MARC View

000			06084cam a2200745 i 4500
001			on1162009242
003			OCoLC
005			20201015091048.0
006			m o d
007			cr \|\|\|\|\|\|\|\|\|\|\|
008			130124t20132013nyua ob 001 0 eng
010			_a 2020677486
040			_aDLC _beng _erda _cDLC _dVLY _dE7B _dYDXCP _dN$T _dOCLCF _dEBLCP _dAGLDB _dOTZ _dVTS _dAU@ _dSTF
019			_a849920422 _a851034703 _a1058447273 _a1119125336 _a1158112886 _a1158969613 _a1160539320
020			_a9781624172212 _qebook
020			_a1624172210
020			_z1624172040 _qhardcover
020			_z9781624172045 _qhardcover
029	1		_aAU@ _b000062325793
029	1		_aCHNEW _b000604791
029	1		_aDEBBG _bBV043106260
029	1		_aDEBSZ _b429940203
035			_a(OCoLC)1162009242 _z(OCoLC)849920422 _z(OCoLC)851034703 _z(OCoLC)1058447273 _z(OCoLC)1119125336 _z(OCoLC)1158112886 _z(OCoLC)1158969613 _z(OCoLC)1160539320
042			_apcc
050	0	0	_aQA76.9.A25
072		7	_aCOM _x060040 _2bisacsh
072		7	_aCOM _x043050 _2bisacsh
072		7	_aCOM _x053000 _2bisacsh
082	0	0	_a005.8 _223
049			_aMAIN
245	0	0	_aAdvances in security information management : _bperceptions and outcomes / _cGuillermo Su�arez de Tangil and Esther Palomar, editors.
264		1	_aNew York : _bNova Publishers, _c[2013]
300			_a1 online resource.
336			_atext _btxt _2rdacontent
337			_acomputer _bc _2rdamedia
338			_aonline resource _bcr _2rdacarrier
490	1		_aComputer science, technology and applications
504			_aIncludes bibliographical references and index.
588			_aDescription based on print version record and CIP data provided by publisher.
546			_aEnglish.
505	0		_aADVANCES IN SECURITY INFORMATION MANAGEMENT ; ADVANCES IN SECURITY INFORMATION MANAGEMENT ; CONTENTS ; PREFACE ; SECURITY INFORMATION AND EVENT MANAGEMENT SYSTEMS ... A NEED IN THE REAL WORLD; Abstract; 1. Introduction; 2. Security Evolution; 2.1. Attack Evolution; 2.2.Compliance; 3. Traditional Incident Handling Strategies; 3.1. Passive Tools; 3.1.1. IDS; 3.1.2. Operating System (OS) Detection; 3.1.3. User Identi cation; 3.2. Active Tools; 3.2.1. Firewalls; 3.2.2. Intrusion Prevention Systems; 3.2.3. Web Content Filtering; 3.2.4. Anti-Virus; 3.2.5. Web Application Firewalls.
505	8		_a3.2.6. Data or Information Leakage Prevention3.3. Proactive Tools; 3.3.1. Vulnerability Assessment; 3.3.2. Exploit Tools and Penetration Testing; 3.4. Attacking Tools; 4. Deployment and Use ofSecurity Tools; 4.1. Proper Deployment; 4.1.1. Input for the Tools; 4.1.2.Network Access Requirements; 4.2. Log Analysis; 5. Dealing with Information Overload; 5.1. Log Correlation Basis; 5.2. Actionable Data; 5.2.1. Individual High Value True Positives Pre-SIEM; 5.2.2. SIEM Correlated True Positives; 5.2.3. Dealing with False Positives; 5.2.4. Evaluating Effectiveness: Results and Stats from SIEM; 6. AccomplishingSIEM.
505	8		_a6.1.Company Rules6.2. Management Buy-In; 6.3. Requirements and Testing; 7. SIEM Speci c Requirements; 7.1. Dealing with Standard Logs; 7.1.1. Logs need to be correctly interpreted by SIEM; 7.1.2. Support; 7.2. SIEM Defaults: Rules and Parsers; 7.3. Customization; 7.3.1. Incidents; 7.3.2. Events; 7.3.3. Fixed Hardware and Software Architectures; 7.4. Physical and Logical Implementation; 7.5. Training; 8. Role Speci c Importance; 8.1. Managed Security Services; 8.1.1. Outsourced Security Management; 8.1.2. In-House Security Management; 8.2. Incident Handlers and Analysts; 8.2.1. Tracking and Reporting.
505	8		_a8.2.2. Analysts8.2.3. Incident Response; 9. Conclusion; References; SECURITY INFORMATION AND VULNERABILITY MANAGEMENT; Abstract; 1. Introduction; 2. Software Vulnerability Evaluation; 2.1. Security Risk Evaluation; 2.2. Vulnerability Monitoring; 2.3. Perimeter Security Traf c and Risk Monitoring; 2.4. Vulnerability Recovery; 3. Security Information and Event Management; 3.1. Log information quality; 3.2. Reliable sources of security advisories; 3.3. Accurac yof the asset inventory; 3.4. Vulnerability assessment; 3.5. Firewall change management; 4. Building blocks; 4.1. Building connector.
505	8		_a4.2. Building collector4.3. Adaptive ltering and correlation; 4.4. Correlation capability; 4.5. Correlation scenario; 5. Conclusion; A Advisory Information; A1. Secunia Sample Report; A2. Oval Sample Report; B Generic Advisory Report Taxonomy; B1. Asset Sample Report; B2. Vulnerability Scan Sample Report; B3. Application Log Sample Report; B4. Firewall Sample Report; References; TOWARD A MULTISTAGE ATTACK DETECTION FRAMEWORK; Abstract; 1. Introduction; 2. Attack Scenarios; 2.1. Analysis Methodology; 2.2. Scenario Alpha; 2.2.1. General Statistics; 2.2.2. Summary of Conversations; 2.2.3. In-depth Analysis.
590			_aeBooks on EBSCOhost _bEBSCO eBook Subscription Academic Collection - Worldwide
650		0	_aComputer security _xManagement.
650		0	_aData protection. _0http://id.loc.gov/authorities/subjects/sh85035859
650		7	_aCOMPUTERS _xInternet _xSecurity. _2bisacsh
650		7	_aCOMPUTERS _xNetworking _xSecurity. _2bisacsh
650		7	_aCOMPUTERS _xSecurity _xGeneral. _2bisacsh
650		7	_aComputer security _xManagement. _2fast _0(OCoLC)fst00872493
650		7	_aData protection. _2fast _0(OCoLC)fst00887958
655		4	_aElectronic books.
700	1		_aSu�arez de Tangil, Guillermo.
700	1		_aPalomar, Esther.
776	0	8	_iPrint version: _tAdvances in security information management _dNew York : Nova Publishers, [2013] _z9781624172045 (hardcover) _w(DLC) 2012040823
830		0	_aComputer science, technology and applications. _0http://id.loc.gov/authorities/names/no2010162081
856	4	0	_uhttps://libproxy.firstcity.edu.my:8443/login?url=http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=610654
938			_aEBL - Ebook Library _bEBLB _nEBL3022303
938			_aebrary _bEBRY _nebr10704271
938			_aEBSCOhost _bEBSC _n610654
938			_aYBP Library Services _bYANK _n10735536
994			_a92 _bMYFCU
999			_c57435 _d57435