Inside the Security Mind Making the Tough Decisions

Name: Inside the Security Mind Making the Tough Decisions
Price: 70.91 USD
Availability: InStock
ISBN: 9780131118294

ISBN-10: 0131118293

ISBN-13: 9780131118294

Edition: 2003

Authors: Kevin Day

List price: $44.99

30 day, 100% satisfaction guarantee!

Marketplace

1 new & used from $70.91

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Despite all the recent advances in security technologies and a barrage of new products, most organizations are only slightly more secure than they were 4 or 5 years ago. While companies are running to the latest security technology, they are missing the understanding of the whys and hows of security on a macro level. This book bridges that gap. If you work in a medium to large firm and need to develop a comprehensive security plan for your company, you need to understand how these technologies and products fit into the big picture. You need to be able to make decisions about which technologies to select and where/how they should be deployed in a cost efficient manner. The first half of the…

Book details

List price: $44.99
Copyright year: 2003
Publisher: Prentice Hall PTR
Publication date: 2/20/2003
Binding: Hardcover
Pages: 336
Size: 6.75" wide x 8.75" long x 0.75" tall
Weight: 1.386
Language: English



Prologue


Acknowledgments



Introduction


The Security Mind


Where Do We Start? Where Does It End?



A New Look at Information Security


Security as an Art Form


What We Know About Security


Understanding the Fear Factor


How to Successfully Implement and Manage Security



The Four Virtues of Security


Introduction to the Virtues


The Virtue of Daily Consideration


The Virtue of Community Effort


The Virtue of Higher Focus


The Virtue of Education


Using These Virtues



The Eight Rules of Security (Components of All Security Decisions)


Introduction to the Rules


Rule of Least Privilege


Rule of Change


Rule of Trust


Rule of the Weakest Link


Rule of Separation


Rule of the Three-Fold Process


Rule of Preventative Action (Proactive Security)


Rule of Immediate and Proper Response


Incorporating the Rules



Developing a Higher Security Mind


The Art of Higher Security


Thinking in Zones


Creating Chokepoints


Layering Security


Working in Stillness


Understanding Relational Security


Understanding Secretless Security


Dividing Responsibilities


Failing Securely



Making Security Decisions


Using the Rules to Make a Decision


The Decision-Making Process


Example Decision



Know Thy Enemy and Know Thyself


Understanding the Modern Hacker


Where Modern Vulnerabilities Exist


Modern Targets


Modern Exploits


Neglecting the Rules: A Hacker's Tale


Creating Your Own Security Profile


Becoming Invisible to Your Enemies



Practical Security Assessments


The Importance of a Security Audit


Understanding Risks and Threats


The Traditional Security Assessment Model


The Relational Security Assessment Model


Relational Security Assessment Model: Risks


Relational Security Assessment Model: Controls


Relational Security Assessment Model: Tactical Audit Process


Analytical Audit Measures


Additional Audit Considerations



The Security Staff


Building a Successful Security Team


Bringing in Security Consultants


Outsourcing Security Maintenance



Modern Considerations


Using Standard Defenses


Open Source vs


Closed Source Security


Wireless Networks


Encryption


Virtual Private Networking



The Rules in Practice


Practicing the Rules


Perimeter Defenses


Internal Defenses


Physical Defenses


Direct Object Defenses


Outbound Internet Access


Logging and Monitoring


Handling Authentication



Going Forward


The Future of Information Security



Tips on Keeping Up-to-Date



Ideas for Training



Additional Recommended Audit Practices



Recommended Reading



The Hidden Statistics of Information Security


Index