LEADER 05287nam  2200649   450 
001 9910463800203321
005 20200520144314.0
010   $a0-12-801096-7
035   $a(CKB)2670000000575177
035   $a(EBL)1834659
035   $a(SSID)ssj0001409969
035   $a(PQKBManifestationID)11868397
035   $a(PQKBTitleCode)TC0001409969
035   $a(PQKBWorkID)11373828
035   $a(PQKB)11008403
035   $a(MiAaPQ)EBC1834659
035   $a(CaSebORM)9780128008997
035   $a(PPN)226986810
035   $a(Au-PeEL)EBL1834659
035   $a(CaPaEBR)ebr10989639
035   $a(CaONFJC)MIL660567
035   $a(OCoLC)897934304
035   $a(EXLCZ)992670000000575177
100   $a20141209h20152015  uy             0
101 0 $aeng
135   $aur|n|---|||||
181   $ctxt
182   $cc
183   $acr
200 10$aDesigning and building a security operations center /$fDavid Nathans ; designer, Matthew Limbert
205   $a1st edition
210  1$aWaltham, Massachusetts :$cSyngress,$d2015.
210  4$dİ2015
215   $a1 online resource (281 p.)
300   $aIncludes index.
311   $a0-12-800899-7 
311   $a1-322-29287-6 
327   $aCover; Title Page; Copyright Page; Contents; Author Biography; Technical Editor Biography; Foreword; Acknowledgments; Chapter 1 - Efficient operations; Defining an operations center; Purpose of the operations center; Emergency operations center; Mission operations center; Threat operations center; Network operations center; Let us build a SOC!; Technology phase; Organizational phase; Policy phase; Operational phase; Intelligence phase; Plan your SOC; Logs; Event; Alerts; False positive; True positive; False negative; True negative; Incidents; Problems; Define your requirements; Summary
327   $aChapter 2 - Identify your customersInternal versus external customers; Human resources; Legal; Audit; Engineering/R&D; IT; External customers; Customer objectives; Service level agreements; Build and document your use cases; Use case: unauthorized modification of user accounts; Stakeholders: compliance and audit departments; Use case: disabled user account reactivated; Stakeholders: HR and IT; Use case: any IDS event that scores over a severity of 7; Use case: AV failure; Stakeholders: desktop support team, IT server management teams; Use case: security device outage
327   $aStakeholders: security and ITUse case rule summary; Use case: top vulnerabilities detected in the network; Stakeholders: security, IT, audit, and management; Use case reporting summary; Expectations; Chapter 3 - Infrastructure; Organizational infrastructure > operations infrastructure > support infrastructure; Organizational security infrastructure; Perimeter defenses; Network defense; Host defenses; Application defenses; Data defense; Policies and procedures; Security architecture; SIEM/log management; Operation center infrastructure; Ticketing systems; Building the ticket system; Subject
327   $aParsed values from eventsTime ticket created; User\group\queue; Source (SIEM, email, phone); Category; Status; Reason codes; Acknowledgment/ticket feedback; Workflow and automation; Portal interface; Mobile devices; Support infrastructure; Physical; Private SOC network; Video walls; Video projectors; Labs; Chapter 4 - Organizational structure; Different reporting lines; Legal; CISO; CIO; Compliance; SOC organization; Engineering; Security architecture; Security monitoring and analysis; Responsibility; Authority; Fulfilling needs; Chapter 5 - Your most valuable resource is your people
327   $aOperational securityCulture; Personality; Core skill sets; Analysts; Security analyst-job description; Security engineering; Security operations engineer-job description; Security architect; Security architect-job description; SOC team lead; SOC team lead-job description; SOC management; SOC manager-job description; SOC games; Special projects; Do not forget your people; Chapter 6 - Daily operations; Problem and change event communications; Master station logs; Shift turn overs; Daily operations calls; Critical bridges; IR; Detection; Confirmation; Analysis; Containment; Recovery; Review
327   $aCommunication plan
330   $a Do you know what weapons are used to protect against cyber warfare and what tools to use to minimize their impact? How can you gather intelligence that will allow you to configure your system to ward off attacks? Online security and privacy issues are becoming more and more significant every day, with many instances of companies and governments mishandling (or deliberately misusing) personal and financial data.    Organizations need to be committed to defending their own assets and their customers' information. Designing and Building a Security Operations Center will show you how to develop t
606   $aComputer security
608   $aElectronic books.
615  0$aComputer security.
676   $a005.8
700   $aNathans$b David$01038527
702   $aLimbert$b Matthew
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910463800203321
996   $aDesigning and building a security operations center$92460173
997   $aUNINA