Skip to content

Surviving Security How to Integrate People, Process and Technology

Spend $50 to get a free DVD!

ISBN-10: 0672321297

ISBN-13: 9780672321290

Edition: 2002

Authors: Mandy Andress

List price: $39.99
Blue ribbon 30 day, 100% satisfaction guarantee!
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!


Focusing on balancing technical information with business concerns when implementing security technologies and processes, this text provides a roadmap for determining how much security to implement, who should be involved and how much to spend.
Customers also bought

Book details

List price: $39.99
Copyright year: 2002
Publisher: Sams
Publication date: 7/10/2001
Binding: Paperback
Pages: 552
Size: 7.36" wide x 9.13" long x 1.18" tall
Weight: 2.024
Language: English

Laying the Groundwork
Why Do I Need Security?
The Importance of an Effective Security Infrastructure
People, Process, and Technology
What Are You Protecting Against?
Security as a Competitive Advantage
Choosing a Solution
Finding Security Employees
The Layered Approach
Understanding Requirements and Risk
What Is Risk?
Embracing Risk
Information Security Risk Assessment
Assessing Risk
Security Policies and Procedures
Internal Focus Is Key
Policy Life Cycle
Developing Policies
Components of a Security Policy
Sample Security Policies
Understanding Basic Security Technologies
Cryptography and Encryption
A Brief History of Cryptography
Cryptography Today
Hash Algorithms
Digital Signatures
e-Signature Law
Digital Certificates
Public Key Infrastructure (PKI)
Secure Sockets Layer (SSL)
Other Protocols and Standards
Pretty Good Privacy (PGP)
Other Uses of Encryption
Multifactor Authentication
Methods of Authentication
Single Sign-On
Centralized Administration Remains Elusive
Building the Frame
Network Architecture and Physical Security
Changing Network Architecture
Common Configurations
Anson, Inc. Architecture
Internal Architecture
Physical Security
Firewalls and Perimeter Security
Firewall Advances
Firewall Technologies
Firewall Features
The Best Firewall for You
Hardware Appliance Versus Software
In-House Versus Out-Source
Firewall Architectures
Which Architecture Will Work for You?
Configuring Your Firewall
Firewall Rules
Firewall Add-Ons
A Good Start
Intrusion Detection
What Are Intrusion Detection Systems?
Categories of Intrusion Analysis
Characteristics of a Good Intrusion Detection System
Categories of Intrusion Detection
Separating the Truth from the Hype
Network Architecture with Intrusion Detection
Managed Services
Problems with Intrusion Detection
Technologies Under Development
Remote Access
Remote Access Users
Remote Access Requirements
Remote Access Issues
Remote Access Policies
Remote Access Technologies
Deploying and Supporting Remote Access
End-User Security
Applications, Servers, and Hosts
Host Security
Implementing Host Security
Understanding System Functions
Operating System (OS) Hardening
Security Monitoring Programs
System Auditing
Server Security
OS Hardening Versus Server Security
Web Servers
E-Mail Servers
DNS Servers
Domain Controllers
E-Mail Security
Policy Management
Policy Control
Client Security
Locking Down Systems
Protecting Against Viruses
Protecting Against Malware
Microsoft Applications
Instant Messaging
Application Development
Identifying Threats
Web Application Security
Technology Tools and Solutions
Review, Response, and Maintenance
Security Maintenance and Monitoring
Security Is an Ongoing Process
Monitor Mailing Lists
Review Logs
Periodically Review Configurations
Managed Security Services
Vulnerability Testing
How Does the Assessment Work?
When Are Vulnerability Assessments Needed?
Why Assess Vulnerability?
Performing Assessments
Data Interception
Password Cracking
Common Attacks
Taking Control
Security Audits
Audit Overview
The Audit
Types of Audits
Analysis of an Audit
Surviving an Audit
The Cost of an Audit
Sample Audit Checklist
Incident Response
Understanding Incident Management
Importance of CSIR Teams
Justifying a Response Team
Cost of an Incident
Assessing Your Needs
How to Use Your Assessment
Building an Incident Response Plan of Attack
When an Incident Occurs
The SANS Institute's Incident Response Plan
Analyzing an Attack
Putting It All Together
Integrating People, Process, and Technology
Your Security Infrastructure
How to Maintain a Successful Security Infrastructure
Security Awareness Training
Security ROI
Security Infrastructure Components
Interoperability and Management
Security Infrastructure Myths
Trends to Watch
Peer-to-Peer Networks
Wireless LAN Security
Mobile Commerce
The Rewards Are Yours
Apache Web Server
Automated Scanning Tools for Security Analysis
Backup and Recovery
Buffer Overflows
Build/Buy Security Systems
Computer Crime
Cryptography and Encryption
Digital Certificates and E-Signatures
DNS Security
E-Mail Security
Exchange Server
File Encryption
Hiring Hackers
Host Security
Hubs and Switches
IIS Web Servers
Information Security Professionals
Instant Messaging
Intrusion Detection
Log Analysis
Managed Service Providers
Network Security
Personal Firewalls
Physical Security
Policy Management
Probability of Attack
Public Key Infrastructure (PKI)
Remote Access
Remote Management
Risk Management
Secure Shell (SSH)
Secure Sockets Layer (SSL)
Security Audits
Security Policies
Smart Cards
System Auditing
Technology Insurance
Terminal Services
Virtual Private Networks (VPNs)
Vulnerability Scanners