Network Security Bible
Eric Cole, Ronald L. Krutz
Format: PDF / Kindle (mobi) / ePub
* A must for working network and security professionals as well as anyone in IS seeking to build competence in the increasingly important field of security * Written by three high-profile experts, including Eric Cole, an ex-CIA security guru who appears regularly on CNN and elsewhere in the media, and Ronald Krutz, a security pioneer who cowrote The CISSP Prep Guide and other security bestsellers * Covers everything from basic security principles and practices to the latest security threats and responses, including proven methods for diagnosing network vulnerabilities and insider secrets for boosting security effectiveness
Policies. 4. Reduce risk to an acceptable level. 5. Assume that external systems are insecure. 6. Identify potential trade-offs between reducing risk and increased costs and decrease in other aspects of operational effectiveness. 7. Implement layered security (ensure no single point of vulnerability). 8. Implement tailored system security measures to meet organizational security goals. 9. Strive for simplicity. 10. Design and operate an IT system to limit vulnerability and to be resilient in.
Establishing an initial baseline of hardware, software, and firmware components for the information system and subsequently controlling and maintaining an accurate inventory of any changes to the system. • Continuous monitoring — Ensures that controls continue to be effective in their application through periodic testing and evaluation. Security control monitoring (that is, verifying the continued effectiveness of those controls over time) and reporting the security status of the information.
Implemented through technical means such as computer hardware or software, encryption, intrusion detection mechanisms, and identification and authentication subsystems. Other controls, such as security policies, administrative actions, and physical and environmental mechanisms, are considered nontechnical controls. Both technical and nontechnical controls can further be classified as preventive or detective controls. As the names imply, preventive controls attempt to anticipate and stop attacks.
Language (DDL) — Defines the schema. ✦ Database management system (DBMS) — The software that maintains and provides access to the database. Relative to access control, a particular user can be restricted to certain information in the database and will not be allowed to view any other information. Chapter 3 ✦ Access Control Considerations ✦ Relation — A two-dimensional table that serves as the basis of a relational database. The rows of the table represent records or tuples, and the columns of.
Windows systems. This system was not intended to be used for file sharing or serving up DHCP, NFS, IIS, LSA, or nterm. Yet, apparently, ports are open for these or similar applications. 109 110 Part II ✦ Operating Systems and Applications Specifics of system hardening The following list itemizes more specific recommendations that can improve the security of a Windows workstation. ✦ Enable the built-in Encrypting File System (EFS) with NTFS. ✦ Remove Enable LMhosts lookup. ✦ Disable NetBIOS.