Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso



Similar documents
Network Security: A Practical Approach. Jan L. Harrington

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

Open Source Toolkit. Penetration Tester's. Jeremy Faircloth. Third Edition. Fryer, Neil. Technical Editor SYNGRESS. Syngrcss is an imprint of Elsevier

IMPROVEMENT THE PRACTITIONER'S GUIDE TO DATA QUALITY DAVID LOSHIN

Customer Relationship Management

Network Security. Windows 2012 Server. Securing Your Windows. Infrastructure. Network Systems and. Derrick Rountree. Richard Hicks, Technical Editor

Metrics and Methods for Security Risk Management

Risk Analysis and the Security Survey

External Supplier Control Requirements

for the Entire Organization

Supply Chain Strategies

Virtualization and Forensics

Big Data Analytics From Strategie Planning to Enterprise Integration with Tools, Techniques, NoSQL, and Graph

Master Data Management

Computing. Federal Cloud. Service Providers. The Definitive Guide for Cloud. Matthew Metheny ELSEVIER. Syngress is NEWYORK OXFORD PARIS SAN DIEGO

Configuration. Management for. Senior Managers. Essential Product Configuration. and Lifecycle Management

Eleventh Hour Security+

Cloud Computing. Theory and Practice. Dan C. Marinescu. Morgan Kaufmann is an imprint of Elsevier HEIDELBERG LONDON AMSTERDAM BOSTON

Human Performance Improvement

Fixed/Mobile Convergence and Beyond AMSTERDAM BOSTON. HEIDELBERG LONDON

Managing Data in Motion

Data Warehousing in the Age of Big Data

AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Academic Press is an imprint of Elsevier

Network Security Essentials:

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, p i.

INTERNATIONAL MONEY AND FINANCE

Digital Forensics with Open Source Tools

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO

superseries FIFTH EDITION

Implementing Database Security and Auditing

Computer Security Literacy

Private Equity and Venture Capital in Europe

Rapid System Prototyping with FPGAs

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER

Bellevue University Cybersecurity Programs & Courses

Agile Development & Business Goals. The Six Week Solution. Joseph Gee. George Stragand. Tom Wheeler

Delivery. Enterprise Software. Bringing Agility and Efficiency. Global Software Supply Chain. AAddison-Wesley. Alan W. Brown.

Introduction to Cyber Security / Information Security

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Hacking Web Apps. Detecting and Preventing Web Application Security Problems. Jorge Blanco Alcover. Mike Shema. Technical Editor SYNGRESS

Job Hazard Analysis. A Guide for Voluntary Compliance and Beyond. From Hazard to Risk: Transforming the JHA from a Tool to a Process

Measuring Data Quality for Ongoing Improvement

How To Write A Diagram

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

IT Manager's Handbook

CESG Certification of Cyber Security Training Courses

Measuring and. Communicating. Security's Value. A Compendium of Metrics. for Enterprise Protection

CRYPTOGRAPHY AND NETWORK SECURITY

CALNET 3 Category 7 Network Based Management Security. Table of Contents

^H 3RD EDITION ITGOVERNANCE A MANAGER'S GUIOE TO OATA SECURITY ANO DS 7799/IS ALAN CALDER STEVE WATKINS. KOGAN PAGE London and Sterling, VA

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press

CIMA'S Official Learning System

Policy Title: HIPAA Security Awareness and Training

Cyril Onwubiko Networking and Communications Group ncg.kingston.ac.

Glasnost or Tyranny? You Can Have Secure and Open Networks!

Cisco Advanced Services for Network Security

Audio Over IP. Building Pro AolP Systems. with Livewire. Skip Pizzi. Steve Church. Focal. Press ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON

Architectures, and. Service-Oriented. Cloud Computing. Web Services, The Savvy Manager's Guide. Second Edition. Douglas K. Barry. with.

COPYRIGHTED MATERIAL. Contents. Acknowledgments Introduction

Engineering DOCUMENTATION CONTROL HANDBOOK

Information Security Policy

The Protection Mission a constant endeavor

Integrated Reservoir Asset Management

Financial Statement Analysis

Valvation. Theories and Concepts. Rajesh Kumar. Professor of Finance, Institute of Management Technology, Dubai, UAE

INCIDENT RESPONSE CHECKLIST

The Crossroads of Accounting & IT

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

C. Author(s): David Millar (ISC Information Security) and Lauren Steinfeld (Chief Privacy Officer)

Winning the Hardware-Software Game

TCOM 562 Network Security Fundamentals

RFID Field Guide. Deploying Radio Frequency Identification Systems. Manish Bhuptani Shahram Moradpour. Sun Microsystems Press A Prentice Hall Title

A Systems Engineering Approach to Developing Cyber Security Professionals

Private Cloud Computing

Introduction Open Source Security Tools for Information Technology Professionals

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

Practical Web Analytics for User Experience

How Secure is Your SCADA System?

Social Media Marketing

TUSKEGEE CYBER SECURITY PATH FORWARD

AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Academic Press is an imprint of Elsevier

Security Metrics. A Beginner's Guide. Caroline Wong. Mc Graw Hill. Singapore Sydney Toronto. Lisbon London Madrid Mexico City Milan New Delhi San Juan

Intro to Firewalls. Summary

Modular Network Security. Tyler Carter, McAfee Network Security

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

A Cyber Security Integrator s perspective and approach

Business Finance. Theory and Practica. Eddie McLaney PEARSON

Practical Intrusion Analysis

(Instructor-led; 3 Days)

Transcription:

Cyber Attacks Protecting National Infrastructure Student Edition Edward G. Amoroso ELSEVIER. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Butterworth-Heinemann is an Imprint of Elsevier

CONTENTS V CONTENTS Preface Acknowledgments xi xv Chapter 1 Introduction 1 National CyberThreats, Vulnerabilities, and Attacks 4 Botnet Threat 7 National Cyber Security Methodology Components 9 Deception 11 Separation 13 Diversity 16 Consistency 17 Depth 19 Discretion 20 Collection 21 Correlation 23 Awareness 25 Response 26 Implementing the Principles Nationally 28 Protecting the Critical National Infrastructure Against Cyber Attacks 29 Summary 32 Chapter Review Questions/Exercises 33 Chapter 2 Deception 37 Scanning Stage 42 Deliberately Open Ports 43 Discovery Stage 45 Deceptive Documents 46 Exploitation Stage 48 ProcurementTricks 50 Exposing Stage 51 Interfaces Between Humans and Computers 53 National Deception Program 54

Vi CONTENTS The Deception Planning Process Against Cyber Attacks 55 Summary 57 Chapter Review Questions/Exercises 58 Chapter 3 Separation 63 What Is Separation? 65 Functional Separation 67 National Infrastructure Firewalls 69 DDOS Filtering 71 SCADA Separation Architecture 73 Physical Separation 75 Insider Separation 77 Asset Separation 80 Multilevel Security (MLS) 82 Protecting the Critical National Infrastructure Through Use of Separation 84 Summary 86 Chapter Review Questions/Exercises 87 Chapter 4 Diversity 91 Diversity andworm Propagation 93 Desktop Computer System Diversity 95 Diversity Paradox of Cloud Computing 98 NetworkTechnology Diversity 100 Physical Diversity 103 National Diversity Program 105 Critical Infrastructure Resilience and Diversity Initiative 106 Summary 108 Chapter Review Questions/Exercises 109 Chapter 5 Commonality 115 Meaningful Best Practices for Infrastructure Protection 119 Locally Relevant and Appropriate Security Policy 122 Culture of Security Protection 123 Infrastructure Simplification 126 Certification and Education 128 Career Path and Reward Structure 131 Responsible Past Security Practice 132 National Commonality Program 134

CONTENTS VII How Critical National Infrastructure Systems Demonstrate Commonality 135 Summary 137 Chapter Review Questions/Exercises 138 Chapter 6 Depth 141 Effectiveness of Depth 143 Layered Authentication 147 Layered E-Mail Virus and Spam Protection 151 Layered Access Controls 152 Layered Encryption 154 Layered Intrusion Detection 156 National Program of Depth 158 Practical Ways for Achieving Information Assurance in Infrastructure Networked Environments 160 Summary 161 Chapter Review Questions/Exercises 162 Chapter 7 Discretion 167 Trusted Computing Base 168 Security Through Obscurity 171 Information Sharing 174 Information Reconnaissance 176 Obscurity Layers 178 Organizational Compartments 179 National Discretion Program 181 Top-Down and Bottom-Up Sharing of Sensitive Information 182 Summary 185 Chapter Review Questions/Exercises 186 Chapter 8 Collection 191 Collecting Network Data 194 Collecting System Data 196 Security Information and Event Management 200 Large-ScaleTrending 203 Tracking a Worm 205 National Collection Program 208 Data Collection Efforts: Systems and Assets 209 Summary 212 Chapter Review Questions/Exercises 213

VIII CONTENTS Chapter 9 Correlation 217 Conventional Security Correlation Methods 221 Quality and Reliability Issues in Data Correlation 223 Correlating Data to Detect a Worm 225 Correlating Data to Detect a Botnet 226 Large-Scale Correlation Process 228 National Correlation Program 230 Correlation Rules for Critical National Infrastructure Cyber Security 232 Summary 233 Chapter Review Questions/Exercises 234 Chapter 10 Awareness 239 Detecting Infrastructure Attacks 243 Managing Vulnerability Information 244 Cyber Security Intelligence Reports 246 Risk Management Process 248 Security Operations Centers 250 National Awareness Program 252 Connecting Current Cyber Security Operation Centers to Enhance Situational Awareness 254 Summary 256 Chapter Review Questions/Exercises 256 Chapter 11 Response 261 Pre-Versus Post-Attack Response 263 Indications and Warning 265 Incident Response Teams 266 Forensic Analysis 269 Law Enforcement Issues 271 Disaster Recovery 272 National Response Program 274 The Critical National Infrastructure Incident Response Framework 275 Transitioning from NIPP Steady State to Incident Response Management 276

CONTENTS IX Summary 278 Chapter Review Questions/Exercises 278 Appendix A: National Infrastructure Protection Criteria 283 Appendix B: Case Studies by John R. Vacca 291 Index 305

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information