by
Harley, David.
Call Number
005.8 22
Publication Date
2007
Summary
Members of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIENs sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature. * Customer Power takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist. * Stalkers on Your Desktop considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today. * A Tangled Web discusses threats and countermeasures in the context of the World Wide Web. * Big Bad Bots tackles bots and botnets, arguably Public Cyber-Enemy Number One. * Cr̈me de la CyberCrime takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots. * Defense in Depth takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies. * Perilous Outsorcery offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it. * Education in Education offers some insights into user education from an educationalists perspective, and looks at various aspects of security in schools and other educational establishments. * DIY Malware Analysis is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools. * Antivirus Evaluation & Testing continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software. * AVIEN & AVIEWS: the Future looks at future developments in AVIEN and AVIEWS.
Format:
Electronic Resources
Relevance:
1.0130
2.
by
Snedaker, Susan.
Call Number
658.478 22
Publication Date
2007
Summary
"Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Katrina Makes Landfall in the Gulf Coast. Avalanche Buries Highway in Denver. Tornado Touches Down in Georgia. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well." "As technology continues to become more integral to corporate operations at every level of the organization, the job of IT has expanded to become almost all-encompassing. These days, it's difficult to find corners of a company that technology does not touch. As a result, the need to plan for potential disruptions to technology services has increased exponentially." "Business Continuity Planning (BCP) and Disaster Recovery Planning (ORP) are emerging as the 'next big thing' in corporate IT circles. With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning." "The British Standards Institute is releasing a new standard for BCP this year, the Disaster Recovery Institute has developed a certification for DRP/BCP professionals in conjunction with the British Standards Institute, trade shows are popping up on this topic and the news is filled with companies facing disasters from all sides."--Jacket.
Format:
Electronic Resources
Relevance:
0.6067
View Other Search Results
by
Furnell, Steven, 1970-
Call Number
005.8 22
Publication Date
2008
Summary
This one-stop reference gives you the latest expertise on everything from access control and network security, to smart cards and privacy. Representing a total blueprint to security design and operations, this book brings all modern considerations into focus. It maps out user authentication methods that feature the latest biometric techniques, followed by authorization and access controls including DAC, MAC, and ABAC and how these controls are best applied in today's relational and multilevel secure database systems.
Format:
Electronic Resources
Relevance:
0.0657
by
Bradley, Tony, 1969-
Call Number
005.80218 22
Publication Date
2007
Summary
Identity theft has been steadily rising in recent years, and credit card data is one of the number one targets for identity theft. With a few pieces of key information. Organized crime has made malware development and computer networking attacks more professional and better defenses are necessary to protect against attack. The credit card industry established the PCI Data Security standards to provide a baseline expectancy for how vendors, or any entity that handles credit card transactions or data, should protect data to ensure it is not stolen or compromised. This book will provide the information that you need to understand the PCI Data Security standards and how to effectively implement security on the network infrastructure in order to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. *PCI Data Security standards apply to every company globally that processes or transmits credit card transaction data *Information with helps to develop and implement an effective security strategy to keep their infrastructure compliant *The authors are well known and each has an extensive information security background, making them ideal for conveying the information the reader needs.
Format:
Electronic Resources
Relevance:
0.0539
by
Wiles, Jack.
Call Number
363.25968 22
Publication Date
2007
Summary
This book provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference, to which this book is linked, has increased in size by almost 50% in its second year; another example of the rapid growth in the digital forensics world. The TechnoSecurity Guide to Digital Forensics and E-Discovery features: * Internationally known experts in computer forensics share their years of experience at the forefront of digital forensics * Bonus chapters on how to build your own Forensics Lab * 50% discount to the upcoming Techno Forensics conference for everyone who purchases a book.
Format:
Electronic Resources
Relevance:
0.0539
by
Qian, Yi, 1962-
Call Number
005.8 22
Publication Date
2008
Summary
In todays fast paced, infocentric environment, professionals increasingly rely on networked information technology to do business. Unfortunately, with the advent of such technology came new and complex problems that continue to threaten the availability, integrity, and confidentiality of our electronic information. It is therefore absolutely imperative to take measures to protect and defend information systems by ensuring their security and non-repudiation. Information Assurance skillfully addresses this issue by detailing the sufficient capacity networked systems need to operate while under attack, and itemizing failsafe design features such as alarms, restoration protocols, and management configurations to detect problems and automatically diagnose and respond. Moreover, this volume is unique in providing comprehensive coverage of both state-of-the-art survivability and security techniques, and the manner in which these two components interact to build robust Information Assurance (IA). KEY FEATURES * The first and (so far) only book to combine coverage of both security AND survivability in a networked information technology setting * Leading industry and academic researchers provide state-of-the-art survivability and security techniques and explain how these components interact in providing information assurance * Additional focus on security and survivability issues in wireless networks. Printbegrænsninger: Der kan printes kapitelvis.
Format:
Electronic Resources
Relevance:
0.0516
by
Manzuik, Steve.
Call Number
005.8 22
Publication Date
2007
Summary
This book will take readers from the discovery of vulnerabilities and the creation of the corresponding exploits, through a complete security assessment, all the way through deploying patches against these vulnerabilities to protect their networks. This is unique in that it details both the management and technical skill and tools required to develop an effective vulnerability management system. Business case studies and real world vulnerabilities are used through the book. It starts by introducing the reader to the concepts of a vulnerability management system. Readers will be provided detailed timelines of exploit development, vendors time to patch, and corporate path installations. Next, the differences between security assessment s and penetration tests will be clearly explained along with best practices for conducting both. Next, several case studies from different industries will illustrate the effectiveness of varying vulnerability assessment methodologies. The next several chapters will define the steps of a vulnerability assessment including: defining objectives, identifying and classifying assets, defining rules of engagement, scanning hosts, and identifying operating systems and applications. The next several chapters provide detailed instructions and examples for differentiating vulnerabilities from configuration problems, validating vulnerabilities through penetration testing. The last section of the book provides best practices for vulnerability management and remediation. * Unique coverage detailing both the management and technical skill and tools required to develop an effective vulnerability management system * Vulnerability management is rated the #2 most pressing concern for security professionals in a poll conducted by Information Security Magazine * Covers in the detail the vulnerability management lifecycle from discovery through patch.
Format:
Electronic Resources
Relevance:
0.0495
by
Wiles, Jack.
Call Number
658.478 22
Publication Date
2007
Summary
This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrows headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. Donald Withers, CEO and Cofounder of TheTrainingCo. Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security. Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise. Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving. Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency. Kevin OShea on Seizure of Digital Information discusses collecting hardware and information from the scene. Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics. Dennis OBrien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations. Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards. Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologists responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works. Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and cant do, and arms you with the information you need to set your career path. Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company. *Internationally known experts in information security share their wisdom *Free pass to Techno Security Conference for everyone who purchases a book$1,200 value *2-HOUR DVD with cutting edge information on the future of information security.
Format:
Electronic Resources
Relevance:
0.0342
Limit Search Results
Narrowed by: