O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Analyzing Computer Security

Analyzing Computer Security

by Charles P. Pfleeger, Shari Lawrence Pfleeger
Publisher: Prentice Hall
Release Date: August 2011
ISBN: 9780132789493
View table of contents
Start reading

Book Description

The Modern Introduction to Computer Security: Understand Threats, Identify Their Causes, and Implement Effective Countermeasures

Analyzing Computer Security is a fresh, modern, and relevant introduction to computer security. Organized around today’s key attacks, vulnerabilities, and countermeasures, it helps you think critically and creatively about computer security–so you can prevent serious problems and mitigate those that still occur.

In this new book, renowned security and software engineering experts Charles Pfleeger and Shari Lawrence Pfleeger—authors of the classic Security in Computing, Fourth Edition—teach security the way modern security professionals approach it: by identifying the people or things that may cause harm, uncovering weaknesses that can be exploited, and showing how to choose and apply the right protections.

Attacks and solutions are presented through nearly 200 illustrations. More than 250 up-to-date problems allow you to practice the skills you learn. The book covers “hot button” issues, such as cloud computing, electronic voting, and cyber warfare. You also gain new insight into broader themes, including risk analysis, human factors, overlapping controls, trust, privacy, ethics, and forensics. One step at a time, the book systematically helps you develop the problem-solving skills needed to safeguard any information infrastructure.

Coverage includes

  • Understanding the linkages between threats, vulnerabilities, and countermeasures

  • Knowing when security is useful, and when it’s useless “security theater”

  • Implementing effective identification and authentication systems

  • Using modern cryptography and overcoming weaknesses in cryptographic systems

  • Protecting against malicious code: virii, Trojans, worms, buffer overflows, rootkits, keyloggers, and more

  • Understanding, preventing, and mitigating DOS and DDOS attacks

  • Architecting more secure wired and wireless networks

  • Successfully implementing firewalls and intrusion detection systems

  • Protecting against physical data loss or theft

  • Building more secure application software and operating systems

  • Improving security through simpler designs and layered protection

  • Protecting identities and enforcing privacy

  • Understanding new security issues associated with social media

    •