Surviving Security: How to Integrate People, Process, and Technology

Published:
December 18, 2003 by Auerbach Publications - 528 Pages
Author(s):
Amanda Andress, Arc Sec Technologies, Union City, California, USA

Purchasing Options

Hardback
$94.95
Add to cart
ISBN 9780849320422
Cat# AU2042
 

Features

  • Examines security through a holistic perspective that takes into account strategy, policy, infrastructure, and individual security components
  • Details the types of infosec attacks and attackers
  • Describes how to craft security policies and procedures
  • Explores firewall technology, features, rules, and configuration
  • Addresses the function and value of intrusion detection systems
  • Illustrates the key points of successful vulnerability testing

    • Summary

    Previous information security references do not address the gulf between general security awareness and the specific technical steps that need to be taken to protect information assets. Surviving Security: How to Integrate People, Process, and Technology, Second Edition fills this void by explaining security through a holistic approach that considers both the overall security infrastructure and the roles of each individual component. This book provides a blueprint for creating and executing sound security policy. The author examines the costs and complications involved, covering security measures such as encryption, authentication, firewalls, intrusion detection, remote access, host security, server security, and more. After reading this book, you will know how to make educated security decisions that provide airtight, reliable solutions.

    About the Author
    Amanda Andress, CISSP, SSCP, CPA, CISA is Founder and President of ArcSec Technologies, a firm which focuses on security product reviews and consulting. Prior to that she was Director of Security for Privada, Inc., a privacy company in San Jose, California. She built extensive security auditing and IS control experience working at Exxon and Big 5 firms Deloitte & Touche and Ernst & Young. She has been published in NetworkWorld, InfoWorld, Information Security Magazine, and others, and is a frequent presenter at industry events such as N+I and Black Hat.

    Table of Contents

    WHY DO I NEED SECURITY?
    Introduction
    The Importance of an Effective Security Infrastructure
    People, Process, and Technology
    What Are You Protecting Against?
    Types of Attacks
    Types of Attackers
    Security as a Competitive Advantage
    Choosing a Solution
    Finding Security Employees
    The Layered Approach

    UNDERSTANDING REQUIREMENTS AND RISK
    What Is Risk?
    Embracing Risk
    Information Security Risk Assessment
    Assessing Risk
    Insurance

    SECURITY POLICIES AND PROCEDURES
    Internal Focus Is Key
    Security Awareness and Education
    Policy Life Cycle
    Developing Policies
    Components of a Security Policy
    Sample Security Policies
    Procedures

    CRYPTOGRAPHY AND ENCRYPTION
    A Brief History of Cryptography
    Cryptography Today
    Hash Algorithms
    Digital Signatures
    e-Signature Law
    Digital Certificates
    Public-Key Infrastructure (PKI)
    Secure Sockets Layer (SSL)
    Other Protocols and Standards
    Pretty Good Privacy (PGP)
    Steganography
    Other Uses of Encryption

    AUTHENTICATION
    Multifactor Authentication
    Methods of Authentication
    Single Sign-On
    Centralized Administration Remains Elusive

    NETWORK ARCHITECTURE AND PHYSICAL SECURITY
    Changing Network Architecture
    Common Configurations
    Anson Inc.'s Architecture
    Internal Architecture
    Virtual Local Area Networks
    Physical Security
    Choosing a Location
    Policies and Procedures

    FIREWALLS AND PERIMETER SECURITY
    Firewall Advances
    Firewall Technologies
    Firewall Features
    The Best Firewall for You
    Hardware Appliance vs. Software
    In-House vs. Outsource
    Firewall Architectures
    Which Architecture Will Work for You?
    Configuring Your Firewall
    Firewall Rules
    Content Filtering
    Logging
    A Good Start

    NETWORK MANAGEMENT AND DEVICE SECURITY
    Networks, Networks Everywhere
    Denial of Service
    Reflected Attacks
    Defending Your Network
    Identifying Compromised Systems
    SNMP
    SNMP Security
    Identifying New Devices on the Network
    Secure Device Configuration
    General Steps for All Network Devices

    WIRELESS NETWORK SECURITY
    Standards
    Security Issues
    Authentication Solutions
    Auditing Wireless LANs

    INTRUSION DETECTION
    What Are Intrusion-Detection Systems?
    Categories of Intrusion Analysis
    Characteristics of a Good IDS
    Errors
    Categories of Intrusion Detection
    Separating the Truth from the Hype
    Network Architecture with Intrusion Detection
    Managed Services
    Problems with Intrusion Detection
    Technologies Under Development

    REMOTE ACCESS
    Remote-Access Users
    Remote-Access Requirements
    Issues with Remote Access
    Policies
    Technologies
    Deploying and Supporting Remote Access
    End-User Security

    HOST SECURITY
    Implementing Host Security
    Understanding System Functions
    Operating System Hardening
    Security-Monitoring Programs
    System Auditing

    SERVER SECURITY
    Hardening vs. Server Security
    Firewalls
    Web Servers
    E-Mail Servers
    Databases
    DNS Servers
    DNSSEC
    Domain Controllers and Active Directory
    Appliances
    E-Mail Security
    Policy Management
    Policy Control

    CLIENT SECURITY
    Locking Down Systems
    Protecting against Viruses
    Protecting against Malware
    Microsoft Applications
    Instant Messaging

    APPLICATION DEVELOPMENT
    Identifying Threats
    Web-Application Security
    Prevention 334
    Technology Tools and Solutions

    SECURITY MAINTENANCE AND MONITORING
    Security Is an Ongoing Process
    Patches
    Monitor Mailing Lists
    Review Logs
    Periodically Review Configurations
    Managed Security Services

    VULNERABILITY TESTING
    How Does the Assessment Work?
    When Are Vulnerability Assessments Needed?
    Why Assess Vulnerability?
    Performing Assessments
    Password Cracking
    Common Attacks

    SECURITY AUDITS
    Audit Overview
    The Audit
    Types of Audits
    Analysis of an Audit
    Surviving an Audit
    The Cost of an Audit
    Sample Audit Checklist

    INCIDENT RESPONSE
    Understanding Incident Management
    The Importance of CSIR Teams
    Justifying a Response Team
    Cost of an Incident
    Assessing Your Needs
    How to Use Your Assessment
    Building an Incident Response Plan of Attack
    When an Incident Occurs
    The SANS Institute's Incident-Response Plan
    Analyzing an Attack

    INTEGRATING PEOPLE, PROCESS, AND TECHNOLOGY
    Your Security Infrastructure
    Maintaining a Successful Security Infrastructure
    Security-Awareness Training
    Who Are We?
    What Are Our Responsibilities?
    What are Your (the employee's) Responsibilities?
    Security ROI
    Security Infrastructure Components
    Interoperability and Management
    Security Infrastructure Myths

    TRENDS TO WATCH
    PDAs
    Peer-to-Peer Networks
    Honeypots
    Storage-Area Networks
    The Rewards Are Yours

    Editorial Reviews

    "Surviving Security is a crash course in all of the things that we should be doing in cyberspace that don't come naturally to most of us. It is a soup-to-nuts portrayal of how to do security right, from an experienced practitioner of digital security in real-world environments…Perhaps the best thing about this book, though, is that it's up-to-date. Mandy hasn't written just another cookbook recitation of the three R's of security, she has built a comprehensive structure on sound principles and extended it with her intimate knowledge of exciting new technology… I see few other titles on the shelves that can match this volume of experience and expertise in such a concise, lucidly written, and easy to read package."
    Joel Scrambray, Co-author, Hacking Exposed from The Foreword

    Related Titles