Posted on August 21, 2008
This book is intended as a ’self help’ guide to computer & network security, primarily for security managers, programmers and system administrators.
This book has the following objectives:
1. To briefly discuss threat & risk analysis.
2. To outline the ingredients necessary to define a security policy and to provide a framework (based on standards such as ITSEC and TCSEC) for deciding how tightly systems need to be secured.
3. To outline (sample) policies, processes, structure and responsibilities required in a security organisation.
4. To present current security mechanisms.
5. To briefly present physical security (concerning IT systems).
6. To provide a detailed list of technical guidelines for
* operating systems, applications and networks used in client/server systems. For the moment this report concentrates on Client/Server and Internet systems: NT, FW, Win95, OLTP, Oracle, Sybase, Sun UNIX, Firewalls, WWW/Java and TCP/IP Networks.
* Auditing checklists and “quick overviews” are provided for several types of systems
* DEC, SGI, AIX and HP systems are only partially covered in this document. They need to be covered in more detail (especially for the comparison in the Operating Systems Overview Chapter).
* It is not intended that this document cover VAX , Mainframe, Novell or Macintosh systems.
A detailed list of Security Information resources (such as CERT, FIRST, TCSEC and ITSEC) are listed in the Appendix, along with sample scripts and programs.
Read it Online Now
Copyright Disclaimer: This site does not store any files on its server. We only receive submission, index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us also just write a comment on the topic, we'll remove relevant links or contents immediately. email: webmaster@freeebook.info