving toward Cyberwar and Cyberterrorism?
100(1)
1994: Virus Hoaxes
101(1)
1995: Turning of the Tide and a New Threat, Macro Viruses
102(1)
Anti-Trojan Utilities
102(1)
Worm Wars
102(1)
DDoS Attacks on Major Web Properties
103(1)
Legal and Law Enforcement Challenges
103(1)
Mobile Malcode
104(1)
Maturation of an Internet Criminal Marketplace
105(1)
Vectors of Infection
105(7)
Social Engineering or Exploitation
106(1)
Long File Extensions
106(1)
Double File Extensions
106(1)
Fake Related Extension
107(1)
Fake Icon
107(1)
Password-Protected ZIP Files/RAR
107(1)
Hostile Codecs (Zlob)
108(1)
E-Mail
109(1)
Web-Based Attacks
109(1)
Brute Force Attacks
109(1)
Instant Messaging
109(1)
Peer-to-Peer Networks
110(1)
Internet Relay Chat
110(1)
Rogue WAP
110(1)
Contractors Over Virtual Private Network
110(1)
Rogue Products and Search Engines
111(1)
Infected Factory Builds and CDs
111(1)
Insider Hardware Threats
111(1)
Web Exploitation Frameworks
111(1)
Payloads
112(5)
Backdoor Trojans
112(1)
DDoS Types
112(1)
Man-in-the-Middle Malcode
112(4)
Domain Name Servers
116(1)
Identifying Infections
117(6)
Security Solutions
117(1)
Network Layer
117(1)
Application Layer
118(1)
Third-Party Certifications
119(1)
The Wildlist
119(1)
Questionable Behavior on the Computer
120(1)
Pop-Ups
120(1)
Degraded Performance
120(1)
Modified HOSTS File and DNS Changes
121(1)
Inspection of Processes
121(1)
Inspection of the Windows Registry
122(1)
Inspection of Common File Locations
122(1)
Behavioral Analysis of Malcode
123(12)
Static File Analysis
124(1)
File Properties
124(1)
Hash
124(1)
Portable Executables Header
125(1)
String Analysis
125(1)
Hex Editors
126(1)
Unpacking Files and Memory Dumps
126(2)
Testing Remote Web Sites Found in Network Log Files
128(1)
Passive DNS Queries
129(1)
WHOIS, Reverse IP, Name Servers
129(1)
Deobfuscation of Scripts
130(1)
Interpreting Data
131(1)
VMware Testing of Samples
132(1)
Advanced File Capture Techniques
133(1)
Free Online Sandbox Solutions
134(1)
Interactive Behavioral Testing
134(1)
Malcode Mitigation
135(3)
Strategic
135(1)
Tactical
136(2)
Sample Questions
138(5)
4 Monitoring and Analysis
143(60)
Mike Mackrill
Policy, Controls, and Enforcement
144(6)
Security Framework
144(2)
Control Categories
146(1)
Summary
147(1)
Compliance Techniques
148(1)
Observations
148(1)
Testing
149(1)
Penetration Testing
149(1)
Social Engineering
149(1)
Logging
150(1)
Audit
150(9)
Security Auditing Overview
150(3)
Documentation
153(1)
Log Files
154(1)
Reviewing of Host Logs
154(1)
Review Incident Logs
155(1)
Log Anomalies
155(1)
Log Management
156(2)
Response to Audit
158(1)
Monitoring
159(41)
Security Monitoring Concepts
159(1)
Terminology
159(1)
Implementation Issues for Monitoring
160(3)
Who Are These People Attacking Us?
163(1)
What Is an Intrusion?
164(1)
So, What Is an Event?
165(1)
What Kinds of Monitoring Are There?
165(1)
IDS/IDP
166(1)
Vulnerability Assessment
167(14)
War Dialing
181(1)
War Driving
182(1)
Penetration Testing
182(5)
Mid-Tech Reconnaissance
187(6)
Penetration Testing High-Level Steps
193(7)
Sample Questions
200(3)
5 Networks and Telecommunications
203(60)
Eric Waxvik
Samuel Chun
Introduction to Networks and Telecommunications
205(9)
The Basic OSI Model: Its Security Strengths and Weaknesses
206(1)
Application Layer
206(1)
Presentation Layer
207(1)
Session Layer
207(1)
Transport Layer
207(1)
Network Layer
207(1)
Data Link Layer
208(1)
Physical Layer
208(1)
DoD TCP/IP Model
208(1)
Network Topologies and Their Security Issues
209(2)
WAN Access and Its Security Issues
211(3)
Network Protocols and Security Characteristics
214(13)
Network Protocols Introduction
214(4)
Network Level Security
218(4)
Wide Area Network Protocols
222(2)
Transport Layer Security Protocols
224(2)
Application Layer Security
226(1)
Data Communications and Network Infrastructure Components and Security Characteristics
227(16)
Physical Transmission Media
227(1)
Different Transmission Media
228(2)
The Enterprise Network Environment and Its Vulnerabilities
230(1)
Hubs
231(1)
Bridges
231(1)
Switches
232(1)
Access Points
232(1)
Routers
233(1)
Firewalls
233(2)
Remote Access
235(2)
Identification and Authentication for Remote Users
237(6)
Wireless Local Area Networking
243(16)
New Network and Telecommunications Frontiers
252(2)
Need for Security Policies, Standards, and Procedures for the IT Infrastructure
254(1)
Securing the IT Infrastructure
254(1)
Domains of IT Security Responsibility
255(2)
Defining Standard and Enhanced Security Requirements
257(1)
Implementing Standard and Enhanced Security Solutions
258(1)
Sample Questions
259(4)
6 Security Operations and Administration
263(92)
C. Karen Stopford
Security Program Objectives: The C-I-A Triad
266(2)
Confidentiality
266(1)
Integrity
267(1)
Availability
268(1)
Code of Ethics
268(1)
Security Best Practices
269(1)
Designing a Security Architecture
269(6)
Defense-in-Depth
269(2)
Risk-Based Controls
271(1)
Least Privilege
272(1)
Authorization and Accountability
273(1)
Separation of Duties
274(1)
Security Program Frameworks
275(3)
Aligning Business, IT, and Security
278(1)
Security Architecture and Models
278(2)
Bell-LaPadula Confidentiality Model
278(1)
Biba and Clark-Wilson Integrity Models
279(1)
Access Control Models
280(1)
Identity and Access Management
281(1)
Managing Privileged User Accounts
282(1)
Outsourcing Security and Managed Security Service Providers
283(3)
Business Partner Security Controls
286(1)
Security Policies, Standards, Guidelines, and Procedures
287(9)
Policy Document Format
287(1)
Policy Life Cycle
288(1)
Standards and Guidelines
289(3)
Procedures
292(2)
System Security Plans
294(2)
Additional Documentation
296(1)
Considerations for Safeguarding Confidentiality
296(3)
Regulations and Contractual Obligations
296(1)
Copyright
297(2)
Industrial Property
299(1)
Privacy and Monitoring
299(1)
Information Life Cycle
300(1)
Protecting Confidentiality and Information Classification
300(3)
Classification Schemes
301(1)
Marking and Labeling
302(1)
Information Classification Process
302(1)
Role of Classification in Business Continuity Planning Risk
303(1)
Information Handling Policy
303(1)
Information Collection
303(1)
Secure Information Storage
303(6)
Data Scrubbing
306(1)
Managing Encryption Keys
307(2)
Secure Output
309(1)
Record Retention and Disposal
309(8)
Disclosure Controls: Data Leakage Prevention
317(1)
Secure Application Development
318(5)
Waterfall Model
319(3)
Additional Application Development Methods
322(1)
Spiral Model
322(1)
Extreme Programming and Rapid Application Development
322(1)
Agile Development
322(1)
Component Development and Reuse
323(1)
Web Application Vulnerabilities and Secure Development Practices
323(4)
Protecting against Buffer Overflows
327(1)
Implementation and Release Management
327(2)
Systems Assurance and Controls Validation
329(1)
Certification and Accreditation
330(1)
Certification and Accreditation Roles
330(1)
Security Assurance Rating: Common Criteria
331(2)
Change Control
333(1)
Configuration Management
334(2)
Identification
334(1)
Control
335(1)
Accounting
335(1)
Auditing
335(1)
Change Management Roles
336(1)
Automated Configuration Management Tools
336(1)
Patch Management
336(2)
Monitoring System Integrity
338(1)
Endpoint Protection
339(3)
Endpoint Antivirus Solutions
341(1)
Antispyware
341(1)
Personal Firewalls and Host Intrusion Prevention Systems
341(1)
Thin Client Implementations
342(1)
Metrics
343(3)
Security Awareness and Training
346(4)
Security Staff Training
349(1)
Review Questions
350(3)
References
353(2)
7 Risk, Response, and Recovery
355(46)
Chris Trautwein
Introduction to Risk Management
358(12)
Risk Management Concepts
358(1)
Risk Management Process
359(1)
Risk Assessment
359(1)
Step 1 System Characterization
360(1)
Step 2 Threat Identification
360(2)
Step 3 Vulnerability Identification
362(1)
Step 4 Control Analysis
363(1)
Step 5 Likelihood Determination
364(1)
Step 6 Impact Analysis
364(2)
Step 7 Risk Determination
366(1)
Step 8 Control Recommendation
367(1)
Step 9 Results Documentation
367(1)
Risk Mitigation
367(1)
Risk Reduction and Limitation
367(2)
Risk Transference
369(1)
Risk Avoidance
369(1)
Risk Acceptance
369(1)
Risk Management Summary
369(1)
Incident Response
370(5)
Preparation
371(1)
Detection and Analysis
371(2)
Containment, Eradication, and Recovery
373(1)
Post-Incident Activity
374(1)
Incident Response Summary
375(1)
Forensics
375(2)
Evidence Gathering
375(1)
Evidence Handling
376(1)
Recovery
377(19)
Disaster Recovery Planning
382(2)
Recovery Strategy Alternatives
384(1)
Cold Site
384(1)
Warm Site
385(1)
Hot Site
385(1)
Multiple Processing Sites
386(1)
Mobile Sites
386(1)
Plan Testing
386(1)
Checklist Test
387(1)
Structured Walkthrough Test
387(1)
Parallel Testing
388(1)
Full Interruption Testing
388(1)
Plan Review and Maintenance
389(1)
Data Backup and Restoration
390(1)
Full Backup
390(1)
Differential Backup
390(1)
Incremental Backup
390(1)
Off-Site Storage
391(1)
Electronic Vaulting
392(1)
Remote Journaling
392(1)
System and Data Availability
392(1)
Clustering
393(1)
High-Availability Clustering
393(1)
Load-Balancing Clustering
394(1)
Redundant Array of Independent Disks
394(1)
RAID Levels
395(1)
Summary
396(1)
Sample Questions
396(5)
Appendix 401(38)
Index 439
Harold F. Tipton, currently an independent consultant, was a past president of the International Information System Security Certification Consortium and a director of computer security for Rockwell International Corporation for about 15 years. He initiated the Rockwell computer and data security program in 1977 and then continued to administer, develop, enhance, and expand the program to accommodate the control needs produced by technological advances until his retirement from Rockwell in 1994.

Tipton has been a member of the Information Systems Security Association (ISSA) since 1982. He was the president of the Los Angeles chapter in 1984, and the president of the national organization of ISSA (19871989). He was added to the ISSA Hall of Fame and the ISSA Honor Role in 2000.

Tipton was a member of the National Institute for Standards and Technology (NIST), the Computer and Telecommunications Security Council, and the National Research Council Secure Systems Study Committee (for the National Academy of Science). He received his BS in engineering from the U.S. Naval Academy and his MA in personnel administration from George Washington University; he also received his certificate in computer science from the University of California, Irvine. He is a certified information system security professional (CISSP), ISSAP, & ISSMP.

He has published several papers on information security issues for Auerbach Publications (Handbook of Information Security Management, Data Security Management, and Information Security Journal), National Academy of Sciences (Computers at Risk), Data Pro Reports, Elsevier, and ISSA (Access).

He has been a speaker at all the major information security conferences including the Computer Security Institute, the ISSA Annual Working Conference, the Computer Security Workshop, MIS Conferences, AIS Security for Space Operations, DOE Computer Security Conference, National Computer Security Conference, IIA Security Conference, EDPAA, UCCEL Security & Audit Users Conference, and Industrial Security Awareness Conference.

He has conducted/participated in information security seminars for (ISC)2, Frost & Sullivan, UCI, CSULB, System Exchange Seminars, and the Institute for International Research. He participated in the Ernst & Young video "Protecting Information Assets." He is currently serving as the editor of the Handbook of Information Security Management (Auerbach). He chairs the (ISC)2 CBK Committees and the QA Committee. He received the Computer Security Institutes Lifetime Achievement Award in 1994, the (ISC)2s Hal Tipton Award in 2001 and the (ISC)2 Founders Award in 2009.
Pastovi nuoroda: https://www.kriso.lt/db/9780429228360_pe.html
Raktažodžiai: