Network security evaluation using the NSA IEM [electronic resource] / Russ Rogers, technical editor and contributor ; Bryan Cunningham ... [et al.].
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Titolo: |
Network security evaluation using the NSA IEM [electronic resource] / Russ Rogers, technical editor and contributor ; Bryan Cunningham ... [et al.].
|
| Pubblicazione: | Rockland, MA : Syngress |
| [Sebastopol, Calif.] : Distributed by O'Reilly Media in the United States and Canada, c2005 | |
| Descrizione fisica: | xxvi, 437 p. : ill. ; 24 cm. |
| Disciplina: | 005.8 |
| Soggetto topico: | Computer networks - Security measures - Evaluation |
| Computer security - Evaluation | |
| Information resources management - Evaluation | |
| Soggetto genere / forma: | Electronic books. |
| Altri autori: |
Rogers, Russ.author
Cunningham, Bryan
|
| Note generali: | "Security Horizon." |
| Includes index. | |
| Nota di contenuto: | Introduction to the IEM; Before You Start Evaluating; Setting Expectations; Scoping the Evaluation; Legal Planning Chapter; The Technical Evaluation Plan (TEP); Starting your On-Site Efforts; Enumeration Activities; Collecting the majority of vulnerabilities; Fine Tuning the Evaluation; On-Site Closing Meeting; Evaluation Analysis; Creating Measurements and Trending Results; Trending Metrics Chapter; Final Reporting Chapter; IEM Summary; Appendix A: Table of example tools for each of the 10 baseline activities; Appendix B: Sample TEP layout. |
| Sommario/riassunto: | Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the methodology evolved and how to define the proper scope of an evaluation, including the consideration of legal issues that may arise during the evaluation. More detailed information is given in later chapters about the core technical processes that need to occur to ensure a comprehensive understanding of the networks security posture. Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report. * There is no other book currently on the market that covers the National Security Agency's recommended methodology for conducting technical security evaluations * The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM * The authors also developed the NSA's training class on this methodology. |
| Eiproduzione: | Electronic reproduction. Amsterdam : Elsevier Science & Technology, 2007. Mode of access: World Wide Web. System requirements: Web browser. Title from title screen (viewed on Aug. 2, 2007). Access may be restricted to users at subscribing institutions. |
| Altri titoli varianti: | Network security evaluation using the National Security Agency INFOSEC evaluation methodology |
| Titolo del dorso: | Network security evaluation |
| ISBN: | 9781597490351 |
| 1597490350 | |
| Formato: | Risorse elettroniche  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 991003250319707536 |
| Lo trovi qui: | Univ. del Salento |
| Localizzazioni e accesso elettronico | http://www.sciencedirect.com/science/book/9781597490351 |
| Opac: | Controlla la disponibilità qui |
Altra ed. diverso supporto:
Original 1597490350 9781597490351 (OCoLC)61669715