Unauthorised Access: Physical Penetration Testing For IT Security Teams (Paperback) (未經授權的訪問:IT安全團隊的實體滲透測試)

Wil Allsopp

  • 出版商: Wiley
  • 出版日期: 2009-10-01
  • 定價: $1,900
  • 售價: 8.0$1,520
  • 語言: 英文
  • 頁數: 308
  • 裝訂: Paperback
  • ISBN: 0470747617
  • ISBN-13: 9780470747612
  • 相關分類: Penetration-test資訊安全
  • 立即出貨 (庫存 < 4)

相關主題

商品描述

The first guide to planning and performing a physical penetration test on your computer's security

Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security.

Featuring a Foreword written by world-renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception, this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.

  • Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance
  • Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels
  • Includes safeguards for consultants paid to probe facilities unbeknown to staff
  • Covers preparing the report and presenting it to management

In order to defend data, you need to think like a thief-let Unauthorised Access show you how to get inside.

商品描述(中文翻譯)

這是一本關於計劃和執行電腦安全物理滲透測試的第一本指南。

大多數IT安全團隊專注於保護網絡和系統免受外部攻擊,但如果攻擊者在內部呢?雖然幾乎所有IT團隊都會進行各種網絡和應用程式滲透測試,但對於物理位置的審計和測試並不普遍。現在,IT團隊越來越多地要求進行物理滲透測試,但在培訓方面卻很少有資源。測試的目標是展示在物理安全操作程序方面的任何不足之處。

本書由世界知名駭客Kevin D. Mitnick撰寫的前言,他也是《入侵的藝術》和《欺騙的藝術》的主要作者。這本書是第一本關於計劃和執行物理滲透測試的指南。在書中,IT安全專家Wil Allsopp將引導您完成整個過程,從收集情報、進入目標、應對威脅、保持隱藏(通常在明顯的地方)、獲取網絡和數據訪問權限等。

本書教導IT安全團隊如何闖入自己的設施,以防止此類攻擊,這通常被IT安全團隊忽視,但卻至關重要。書中還涉及情報收集,例如獲取建築藍圖和衛星圖像、入侵安全攝像頭、植入竊聽器和竊聽安全通道等。還包括為未經員工知曉的顧問準備保護措施,以及準備報告並向管理層呈現。

為了保護數據,您需要像一個小偷一樣思考-讓《未經授權的訪問》教您如何進入。