“In this book, the authors adopt a refreshingly new approach to explaining the intricacies of the security and privacy challenge that is particularly well suited to today’s cybersecurity challenges. Their use of the threat–vulnerability–countermeasure paradigm combined with extensive real-world examples throughout results in a very effective learning methodology.”
—Charles C. Palmer, IBM Research
The Modern Introduction to Computer Security: Understand Threats, Identify Their Causes, and Implement Effective Countermeasures
Analyzing Computer Security is a fresh, modern, and relevant introduction to computer security. Organized around today’s key attacks, vulnerabilities, and countermeasures, it helps you think critically and creatively about computer security—so you can prevent serious problems and mitigate the effects of those that still occur.
In this new book, renowned security and software engineering experts Charles P. Pfleeger and Shari Lawrence Pfleeger—authors of the classic Security in Computing—teach security the way modern security professionals approach it: by identifying the people or things that may cause harm, uncovering weaknesses that can be exploited, and choosing and applying the right protections. With this approach, not only will you study cases of attacks that have occurred, but you will also learn to apply this methodology to new situations.
The book covers “hot button” issues, such as authentication failures, network interception, and denial of service. You also gain new insight into broader themes, including risk analysis, usability, trust, privacy, ethics, and forensics. One step at a time, the book systematically helps you develop the problem-solving skills needed to protect any information infrastructure.
Understanding threats, vulnerabilities, and countermeasures
Knowing when security is useful, and when it’s useless “security theater”
Implementing effective identification and authentication systems
Using modern cryptography and overcoming weaknesses in cryptographic systems
Protecting against malicious code: viruses, Trojans, worms, rootkits, keyloggers, and more
Understanding, preventing, and mitigating DOS and DDOS attacks
Architecting more secure wired and wireless networks
Building more secure application software and operating systems through more solid designs and layered protection
Protecting identities and enforcing privacy
Addressing computer threats in critical areas such as cloud computing, e-voting, cyberwarfare, and social media
Table of contents
- Cover Page
- Title Page
- Copyright Page
- About the Authors
- 1. Security Blanket or Security Theater?
- 2. Knock, Knock. Who’s There?
- 3. 2 + 2 = 5
- 4. A Horse of a Different Color
- 5. The Keys to the Kingdom
- Interlude A: Cloud Computing
- 6. My Cup Runneth Over
- 7. He Who Steals My Purse ...
- 8. The Root of All Evil
- 9. Scanning the Horizon
- 10. Do You Hear What I Hear?
- 11. I Hear You Loud and Clear
- Interlude B: Electronic Voting
- 12. Disregard That Man behind the Curtain
- 13. Not All Is as It Seems
- 14. Play It [Again] Sam, or, Let’s Look at the Instant Replay
- 15. I Can’t Get No Satisfaction
- Interlude C: Cyber Warfare
- 16. ‘Twas Brillig, and the Slithy Toves ...
- 17. Peering through the Window
- 18. My 100,000 Nearest and Dearest Friends
- Title: Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach
- Release date: August 2011
- Publisher(s): Pearson
- ISBN: 9780132789493
You might also like
Phishing and Communication Channels: A Guide to Identifying and Mitigating Phishing Attacks
Mitigate the dangers posed by phishing activities, a common cybercrime carried out through email attacks. This …
Cybersecurity Risk Management
Cybersecurity Risk Management In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, veteran …
Access Control and Identity Management, 3rd Edition
Revised and updated with the latest data from this fast paced field, Access Control, Authentication, and …
ISO 27001 controls – A guide to implementing and auditing
Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001 certification, this book …