Trojans, Worms, and Spyware : A Computer Security Professional's Guide to Malicious Code (Paperback)

購買商店

Trojans, Worms, and Spyware : A Computer Security Professional's Guide to Malicious Code (Paperback)

$299.00

馬上購買

內容描述

Description:

Trojans, Worms, and Spyware provides practical, easy to understand, and
readily usable advice to help organizations to improve their security and
reduce the possible risks of malicious code attacks. Despite the global
downturn, information systems security remains one of the more in-demand
professions in the world today. With the widespread use of the Internet as a
business tool, more emphasis is being placed on information security than ever
before. To successfully deal with this increase in dependence and the ever
growing threat of virus and worm attacks, Information security and information
assurance (IA) professionals need a jargon-free book that addresses the
practical aspects of meeting new security requirements. This book
provides a comprehensive list of threats, an explanation of what they are and
how they wreak havoc with systems, as well as a set of rules-to-live-by along
with a system to develop procedures and implement security training. It is a
daunting task to combat the new generation of computer security threats – new
and advanced variants of Trojans, as well as spyware (both hardware and
software) and “bombs” – and Trojans, Worms, and Spyware will be a handy
must-have reference for the computer security professional to battle and
prevent financial and operational harm from system attacks.
 
Table of
Contents:

PrefaceDedicationAcknowledgementsIntroductionChapter
One: Malicious Code OverviewWhy Malicious Code Attacks are
DangerousThe Impact of Malicious Code Attacks on Corporate SecurityWhy
Malicious Code Attacks WorkFlaws in Software Weaknesses in System and
Network ConfigurationsSocial EngineeringHuman Error and
FoolishnessHackers, Thieves, and SpiesAction Steps to Combat Malicious
Code AttacksChapter Two: Types of Malicious CodeEmail
VirusesTrojansBack DoorsWormsBlended ThreatsTime
BombsSpy WareAd WareSteal Ware Action Steps to Combat
Malicious Code AttacksChapter Three: Review of Malicious Code
IncidentsHistoric TidbitsThe Morris WormMelissaLove
BugCode Red(s)SirCamNimdaSlammerThe Summer of 2003 Barrage
of Blaster, Sobig and MoreEarly 2004 with MyDoom, Netsky and
MoreAction Steps to Combat Malicious Code AttacksChapter Four:
Basic Steps to Combat Malicious CodeUnderstanding The RisksUsing
Security Policies to Set StandardsSystem and Patch UpdatesEstablishing
a Computer Incident Response TeamTraining for IT ProfessionalsTraining
End UsersApplying Social Engineering Methods in an OrganizationWorking
with Law Enforcement AgenciesAction Steps to Combat Malicious Code
AttacksChapter Five: Organizing for Security, Prevention, and
ResponseOrganization of the IT Security FunctionWhere Malicious Code
Prevention fits Into the IT Security FunctionStaffing for Malicious Code
Prevention in ITBudgeting for Malicious Code Prevention Evaluating
Products for Malicious Code Prevention Establishing and Utilizing an Alert
SystemsEstablishing and Utilizing a Reporting SystemCorporate Security
and Malicious Code Incident InvestigationsAction Steps to Combat Malicious
Code AttacksChapter Six: Controlling Computer Behavior of
EmployeesPolicies on Appropriate Use of Corporate SystemsMonitoring
Employee BehaviorSite Blockers and Internet FiltersCookie and Spyware
BlockersPop Up BlockersControlling DownloadsSPAM ControlAction
Steps to Combat Malicious Code AttacksChapter Seven: Responding to
a Malicious Code IncidentThe First Report of a Malicious Code
AttackThe Confirmation ProcessMobilizing the Response
TeamNotifying ManagementUsing an Alert system and Informing
End-UsersClean up and RestorationControlling and Capturing Malicious
CodeIdentifying the Source of Malicious CodeThe Preservation of
EvidenceWhen to Call Law EnforcementEnterprise Wide
EradicationReturning to Normal OperationsAnalyzing Lessons
LearnedAction Steps to Combat Malicious Code AttacksChapter
Eight: Model Training Program for End-UsersExplaining why The Training is
ImportantExplaining The Appropriate Use Policy for Computers and
NetworksExplaining How the Help Desk and PC Support of the Organization
WorksCovering the Basic Do’s and Don’ts of Computer Usage to Prevent
AttacksProviding Basic Information about Malicious CodeExplaining How
it Identify Potentially Malicious CodeExplaining What Employees Should to
do if They Suspect Code is Malicious Explaining What Employees Should
Expect From the IT Department During Incident Response.Performing the
Administrative Aspects of a Training ProgramAction Steps to Combat
Malicious Code AttacksChapter Nine: The Future of Malicious
CodeMilitary Style Information WarfareOpen Source Information
WarfareMilitancy and Social ActionHomeland Security EffortsAction
Steps to Combat Malicious Code AttacksIndexAppendix A:
Computer Security Resources