What Every Engineer Should Know About Cyber Security and Digital Forensics

What Every Engineer Should Know About Cyber Security and Digital Forensics
اسم المؤلف
Joanna F. DeFranco
التاريخ
4 سبتمبر 2017
المشاهدات
التقييم
Loading...

سلسلة مايجب على كل مهندس معرفته عن
What Every Engineer Should Know About Cyber Security and Digital Forensics
Joanna F. DeFranco
Contents
What Every Engineer Should Know: Series Statement xi
Preface . xiii
Acknowledgments xv
About the Author . xvii
1. Security Threats 1
1.1 Introduction .1
1.2 Social Engineering 3
1.3 Travel .6
1.4 Mobile Devices 7
1.5 Internet .8
1.6 The Cloud .9
1.7 Cyber Physical Systems 11
1.8 Theft 11
References .12
2. Cyber Security and Digital Forensics Careers . 15
2.1 Introduction . 15
2.2 Career Opportunities . 16
2.2.1 A Summarized List of “Information Security”
Job Tasks .17
2.2.2 A Summarized List of “Digital Forensic” Job Tasks .20
2.3 Certifcations 23
2.3.1 Information Security Certifcations 24
2.3.2 Digital Forensic Certifcations .34
2.3.2.1 Global Information Assurance Certifcations 34
2.3.2.2 Software Certifcations 36
References . 37
3. Cyber Security .39
3.1 Introduction .39
3.2 Information Security 40
3.3 Security Architecture .42
3.4 Access Controls .44
3.5 Cryptography 48
3.5.1 Types of Cryptography or Cryptographic Algorithms .49
3.6 Network and Telecommunications Security .50
3.7 Operating System Security 51
3.8 Software Development Security .53
3.9 Database Security 56viii Contents
3.10 Business Continuity and Disaster Recovery .57
3.11 Physical Security .57
3.12 Legal, Regulations, Compliance, and Investigations .58
3.13 Operations Security 59
3.14 Information Security Governance and Risk Management .60
References . 61
4. Preparing for an Incident 63
4.1 Introduction .63
4.1.1 The Zachman Framework 64
4.1.2 Adaptation of the Zachman Framework to Incident
Response Preparation 64
4.2 Risk Identifcation .66
4.3 Host Preparation .71
4.4 Network Preparation 73
4.5 Establishing Appropriate Policies and Procedures 76
4.6 Establishing an Incident Response Team 81
4.7 Preparing a Response Toolkit .83
4.8 Training 85
References .89
5. Incident Response and Digital Forensics 91
5.1 Introduction . 91
5.2 Incident Response .92
5.2.1 Detection/Identifcation 93
5.2.2 Containment .94
5.2.3 Eradication 95
5.2.4 Recovery 96
5.3 Incident Response for Cloud Computing 97
5.4 Digital Forensics 98
5.4.1 Preparation 99
5.4.2 Collection 101
5.4.3 Analysis . 102
5.4.4 Reporting 105
5.5 Mobile Phone Forensics 107
References . 109
6. The Law 111
6.1 Introduction . 111
6.2 Compliance 111
6.2.1 The Health Insurance Portability and Accountability
Act (HIPAA) 112
6.2.2 The Payment Card Industry Data Security Standard
(PCI-DSS) . 112Contents ix
6.2.3 The North American Electric Reliability
Corporation-Critical Infrastructure Protection
Committee (NERC-CIP) 113
6.2.4 The Gramm-Leach-Bliley Act (GLBA) . 114
6.2.5 Sarbanes-Oxley Act (SOX) 115
6.2.6 The Federal Information Security Management
Act (FISMA) 115
6.3 Laws for Acquiring Evidence 116
6.4 Evidence Rules . 120
6.5 E-discovery 121
6.6 Case Law 123
References . 124
7. Theory to Practice . 127
7.1 Introduction . 127
7.2 Case Study 1: It Is All Fun and Games until Something
Gets Deleted . 127
7.2.1 After Action Report . 131
7.2.1.1 What Worked Well? . 131
7.2.1.2 Lessons Learned . 131
7.2.1.3 What to Do Differently Next Time 132
7.3 Case Study 2: How Is This Working for You? . 133
7.3.1 After Action Report . 134
7.3.1.1 What Worked Well? . 134
7.3.1.2 Lessons Learned . 135
7.3.1.3 What to Do Differently Next Time 135
7.4 Case Study 3: The Weakest Link . 135
7.4.1 Background . 135
7.4.2 The Crime . 136
7.4.3 The Trial 137
7.4.3.1 The Defense . 137
7.4.3.2 The Prosecution 137
7.4.3.3 Other Strategies to Win the Case . 139
7.4.3.4 Verdict 140
7.4.4 After Action Report . 140
7.4.4.1 What Worked Well for UBS-PW? . 140
7.4.4.2 What to Do Differently Next Time 140
References . 141
Bibliography
كلمة سر فك الضغط : books-world.net
The Unzip Password : books-world.net

التعليقات

اترك تعليقاً

لن يتم نشر عنوان بريدك الإلكتروني. الحقول الإلزامية مشار إليها بـ *

Time limit is exhausted. Please reload CAPTCHA.