Network Security Evaluation Using the NSA IEM : Using the NSA IEM.
Title:
Network Security Evaluation Using the NSA IEM : Using the NSA IEM.
Author:
Rogers, Russ.
ISBN:
9780080489438
Personal Author:
Edition:
1st ed.
Physical Description:
1 online resource (464 pages)
Contents:
Cover -- Contents -- Prologue Why the IEM? -- Chapter 1 Introducing the INFOSEC Evaluation Methodology -- Chapter 2 Before the Evaluation Starts -- Chapter 3 Setting Expectations -- Chapter 4 Scoping the Evaluation -- Chapter 5 Legal Principles for Information Security Evaluations1 -- Chapter 6 Building the Technical Evaluation Plan -- Chapter 7 Starting Your On-Site Efforts -- Chapter 8 Network Discovery Activities -- Chapter 9 Collecting the Majority of Vulnerabilities -- Chapter 10 Fine-Tuning the Evaluation -- Chapter 11 The Onsite Closing Meeting -- Chapter 12 Post-Evaluation Analysis -- Chapter 13 Creating Measurements and Trending Results -- Chapter 14 Trending Metrics -- Chapter 15 Final Reporting -- Chapter 16 Summing Up -- Appendix A Examples of INFOSEC Tools by Baseline Activity -- Technical Evaluation Plan Outline and Sample -- Index -- Related Titles.
Abstract:
Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the methodology evolved and how to define the proper scope of an evaluation, including the consideration of legal issues that may arise during the evaluation. More detailed information is given in later chapters about the core technical processes that need to occur to ensure a comprehensive understanding of the network's security posture. Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report. * There is no other book currently on the market that covers the National Security Agency's recommended methodology for conducting technical security evaluations * The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM * The authors also developed the NSA's training class on this methodology.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Electronic Access:
Click to View