Search Results for management - Narrowed by: Computer networks -- Security measures.

Security log management : identifying patterns in the chaos / Jacob Babbin [and others].

2024-05-14T22:15:58Z

by Babbin, Jacob.
Call Number 005.8 22
Publication Date 2006
Summary This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks.
Format: Electronic Resources
Click here to view

Enemy at the water cooler [electronic resource] : real-life stories of insider threats and Enterprise Security Management countermeasures / Brian T. Contos.

2024-05-14T22:15:58Z

by Contos, Brian T.
Call Number 005.8 22
Publication Date 2006
Summary Packed with vivid real-life cases, this comprehensive book addresses the most difficult to manage and costly of all security threats: the insider.
Format: Electronic Resources
Click here to view

AVIEN malware defense guide for the Enterprise / David Harley [and others] ; foreword by Robert S. Vibert.

2024-05-14T22:15:58Z

by Harley, David.
Call Number 005.8 22
Publication Date 2007
Summary Members of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIENs sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature. * Customer Power takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist. * Stalkers on Your Desktop considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today. * A Tangled Web discusses threats and countermeasures in the context of the World Wide Web. * Big Bad Bots tackles bots and botnets, arguably Public Cyber-Enemy Number One. * Cr̈me de la CyberCrime takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots. * Defense in Depth takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies. * Perilous Outsorcery offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it. * Education in Education offers some insights into user education from an educationalists perspective, and looks at various aspects of security in schools and other educational establishments. * DIY Malware Analysis is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools. * Antivirus Evaluation & Testing continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software. * AVIEN & AVIEWS: the Future looks at future developments in AVIEN and AVIEWS.
Format: Electronic Resources
Click here to view

Advanced penetration testing for highly-secured environments [electronic resource] : the ultimate security guide / Lee Allen.

2024-05-14T22:15:58Z

by Allen, Lee.
Call Number 005.8 23
Publication Date 2012
Summary An intensive hands-on guide to perform professional penetration testing for highly-secured environments from start to finish. You will learn to provide penetration testing services to clients with mature security infrastructure. Understand how to perform each stage of the penetration test by gaining hands-on experience in performing attacks that mimic those seen in the wild. In the end, take the challenge and perform a virtual penetration test against a fictional corporation. If you are looking for guidance and detailed instructions on how to perform a penetration test from start to finish, are looking to build out your own penetration testing lab, or are looking to improve on your existing penetration testing skills, this book is for you. Although the books attempts to accommodate those that are still new to the penetration testing field, experienced testers should be able to gain knowledge and hands-on experience as well. The book does assume that you have some experience in web application testing and as such the chapter regarding this subject may require you to understand the basic concepts of web security. The reader should also be familiar with basic IT concepts, and commonly used protocols such as TCP/IP.
Format: Electronic Resources
Click here to view

Business continuity & disaster recovery for IT professionals [electronic resource] / Susan Snedaker.

2024-05-14T22:15:58Z

by Snedaker, Susan.
Call Number 658.478 22
Publication Date 2007
Summary "Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Katrina Makes Landfall in the Gulf Coast. Avalanche Buries Highway in Denver. Tornado Touches Down in Georgia. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well." "As technology continues to become more integral to corporate operations at every level of the organization, the job of IT has expanded to become almost all-encompassing. These days, it's difficult to find corners of a company that technology does not touch. As a result, the need to plan for potential disruptions to technology services has increased exponentially." "Business Continuity Planning (BCP) and Disaster Recovery Planning (ORP) are emerging as the 'next big thing' in corporate IT circles. With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning." "The British Standards Institute is releasing a new standard for BCP this year, the Disaster Recovery Institute has developed a certification for DRP/BCP professionals in conjunction with the British Standards Institute, trade shows are popping up on this topic and the news is filled with companies facing disasters from all sides."--Jacket.
Format: Electronic Resources
Click here to view

Cyber crime, security and digital intelligence / Mark Johnson.

2024-05-14T22:15:58Z

by Johnson, Mark, 1959-
Call Number 658.478 23
Publication Date 2013
Summary "Today's digital economy is uniquely dependent on the Internet, yet few users or decision makers have more than a rudimentary understanding of the myriad of online risks that threaten us. Cyber crime is one of the main threats to the integrity and availability of data and systems. From insiders to complex external attacks and industrial worms, modern business faces unprecedented challenges; and while cyber security and digital intelligence are the necessary responses to this challenge, they are understood by only a tiny minority. In his second book on high-tech risks, Mark Johnson goes far beyond enumerating past cases and summarising legal or regulatory requirements. He describes in plain, non-technical language how cyber crime has evolved and the nature of the very latest threats. He confronts issues that are not addressed by codified rules and practice guidelines, supporting this with over 30 valuable illustrations and tables. Written for the non-technical layman and the high tech risk manager alike, the book also explores countermeasures, penetration testing, best practice principles, cyber conflict and future challenges. A discussion of Web 2.0 risks delves into the very real questions facing policy makers, along with the pros and cons of open source data. In a chapter on Digital Intelligence readers are provided with an exhaustive guide to practical, effective and ethical online investigations. Cyber Crime, Security and Digital Intelligence is an important work of great relevance in today's interconnected world and one that nobody with an interest in either risk or technology should be without."--Unedited summary from book.
Format: Electronic Resources
http://ezproxy.angliss.edu.au/login?direct=true&scope=site&db=nlebk&AN=559740

Handbook of security and networks [electronic resource] / editors, Yang Xiao, Frank H Li, Hui Chen.

2024-05-14T22:15:58Z

by Xiao, Yang, 1966-
Call Number 005.8 22
Publication Date 2011
Format: Electronic Resources
Click here to view

Multicast and group security / Thomas Hardjono, Lakshminath R. Dondeti.

2024-05-14T22:15:58Z

by Hardjono, Thomas.
Call Number 005.8 22
Publication Date 2003
Summary A handbook for engineers, architects and other practitioners working in the field of Internet security. It presents detailed coverage of security technologies and techniques for IP (Internet protocol) multicast networks, along with algorithms and protocols for multi-party secure communication.
Format: Electronic Resources
Click here to view

Security in ad hoc and sensor networks [electronic resource] / Raheem Beyah, Janise McNair, Cherita Corbett.

2024-05-14T22:15:58Z

by Beyah, Raheem (Raheem A.), 1976-
Call Number 621.38 22
Publication Date 2010
Summary Security issues in ad hoc and sensor networks have become extremely important. This edited book provides a comprehensive treatment for security issues in these networks, ranging from attack mitigation to recovery after an attack has been successfully executed. Security issues addressed include (but are not limited to) attacks, malicious node detection, access control, authentication, intrusion detection, privacy and anonymity, key management, location verification, security architectures and protocols, secrecy and integrity, network resilience and survivability, and trust models. This complete book provides an excellent reference for students, researchers, and industry practitioners related to these areas.
Format: Electronic Resources
Click here to view

Securing information and communications systems [electronic resource] : principles, technologies, and applications / Steven M. Furnell [and others], editors.

2024-05-14T22:15:58Z

by Furnell, Steven, 1970-
Call Number 005.8 22
Publication Date 2008
Summary This one-stop reference gives you the latest expertise on everything from access control and network security, to smart cards and privacy. Representing a total blueprint to security design and operations, this book brings all modern considerations into focus. It maps out user authentication methods that feature the latest biometric techniques, followed by authorization and access controls including DAC, MAC, and ABAC and how these controls are best applied in today's relational and multilevel secure database systems.
Format: Electronic Resources
Click here to view

Practical guide for implementing secure intranets and extranets / Kaustubh M. Phaltankar.

2024-05-14T22:15:58Z

by Phaltankar, Kaustubh M.
Call Number 005.8 21
Publication Date 2000
Format: Electronic Resources
Click here to view

PCI compliance [electronic resource] : implementing effective PCI data security standards / Tony Bradley, technical editor ; James D. Burton Jr. ... [et al., contributors].

2024-05-14T22:15:58Z

by Bradley, Tony, 1969-
Call Number 005.80218 22
Publication Date 2007
Summary Identity theft has been steadily rising in recent years, and credit card data is one of the number one targets for identity theft. With a few pieces of key information. Organized crime has made malware development and computer networking attacks more professional and better defenses are necessary to protect against attack. The credit card industry established the PCI Data Security standards to provide a baseline expectancy for how vendors, or any entity that handles credit card transactions or data, should protect data to ensure it is not stolen or compromised. This book will provide the information that you need to understand the PCI Data Security standards and how to effectively implement security on the network infrastructure in order to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. *PCI Data Security standards apply to every company globally that processes or transmits credit card transaction data *Information with helps to develop and implement an effective security strategy to keep their infrastructure compliant *The authors are well known and each has an extensive information security background, making them ideal for conveying the information the reader needs.
Format: Electronic Resources
Click here to view

Techno security's guide to e-discovery and digital forensics / Jack Wiles [and others].

2024-05-14T22:15:58Z

by Wiles, Jack.
Call Number 363.25968 22
Publication Date 2007
Summary This book provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference, to which this book is linked, has increased in size by almost 50% in its second year; another example of the rapid growth in the digital forensics world. The TechnoSecurity Guide to Digital Forensics and E-Discovery features: * Internationally known experts in computer forensics share their years of experience at the forefront of digital forensics * Bonus chapters on how to build your own Forensics Lab * 50% discount to the upcoming Techno Forensics conference for everyone who purchases a book.
Format: Electronic Resources
Click here to view

Penetration testing [electronic resource] : protecting networks and systems / Kevin M. Henry.

2024-05-14T22:15:58Z

by Henry, Kevin M.
Call Number 005.8 23
Publication Date 2012
Summary This book is a preparation guide for the CPTE examination, yet is also a general reference for experienced penetration testers, ethical hackers, auditors, security personnel and anyone else involved in the security of an organization's computer systems.
Format: Electronic Resources
Click here to view

Information assurance [electronic resource] : dependability and security in networked systems / [edited by] Yi Qian [and others].

2024-05-14T22:15:58Z

by Qian, Yi, 1962-
Call Number 005.8 22
Publication Date 2008
Summary In todays fast paced, infocentric environment, professionals increasingly rely on networked information technology to do business. Unfortunately, with the advent of such technology came new and complex problems that continue to threaten the availability, integrity, and confidentiality of our electronic information. It is therefore absolutely imperative to take measures to protect and defend information systems by ensuring their security and non-repudiation. Information Assurance skillfully addresses this issue by detailing the sufficient capacity networked systems need to operate while under attack, and itemizing failsafe design features such as alarms, restoration protocols, and management configurations to detect problems and automatically diagnose and respond. Moreover, this volume is unique in providing comprehensive coverage of both state-of-the-art survivability and security techniques, and the manner in which these two components interact to build robust Information Assurance (IA). KEY FEATURES * The first and (so far) only book to combine coverage of both security AND survivability in a networked information technology setting * Leading industry and academic researchers provide state-of-the-art survivability and security techniques and explain how these components interact in providing information assurance * Additional focus on security and survivability issues in wireless networks. Printbegrænsninger: Der kan printes kapitelvis.
Format: Electronic Resources
Click here to view

Network security assessment : from vulnerability to patch / Steve Manzuik, André Gold, Chris Gatford.

2024-05-14T22:15:58Z

by Manzuik, Steve.
Call Number 005.8 22
Publication Date 2007
Summary This book will take readers from the discovery of vulnerabilities and the creation of the corresponding exploits, through a complete security assessment, all the way through deploying patches against these vulnerabilities to protect their networks. This is unique in that it details both the management and technical skill and tools required to develop an effective vulnerability management system. Business case studies and real world vulnerabilities are used through the book. It starts by introducing the reader to the concepts of a vulnerability management system. Readers will be provided detailed timelines of exploit development, vendors time to patch, and corporate path installations. Next, the differences between security assessment s and penetration tests will be clearly explained along with best practices for conducting both. Next, several case studies from different industries will illustrate the effectiveness of varying vulnerability assessment methodologies. The next several chapters will define the steps of a vulnerability assessment including: defining objectives, identifying and classifying assets, defining rules of engagement, scanning hosts, and identifying operating systems and applications. The next several chapters provide detailed instructions and examples for differentiating vulnerabilities from configuration problems, validating vulnerabilities through penetration testing. The last section of the book provides best practices for vulnerability management and remediation. * Unique coverage detailing both the management and technical skill and tools required to develop an effective vulnerability management system * Vulnerability management is rated the #2 most pressing concern for security professionals in a poll conducted by Information Security Magazine * Covers in the detail the vulnerability management lifecycle from discovery through patch.
Format: Electronic Resources
Click to view here

Syngress force emerging threat analysis : from mischief to malicious / David Maynor [and others].

2024-05-14T22:15:58Z

by Maynor, David.
Call Number 005.8 22
Publication Date 2006
Summary A One-Stop Reference Containing the Most Read Topics in the Syngress Security Library This Syngress Anthology Helps You Protect Your Enterprise from Tomorrows Threats Today This is the perfect reference for any IT professional responsible for protecting their enterprise from the next generation of IT security threats. This anthology represents the best of this years top Syngress Security books on the Human, Malware, VoIP, Device Driver, RFID, Phishing, and Spam threats likely to be unleashed in the near future. * From Practical VoIP Security, Thomas Porter, Ph. D. and Director of IT Security for the FIFA 2006 World Cup, writes on threats to VoIP communications systems and makes recommendations on VoIP security. * From Phishing Exposed, Lance James, Chief Technology Officer of Secure Science Corporation, presents the latest information on phishing and spam. * From Combating Spyware in the Enterprise, Brian Baskin, instructor for the annual Department of Defense Cyber Crime Conference, writes on forensic detection and removal of spyware. * Also from Combating Spyware in the Enterprise, About.coms security expert Tony Bradley covers the transformation of spyware. * From Inside the SPAM Cartel, Spammer-X shows how spam is created and why it works so well. * From Securing IM and P2P Applications for the Enterprise, Paul Piccard, former manager of Internet Security Systems' Global Threat Operations Center, covers Skype security. * Also from Securing IM and P2P Applications for the Enterprise, Craig Edwards, creator of the IRC security software IRC Defender, discusses global IRC security. * From RFID Security, Brad Renderman Haines, one of the most visible members of the wardriving community, covers tag encoding and tag application attacks. * Also from RFID Security, Frank Thornton, owner of Blackthorn Systems and an expert in wireless networks, discusses management of RFID security. * From Hack the Stack, security expert Michael Gregg covers attacking the people layer. * Bonus coverage includes exclusive material on device driver attacks by Dave Maynor, Senior Researcher at SecureWorks. * The best of this year: Human, Malware, VoIP, Device Driver, RFID, Phishing, and Spam threats * Complete Coverage of forensic detection and removal of spyware, the transformation of spyware, global IRC security, and more * Covers secure enterprise-wide deployment of hottest technologies including Voice Over IP, Pocket PCs, smart phones, and more.
Format: Electronic Resources
Click to view here

Techno Security's guide to managing risks : for IT managers, auditors, and investigators / Jack Wiles ; Russ Rogers, technical editor.

2024-05-14T22:15:58Z

by Wiles, Jack.
Call Number 658.478 22
Publication Date 2007
Summary This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrows headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. Donald Withers, CEO and Cofounder of TheTrainingCo. Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security. Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise. Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving. Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency. Kevin OShea on Seizure of Digital Information discusses collecting hardware and information from the scene. Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics. Dennis OBrien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations. Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards. Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologists responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works. Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and cant do, and arms you with the information you need to set your career path. Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company. *Internationally known experts in information security share their wisdom *Free pass to Techno Security Conference for everyone who purchases a book$1,200 value *2-HOUR DVD with cutting edge information on the future of information security.
Format: Electronic Resources
Click here to view