E-Business is on the rise, but so are the likelihood and severity of computer attacks. Melissa, the Love Bug, Nimda, and Reezak all caught the e-Business community off guard, costing billions of dollars in lost productivity and damage. Maintaining enterprise security is now, without question, a crucial aspect of doing business in today's Internet-based economy.
Enterprise Security: The Manager's Defense Guide is a comprehensive, state-of-the-art handbook for harnessing e-Business security. It examines the most recent attack strategies and offers specific techniques for combating attempts at data infiltration, destruction, and denial-of-service attacks. Understanding that security must be incorporated within multiple levels of e-Business technology and practice, the author presents measures for securing your system platform, applications, operating environment, processes, and communication links. He explains how the traditional security technologies of firewalls and virtual private networks (VPNs) can be integrated with risk management, vulnerability assessment, intrusion detection, and content management for a comprehensive security plan.
You will find in-depth coverage of such topics as:
- The goals and sophisticated tools of today's hackers
- The advantages and shortcomings of firewalls and VPNs
- Incorporating security into application development
- TCP/IP attacks, including SYN Flood and Land attacks
- Distributed denial-of-service (DDoS) attacks
- ICMP directed broadcast and Smurf bandwidth attacks
- The Bubble Boy virus
- Adding TCP Wrappers and security in layers
- Guidelines for vulnerability assessment and risk management
Several informative appendixes enumerate the top twenty enterprise vulnerabilities, provide an incident response form, discuss how to harden the often targeted Windows 2000 operating system, and examine denial-of-service attacks in depth.
Featuring the latest in attack technology and defenses, this book is an invaluable resource for IT managers and professionals who must remain a step ahead of the enemy in the ongoing security arms race.
About the Author
David Leon Clark
has over twenty years of experience in information technology systems and solutions and is currently the program manager responsible for the Information Assurance practice of Acton Burnell, Inc. of Alexandria, Virginia. Mr. Clark provides advice, support, and life cycle security consulting to federal and commercial clients. He designed the core curriculum for the Information Security Management (ISM) course of study, a graduate level program for the University of Virginia's School of Continuing and Professional Studies. A professional writer on high-tech topics, he is the author of IT Manager's Guide to Virtual Private Networks,
along with numerous technology white papers and marketing literature.