Trojans, Worms, and Spyware: A Computer Security Professional's Guide to Malicious Code
Bisher € 57,52
Lieferbar innert 2 Wochen
BeschreibungTrojans, Worms, and Spyware provides practical, easy to understand, and readily usable advice to help organizations to improve their security and reduce the possible risks of malicious code attacks. Despite the global downturn, information systems security remains one of the more in-demand professions in the world today. With the widespread use of the Internet as a business tool, more emphasis is being placed on information security than ever before. To successfully deal with this increase in dependence and the ever growing threat of virus and worm attacks, Information security and information assurance (IA) professionals need a jargon-free book that addresses the practical aspects of meeting new security requirements. This book provides a comprehensive list of threats, an explanation of what they are and how they wreak havoc with systems, as well as a set of rules-to-live-by along with a system to develop procedures and implement security training. It is a daunting task to combat the new generation of computer security threats new and advanced variants of Trojans, as well as spyware (both hardware and software) and bombs and Trojans, Worms, and Spyware will be a handy must-have reference for the computer security professional to battle and prevent financial and operational harm from system attacks. *Provides step-by-step instructions to follow in the event of an attack *Case studies illustrate the "do's," "don'ts," and lessons learned from infamous attacks *Illustrates to managers and their staffs the importance of having protocols and a response plan in place
InhaltsverzeichnisPreface Dedication Acknowledgements Introduction Chapter One: Malicious Code Overview Why Malicious Code Attacks are Dangerous The Impact of Malicious Code Attacks on Corporate Security Why Malicious Code Attacks Work Flaws in Software Weaknesses in System and Network Configurations Social Engineering Human Error and Foolishness Hackers, Thieves, and Spies Action Steps to Combat Malicious Code Attacks Chapter Two: Types of Malicious Code Email Viruses Trojans Back Doors Worms Blended Threats Time Bombs Spy Ware Ad Ware Steal Ware Action Steps to Combat Malicious Code Attacks Chapter Three: Review of Malicious Code Incidents Historic Tidbits The Morris Worm Melissa Love Bug Code Red(s) SirCam Nimda Slammer The Summer of 2003 Barrage of Blaster, Sobig and More Early 2004 with MyDoom, Netsky and More Action Steps to Combat Malicious Code Attacks Chapter Four: Basic Steps to Combat Malicious Code Understanding The Risks Using Security Policies to Set Standards System and Patch Updates Establishing a Computer Incident Response Team Training for IT Professionals Training End Users Applying Social Engineering Methods in an Organization Working with Law Enforcement Agencies Action Steps to Combat Malicious Code Attacks Chapter Five: Organizing for Security, Prevention, and Response Organization of the IT Security Function Where Malicious Code Prevention fits Into the IT Security Function Staffing for Malicious Code Prevention in IT Budgeting for Malicious Code Prevention Evaluating Products for Malicious Code Prevention Establishing and Utilizing an Alert Systems Establishing and Utilizing a Reporting System Corporate Security and Malicious Code Incident Investigations Action Steps to Combat Malicious Code Attacks Chapter Six: Controlling Computer Behavior of Employees Policies on Appropriate Use of Corporate Systems Monitoring Employee Behavior Site Blockers and Internet Filters Cookie and Spyware Blockers Pop Up Blockers Controlling Downloads SPAM Control Action Steps to Combat Malicious Code Attacks Chapter Seven: Responding to a Malicious Code Incident The First Report of a Malicious Code Attack The Confirmation Process Mobilizing the Response Team Notifying Management Using an Alert system and Informing End-Users Clean up and Restoration Controlling and Capturing Malicious Code Identifying the Source of Malicious Code The Preservation of Evidence When to Call Law Enforcement Enterprise Wide Eradication Returning to Normal Operations Analyzing Lessons Learned Action Steps to Combat Malicious Code Attacks Chapter Eight: Model Training Program for End-Users Explaining why The Training is Important Explaining The Appropriate Use Policy for Computers and Networks Explaining How the Help Desk and PC Support of the Organization Works Covering the Basic Dos and Donts of Computer Usage to Prevent Attacks Providing Basic Information about Malicious Code Explaining How it Identify Potentially Malicious Code Explaining What Employees Should to do if They Suspect Code is Malicious Explaining What Employees Should Expect From the IT Department During Incident Response. Performing the Administrative Aspects of a Training Program Action Steps to Combat Malicious Code Attacks Chapter Nine: The Future of Malicious Code Military Style Information Warfare Open Source Information Warfare Militancy and Social Action Homeland Security Efforts Action Steps to Combat Malicious Code Attacks Index Appendix A: Computer Security Resources
PortraitMichael Erbschloe an information technology consultant, educator, and author. Michael has also taught and developed technology related curriculum for several universities including the University of Denver, and speaks at conferences and industry events around the world. He has authored hundreds of articles on technology and several books including Information Warfare: How to Survive Cyber Attacks.
Untertitel: New. Sprache: Englisch.
Verlag: BUTTERWORTH HEINEMANN
Erscheinungsdatum: November 2004
Seitenanzahl: 232 Seiten