Skip to main content
Elsevier
View Cart
openUserAccount

Books in Security management

BooksJournals
71-80 of 132 results in All results

Contemporary Security Management

  • 3rd Edition
  • November 8, 2010
  • John Fay
  • English
  • Hardback
    9 7 8 - 0 - 1 2 - 3 8 1 5 4 9 - 1
  • eBook
    9 7 8 - 0 - 1 2 - 3 8 1 9 5 1 - 2
Contemporary Security Management, Third Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: how to organize, plan, develop and manage a security operation. how to identify vulnerabilities. how to determine the protective resources required to offset threats. how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructive relationships with organizational peers and company management.

Managed Code Rootkits

  • 1st Edition
  • October 28, 2010
  • Erez Metula
  • English
  • Paperback
    9 7 8 - 1 - 5 9 7 4 9 - 5 7 4 - 5
  • eBook
    9 7 8 - 1 - 5 9 7 4 9 - 5 7 5 - 2
Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various attack scenarios. The second part of the book covers the development of managed code rootkits, starting with the tools used in producing managed code rootkits through their deployment. The next part focuses on countermeasures that can possibly be used against managed code rootkits, including technical solutions, prevention, detection, and response tactics. The book concludes by presenting techniques that are somehow similar to managed code rootkits, which can be used in solving problems.

A Guide to Kernel Exploitation

  • 1st Edition
  • September 15, 2010
  • Enrico Perla + 1 more
  • English
  • Paperback
    9 7 8 - 1 - 5 9 7 4 9 - 4 8 6 - 1
A Guide to Kernel Exploitation: Attacking the Core discusses the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits, and applies them to different operating systems, namely, UNIX derivatives, Mac OS X, and Windows. Concepts and tactics are presented categorically so that even when a specifically detailed vulnerability has been patched, the foundational information provided will help hackers in writing a newer, better attack; or help pen testers, auditors, and the like develop a more concrete design and defensive structure.The book is organized into four parts. Part I introduces the kernel and sets out the theoretical basis on which to build the rest of the book. Part II focuses on different operating systems and describes exploits for them that target various bug classes. Part III on remote kernel exploitation analyzes the effects of the remote scenario and presents new techniques to target remote issues. It includes a step-by-step analysis of the development of a reliable, one-shot, remote exploit for a real vulnerabilitya bug affecting the SCTP subsystem found in the Linux kernel. Finally, Part IV wraps up the analysis on kernel exploitation and looks at what the future may hold.

Metrics and Methods for Security Risk Management

  • 1st Edition
  • July 8, 2010
  • Carl Young
  • English
  • Paperback
    9 7 8 - 1 - 8 5 6 1 7 - 9 7 8 - 2
  • eBook
    9 7 8 - 1 - 8 5 6 1 7 - 9 7 9 - 9
Security problems have evolved in the corporate world because of technological changes, such as using the Internet as a means of communication. With this, the creation, transmission, and storage of information may represent security problem. Metrics and Methods for Security Risk Management is of interest, especially since the 9/11 terror attacks, because it addresses the ways to manage risk security in the corporate world. The book aims to provide information about the fundamentals of security risks and the corresponding components, an analytical approach to risk assessments and mitigation, and quantitative methods to assess the risk components. In addition, it also discusses the physical models, principles, and quantitative methods needed to assess the risk components. The by-products of the methodology used include security standards, audits, risk metrics, and program frameworks. Security professionals, as well as scientists and engineers who are working on technical issues related to security problems will find this book relevant and useful.

Seven Deadliest Unified Communications Attacks

  • 1st Edition
  • April 22, 2010
  • Dan York
  • English
  • Paperback
    9 7 8 - 1 - 5 9 7 4 9 - 5 4 7 - 9
  • eBook
    9 7 8 - 1 - 5 9 7 4 9 - 5 4 8 - 6
Seven Deadliest Unified Communications Attacks provides a comprehensive coverage of the seven most dangerous hacks and exploits specific to Unified Communications (UC) and lays out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. The book describes the intersection of the various communication technologies that make up UC, including Voice over IP (VoIP), instant message (IM), and other collaboration technologies. There are seven chapters that focus on the following: attacks against the UC ecosystem and UC endpoints; eavesdropping and modification attacks; control channel attacks; attacks on Session Initiation Protocol (SIP) trunks and public switched telephone network (PSTN) interconnection; attacks on identity; and attacks against distributed systems. Each chapter begins with an introduction to the threat along with some examples of the problem. This is followed by discussions of the anatomy, dangers, and future outlook of the threat as well as specific strategies on how to defend systems against the threat. The discussions of each threat are also organized around the themes of confidentiality, integrity, and availability. This book will be of interest to information security professionals of all levels as well as recreational hackers.

Seven Deadliest USB Attacks

  • 1st Edition
  • April 22, 2010
  • Brian Anderson + 1 more
  • English
  • eBook
    9 7 8 - 1 - 5 9 7 4 9 - 5 5 4 - 7
Seven Deadliest USB Attacks provides a comprehensive view of the most serious types of Universal Serial Bus (USB) attacks. While the book focuses on Windows systems, Mac, Linux, and UNIX systems are equally susceptible to similar attacks. If you need to keep up with the latest hacks, attacks, and exploits effecting USB technology, then this book is for you. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. The attacks outlined in this book are intended for individuals with moderate Microsoft Windows proficiency. The book provides the tools, tricks, and detailed instructions necessary to reconstruct and mitigate these activities while peering into the risks and future aspects surrounding the respective technologies. There are seven chapters that cover the following: USB Hacksaw; the USB Switchblade; viruses and malicious codes; USB-based heap overflow; the evolution of forensics in computer security; pod slurping; and the human element of security, including the risks, rewards, and controversy surrounding social-engineering engagements. This book was written to target a vast audience including students, technical staff, business leaders, or anyone seeking to understand fully the removable-media risk for Windows systems. It will be a valuable resource for information security professionals of all levels, as well as web application developers and recreational hackers.

Seven Deadliest Network Attacks

  • 1st Edition
  • April 15, 2010
  • Stacy Prowell + 2 more
  • English
  • Paperback
    9 7 8 - 1 - 5 9 7 4 9 - 5 4 9 - 3
  • eBook
    9 7 8 - 1 - 5 9 7 4 9 - 5 5 0 - 9
Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack. This book pinpoints the most dangerous hacks and exploits specific to networks, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. The book consists of seven chapters that deal with the following attacks: denial of service; war dialing; penetration testing; protocol tunneling; spanning tree attacks; man-in-the-middle; and password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data. This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense. Seven Deadliest Network Attacks will appeal to information security professionals of all levels, network admins, and recreational hackers.

Seven Deadliest Wireless Technologies Attacks

  • 1st Edition
  • March 13, 2010
  • Brad Haines
  • English
  • Paperback
    9 7 8 - 1 - 5 9 7 4 9 - 5 4 1 - 7
  • eBook
    9 7 8 - 1 - 5 9 7 4 9 - 5 4 2 - 4
Seven Deadliest Wireless Technologies Attacks provides a comprehensive view of the seven different attacks against popular wireless protocols and systems. This book pinpoints the most dangerous hacks and exploits specific to wireless technologies, laying out the anatomy of these attacks, including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Each chapter includes an example real attack scenario, an analysis of the attack, and methods for mitigating the attack. Common themes will emerge throughout the book, but each wireless technology has its own unique quirks that make it useful to attackers in different ways, making understanding all of them important to overall security as rarely is just one wireless technology in use at a home or office. The book contains seven chapters that cover the following: infrastructure attacks, client attacks, Bluetooth attacks, RFID attacks; and attacks on analog wireless devices, cell phones, PDAs, and other hybrid devices. A chapter deals with the problem of bad encryption. It demonstrates how something that was supposed to protect communications can end up providing less security than advertised. This book is intended for information security professionals of all levels, as well as wireless device developers and recreational hackers.

Seven Deadliest Microsoft Attacks

  • 1st Edition
  • March 1, 2010
  • Rob Kraus + 3 more
  • English
  • eBook
    9 7 8 - 1 - 5 9 7 4 9 - 5 5 2 - 3
Seven Deadliest Microsoft Attacks explores some of the deadliest attacks made against Microsoft software and networks and how these attacks can impact the confidentiality, integrity, and availability of the most closely guarded company secrets. If you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products, this book is for you. It pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.The book consists of seven chapters that cover the seven deadliest attacks against Microsoft software and networks: attacks against Windows passwords; escalation attacks; stored procedure attacks; mail service attacks; client-side ActiveX and macro attacks; Web service attacks; and multi-tier attacks. Each chapter provides an overview of a single Microsoft software product, how it is used, and some of the core functionality behind the software. Furthermore, each chapter explores the anatomy of attacks against the software, the dangers of an attack, and possible defenses to help prevent the attacks described in the scenarios.This book will be a valuable resource for those responsible for oversight of network security for either small or large organizations. It will also benefit those interested in learning the details behind attacks against Microsoft infrastructure, products, and services; and how to defend against them. Network administrators and integrators will find value in learning how attacks can be executed, and transfer knowledge gained from this book into improving existing deployment and integration practices.

Digital Video Surveillance and Security

  • 1st Edition
  • February 23, 2010
  • Anthony C. Caputo
  • English
  • eBook
    9 7 8 - 0 - 0 8 - 0 9 6 1 6 9 - 9
Digital Video Surveillance and Security provides a blueprint for the IP-based electronic security system clients need, allowing security professionals to protect their client's place of business or home. The author gives detailed plans on the best camera position, areas of coverage, and hardware and software to select to maximize the effectiveness of newer lower-cost networked technologies. Clear, step-by-step descriptions and detailed illustrations describe the integration of such components as the current or new security system, door and window sensors, or other access controls, offering the capability of instantly launching a video of the area under surveillance on a computer or HDTV. Today's digital video surveillance solutions are networked, digitally archived, offering granular, managed accessibility from anywhere (any office, home, PDA, or smart phone), and providing interoperability and simple scalability. With recent advances in technology, DVS is economically attainable for most businesses. Security consultants can use this information to guide their clients in making budget-friendly choices of design and equipment and assembling the optimal system for their needs. Systems installers can use this step-by-step illustrated guide to master this crucial new technology.