Techno Security's Guide to Managing Risks for IT Managers, Auditors, and Investigators -  Raymond Todd Blackwood,  Phil Drake,  Ron J. Green,  Greg Kipper,  Johnny Long,  Russ Rogers,  Amber Schroader,  Jack Wiles

Techno Security's Guide to Managing Risks for IT Managers, Auditors, and Investigators (eBook)

eBook Download: PDF
2011 | 1. Auflage
432 Seiten
Elsevier Science (Verlag)
978-0-08-055397-9 (ISBN)
Systemvoraussetzungen
49,82 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen
"This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrow's headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. -Donald Withers, CEO and Cofounder of TheTrainingCo.

.Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security.

.Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise.

.Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.

.Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.

.Kevin O'Shea on Seizure of Digital Information discusses collecting hardware and information from the scene.

.Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.

.Dennis O'Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.

.Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards.

.Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist's responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.

.Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and can't do, and arms you with the information you need to set your career path.

.Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company.

*Internationally known experts in information security share their wisdom
*Free pass to Techno Security Conference for everyone who purchases a book-$1,200 value
*2-HOUR DVD with cutting edge information on the future of information security"
"e;This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrow's headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. -Donald Withers, CEO and Cofounder of TheTrainingCo.*Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security.*Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise. *Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.*Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.*Kevin O'Shea on Seizure of Digital Information discusses collecting hardware and information from the scene.*Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.*Dennis O'Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.*Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards. *Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist's responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.*Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and can't do, and arms you with the information you need to set your career path.*Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company. - Internationally known experts in information security share their wisdom- Free pass to Techno Security Conference for everyone who purchases a book $1,200 value

Front Cover 1
Techno Security's™ Guide to Managing Risks: For IT Managers, Auditors, and Investigators 4
Copyright Page 5
Contents 20
Introduction 34
Foreword 38
Chapter 1. Social Engineering: Risks, Threats, Vulnerabilities, and Countermeasures 42
Introduction 43
How Easy Is It? 43
Human Nature: Human Weakness 44
Risk Management: Performing a Mini Risk Assessment 44
Outsider–Insider Threats 46
The Mind of a Social Engineer 47
The Mind of a Victim 48
Countermeasures: How Do Bad Guys Target Us, and What Can We Do About It 49
Social Engineering Awareness: A War Story 72
Answer to the Riddle 77
Summary 77
Chapter 2. Personal, Workforce, and Family Preparedness 78
Introduction 79
Threats 79
Your Personal Preparedness Plan 82
Summary 115
Chapter 3. Seizure of Digital Information 116
Introduction 117
Defining Digital Evidence 120
Digital Evidence Seizure Methodology 123
Factors Limiting the Wholesale Seizure of Hardware 131
Other Options for Seizing Digital Evidence 139
Common Threads within Digital Evidence Seizure 153
Determining the Most Appropriate Seizure Method 156
Summary 158
Works Cited 160
Chapter 4. Handheld Forensics 164
Digital Forensics 165
What Is the Handheld Forensic Impact? 166
Cellular Handling 176
Evidence Preservation 178
Maintain a Forensic Data Connection 180
Analysis and Reporting 182
Summary 182
Bibliography 182
Chapter 5. RFID: An Introduction to Security Issues and Concerns 184
Introduction 185
Background 185
RFID Purposes 187
Where Does RFID fit in? 188
Technology Involved 189
Summary 204
Chapter 6. Open Source Intelligence 206
Introduction 207
Direction 207
Discovery 210
Summary 236
Notes 237
Chapter 7. Wireless Awareness: Increasing the Sophistication of Wireless Users 238
Introduction 239
Putting Together a War-Driving Team 241
Increasing User Sophistication 245
Summary 273
Chapter 8. No-Tech Hacking 274
Introduction: What Is "No-Tech Hacking?" 275
Physical Security 280
Lock Bumping 291
Information Security 302
Checklist 326
Summary 328
Notes 328
Chapter 9. The Basics of Penetration Testing 330
Introduction 331
Know the Security Analysis Life Cycle 331
Know When to Deviate 334
The Penetration Tester Mentality 336
The Penetration Methodology 339
Summary 349
Chapter 10. What Is Steganography? 352
Introduction 353
Defining Steganography 353
Analog Steganography 359
Digital Steganography 361
The Six Categories of Steganography 362
Types of Steganography 364
Steganography Applied to Different Media 366
Hiding in Network Packets 368
Issues in Information Hiding 369
Watermarking 369
Steganography Tools 370
Real-World Uses 372
Detection and Attacks 373
Summary 376
Chapter 11. Insider Threat 378
Introduction 379
The Devil Inside 379
The Importance of Insider Threat 380
Why the Insider Threat Has Been Ignored 392
Why the Insider Threat Is Worse Than the External Threat 394
The Effect of Insider Threats on a Company 396
How Bad Is It—Statistics on What Is Happening . 398
Targets of Attack 410
The Threat Is Real 412
New World Order 417
Future Trends 418
Summary 423
Index 424

Erscheint lt. Verlag 18.4.2011
Co-Autor Dennis O'Brien, Kevin O'Shea, Donald Withers, Eric Cole
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
Mathematik / Informatik Mathematik Finanz- / Wirtschaftsmathematik
Wirtschaft Betriebswirtschaft / Management
ISBN-10 0-08-055397-4 / 0080553974
ISBN-13 978-0-08-055397-9 / 9780080553979
Haben Sie eine Frage zum Produkt?
PDFPDF (Adobe DRM)

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99
Das umfassende Handbuch

von Michael Kofler; Klaus Gebeshuber; Peter Kloep …

eBook Download (2022)
Rheinwerk Computing (Verlag)
49,90