| Description |
1 online resource (199 p.) |
| Series |
What Every Engineer Should Know Ser |
|
What Every Engineer Should Know Ser
|
| Contents |
Cover -- Half Title -- Series Page -- Title Page -- Copyright Page -- Table of Contents -- What Every Engineer Should Know: Series Statement -- Preface -- Acknowledgments -- Authors -- Chapter 1 Security Threats -- 1.1 Introduction -- 1.2 Social Engineering -- 1.3 Travel -- 1.4 Mobile Devices -- 1.5 Internet -- 1.6 The Cloud -- 1.7 Cyber Physical Systems -- 1.8 Theft -- References -- Notes -- Chapter 2 Cyber Security -- 2.1 Introduction -- 2.2 Information Security -- 2.3 Security Architecture -- 2.4 Access Controls -- 2.5 Cryptography -- 2.5.1 Types of Cryptography or Cryptographic Algorithms |
|
2.6 Network and Telecommunications Security -- 2.7 Operating System Security -- 2.8 Software Development Security -- 2.9 Database Security -- 2.10 Internet of Things Security -- 2.11 Business Continuity and Disaster Recovery -- 2.12 Physical Security -- 2.13 Legal, Regulations, Compliance, and Investigations -- 2.14 Operations Security -- 2.15 Information Security Governance and Risk Management -- References -- Chapter 3 Strategy to Outpace the Adversary -- 3.1 Introduction -- 3.2 The Problem -- 3.3 Boyd's OODA Loop Overview -- 3.3.1 Observe in Depth -- 3.3.2 Orient in Depth |
|
3.3.3 Decide in Depth -- 3.3.4 Act in Depth -- 3.4 OODA Loop Applied: The Ukraine-Russia Cyberwar -- 3.4.1 Observe -- 3.4.2 Orient -- 3.4.2.1 Understand the Cyber Security Posture of Your Third and Fourth Parties -- 3.4.2.2 Understand the Ransomware Susceptibility of Your Vendors -- 3.4.3 Decide -- 3.4.3.1 Monitor the DDoS Resiliency of Your Vendors -- 3.4.4 Act -- 3.4.5 Take Away Points -- 3.5 Conclusions and Recommendations -- References -- Note -- Chapter 4 Preparing for an Incident -- 4.1 Introduction -- 4.1.1 The Zachman Framework |
|
4.1.2 Adaptation of the Zachman Framework to Incident Response Preparation -- 4.2 Risk Identification -- 4.3 Host Preparation -- 4.4 Network Preparation -- 4.5 Establishing Appropriate Policies and Procedures -- 4.6 Establishing an Incident Response Team -- 4.7 Preparing a Response Toolkit -- 4.8 Training -- References -- Notes -- Chapter 5 Incident Response and Digital Forensics -- 5.1 Introduction -- 5.2 Incident Response -- 5.2.1 Detection/Identification -- 5.2.2 Containment -- 5.2.3 Eradication -- 5.2.4 Recovery -- 5.3 Incident Response for Cloud Computing -- 5.4 Digital Forensics |
|
5.4.1 Preparation -- 5.4.2 Collection -- 5.4.3 Analysis -- 5.4.4 Reporting -- 5.5 Mobile Phone Forensics -- References -- Notes -- Chapter 6 Development, Security, and Operations -- 6.1 What Is a Secure Software Development Life Cycle? -- 6.2 Reasons to Use SDLC -- 6.3 Segregation of Environments -- 6.4 Secure SDLC Phases -- 6.5 Why Do Developers Not Follow SDLC? -- 6.6 Is SDLC an OODA Loop? -- References -- Chapter 7 Mobile Device Forensic Tools -- 7.1 Introduction -- 7.2 Tools -- 7.2.1 Axiom and Axiom Cyber by Magnet Forensics -- 7.2.2 ALEAPP Android and iOS Analysis Tools |
| Summary |
Designed for the non-security professional, this book is an overview of the field of cyber security. The new edition updates content and introduces topics such as business changes and outsourcing. It addresses new cyber security risks such as IoT and Distributed Networks (i.e., blockchain) and covers strategy based on the OODA loop in the cycle |
| Notes |
Description based upon print version of record |
|
7.2.3 Belkasoft Evidence Center X |
| Subject |
Digital forensic science.
|
|
Computer networks -- Security measures.
|
|
Computer security.
|
|
Computer networks -- Security measures
|
|
Computer security
|
|
Digital forensic science
|
| Form |
Electronic book
|
| Author |
Maley, Bob
|
| ISBN |
9781000797961 |
|
1000797961 |
|
