Muutke küpsiste eelistusi

E-raamat: Unauthorised Access: Physical Penetration Testing For IT Security Teams

3.84/5 (257 hinnangut Goodreads-ist)
  • Formaat: PDF+DRM
  • Ilmumisaeg: 13-Jul-2009
  • Kirjastus: John Wiley & Sons Inc
  • Keel: eng
  • ISBN-13: 9780470682722
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 29,25 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Unauthorised Access: Physical Penetration Testing For IT Security TeamsSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 13-Jul-2009
  • Kirjastus: John Wiley & Sons Inc
  • Keel: eng
  • ISBN-13: 9780470682722
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Provides information on planning and performing penetration testing on computer networks.

The first guide to planning and performing a physical penetration test on your computer's security

Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security.

Featuring a Foreword written by world-renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception, this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.

  • Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance
  • Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels
  • Includes safeguards for consultants paid to probe facilities unbeknown to staff
  • Covers preparing the report and presenting it to management

In order to defend data, you need to think like a thief-let Unauthorised Access show you how to get inside.

Preface xi
Acknowledgements xv
Foreword xvii
The Basics of Physical Penetration Testing
1(10)
What Do Penetration Testers Do?
2(1)
Security Testing in the Real World
2(2)
Legal and Procedural Issues
4(4)
Know the Enemy
8(1)
Engaging a Penetration Testing Team
9(1)
Summary
10(1)
Planning Your Physical Penetration Tests
11(18)
Building the Operating Team
12(3)
Project Planning and Workflow
15(11)
Codes, Call Signs and Communication
26(2)
Summary
28(1)
Executing Tests
29(22)
Common Paradigms for Conducting Tests
30(1)
Conducting Site Exploration
31(3)
Example Tactical Approaches
34(2)
Mechanisms of Physical Security
36(14)
Summary
50(1)
An Introduction to Social Engineering Techniques
51(16)
Introduction to Guerilla Psychology
53(8)
Tactical Approaches to Social Engineering
61(5)
Summary
66(1)
Lock Picking
67(22)
Lock Picking as a Hobby
68(4)
Introduction to Lock Picking
72(8)
Advanced Techniques
80(2)
Attacking Other Mechanisms
82(4)
Summary
86(3)
Information Gathering
89(32)
Dumpster Diving
90(9)
Shoulder Surfing
99(3)
Collecting Photographic Intelligence
102(5)
Finding Information From Public Sources and the Internet
107(8)
Electronic Surveillance
115(2)
Covert Surveillance
117(2)
Summary
119(2)
Hacking Wireless Equipment
121(34)
Wireless Networking Concepts
122(3)
Introduction to Wireless Cryptography
125(6)
Cracking Encryption
131(13)
Attacking a Wireless Client
144(6)
Mounting a Bluetooth Attack
150(3)
Summary
153(2)
Gathering the Right Equipment
155(22)
The ``Get of Jail Free'' Card
155(2)
Photography and Surveillance Equipment
157(2)
Computer Equipment
159(1)
Wireless Equipment
160(5)
Global Positioning Systems
165(2)
Lock Picking Tools
167(2)
Forensics Equipment
169(1)
Communications Equipment
170(1)
Scanners
171(4)
Summary
175(2)
Tales from the Front Line
177(30)
SCADA Raiders
177(10)
Night Vision
187(10)
Unauthorized Access
197(7)
Summary
204(3)
Introducing Security Policy Concepts
207(22)
Physical Security
206(7)
Protectively Marked or Classified GDI Material
213(3)
Protective Markings in the Corporate World
216(2)
Communications Security
218(3)
Staff Background Checks
221(2)
Data Destruction
223(1)
Data Encryption
224(1)
Outsourcing Risks
225(1)
Incident Response Policies
226(2)
Summary
228(1)
Counter Intelligence
229(20)
Understanding the Sources of Information Exposure
230(5)
Social Engineering Attacks
235(4)
Protecting Against Electronic Monitoring
239(1)
Securing Refuse
240(1)
Protecting Against Tailgating and Shoulder Surfing
241(1)
Performing Penetration Testing
242(3)
Baseline Physical Security
245(2)
Summary
247(2)
Appendix A: UK Law
249(6)
Computer Misuse Act
249(2)
Human Rights Act
251(1)
Regulation of Investigatory Powers Act
252(1)
Data Protection Act
253(2)
Appendix B: US Law
255(6)
Computer Fraud and Abuse Act
255(1)
Electronic Communications Privacy Act
256(1)
SOX and HIPAA
257(4)
Appendix C: EU Law
261(4)
European Network and Information Security Agency
261(2)
Data Protection Directive
263(2)
Appendix D: Security Clearances
265(6)
Clearance Procedures in the United Kingdom
266(1)
Levels of Clearance in the United Kingdom
266(2)
Levels of Clearance in the United States
268(3)
Appendix E: Security Accreditations
271(6)
Certified Information Systems Security Professional
271(1)
Communication-Electronics Security Group Check
272(2)
Global Information Assurance Certification
274(1)
INFOSEC Assessment and Evaluation
275(2)
Index 277
Wil Allsopp (Netherlands) is an IT security expert who has provided security audits for some of the largest companies in the UK including top tier banking, government and most of the Fortune 100. His job requires him to be part hacker, and part thief as companies hire him to probe their security measures to the extreme.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97804706827222e.html
Märksõnad: