Information Security Best Practices -  George L Stefanek

Information Security Best Practices (eBook)

205 Basic Rules
eBook Download: PDF
2002 | 1. Auflage
160 Seiten
Elsevier Science (Verlag)
978-0-08-049154-7 (ISBN)
Systemvoraussetzungen
43,41 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen
Protecting computer networks and their client computers against willful (or accidental) attacks is a growing concern for organizations and their information technology managers. This book draws upon the author's years of experience in computer security to describe a set of over 200 rules designed to enhance the security of a computer network (and its data) and to allow quick detection of an attack and development of effective defensive responses to attacks. Both novice and experienced network administrators will find this book an essential part of their professional tool kit. It is also essential reading for a corporate or organization manager who needs a solid understanding of the issues involved in computer security.

Much literature is available on network and data security that describes security concepts, but offers so many different solutions to information security problems that it typically overwhelms both the novice and the experienced network administrator. This book presents a simple set of rules important in maintaining good information security. These rules or best practices are intended to be a recipe for setting up network and information security. This manual will take the mystery out of configuring an information security solution and provide a framework which the novice as well as experienced network administrator can follow and adapt to their network and data environment.

* Provides practical, battle tested rules and guidelines to protect computer networks against different forms of attack
* Covers both network and client level attacks, including attacks via the internet and damage to the physical hardware of a network
* Accompanying CD includes an electronic version of the book
Protecting computer networks and their client computers against willful (or accidental) attacks is a growing concern for organizations and their information technology managers. This book draws upon the author's years of experience in computer security to describe a set of over 200 "e;rules"e; designed to enhance the security of a computer network (and its data) and to allow quick detection of an attack and development of effective defensive responses to attacks. Both novice and experienced network administrators will find this book an essential part of their professional "e;tool kit."e; It is also essential reading for a corporate or organization manager who needs a solid understanding of the issues involved in computer security.Much literature is available on network and data security that describes security concepts, but offers so many different solutions to information security problems that it typically overwhelms both the novice and the experienced network administrator. This book presents a simple set of rules important in maintaining good information security. These rules or best practices are intended to be a recipe for setting up network and information security. This manual will take the mystery out of configuring an information security solution and provide a framework which the novice as well as experienced network administrator can follow and adapt to their network and data environment. * Provides practical, "e;battle tested"e; rules and guidelines to protect computer networks against different forms of attack* Covers both network and client level attacks, including attacks via the internet and damage to the physical hardware of a network

Front Cover 1
Information Security Best Practices 205 Basic Rules 4
Copyright Page 5
Contents 6
Preface 12
Chapter 1. Information Security Attacks and Vulnerabilities 14
1.1 SPAMMING 14
1.2 VIRUSES 15
1.3 DENIAL OF SERVICE ATTACKS 15
1.4 PASSWORD GUESSING 16
1.5 WORMS 16
1.6 BACKDOOR 16
1.7 SWEEPER 17
1.8 SNIFFERS 17
1.9 PACKET FORGE SPOOFING 17
1.10 IP SPOOFING 17
1.11 TROJAN HORSES 18
Chapter 2. Anatomy of an Attack 20
Chapter 3. Awareness and Management Commitment to Security 24
Chapter 4. Security Policy 26
Chapter 5. INFOSEC Network Architecture Design Rules 32
5.1 PHYSICAL NETWORK SEPARATION 32
5.2 LOGICAL SEPARATION 35
5.3 FIREWALL ARCHITECTURE 36
5.4 WAN-BASED NETWORK ARCHITECTURE 48
5.5 MODEM SERVER NETWORK ARCHITECTURE 49
5.6 VIRTUAL PRIVATE NETWORK SECURITY 51
5.7 HUBS 52
Chapter 6. Rules for Selecting Security Hardware and Software 54
Chapter 7. Physical Security Rules 56
7.1 COMPUTERS 56
7.2 WIRING 60
7.3 COMPUTER CONSOLES 63
7.4 NETWORK DEVICES 63
7.5 DATA SECURITY 64
Chapter 8. Network Hardware Security 68
8.1 FIREWALL COMPUTERS 68
8.2 SWITCHES 70
8.3 PRINTERS 72
8.4 NETWORK ADAPTERS 72
8.5 MODEM SECURITY 73
Chapter 9. Operating System Security Rules 80
9.1 TRUSTED OPERATING SYSTEMS 80
9.2 AUTHENTICATION 81
9.3 ACCOUNT SECURITY 89
9.4 FILE SYSTEM PROTECTION 94
9.5 VIRUS PROTECTION 99
9.6 NETWORK FILE SHARING SECURITY 102
9.7 NETWORK SOFTWARE 104
9.8 SECURITY LOGS 106
Chapter 10. PC Operating System Security Rules 110
Chapter 11. Internet Security Rules 114
11.1 INTERNET MAIL SECURITY 114
11.2 FTP SECURITY 120
11.3 TELNET SECURITY 123
11.4 BROWSER SECURITY 124
11.5 NEWS SECURITY 128
Chapter 12. Application Security Rules 130
Chapter 13. Software Validation and Verification Rules 132
Chapter 14. Data Encryption Rules 138
Chapter 15. Configuration Management Rules 146
Chapter 16. Network Monitoring Rules 150
Chapter 17. Maintenance and Troubleshooting Security Rules 154
Chapter 18. Training 162
Chapter 19. Emergency Rules Against Attacks 166
ACRONYM LIST 174
BIBLIOGRAPHY 178
APPENDIX A 182
APPENDIX B 186
Glossary 196
Index 204

PDFPDF (Adobe DRM)

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99