Network Security Evaluation Using the NSA IEM
- 1st Edition - July 30, 2005
- Latest edition
- Authors: Russ Rogers, Ed Fuller, Greg Miles, Bryan Cunningham
- Language: English
Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the… Read more
World Book Day celebration
Where learning shapes lives
Up to 25% off trusted resources that support research, study, and discovery.
Description
Description
Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the methodology evolved and how to define the proper scope of an evaluation, including the consideration of legal issues that may arise during the evaluation. More detailed information is given in later chapters about the core technical processes that need to occur to ensure a comprehensive understanding of the network’s security posture.
Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report.
Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report.
Key features
Key features
* There is no other book currently on the market that covers the National Security Agency's recommended methodology for conducting technical security evaluations
* The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM
* The authors also developed the NSA's training class on this methodology
* The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM
* The authors also developed the NSA's training class on this methodology
Readership
Readership
If a network is secure enough for the NSA, it is probably secure enough for you! Here is the only book on the market that teaches security professionals how to test the security of their own networks using assessment techniques developed by the NSA.
Table of contents
Table of contents
Chapter 1: Introduction to the IEM Chapter
2: Before You Start Evaluating Chapter
3: Setting Expectations Chapter
4: Scoping the Evaluation Chapter 5: Legal Planning Chapter
6: The Technical Evaluation Plan (TEP) Chapter
7: Starting your On-Site Efforts Chapter
8: Enumeration Activities Chapter
9: Collecting the majority of vulnerabilities Chapter 10: Fine Tuning the Evaluation Chapter
11: On-Site Closing Meeting Chapter
12: Evaluation Analysis Chapter
13: Creating Measurements and Trending Results Chapter
14: Trending Metrics Chapter
15: Final Reporting Chapter
16: IEM Summary [Russ]
Appendix A: Table of example tools for each of the 10 baseline activities
Appendix B: Sample TEP layout
2: Before You Start Evaluating Chapter
3: Setting Expectations Chapter
4: Scoping the Evaluation Chapter 5: Legal Planning Chapter
6: The Technical Evaluation Plan (TEP) Chapter
7: Starting your On-Site Efforts Chapter
8: Enumeration Activities Chapter
9: Collecting the majority of vulnerabilities Chapter 10: Fine Tuning the Evaluation Chapter
11: On-Site Closing Meeting Chapter
12: Evaluation Analysis Chapter
13: Creating Measurements and Trending Results Chapter
14: Trending Metrics Chapter
15: Final Reporting Chapter
16: IEM Summary [Russ]
Appendix A: Table of example tools for each of the 10 baseline activities
Appendix B: Sample TEP layout
Product details
Product details
- Edition: 1
- Latest edition
- Published: July 30, 2005
- Language: English
About the authors
About the authors
RR
Russ Rogers
Russ Rogers (CISSP, CISM, IAM, IEM, Hon. Sc.D.), author of the popular "Hacking a Terror Network: The Silent Threat of Covert Channels" (Syngress, ISBN: 978-1-928994-98-5), co-author of multiple books, including the best-selling "Stealing the Network: How to Own a Continent" (Syngress, ISBN: 978-1-931836-05-0) and "Network Security Evaluation Using the NSA IEM" (Syngress, ISBN: 978-1-59749-035-1), and former editor-in-chief of The Security Journal, is currently a penetration tester for a federal agency and the co-founder and chief executive officer of Peak Security, Inc., a veteran-owned small business based in Colorado Springs, CO. Russ has been involved in information technology since 1980 and has spent the past 20 years working as both an IT and InfoSec consultant. Russ has worked with the U.S. Air Force (USAF), National Security Agency (NSA), Defense Information Systems Agency (DISA), and other federal agencies. He is a globally renowned security expert, speaker, and author who has presented at conferences around the world in Amsterdam, Tokyo, Singapore, São Paulo, Abu Dhabi, and cities all over the United States. Russ has an honorary doctorate of science in information technology from the University of Advancing Technology, a master's degree in computer systems management from the University of Maryland, a bachelor of science degree in computer information systems from the University of Maryland, and an associate's degree in applied communications technology from the Community College of the Air Force. He is a member of ISSA and (ISC)2® (CISSP). Russ also teaches at and fills the role of professor of network security for the University of Advancing Technology (www.uat.edu).
Affiliations and expertise
Penetration Tester for a Federal Agency and Co-founder/Chief Executive Officer, Peak Security, Inc.EF
Ed Fuller
Affiliations and expertise
Information Systems Management from the University of Maryland, University College, USAGM
Greg Miles
Greg Miles,(Ph.D., CISSP#24431, CISM#0300338, IAM, IEM)is the President, and Chief Financial Officer of Security Horizon, Inc. Security Horizon is a Global, Veteran-Owned Small Business headquartered in Colorado Springs, Colorado.
Affiliations and expertise
President, and Chief Financial Officer, Security Horizon, Inc.BC
Bryan Cunningham
Affiliations and expertise
Corporate information and homeland security consultantView book on ScienceDirect
View book on ScienceDirect
Read Network Security Evaluation Using the NSA IEM on ScienceDirect