Inside Network Security Assessment. Guarding your IT Infrastructure 

1 2 3

• 1. Inside Network Security Assessment: Guarding your IT Infrastructure

• 2. Table of Contents

• 3. Copyright

  Copyright Copyright 2006 by Sams Publishing Trademarks Warning and Disclaimer Bulk Sales Dedications

• 4. About the Author

  About the Author

• 5. Acknowledgments

  Acknowledgments

• 6. We Want to Hear from You

  We Want to Hear from You

• 7. Reader Services

  Reader Services

• 8. Introduction

  Introduction

• 9. Who Should Read This Book

  Who Should Read This Book

• 10. Why We Created This Book

  Why We Created This Book

• 11. Overview of the Book s Contents

  Overview of the Book s Contents

• 12. Conventions Used in This Book

  A Sidebar Looks Like This Conventions Used in This Book

• 13. 1. Introduction to Assessing Network Vulnerabilities

  1. Introduction to Assessing Network Vulnerabilities

• 14. What Security Is and Isn t

  What Security Is and Isn t

• 15. Process for Assessing Risk

  Process for Assessing Risk

• 16. Four Ways in Which You Can Respond to Risk

  Four Ways in Which You Can Respond to Risk

• 17. Network Vulnerability Assessment

  Pen Testing in Real Life NIST s Role in Security CardSystem Solutions Discovers the Cost of Poor Policy Implementation Network Vulnerability Assessment

• 18. Summary

  Summary

• 19. Key Terms

  Key Terms

• 20. 2. Foundations and Principles of Security

  2. Foundations and Principles of Security

• 21. Basic Security Principles

  Russian Mob Targets Companies for DoS Basic Security Principles

• 22. Security Requires Information Classification

  Security Requires Information Classification

• 23. The Policy Framework

  The Policy Framework

• 24. The Role Authentication, Authorization, and Accountability Play in a Secure Organization

  What Is Your Password Worth? 802.1x Port Authentication The Role Authentication Authorization and Accountability Play in a Secure Organization

• 25. Encryption

  Encryption

• 26. Security and the Employee (Social Engineering)

  Phishing a Most Successful Form of Social Engineering Security and the Employee (Social Engineering)

• 27. Summary

  Summary

• 28. Key Terms

  Key Terms

• 29. 3. Why Risk Assessment

  3. Why Risk Assessment

• 30. Risk Terminology

  Risk Terminology

• 31. Laws, Mandates, and Regulations

  Laws Mandates and Regulations

• 32. Risk Assessment Best Practices

  Risk Assessment Best Practices

• 33. Understanding the IT Security Process

  Understanding the IT Security Process

• 34. The Goals and Objectives of a Risk Assessment

  The Goals and Objectives of a Risk Assessment

• 35. Summary

  Summary

• 36. Key Terms

  Key Terms

• 37. 4. Risk-Assessment Methodologies

  4. Risk-Assessment Methodologies

• 38. Risk-Assessment Terminology

  hidden vulnerability be uncovered in a Risk Assessment

• 39. Quantitative and Qualitative Risk-Assessment Approaches

  Single Loss Expectancy (SLE) Annualized Loss Expectancy (ALE) Qualitative Risk-Assessment Example Quantitative and Qualitative Risk-Assessment Approaches

• 40. Best Practices for Quantitative and Qualitative Risk Assessment

  Best Practices for Quantitative and Qualitative Risk Assessment

• 41. Choosing the Best Risk-Assessment Approach

  Choosing the Best Risk-Assessment Approach

• 42. Common Risk-Assessment Methodologies and Templates

  Common Risk-Assessment Methodologies and Templates

• 43. Summary

  Summary

• 44. Key Terms

  Key Terms

• 45. 5. Scoping the Project

  5. Scoping the Project

• 46. Defining the Scope of the Assessment

  Defining the Scope of the Assessment

• 47. Reviewing Critical Systems and Information

  Reviewing Critical Systems and Information

• 48. Compiling the Needed Documentation

  Compiling the Needed Documentation

• 49. Making Sure You Are Ready to Begin

  Making Sure You Are Ready to Begin

• 50. Summary

  Summary

1 2 3