skip to content
Mission-critical security planner : when hackers won't take no for an answer Preview this item
ClosePreview this item
Checking...

Mission-critical security planner : when hackers won't take no for an answer

Author: Eric Greenberg
Publisher: Indianapolis, Indiana : Wiley Publishing, Inc., 2003.
Edition/Format:   Print book : EnglishView all editions and formats
Summary:
This handbook shows step by step how to complete a customized security improvement plan, including analyzing needs, justifying budgets, and selecting technology, while dramatically reducing time and cost. Includes worksheets at every stage for creating a comprehensive security plan meaningful to management and technical staff.
Rating:

(not yet rated) 0 with reviews - Be the first.

Subjects
More like this

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...

Details

Material Type: Internet resource
Document Type: Book, Internet Resource
All Authors / Contributors: Eric Greenberg
ISBN: 0471211656 9780471211655
OCLC Number: 51626319
Description: xvi, 416 pages : illustrations ; 24 cm
Contents: Chapter 1 Setting the Stage for Successful Security Planning 1 --
Not an Absolute Science 2 --
A Way of Thinking 2 --
Avoiding the Pitfalls 3 --
The Ultra-Planner 3 --
The Nonplanner 4 --
The Shock-Advisor 4 --
Identifying Risk 5 --
Profiling Hackers 6 --
The Attention Seeker 6 --
The Malicious 7 --
The Curious 7 --
The Thief 8 --
The Unintentional Hacker 8 --
Negotiating with Hackers 8 --
Selling Security 10 --
Authentication, Tokens, Smart Cards, and Biometrics: An Overview 11 --
Making the Security Sale: An Example 12 --
Doing the Math 15 --
Understanding Impact Analysis 16 --
Performing Security Impact Analysis: An Example 17 --
Counting the Cost of Security 19 --
Establishing Maximum Impact, Cost, and the Security Budget 20 --
Estimating the Value of Security 21 --
Laying the Security Foundation 22 --
Improving Security as Part of the Business Process 23 --
Chapter 2 A Security Plan That Works 25 --
Forming a Security Planning Team 25 --
At the First Meeting 27 --
Anatomy of an Effective Security Plan 29 --
The Importance of a Security-Centric Business Model 29 --
Information 29 --
Infrastructure 30 --
People 30 --
Security Life Cycle 34 --
Choosing Technology 35 --
Hitting the On Switch: Implementation 37 --
Keeping a Lookout: Operations 37 --
Dealing with Threats, Hacks, and Mistakes: Incident Response 38 --
Activities 38 --
Coordinating Team Members 44 --
Notifying Authorities 44 --
Filing an Incident Report 45 --
Testing Incident Handling 45 --
Creating Order from Chaos: The Security Stack 45 --
Mapping the Template: The Keys to the Kingdom 47 --
Preparing to Work with the Security Elements 47 --
Introducing the Security Elements 49 --
The Core Elements 50 --
Chapter 3 Using the Security Plan Worksheets: The Fundamentals 79 --
From Here to Security 79 --
Organization of the Worksheets 80 --
Filling in the Fundamental Security Element Worksheets 90 --
Authorization and Access Control 90 --
Security Stack 92 --
Life-Cycle Management 97 --
Business 101 --
Selling Security 105 --
Authentication 107 --
Security Stack 111 --
Life-Cycle Management 116 --
Business 119 --
Selling Security 123 --
Encryption 126 --
Security Stack 127 --
Life-Cycle Management 134 --
Business 137 --
Selling Security 141 --
Integrity 143 --
Security Stack 144 --
Life-Cycle Management 147 --
Business 150 --
Selling Security 154 --
Nonrepudiation 156 --
Security Stack 157 --
Life-Cycle Management 161 --
Business 164 --
Selling Security 167 --
Privacy 169 --
Security Stack 171 --
Life-Cycle Management 175 --
Business 178 --
Selling Security 182 --
Chapter 4 Using the Security Plan Worksheets: The Remaining Core and Wrap-up Elements 187 --
Organization of the Worksheets 188 --
Addressing, Protocol Space, Routing Plan, Filtering, and Disablement 189 --
Security Stack 190 --
Life-Cycle Management 197 --
Business 201 --
Selling Security 204 --
Configuration Management 206 --
Security Stack 208 --
Life-Cycle Management 211 --
Business 214 --
Selling Security 217 --
Content and Executable Management (CEM) 218 --
Security Stack 222 --
Life-Cycle Management 226 --
Business 229 --
Selling Security 233 --
Directory Services 236 --
Security Stack 236 --
Life Cycle Management 241 --
Business 245 --
Selling Security 248 --
Diversity, Redundancy, and Isolation (DRI) 250 --
DRI: An Example 251 --
Security Stack 253 --
Life-Cycle Management 256 --
Business 259 --
Selling Security 262 --
Intrusion Detection and Vulnerability Analysis (IDS/VA) 264 --
Security Stack 265 --
Life-Cycle Management 270 --
Business 274 --
Selling Security 276 --
Secure Software 279 --
Security Stack 280 --
Life Cycle Management 288 --
Business 291 --
Selling Security 295 --
Secure Time Services 297 --
Security Stack 298 --
Life-Cycle Management 301 --
Business 304 --
Selling Security 307 --
Staff Management 309 --
Security Stack 309 --
Life-Cycle Management 313 --
Business 315 --
Selling Security 318 --
Wrap-Up Security Element Worksheets 321 --
Administration and Management 321 --
Interoperability and Standards 321 --
Laws and Regulations 323 --
Lockdown 324 --
Lost or Stolen Items 325 --
Managed (Outsourced) Security 326 --
Performance 327 --
Physical Security 328 --
Procurement 330 --
Support Interface 330 --
Testing, Integration, and Staging 332 --
Training 333 --
Recovery 334 --
Chapter 5 Strategic Security Planning with PKI 337 --
PKI Primer 338 --
Authentication and Nonrepudiation with Digital Signatures 339 --
The X.509 Standard and Certificate Authorities 340 --
Making a Business Case for PKI 340 --
Classifying PKI 341 --
Benefits of Virtual Private Networks 341 --
PKI Services 342 --
PKI Business Integration 343 --
Collaboration, Workflow, and Business Processes 343 --
Inventory and Supplier Management 344 --
Software Distribution Methods 344 --
Single, or Reduced, Sign-On 345 --
Formalization of Policies and Practices 345 --
Legislation 345 --
PKI in Vertical Industries 346 --
Financial Services 346 --
Health Care 347 --
Legal 347 --
Retail and Manufacturing 348 --
Government 349 --
Challenges of PKI 349 --
Business Justification 349 --
Scalability 350 --
Interoperability 351 --
Emerging Standards 351 --
Complexity 351 --
Maturity 352 --
Physical Security 352 --
Disaster Planning and Recovery 353 --
Integration 353 --
Policies, Practices, Reliance, Risk, Liability, and Trust 353 --
Legislation 353 --
Case Study: A Real-World Business-to-Business PKI Success Story 354 --
Components of the Solution 354 --
Roles and Responsibilities 356 --
Challenges and Lessons Learned 357 --
Educating Users on Internet and Digital Certificate Technologies 357 --
Defining Roles 358 --
Linking Corporate Security with Doing Business Successfully 358 --
Developing Digital Certificate Policies and Procedures 358 --
Coordinating Product Dependencies 359 --
OASIS Today 359 --
Chapter 6 Ahead of the Hacker: Best Practices and a View of the Future 361 --
Practice Makes Perfect --
Or at Least More Secure 361 --
Into the Future: The Top 10 Methods of Attack 364.
Responsibility: Eric Greenberg.
More information:

Abstract:

This handbook shows step by step how to complete a customized security improvement plan, including analyzing needs, justifying budgets, and selecting technology, while dramatically reducing time and cost. Includes worksheets at every stage for creating a comprehensive security plan meaningful to management and technical staff.

Reviews

User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...

Tags

Be the first.

Similar Items

Related Subjects:(2)

Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Linked Data


Primary Entity

<http://www.worldcat.org/oclc/51626319> # Mission-critical security planner : when hackers won't take no for an answer
    a schema:CreativeWork, schema:Book ;
    library:oclcnum "51626319" ;
    library:placeOfPublication <http://experiment.worldcat.org/entity/work/data/797206099#Place/indianapolis_indiana> ; # Indianapolis, Indiana
    library:placeOfPublication <http://id.loc.gov/vocabulary/countries/inu> ;
    schema:about <http://id.worldcat.org/fast/872150> ; # Hackers
    schema:about <http://dewey.info/class/005.8/e21/> ;
    schema:about <http://id.worldcat.org/fast/872484> ; # Computer security
    schema:bookFormat bgn:PrintBook ;
    schema:creator <http://viaf.org/viaf/14087603> ; # Eric Greenberg
    schema:datePublished "2003" ;
    schema:exampleOfWork <http://worldcat.org/entity/work/id/797206099> ;
    schema:inLanguage "en" ;
    schema:name "Mission-critical security planner : when hackers won't take no for an answer"@en ;
    schema:productID "51626319" ;
    schema:publication <http://www.worldcat.org/title/-/oclc/51626319#PublicationEvent/indianapolis_indiana_wiley_publishing_inc_2003> ;
    schema:publisher <http://experiment.worldcat.org/entity/work/data/797206099#Agent/wiley_publishing_inc> ; # Wiley Publishing, Inc.
    schema:url <http://catdir.loc.gov/catdir/toc/wiley032/2003266250.html> ;
    schema:workExample <http://worldcat.org/isbn/9780471211655> ;
    umbel:isLike <http://bnb.data.bl.uk/id/resource/GBA319003> ;
    wdrs:describedby <http://www.worldcat.org/title/-/oclc/51626319> ;
    .


Related Entities

<http://experiment.worldcat.org/entity/work/data/797206099#Agent/wiley_publishing_inc> # Wiley Publishing, Inc.
    a bgn:Agent ;
    schema:name "Wiley Publishing, Inc." ;
    .

<http://experiment.worldcat.org/entity/work/data/797206099#Place/indianapolis_indiana> # Indianapolis, Indiana
    a schema:Place ;
    schema:name "Indianapolis, Indiana" ;
    .

<http://id.worldcat.org/fast/872150> # Hackers
    a schema:Intangible ;
    schema:name "Hackers"@en ;
    .

<http://id.worldcat.org/fast/872484> # Computer security
    a schema:Intangible ;
    schema:name "Computer security"@en ;
    .

<http://viaf.org/viaf/14087603> # Eric Greenberg
    a schema:Person ;
    schema:birthDate "1963" ;
    schema:familyName "Greenberg" ;
    schema:givenName "Eric" ;
    schema:name "Eric Greenberg" ;
    .

<http://worldcat.org/isbn/9780471211655>
    a schema:ProductModel ;
    schema:isbn "0471211656" ;
    schema:isbn "9780471211655" ;
    .

<http://www.worldcat.org/title/-/oclc/51626319>
    a genont:InformationResource, genont:ContentTypeGenericResource ;
    schema:about <http://www.worldcat.org/oclc/51626319> ; # Mission-critical security planner : when hackers won't take no for an answer
    schema:dateModified "2019-05-22" ;
    void:inDataset <http://purl.oclc.org/dataset/WorldCat> ;
    .


Content-negotiable representations

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.