Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Download
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword or section
Like this
1Activity
×

Table Of Contents

Chapter 1: Security Threats to IT Operations in the Age of Cybercrime
Evolving Information Security Threats
Minimal Threats: Experimenters and Dabblers
Something Old, Something New: Cybercrime Puts a New Twist on Old Crimes
Cybercrime as a Global Industry
Malware Developers
Bot Herders
Spammers and Phishers
Hackers and Data Thieves
Brokers and Exchanges
Increasing Numbers and Sophistication of Attacks
Case Study in Credit Card Theft
Doing Business in the Age of Cybercrime
Business Resources Targeted by Cybercrime
Targeted Information Assets
Identity Information
Credit Card and Bank Account Data
Proprietary Information and Intellectual Property
Targeted Computing Assets
Poor Security’s Impact on Business
Damage in Plain Sight
Hidden Costs of Poor Security
Summary
Chapter 2: Common Vulnerabilities in Business IT Systems
Technical Weaknesses
Unencrypted Communications
Man‐in‐the‐Middle Attack
Replay Attack
Insufficiently Patched OSs and Applications
Insufficient Use of Antivirus and Personal Firewalls
Weak Boundary Security
Poor Application Security
Organizational Weaknesses
End User Training and Security Awareness
End User Training Myths
Lax Security with Mobile Devices
Inappropriate Use of Business Computers and Network Services
Options for Addressing These Threats
Chapter 3: Developing a High‐Impact Security Management Strategy
Review of Business Processes and Workflows
Data in Motion: Identifying Unencrypted Communications
Movement Within Secured Network Segments
Movement Across Enterprise Networks
Movement Outside of the Enterprise Network
Data at Rest: Identify Servers Hosting Critical Applications
Access to Information: Managing Identities and Authorizations
Review of Technical Infrastructure
Network Security Measures
Perimeter Device Configuration
Network Monitoring
Reporting and Alert Systems
Server and Workstation Security Measures
Hardening OSs
Patching
Application Security Measures
Access Controls
Security Testing
Hardening Application Components
Security Policies and Governing Procedures
What Constitutes a Critical Server?
Using Encrypted Communications
Hardening Server OSs
Locking Down Databases
Protect Mobile Devices and Communications
Encrypt Communications with Mobile Devices
Authenticate Mobile Devices with Digital Certificates
Maintain OS Patches
Keep Antivirus Up to Date
Use Encryption on Mobile Devices
Deploying and Configuring Network Perimeter Devices
Firewalls
IPSs
Network Access Controls
Filtering Content on the Network
Monitoring and Auditing Network Activity
Security Awareness
Security Awareness Topics
Effective Security Awareness Training
Checklist of Practices and Technologies
0 of .
Results for:
No results containing your search query
P. 1
shortcut guide to security measures c SSL

shortcut guide to security measures c SSL

Ratings: (0)|Views: 1,225|Likes:
Published by csmann

More info:

categoriesBusiness/Law
Published by: csmann on Dec 14, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See More
See less

12/14/2011

pdf

text

original

You're Reading a Free Preview
Pages 4 to 53 are not shown in this preview.
You're Reading a Free Preview
Pages 57 to 68 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->