The Effective Incident Response Team
Julie Lucas, Brian Moeller
- 出版商: Addison Wesley
- 出版日期: 2003-09-26
- 定價: $1,320
- 售價: 5.0 折 $660
- 語言: 英文
- 頁數: 256
- 裝訂: Paperback
- ISBN: 0201761750
- ISBN-13: 9780201761757
-
相關分類:
資訊安全、Information-management
立即出貨(限量) (庫存=1)
買這商品的人也買了...
-
$580$568 -
$549Effective C++: 50 Specific Ways to Improve Your Programs and Design, 2/e
-
$490$417 -
$2,610$2,480 -
$400$340 -
$450$428 -
$760$600 -
$580$458 -
$590$466 -
$690$538 -
$399CCNA ICND Exam Certification Guide (CCNA Self-Study, 640-811, 640-801) (Hardcover)
-
$620$490 -
$750$675 -
$490$382 -
$560$504 -
$450$356 -
$390$304 -
$580$458 -
$550$468 -
$560$476 -
$750$593 -
$450$356 -
$650$553 -
$650$553 -
$1,264Introduction to Machine Learning
相關主題
商品描述
Table of Contents
Foreword.
Preface.
1. Welcome to the Information Age.
A Brief History.
CERT.
More Teams.
FIRST.
What Does This Mean to My Organization?
Examples of Incident Response Teams.
Some Statistics.
Summary.2. What's Your Mission?
Focus and Scope.
Know Who You're Protecting: Defining Your Constituency.
Defining Response.
Working with Law Enforcement.
InfraGard.
Operational Strategy.
Defining an Incident.
Tracking an Incident.
Counting Incidents.
Services Offered.
The Importance of Credibility.
Summary.3. The Terminology Piece.
What Is a Computer Incident?
Operational Versus Security Incidents.
Determining the Categories to Be Used.
An Incident Taxonomy.
Common Vulnerability and Exposure (CVE) Project.
Summary.4. Computer Attacks.
Consequences of Computer Attacks.
Computer Intrusion, Unauthorized Access, or Compromise.
Denial-of-Service Attacks.
Port Scans or Probes.
Attack Vectors.
The Human Factor.
TCP/IP Design Limitations.
Coding Oversight.
Malicious Logic.
The Computer Virus.
Virus Types.
Important Steps to Remain Virus-Free.
Other Forms of Malicious Logic.
Virus Hoaxes and Urban Legends.
Summary.5. Forming the Puzzle.
Putting the Team Together.
Coverage Options.
Determining the Best Coverage.
Team Roles.
Team Skills.
Promotions and Growth.
Interviewing Candidates.
Facilities.
Products and Tools.
Penetration Testing Tools.
Intrusion Detection Systems.
Network Monitors and Protocol Analyzers.
Forensics Tools.
Other Tools.
Funding the Team.
Marketing Campaign.
Risk Assessment.
Business Case.
Placement of the Team.
Worst-Case Scenarios.
Training.
Certifications.
Constituency Training.
Marketing the Team.
Dealing with the Media.
Summary.6. Teamwork.
External Team Members.
Internal Teamwork.
Selecting Team Members.
Retention and Cohesiveness.
Summary.7. Selecting the Products and Tools.
Training as a Tool.
Sound Security Practices.
The Tools of the Trade.
Using the Tools.
Summary.8. The Puzzle in Action.
The Life Cycle of an Incident.
Step One: Preparation (Preparing for Compromise).
Step Two: Incident Identification.
Step Three: Notification.
Step Four: Incident Analysis.
Step Five: Remediation.
Step Six: System Restoration.
Step Seven: Lessons Learned.
Sample Incidents.
Incident Reporting.
Feedback.
Tracking Incidents.
Keeping Current.
Writing Computer Security Advisories.
Summary.9. What Did That Incident Cost?
Statistics and Cases.
CSI/FBI Survey Results.
Some Example Cases.
Forms of Economic Impact.
Costs Associated with Time Frames.
Tangible Versus Intangible Costs.
An Incident Cost Model.
Summary.10. The Legal Eagles.
Working with the Legal Community.
The Need for Legal Assistance.
Establishing Contacts.
Laws Pertaining to Computer Crime.
NeededNCase Law.
Reporting Computer Crime.
Summary.11. Computer Forensics: An Evolving Discipline.
The World of Forensics.
What Is Forensics?
The Forensics Investigation.
Overview and Importance of Computer Forensics.
Computer Forensics Challenges.
Computer Evidence.
Methodologies.
Education.
Summary.12. Conclusions.
Appendix A: Sample Incident Report Form.
Appendix B: Federal Code Related to Cyber Crime.
18 U.S.C. 1029. Fraud and Related Activity in Connection with Access Devices.
18 U.S.C. 1030. Fraud and Related Activity in Connection with Computers: As amended October 11, 1996.
18 U.S.C. 1362. Communication Lines, Stations, or Systems.
Appendix C: Sample Frequently Asked Questions.
Appendix D: Domain Name Extensions Used for Internet Addresses.
Appendix E: Well-Known Port Numbers.
Glossary.
Bibliography.
Index.
商品描述(中文翻譯)
目錄
前言。
前言。
1. 歡迎來到資訊時代。
簡史。
CERT。
更多團隊。
FIRST。
這對我的組織意味著什麼?
事件回應團隊的例子。
一些統計數據。
摘要。
2. 你的任務是什麼?
焦點和範圍。
了解你保護的對象:定義你的群體。
定義回應。
與執法機構合作。
InfraGard。
操作策略。
定義事件。
追蹤事件。
計算事件數量。
提供的服務。
可信度的重要性。
摘要。
3. 關於術語。
什麼是電腦事件?
操作與安全事件。
確定要使用的類別。
事件分類。
常見漏洞和曝光(CVE)計劃。
摘要。
4. 電腦攻擊。
電腦攻擊的後果。
電腦入侵、未經授權訪問或侵害。
阻斷服務攻擊。
端口掃描或探測。
攻擊向量。
人為因素。
TCP/IP設計限制。
編碼監察。
惡意邏輯。
電腦病毒。
病毒類型。
保持免疫於病毒的重要步驟。
其他形式的惡意邏輯。
病毒謠言和都市傳說。
摘要。
5. 拼湊。
組建團隊。
覆蓋範圍最佳化。