|
|
|||
|
||||
OverviewThe contemporary IT landscape is littered with various technologies that vendors claim will “solve” an organization’s cybersecurity challenges. These technologies are powerful and, in the right context, can be very effective. But misunderstood and misused, they either do not provide effective protection or do not protect the right things. This results in unnecessary expenditures, false beliefs of security, and interference with an organization’s mission.This book introduces major technologies that are employed in today’s cybersecurity landscape and the fundamental principles and philosophies behind them. By grasping these core concepts, professionals in every organization are better equipped to know what kind of technology they need, ask the right questions of vendors, and better interface with their CISO and security organization. The book is largely directed at beginners, including non-technical professionals such as policy makers, compliance teams, and business executives. What You Will Learn Authentication technologies, including secure password storage and how hackers “crack” password lists Access control technology, such as BLP, BIBA, and more recent models such as RBAC and ABAC Core cryptography technology, including AES encryption and public key signatures Classical host security technologies that protect against malware (viruses, trojans, ransomware) Classical network security technologies, such as border security (gateways, firewalls, proxies), network IDS and IPS, and modern deception systems Web security technologies, including cookies, state, and session defenses, and threats that try to subvert them Email and social media security threats such as spam, phishing, social media, and other email threats Who This Book Is For Professionals with no technicaltraining in engineering, computers, or other technology; those who want to know things at a technical level but have no previous background; professionals with a background in policy, compliance, and management; technical professionals without a background in computer security who seek an introduction to security topics; those with a security background who are not familiar with this breadth of technology. Full Product DetailsAuthor: Seth James NielsonPublisher: APress Imprint: APress Edition: 1st ed. Weight: 0.700kg ISBN: 9781484295595ISBN 10: 1484295595 Pages: 443 Publication Date: 09 December 2023 Audience: Professional and scholarly , Professional & Vocational Format: Paperback Publisher's Status: Active Availability: Not yet available This item is yet to be released. You can pre-order this item and we will dispatch it to you upon its release. Table of ContentsChapter 1: The Psychology of Cybersecurity Technology Chapter 2: Authentication Tech Foundations of Authentication The Big Three – Something You Know, Have, or Are Secure Password Storage How Hackers “Crack” Password Lists Chapter 3: Access Control Tech Foundations of Access Controls Mandatory vs Discretionary Access Controls BLP, BIBA, and Other Models RBAC and ABAC Chapter 4: Core Cryptography Tech Foundations of Cryptography Symmetric Cryptography Asymmetric Cryptography Certificates and PKI Chapter 5: Cryptography Application Tech Foundations of Cryptographic Applications Securing Data-At-Rest Securing Data-In-Motion Securing Data-In-Use Securing Composite States Chapter 6: Classical Host Security Tech Foundations of Host Security Malware: Viruses, Trojans, Ransomware Host Hardening Host IDS Technological Limits Chapter 7: Classical Network Security Tech Foundations of Network Security Border Security: Gateways, Firewalls, Proxies Virtual Private Network (VPN) Network IDS and IPS Physical Security Technological Limits Chapter 8: Web Security Tech Foundations of Web Security TLS Cookies, State, and Session Defenses API Security Domain Name Security Chapter 9: Email and Social Media Security Tech Foundations of Overlay Security Email-borne Malware Spam, Phishing, and Other Email Threats Social Media Threats Chapter 10: Cloud Security Tech Foundations of Cloud Security Authenticating and Authorizing Across Domains Multitenancy Security for Storage and Operations Availability Incident Response Chapter 11: Modern Security Tech Foundations of Classic Security Limitations Advanced Persistent Threats Zero-trust Networking Deception Technologies Data Privacy Techniques Chapter 12: Blockchain Tech Foundations of Blockchain Technology Peer-to-Peer Technology Distributed Ledgers Public and Private Ledgers Limitations of the Technology Cryptocurrencies Chapter 13: Current Events and Future Trends TODO: Decided closer to end-of-book Appendix A: Review of Computer Basics Appendix B: Review of Networking BasicsReviewsAuthor InformationSeth James Nielson, PhD is the founder and chief scientist of Crimson Vista, a cybersecurity engineering company. He advises clients from startups to Fortune 50 companies on security matters. Dr. Nielson also teaches cybersecurity courses at the University of Texas at Austin. He has authored or co-authored papers on topics such as IoT security, hacking portable chemical manufacturing systems, and methods for teaching computer security to students. Dr. Nielson also co-authored the Apress book, Practical Cryptography in Python. Tab Content 6Author Website:Countries AvailableAll regions |