Previous information security references do not address the gulf between general security awareness and the specific technical steps that need to be taken to protect information assets. Surviving Security: How to Integrate People, Process, and Technology, Second Edition fills this void by explaining security through a holistic approach that considers both the overall security infrastructure and the roles of each individual component. This book provides a blueprint for creating and executing sound security policy. The author examines the costs and complications involved, covering security measures such as encryption, authentication, firewalls, intrusion detection, remote access, host security, server security, and more. After reading this book, you will know how to make educated security decisions that provide airtight, reliable solutions.
About the Author
Amanda Andress, CISSP, SSCP, CPA, CISA is Founder and President of ArcSec Technologies, a firm which focuses on security product reviews and consulting. Prior to that she was Director of Security for Privada, Inc., a privacy company in San Jose, California. She built extensive security auditing and IS control experience working at Exxon and Big 5 firms Deloitte & Touche and Ernst & Young. She has been published in NetworkWorld, InfoWorld, Information Security Magazine, and others, and is a frequent presenter at industry events such as N+I and Black Hat.
Table of Contents
WHY DO I NEED SECURITY?
The Importance of an Effective Security Infrastructure
People, Process, and Technology
What Are You Protecting Against?
Types of Attacks
Types of Attackers
Security as a Competitive Advantage
Choosing a Solution
Finding Security Employees
The Layered Approach
UNDERSTANDING REQUIREMENTS AND RISK
What Is Risk?
Information Security Risk Assessment
SECURITY POLICIES AND PROCEDURES
Internal Focus Is Key
Security Awareness and Education
Policy Life Cycle
Components of a Security Policy
Sample Security Policies
CRYPTOGRAPHY AND ENCRYPTION
A Brief History of Cryptography
Public-Key Infrastructure (PKI)
Secure Sockets Layer (SSL)
Other Protocols and Standards
Pretty Good Privacy (PGP)
Other Uses of Encryption
Methods of Authentication
Centralized Administration Remains Elusive
NETWORK ARCHITECTURE AND PHYSICAL SECURITY
Changing Network Architecture
Anson Inc.'s Architecture
Virtual Local Area Networks
Choosing a Location
Policies and Procedures
FIREWALLS AND PERIMETER SECURITY
The Best Firewall for You
Hardware Appliance vs. Software
In-House vs. Outsource
Which Architecture Will Work for You?
Configuring Your Firewall
A Good Start
NETWORK MANAGEMENT AND DEVICE SECURITY
Networks, Networks Everywhere
Denial of Service
Defending Your Network
Identifying Compromised Systems
Identifying New Devices on the Network
Secure Device Configuration
General Steps for All Network Devices
WIRELESS NETWORK SECURITY
Auditing Wireless LANs
What Are Intrusion-Detection Systems?
Categories of Intrusion Analysis
Characteristics of a Good IDS
Categories of Intrusion Detection
Separating the Truth from the Hype
Network Architecture with Intrusion Detection
Problems with Intrusion Detection
Technologies Under Development
Issues with Remote Access
Deploying and Supporting Remote Access
Implementing Host Security
Understanding System Functions
Operating System Hardening
Hardening vs. Server Security
Domain Controllers and Active Directory
Locking Down Systems
Protecting against Viruses
Protecting against Malware
Technology Tools and Solutions
SECURITY MAINTENANCE AND MONITORING
Security Is an Ongoing Process
Monitor Mailing Lists
Periodically Review Configurations
Managed Security Services
How Does the Assessment Work?
When Are Vulnerability Assessments Needed?
Why Assess Vulnerability?
Types of Audits
Analysis of an Audit
Surviving an Audit
The Cost of an Audit
Sample Audit Checklist
Understanding Incident Management
The Importance of CSIR Teams
Justifying a Response Team
Cost of an Incident
Assessing Your Needs
How to Use Your Assessment
Building an Incident Response Plan of Attack
When an Incident Occurs
The SANS Institute's Incident-Response Plan
Analyzing an Attack
INTEGRATING PEOPLE, PROCESS, AND TECHNOLOGY
Your Security Infrastructure
Maintaining a Successful Security Infrastructure
Who Are We?
What Are Our Responsibilities?
What are Your (the employee's) Responsibilities?
Security Infrastructure Components
Interoperability and Management
Security Infrastructure Myths
TRENDS TO WATCH
The Rewards Are Yours
"Surviving Security is a crash course in all of the things that we should be doing in cyberspace that don't come naturally to most of us. It is a soup-to-nuts portrayal of how to do security right, from an experienced practitioner of digital security in real-world environments…Perhaps the best thing about this book, though, is that it's up-to-date. Mandy hasn't written just another cookbook recitation of the three R's of security, she has built a comprehensive structure on sound principles and extended it with her intimate knowledge of exciting new technology… I see few other titles on the shelves that can match this volume of experience and expertise in such a concise, lucidly written, and easy to read package."
Joel Scrambray, Co-author, Hacking Exposed from The Foreword