Book Description
As an IT professional, you need to know how to perform network security assessments. Inside Network Security Assessment: Guarding Your IT Infrastructure is a collection of utilities and templates that will take you through the assessment process. Written by two highly qualified authors with close ties to the International Information Systems Security Certification Consortium, this book was developed with the goal of being a text for the CISSP continuing education class on Network Security Assessment. You will be provided with step-by-step training on assessing security, from paperwork to penetration testing to ethical hacking. The supporting website will also provide you with access to a variety of tools, checklists, and templates to make your job even easier. You'll save everyone time and money by learning to perform security assessments yourself with the help of Inside Network Security Assessment.
Table of Contents
Introduction.
1. Introduction to Assessing Network Vulnerabilities.
What Security Is and Isn’t.
Process for Assessing Risk.
Four Ways in Which You Can Respond to Risk.
Network Vulnerability Assessment.
Types of Network Vulnerability Assessments.
What Procedures Govern the Vulnerability Assessment?
The Role of Policies in the Vulnerability Assessment.
What Drives the Assessment?
Managing a Vulnerability Assessment.
Building Cooperation with Other Departments.
Importance of Setting and Maintaining a Schedule for Assessments.
Summary.
Key Terms.
2. Foundations and Principles of Security.
Basic Security Principles.
Security Requires Information Classification.
Governmental Information Classification System.
Commercial Information Classification System.
Classification Criteria.
The Policy Framework.
Types of Policies.
Defining Appropriate Policy.
Deploying Policy.
Policy Life Cycle.
The Role Authentication, Authorization, and Accountability Play in a Secure Organization.
Authentication.