Skip to main content
Elsevier
View Cart
My account

Books in Security management

BooksJournals

    • Managed Code Rootkits

      • 1st Edition
      • October 28, 2010
      • Erez Metula
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 7 4 5
      • eBook
        9 7 8 1 5 9 7 4 9 5 7 5 2
      Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various attack scenarios. The second part of the book covers the development of managed code rootkits, starting with the tools used in producing managed code rootkits through their deployment. The next part focuses on countermeasures that can possibly be used against managed code rootkits, including technical solutions, prevention, detection, and response tactics. The book concludes by presenting techniques that are somehow similar to managed code rootkits, which can be used in solving problems.

    • Managing Information Security

      • 1st Edition
      • March 3, 2010
      • John Vacca
      • English
      • eBook
        9 7 8 1 5 9 7 4 9 5 3 4 9
      Managing Information Security offers focused coverage of how to protect mission critical systems, how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerability assessment, and more. It offers in-depth coverage of the current technology and practice as it relates to information security management solutions. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise.

    • Seven Deadliest Network Attacks

      • 1st Edition
      • April 15, 2010
      • Stacy Prowell + 2 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 4 9 3
      • eBook
        9 7 8 1 5 9 7 4 9 5 5 0 9
      Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack. This book pinpoints the most dangerous hacks and exploits specific to networks, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. The book consists of seven chapters that deal with the following attacks: denial of service; war dialing; penetration testing; protocol tunneling; spanning tree attacks; man-in-the-middle; and password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data. This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense. Seven Deadliest Network Attacks will appeal to information security professionals of all levels, network admins, and recreational hackers.

    • Contemporary Security Management

      • 3rd Edition
      • November 8, 2010
      • John Fay
      • English
      • Hardback
        9 7 8 0 1 2 3 8 1 5 4 9 1
      • eBook
        9 7 8 0 1 2 3 8 1 9 5 1 2
      Contemporary Security Management, Third Edition teaches security professionals how to operate an efficient security department and how to integrate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management: how to organize, plan, develop and manage a security operation. how to identify vulnerabilities. how to determine the protective resources required to offset threats. how to implement all necessary physical and IT security measures. Security professionals share the responsibility for mitigating damage, serving as a resource to an Emergency Tactical Center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee theft and other misconduct, and offers sound advice on building constructive relationships with organizational peers and company management.

    • A Guide to Kernel Exploitation

      • 1st Edition
      • September 15, 2010
      • Enrico Perla + 1 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 4 8 6 1
      • eBook
        9 7 8 1 5 9 7 4 9 4 8 7 8
      A Guide to Kernel Exploitation: Attacking the Core discusses the theoretical techniques and approaches needed to develop reliable and effective kernel-level exploits, and applies them to different operating systems, namely, UNIX derivatives, Mac OS X, and Windows. Concepts and tactics are presented categorically so that even when a specifically detailed vulnerability has been patched, the foundational information provided will help hackers in writing a newer, better attack; or help pen testers, auditors, and the like develop a more concrete design and defensive structure.The book is organized into four parts. Part I introduces the kernel and sets out the theoretical basis on which to build the rest of the book. Part II focuses on different operating systems and describes exploits for them that target various bug classes. Part III on remote kernel exploitation analyzes the effects of the remote scenario and presents new techniques to target remote issues. It includes a step-by-step analysis of the development of a reliable, one-shot, remote exploit for a real vulnerabilitya bug affecting the SCTP subsystem found in the Linux kernel. Finally, Part IV wraps up the analysis on kernel exploitation and looks at what the future may hold.

    • Seven Deadliest Social Network Attacks

      • 1st Edition
      • April 22, 2010
      • Carl Timm + 1 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 4 5 5
      • eBook
        9 7 8 1 5 9 7 4 9 5 4 6 2
      Seven Deadliest Social Network Attacks describes the seven deadliest social networking attacks and how to defend against them. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, and provides a comprehensive view into how such attacks have impacted the livelihood and lives of adults and children. It lays out the anatomy of these attacks, including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. The book is separated into seven chapters, with each focusing on a specific type of attack that has been furthered with social networking tools and devices. These are: social networking infrastructure attacks; malware attacks; phishing attacks; Evil Twin Attacks; identity theft; cyberbullying; and physical threat. Each chapter takes readers through a detailed overview of a particular attack to demonstrate how it was used, what was accomplished as a result, and the ensuing consequences. In addition to analyzing the anatomy of the attacks, the book offers insights into how to develop mitigation strategies, including forecasts of where these types of attacks are heading. This book can serve as a reference guide to anyone who is or will be involved in oversight roles within the information security field. It will also benefit those involved or interested in providing defense mechanisms surrounding social media as well as information security professionals at all levels, those in the teaching profession, and recreational hackers.

    • Hospital Emergency Response Teams

      • 1st Edition
      • November 19, 2009
      • Jan Glarum + 2 more
      • English
      • Paperback
        9 7 8 1 8 5 6 1 7 7 0 1 6
      • eBook
        9 7 8 0 0 8 0 9 6 4 9 5 9
      Hospital Emergency Response Teams aims to provide authoritative training for hospital personnel in the emergency department, as well community-level medical service personnel, assisting them in times of disaster and emergency. Comprised of six chapters, the book covers various aspects of emergency response. Some of the aspects are the National Incident Management System (NIMS) implementation activities for hospitals and health care systems and the Hospital Incident Command System (HICS) IV missions. The book also explains the implementation issues, requirements, and timelines in establishing an internal HICS IV program. It presents the assessment of likely mass casualty events and potential hospital impact. The book also features appendices for emergency response team checklists, PPE donning and doffing guide, ambulatory and non-ambulatory decontamination setup, ETA exercises, and ETA drills.The book is intended to provide understanding of emergency response to first emergency medicine professionals, first responders, security staff, community-level disaster planners, and public health and disaster management researchers.

    • The Law of Emergencies

      • 1st Edition
      • June 22, 2009
      • Nan D. Hunter
      • English
      The Law of Emergencies discusses the legal framework for disaster response and emergency management. The book engages with and debates some of the most important Constitutional issues of our time, such as the tension between civil liberties and national security. It also examines how the law of emergencies plays out in the context of real life emergencies where individuals often have to make split-second decisions. It analyzes legal authority at the federal, state and local levels, placing the issues in historical context but concentrating on contemporary questions. This book includes primary texts, reader-friendly expository explanations, and sample discussion questions. Prior knowledge of the law is not necessary in order to use and understand this book. The contents are organized into 13 substantive chapters plus two additional chapters with problem sets, making the book especially easy to use for a separate course focused on law. The book leads students through the process of understanding both what the law requires and how to analyze issues for which there is no clear legal answer. It features materials on such critical issues as how to judge the extent of Constitutional authority for government to intervene in the lives and property of American citizens. At the same time, it also captures bread-and-butter issues such as responder liability and disaster relief methods. No other book brings these components together in a logically organized, step by step fashion. The book also features case studies of high-risk scenarios including pandemic flu, together with charts and text boxes for clarification. This book will be of interest to graduate and undergraduate students studying the major legal principles underlying emergency management and homeland security policy and operations; professionals in EM and HS; and private-sector risk managers.

    • Hospital and Healthcare Security

      • 5th Edition
      • October 12, 2009
      • Tony W. York + 1 more
      • English
      • Paperback
        9 7 8 1 4 9 3 3 0 3 9 2 2
      • Hardback
        9 7 8 1 8 5 6 1 7 6 1 3 2
      • eBook
        9 7 8 0 0 8 0 8 8 6 0 2 2
      Hospital and Healthcare Security, Fifth Edition, examines the issues inherent to healthcare and hospital security, including licensing, regulatory requirements, litigation, and accreditation standards. Building on the solid foundation laid down in the first four editions, the book looks at the changes that have occurred in healthcare security since the last edition was published in 2001. It consists of 25 chapters and presents examples from Canada, the UK, and the United States. It first provides an overview of the healthcare environment, including categories of healthcare, types of hospitals, the nonhospital side of healthcare, and the different stakeholders. It then describes basic healthcare security risks/vulnerabilitie... and offers tips on security management planning. The book also discusses security department organization and staffing, management and supervision of the security force, training of security personnel, security force deployment and patrol activities, employee involvement and awareness of security issues, implementation of physical security safeguards, parking control and security, and emergency preparedness. Healthcare security practitioners and hospital administrators will find this book invaluable.

    • Securing Intellectual Property

      • 1st Edition
      • December 1, 2008
      • Information Information Security
      • English
      • Paperback
        9 7 8 0 7 5 0 6 7 9 9 5 4
      • eBook
        9 7 8 0 0 8 0 9 4 1 4 1 7
      Most employeers are astounded at how easily and quickly their proprietary information can get out of their control. In a large number of cases, theft of trade secrets often involves employees leaving a company to start their own business or work for a direct competitor.Nearly all books that address the topic of trade secrets have the “spy vs. spy” perspective. The author approaches the topic from a practical business perspective and not simply creating “paranoia” for paranoia’s sake. The material for this book comes from the author’s extensive work experience as a computer forensics consultant and manager on numerous theft of trade secrets cases.