You are previewing Managing Information Security, 2nd Edition.
O'Reilly logo
Managing Information Security, 2nd Edition

Book Description

Managing Information Security offers focused coverage of how to protect mission critical systems, and how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerability assessment, and more. It offers in-depth coverage of the current technology and practice as it relates to information security management solutions. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise.



  • Chapters contributed by leaders in the field covering foundational and practical aspects of information security management, allowing the reader to develop a new level of technical expertise found nowhere else
  • Comprehensive coverage by leading experts allows the reader to put current technologies to work
  • Presents methods of analysis and problem solving techniques, enhancing the reader’s grasp of the material and ability to implement practical solutions

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Acknowledgements
  7. About the Editor
  8. Contributors
  9. Introduction
    1. Organization of this Book
  10. Chapter 1. Information Security Essentials for IT Managers: Protecting Mission-Critical Systems
    1. 1 Information Security Essentials for it Managers, Overview
    2. 2 Protecting Mission-Critical Systems
    3. 3 Information Security from the Ground Up
    4. 4 Security Monitoring and Effectiveness
    5. 5 Summary
    6. Chapter Review Questions/Exercises
    7. Exercise
  11. Chapter 2. Security Management Systems
    1. 1 Security Management System Standards
    2. 2 Training Requirements
    3. 3 Principles of Information Security
    4. 4 Roles and Responsibilities of Personnel
    5. 5 Security Policies
    6. 6 Security Controls
    7. 7 Network Access
    8. 8 Risk Assessment
    9. 9 Incident Response
    10. 10 Summary
    11. Chapter Review Questions/Exercises
    12. Exercise
  12. Chapter 3. Information Technology Security Management
    1. 1 Information Security Management Standards
    2. 2 Other Organizations Involved in Standards
    3. 3 Information Technology Security Aspects
    4. 4 Summary
    5. Chapter Review Questions/Exercises
    6. Exercise
  13. Chapter 4. Online Identity and User Management Services
    1. 1 Introduction
    2. 2 Evolution of Identity Management Requirements
    3. 3 The Requirements Fulfilled by Identity Management Technologies
    4. 4 Identity Management 1.0
    5. 5 Social Login and User Management
    6. 6 Identity 2.0 for Mobile Users
    7. 7 Summary
    8. Chapter Review Questions/Exercises
    9. Exercise
    10. References
  14. Chapter 5. Intrusion Prevention and Detection Systems
    1. 1 What is an ‘Intrusion’ Anyway?
    2. 2 Physical Theft
    3. 3 Abuse of Privileges (The Insider Threat)
    4. 4 Unauthorized Access by Outsider
    5. 5 Malware Infection
    6. 6 The Role of the ‘0-Day’
    7. 7 The Rogue’s Gallery: Attackers and Motives
    8. 8 A Brief Introduction to TCP/IP
    9. 9 The TCP/IP Data Architecture and Data Encapsulation
    10. 10 Survey of Intrusion Detection and Prevention Technologies
    11. 11 Anti-Malware Software
    12. 12 Network-Based Intrusion Detection Systems
    13. 13 Network-Based Intrusion Prevention Systems
    14. 14 Host-Based Intrusion Prevention Systems
    15. 15 Security Information Management Systems
    16. 16 Network Session Analysis
    17. 17 Digital Forensics
    18. 18 System Integrity Validation
    19. 19 Summary
    20. Chapter Review Questions/Exercises
    21. Exercise
    22. References
  15. Chapter 6. Firewalls
    1. 1 Introduction
    2. 2 Network Firewalls
    3. 3 Firewall Security Policies
    4. 4 A Simple Mathematical Model for Policies, Rules, and Packets
    5. 5 First-Match Firewall Policy Anomalies
    6. 6 Policy Optimization
    7. 7 Firewall Types
    8. 8 Host and Network Firewalls
    9. 9 Software and Hardware Firewall Implementations
    10. 10 Choosing the Correct Firewall
    11. 11 Firewall Placement and Network Topology
    12. 12 Firewall Installation and Configuration
    13. 13 Supporting Outgoing Services Through Firewall Configuration
    14. 14 Secure External Services Provisioning
    15. 15 Network Firewalls for Voice and Video Applications
    16. 16 Firewalls and Important Administrative Service Protocols
    17. 17 Internal IP Services Protection
    18. 18 Firewall Remote Access Configuration
    19. 19 Load Balancing and Firewall Arrays
    20. 20 Highly Available Firewalls
    21. 21 Firewall Management
    22. 22 Summary
    23. Chapter Review Questions/Exercises
    24. Exercise
  16. Chapter 7. Penetration Testing
    1. 1 Introduction
    2. 2 What is Penetration Testing?
    3. 3 How Does Penetration Testing Differ from an Actual “Hack?”
    4. 4 Types of Penetration Testing
    5. 5 Phases of Penetration Testing
    6. 6 Defining What’s Expected
    7. 7 The Need for a Methodology
    8. 8 Penetration Testing Methodologies
    9. 9 Methodology in Action
    10. 10 Penetration Testing Risks
    11. 11 Liability Issues
    12. 12 Legal Consequences
    13. 13 “Get Out of Jail Free” Card
    14. 14 Penetration Testing Consultants
    15. 15 Required Skill Sets
    16. 16 Accomplishments
    17. 17 Hiring a Penetration Tester
    18. 18 Why Should a Company Hire You?
    19. 19 Summary
    20. Chapter Review Questions/Exercises
    21. Exercise
  17. Chapter 8. What is Vulnerability Assessment?
    1. 1 Introduction
    2. 2 Reporting
    3. 3 The “it Won’t Happen to US” Factor
    4. 4 Why Vulnerability Assessment?
    5. 5 Penetration Testing Versus Vulnerability Assessment
    6. 6 Vulnerability Assessment Goal
    7. 7 Mapping the Network
    8. 8 Selecting the Right Scanners
    9. 9 Central Scans Versus Local Scans
    10. 10 Defense in Depth Strategy
    11. 11 Vulnerability Assessment Tools
    12. 12 SARA
    13. 13 SAINT
    14. 14 MBSA
    15. 15 Scanner Performance
    16. 16 Scan Verification
    17. 17 Scanning Cornerstones
    18. 18 Network Scanning Countermeasures
    19. 19 Vulnerability Disclosure Date
    20. 20 Proactive Security Versus Reactive Security
    21. 21 Vulnerability Causes
    22. 22 Diy Vulnerability Assessment
    23. 23 Summary
    24. Chapter Review Questions/Exercises
    25. Exercise
  18. Chapter 9. Cyber Forensics
    1. 1 What is Cyber Forensics?
    2. 2 Analysis of Data
    3. 3 Cyber Forensics in the Court System
    4. 4 Understanding Internet History
    5. 5 Temporary Restraining Orders and Labor Disputes
    6. 6 First Principles
    7. 7 Hacking a Windows XP Password
    8. 8 Network Analysis
    9. 9 Cyber Forensics Applied
    10. 10 Tracking, Inventory, Location of Files, Paperwork, Backups, and so on
    11. 11 Testifying as an Expert
    12. 12 Beginning to End in Court
    13. 13 Summary
    14. Chapter Review Questions/Exercises
    15. Exercise
  19. Chapter 10. Cyber Forensics and Incident Response
    1. 1 Introduction to Cyber Forensics
    2. 2 Handling Preliminary Investigations
    3. 3 Controlling an Investigation
    4. 4 Conducting Disk-Based Analysis
    5. 5 Investigating Information-Hiding Techniques
    6. 6 Scrutinizing Email
    7. 7 Validating Email Header Information
    8. 8 Tracing Internet Access
    9. 9 Searching Memory in Real Time
    10. 10 Summary
    11. Chapter Review Questions/Exercises
    12. Exercise
    13. References
  20. Chapter 11. Network Forensics
    1. 1 Scientific Overview
    2. 2 The Principles of Network Forensics
    3. 3 Attack Traceback and Attribution
    4. 4 Critical Needs Analysis
    5. 5 Research Directions
    6. 6 Summary
    7. Chapter Review Questions/Exercises
    8. Exercise
  21. Index