Analyzing Computer Security - eBook

read more…

use of the threatvulnerabilitycountermeasure paradigm combined with extensive real-world examples throughout results in a very effective learning methodology.Charles C. Palmer, IBM ResearchThe Modern Introduction to Computer Security: Understand Threats, Identify Their Causes, and Implement Effective CountermeasuresAnalyzing Computer Security is a fresh, modern, and relevant introduction to computer security. Organized around todays key attacks, vulnerabilities, and countermeasures, it helps you think critically and creatively about computer securityso you can prevent serious problems and mitigate the effects of those that still occur.In this new book, renowned security and software engineering experts Charles P. Pfleeger and Shari Lawrence Pfleegerauthors of the classic Security in Computingteach security the way modern security professionals approach it: by identifying the people or things that may cause harm, uncovering weaknesses that can be exploited, and choosing and applying the right protections. With this approach, not only will you study cases of attacks that have occurred, but you will also learn to apply this methodology to new situations.The book covers hot button issues, such as authentication failures, network interception, and denial of service. You also gain new insight into broader themes, including risk analysis, usability, trust, privacy, ethics, and forensics. One step at a time, the book systematically helps you develop the problem-solving skills needed to protect any information infrastructure.Coverage includesUnderstanding threats, vulnerabilities, and countermeasuresKnowing when security is useful, and when its useless security theaterImplementing effective identification and authentication systemsUsing modern cryptography and overcoming weaknesses in cryptographic systemsProtecting against malicious code: viruses, Trojans, worms, rootkits, keyloggers, and moreUnderstanding, preventing, and mitigating DOS and DDOS attacksArchitecting more secure wired and wireless networksBuilding more secure application software and operating systems through more solid designs and layered protectionProtecting identities and enforcing privacyAddressing computer threats in critical areas such as cloud computing, e-voting, cyberwarfare, and social media