Technical Guide to Information Security Testing and Assessment: Recommendations of the National Institute of Standards and Technology

Description

An info. security assessment (ISA) is the process of determining how effectively an entity being assessed (e.g., host, system, network, procedure, person) meets specific security objectives. This is a guide to the basic tech. aspects of conducting ISA. It presents tech. testing and examination methods and techniques that an org. might use as part of an ISA, and offers insights to assessors on their execution and the potential impact they may have on systems and networks. For an ISA to be successful, elements beyond the execution of testing and examination must support the tech. process. Suggestions for these activities ¿ including a robust planning process, root cause analysis, and tailored reporting ¿ are also presented in this guide. Illus.

Get the book

Amazon.com

Search the book

eBay.com

Search the book

Similar books

• 

  NIST Special Publication 800-115 Technical Guide to Information Security Testing and Assessment

  By nist

  This is a Hard copy of the NIST Special Publication 800-115, Technical Guide to Information Security Testing and Assessment.

• 

  Technical Guide to Information Security Testing and Assessment

  By nist

  The guide is not intended to present a comprehensive information security testing and examination program but rather an overview of key elements oftechnical security testing and examination, with an emphasis on specific technical techniques ...

• 

  Nist Sp 800-115 Technical Guide to Information Security Testing and Assessment: Nist Sp 800-115

  By National Institute National Institute of Standards and Technology

  Takes at least an hour. An engineer that''s paid $75 an hour has to do this himself (who has assistant''s anymore?). If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money.

• 

  Network Security Assessment: Know Your Network

  By Chris McNab

  A practical handbook for network adminstrators who need to develop and implement security assessment programs, exploring a variety of offensive technologies, explaining how to design and deploy networks that are immune to offensive tools ...

• 

  Security Controls Evaluation, Testing, and Assessment Handbook

  By Leighton Johnson

  This handbook discusses the world of threats and potential breach actions surrounding all industries and systems.

• 

  Guide to Network Security

  By Andrew Green, David Mackey, Michael E. Whitman

  To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers (see Figure 16) so that it appears that the packets are coming from that host.10 Newer ...

• 

  Network Security Assessment: Know Your Network

  By Chris McNab

  In 2008, the US National Institute of Standards and Technology (NIST) released spe‐cial publication 800-115,7 which is a technical guide for security testing. PCI DSS materials refer to the document as an example of industry-accepted ...

• 

  Kali Linux 2018: Assuring Security by Penetration Testing: Unleash the full potential of Kali Linux 2018, now with updated tools,...

  By Gerard Johansen, Lee Allen, Tedi Heriyanto

  The National Institute of Standards and Technology Special Publication (NISTSP-800-115) is the technical guide to information-security testing and assessment. The publication is produced by Information Technology Laboratory (ITL) at ...

• 

  Human Aspects of Information Security, Privacy, and Trust: Second International Conference, HAS 2014, Held as Part of HCI International 2014,...

  By Theo Tryfonas, Ioannis Askoxylakis

  This book constitutes the proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS 2014, held as part of HCI International 2014 which took place in Heraklion, Crete, Greece, in ...

• 

  A Design Methodology for Computer Security Testing

  By Marco Ramilli

  There are too many tools to mention, but as an example the author cites the Open Vulnerability Assessment System [125], ... The Technical Guide to Information Security Testing and Assessment [204] is a guide to the basic technical ...