最新章節
- Summary
- Mobile devices
- Wireless
- Remote access
- Network security
- Implementing a secure coding awareness program
品牌:中圖公司
上架時間:2021-07-02 18:42:04
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Summary 更新時間:2021-07-02 21:56:38
- Mobile devices
- Wireless
- Remote access
- Network security
- Implementing a secure coding awareness program
- Web application firewalls
- Cookie security
- Least privileges
- Conducting a web application inventory
- Application security
- Step 4: Enforcing secure configuration baselines through automated testing and remediation
- Step 3: Integrating secure configuration baselines into the SDLC
- Step 2: Developing secure configuration baselines
- Step 1: Developing a policy that enforces secure configuration baselines
- Secure configurations
- Updates and patches
- Least functionality
- Password security
- Least privilege/role separation
- Using a normal user account where possible
- Limit administrator accounts
- User accounts
- Information security best practices
- Information and Data Security Best Practices
- Summary
- Special business considerations
- Cloud access security brokers
- Integrating cloud services with the security operations center
- Authorization considerations
- Authentication considerations
- Identification considerations
- Managing identification authentication and authorization in the cloud computing environment
- Storage threat mitigations
- Storage threats
- Storage types
- Storage considerations
- Data access
- Data location
- Cloud computing data security
- Cloud computing special consideration
- Cloud service provider
- Managed service provider
- Cloud computing management models
- Hybrid cloud
- Community cloud
- Private cloud
- Public cloud
- Cloud computing deployment models
- Software as a Service – SaaS
- Platform as a Service – PaaS
- Infrastructure as a Service – IaaS
- Cloud computing service models
- Cloud computing characteristics
- Cloud Security Consideration
- Summary
- Example information security architecture process
- Information security architecture process
- Partnering with your business stakeholders
- Developing a security architecture advisement program
- Conducting an information categorization
- Inputs to the BIA
- Conducting a business impact assessment
- Documenting external information systems access
- Documenting interface requirements
- Defining the expected user types
- Information system roles
- Project roles
- Documenting key information system and project roles
- Compliance standards
- Determining compliance requirements
- Purpose and description of the information system
- Conducting an initial information security analysis
- Information security architecture and SDLC/SELC
- Developing an Information Security Architecture Program
- Summary
- MSSP advantages
- Security operations center advantages
- Security operations center tools
- Remediation – containment/eradication/recovery
- False positive versus false negative/true positive versus true negative
- Events versus alerts versus incidents
- Identification – detection and analysis
- Processes and procedures
- Log or information analysis
- Log or information aggregation
- Security operations center roles
- Using already implemented toolsets
- Security operation center toolset design
- Management of security operations center tools
- Responsibilities of the SOC
- Developing a Security Operations Center
- Summary
- Incident response plan testing
- Lessons-learned sessions
- Post incident activity
- Act (Response) (OODA) tools
- Remediation - incident response tools
- Remediation – containment/recovery/mitigation
- Decision (OODA) tools
- Orientation (OODA) tools
- Observational (OODA) technical tools
- Identification – incident response tools
- Identification – detection and analysis
- Incident response procedure development
- Observe orient decide and act – OODA
- Determining what normal looks Like
- Prioritizing the incident response plan
- Understanding what is important
- Preparing the incident response plan
- Components of an incident response plan
- Do I need an incident response plan?
- Incident Response Planning
- Summary
- Test the BCDR plan
- Develop detailed recovery procedures
- Establish relocation plans
- Develop recovery teams
- Develop your plan
- Develop disaster recovery mechanisms
- Conduct a gap analysis
- Identify and document required resources
- Define technical disasters recovery mechanisms
- Sample BIA form
- Outputs from the BIA
- Inputs to the BIA
- Requirements and context gathering – business impact assessment
- Designing the BCDR plan
- Technical
- Operational
- Management
- Focus areas for BCDR planning
- Disaster recovery planning
- Business continuity planning
- Scope of BCDR plan
- Business Continuity/Disaster Recovery Planning
- Summary
- Cloud-based misconfigurations
- Point of sale system attacks
- Examples of successful attacks in the news
- Difference between vulnerability assessment and penetration testing
- Phases of a penetration test
- Penetration testing
- Vulnerability resolution
- Vulnerability scanning process
- Vulnerability scanning
- Business relationship with vulnerability assessment
- Vulnerability assessment
- Alerting of information security weakness
- Effective reporting of information security status
- Information security assessment automation
- Continuous monitoring
- SDLC summary
- Disposition
- Operations and maintenance
- System testing
- System implementation
- System design
- Requirements analysis
- Project initiation
- SDLC considerations for testing
- Types of technical testing
- Continuous Testing and Monitoring
- Summary
- Pulling it all together
- Defining enforcement authority
- Define roles and responsibilities
- Establish key initiatives
- Develop your information security program strategy
- Key information security program plan elements
- Organizational change management
- Information security is a business project not an IT project
- Business alignment
- Helping to guarantee success
- How mature is your organization?
- What is your organization's business risk appetite?
- Decentralized
- Centralized
- Is your organization centralized or decentralized?
- Compliance requirements
- Analysis to rightsizing your information security program
- Elements for a successful information security program
- Example information security program activities
- Determine your information security program objectives
- Developing Your Information and Data Security Plan
- Summary
- Qualitative risk assessment example
- Quantitative analysis
- Management choices when it comes to risk
- Conducting the risk assessment
- Estimating impact
- Estimating likelihood
- Pairing threats with vulnerabilities
- Identifying your organizations vulnerabilities
- Identifying your organizations threats
- Qualitative risk analysis
- Calculating risk
- Monitoring information system security controls
- Authorizing information systems to operate
- Assessing implemented security controls
- Security control implementation
- Information security frameworks
- Security control selection
- Establishing impact
- Valuing information
- Valuing the information and establishing impact
- Trade secrets
- Credit card information
- Publicly available information
- Examples of information type categories
- Organizing information into categories
- Questions you should ask your IT organization regarding the information's location
- Questions you should ask your business users regarding their information's location
- Types of storage options
- Backup storage considerations
- Disaster recovery considerations
- Finding information in the environment
- Determining information assets
- Data classification steps
- Data classification looks to understand
- Information categorization
- Risk management life cycle
- External organization
- Personnel
- IT operations
- Business operations
- Risk management is an organization-wide activity
- Performing a quick risk assessment
- General questions
- Personal Health Information – PHI
- Personally Identifiable Information – PII
- Intellectual property trade secrets
- What does my organization have that is worth protecting?
- Where is your valuable data?
- What is risk management?
- Risk ownership
- Who owns organizational risk?
- What is risk?
- Information Security Risk Management
- Summary
- Systems and services acquisitions policy
- System and information integrity policy
- System and communications protection policy
- Security assessment policy
- Risk assessment policy
- Physical and environmental protection policy
- Personnel security policy
- Media protection policy
- Maintenance policy
- Incident response policy
- Identification and authentication policy
- Contingency planning policy
- Configuration management policy
- Auditing and accountability policy
- Awareness and training policy
- Access control policy
- Planning policy
- Recommended operational policies
- Guidelines
- Procedures
- Standards
- System-specific policy
- Operational policy
- Information security program policy
- Information security policies
- Information security program maturity
- Information security built into SDLC
- Security awareness and training program
- Rightsizing information security for the organization
- Supporting the organization's mission
- Executive or board support
- Security program success factors
- Don't start from scratch use a framework
- Establishing an information security program
- Preparing for Information and Data Security
- Summary
- The case for vulnerability management
- Vulnerability management
- Closing information system vulnerabilities
- Methods of conducting training and awareness
- Hacker techniques
- Exploits
- Methods used by the attacker
- Cybercrime
- Nation state
- Script kiddie
- Hacktivist
- Penetration testing
- Grey hat hacker
- Blue hat hacker
- White hat or ethical hacker
- Black hat hacker
- Hackers and hacking
- Compliance
- What is important to your organization and who wants it?
- Defining the Threat Landscape
- Summary
- Key components of an effective training and awareness program
- Training
- Policies
- Information security standards
- Risk management
- Organizational information security assessment
- The CIA triad
- Information assurance
- IT security engineering
- The modern role of information security
- Evolution of cybercrime
- Information security challenges
- Information and Data Security Fundamentals
- Questions
- Piracy
- Errata
- Downloading the color images of this book
- Customer support
- Reader feedback
- Conventions
- Who this book is for
- What you need for this book
- What this book covers
- Preface
- Customer Feedback
- Why subscribe?
- www.PacktPub.com
- About the Reviewers
- About the Author
- Credits
- 版權信息
- 封面
- 封面
- 版權信息
- Credits
- About the Author
- About the Reviewers
- www.PacktPub.com
- Why subscribe?
- Customer Feedback
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Conventions
- Reader feedback
- Customer support
- Downloading the color images of this book
- Errata
- Piracy
- Questions
- Information and Data Security Fundamentals
- Information security challenges
- Evolution of cybercrime
- The modern role of information security
- IT security engineering
- Information assurance
- The CIA triad
- Organizational information security assessment
- Risk management
- Information security standards
- Policies
- Training
- Key components of an effective training and awareness program
- Summary
- Defining the Threat Landscape
- What is important to your organization and who wants it?
- Compliance
- Hackers and hacking
- Black hat hacker
- White hat or ethical hacker
- Blue hat hacker
- Grey hat hacker
- Penetration testing
- Hacktivist
- Script kiddie
- Nation state
- Cybercrime
- Methods used by the attacker
- Exploits
- Hacker techniques
- Methods of conducting training and awareness
- Closing information system vulnerabilities
- Vulnerability management
- The case for vulnerability management
- Summary
- Preparing for Information and Data Security
- Establishing an information security program
- Don't start from scratch use a framework
- Security program success factors
- Executive or board support
- Supporting the organization's mission
- Rightsizing information security for the organization
- Security awareness and training program
- Information security built into SDLC
- Information security program maturity
- Information security policies
- Information security program policy
- Operational policy
- System-specific policy
- Standards
- Procedures
- Guidelines
- Recommended operational policies
- Planning policy
- Access control policy
- Awareness and training policy
- Auditing and accountability policy
- Configuration management policy
- Contingency planning policy
- Identification and authentication policy
- Incident response policy
- Maintenance policy
- Media protection policy
- Personnel security policy
- Physical and environmental protection policy
- Risk assessment policy
- Security assessment policy
- System and communications protection policy
- System and information integrity policy
- Systems and services acquisitions policy
- Summary
- Information Security Risk Management
- What is risk?
- Who owns organizational risk?
- Risk ownership
- What is risk management?
- Where is your valuable data?
- What does my organization have that is worth protecting?
- Intellectual property trade secrets
- Personally Identifiable Information – PII
- Personal Health Information – PHI
- General questions
- Performing a quick risk assessment
- Risk management is an organization-wide activity
- Business operations
- IT operations
- Personnel
- External organization
- Risk management life cycle
- Information categorization
- Data classification looks to understand
- Data classification steps
- Determining information assets
- Finding information in the environment
- Disaster recovery considerations
- Backup storage considerations
- Types of storage options
- Questions you should ask your business users regarding their information's location
- Questions you should ask your IT organization regarding the information's location
- Organizing information into categories
- Examples of information type categories
- Publicly available information
- Credit card information
- Trade secrets
- Valuing the information and establishing impact
- Valuing information
- Establishing impact
- Security control selection
- Information security frameworks
- Security control implementation
- Assessing implemented security controls
- Authorizing information systems to operate
- Monitoring information system security controls
- Calculating risk
- Qualitative risk analysis
- Identifying your organizations threats
- Identifying your organizations vulnerabilities
- Pairing threats with vulnerabilities
- Estimating likelihood
- Estimating impact
- Conducting the risk assessment
- Management choices when it comes to risk
- Quantitative analysis
- Qualitative risk assessment example
- Summary
- Developing Your Information and Data Security Plan
- Determine your information security program objectives
- Example information security program activities
- Elements for a successful information security program
- Analysis to rightsizing your information security program
- Compliance requirements
- Is your organization centralized or decentralized?
- Centralized
- Decentralized
- What is your organization's business risk appetite?
- How mature is your organization?
- Helping to guarantee success
- Business alignment
- Information security is a business project not an IT project
- Organizational change management
- Key information security program plan elements
- Develop your information security program strategy
- Establish key initiatives
- Define roles and responsibilities
- Defining enforcement authority
- Pulling it all together
- Summary
- Continuous Testing and Monitoring
- Types of technical testing
- SDLC considerations for testing
- Project initiation
- Requirements analysis
- System design
- System implementation
- System testing
- Operations and maintenance
- Disposition
- SDLC summary
- Continuous monitoring
- Information security assessment automation
- Effective reporting of information security status
- Alerting of information security weakness
- Vulnerability assessment
- Business relationship with vulnerability assessment
- Vulnerability scanning
- Vulnerability scanning process
- Vulnerability resolution
- Penetration testing
- Phases of a penetration test
- Difference between vulnerability assessment and penetration testing
- Examples of successful attacks in the news
- Point of sale system attacks
- Cloud-based misconfigurations
- Summary
- Business Continuity/Disaster Recovery Planning
- Scope of BCDR plan
- Business continuity planning
- Disaster recovery planning
- Focus areas for BCDR planning
- Management
- Operational
- Technical
- Designing the BCDR plan
- Requirements and context gathering – business impact assessment
- Inputs to the BIA
- Outputs from the BIA
- Sample BIA form
- Define technical disasters recovery mechanisms
- Identify and document required resources
- Conduct a gap analysis
- Develop disaster recovery mechanisms
- Develop your plan
- Develop recovery teams
- Establish relocation plans
- Develop detailed recovery procedures
- Test the BCDR plan
- Summary
- Incident Response Planning
- Do I need an incident response plan?
- Components of an incident response plan
- Preparing the incident response plan
- Understanding what is important
- Prioritizing the incident response plan
- Determining what normal looks Like
- Observe orient decide and act – OODA
- Incident response procedure development
- Identification – detection and analysis
- Identification – incident response tools
- Observational (OODA) technical tools
- Orientation (OODA) tools
- Decision (OODA) tools
- Remediation – containment/recovery/mitigation
- Remediation - incident response tools
- Act (Response) (OODA) tools
- Post incident activity
- Lessons-learned sessions
- Incident response plan testing
- Summary
- Developing a Security Operations Center
- Responsibilities of the SOC
- Management of security operations center tools
- Security operation center toolset design
- Using already implemented toolsets
- Security operations center roles
- Log or information aggregation
- Log or information analysis
- Processes and procedures
- Identification – detection and analysis
- Events versus alerts versus incidents
- False positive versus false negative/true positive versus true negative
- Remediation – containment/eradication/recovery
- Security operations center tools
- Security operations center advantages
- MSSP advantages
- Summary
- Developing an Information Security Architecture Program
- Information security architecture and SDLC/SELC
- Conducting an initial information security analysis
- Purpose and description of the information system
- Determining compliance requirements
- Compliance standards
- Documenting key information system and project roles
- Project roles
- Information system roles
- Defining the expected user types
- Documenting interface requirements
- Documenting external information systems access
- Conducting a business impact assessment
- Inputs to the BIA
- Conducting an information categorization
- Developing a security architecture advisement program
- Partnering with your business stakeholders
- Information security architecture process
- Example information security architecture process
- Summary
- Cloud Security Consideration
- Cloud computing characteristics
- Cloud computing service models
- Infrastructure as a Service – IaaS
- Platform as a Service – PaaS
- Software as a Service – SaaS
- Cloud computing deployment models
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Cloud computing management models
- Managed service provider
- Cloud service provider
- Cloud computing special consideration
- Cloud computing data security
- Data location
- Data access
- Storage considerations
- Storage types
- Storage threats
- Storage threat mitigations
- Managing identification authentication and authorization in the cloud computing environment
- Identification considerations
- Authentication considerations
- Authorization considerations
- Integrating cloud services with the security operations center
- Cloud access security brokers
- Special business considerations
- Summary
- Information and Data Security Best Practices
- Information security best practices
- User accounts
- Limit administrator accounts
- Using a normal user account where possible
- Least privilege/role separation
- Password security
- Least functionality
- Updates and patches
- Secure configurations
- Step 1: Developing a policy that enforces secure configuration baselines
- Step 2: Developing secure configuration baselines
- Step 3: Integrating secure configuration baselines into the SDLC
- Step 4: Enforcing secure configuration baselines through automated testing and remediation
- Application security
- Conducting a web application inventory
- Least privileges
- Cookie security
- Web application firewalls
- Implementing a secure coding awareness program
- Network security
- Remote access
- Wireless
- Mobile devices
- Summary 更新時間:2021-07-02 21:56:38
