daniyl
New member
2 okun - OK, заметано!!!
ИНФОРМАЦИОННАЯ БЕЗОПАСНОСТЬ
- Thread starter okun
- Start date
vadim-kiev
New member
Кто то может поткинуть что то по теме
,, Проблемы защиты информации на предприятии''?
,, Проблемы защиты информации на предприятии''?
Очень советую посмотреть еще на один стандарт. Ничуть не хуже, а может даже лучше 17799 и 27001 ;-)
The Standard of Good Practice for Information Security
The Standard of Good Practice for Information Security is designed to help any organisation, irrespective of market sector, size or structure, keep the business risks associated with its information systems within acceptable limits. It is a major tool in improving the quality and efficiency of security controls applied by an organisation.
The Standard is based on over 16 years and US $75 million of investment in practical research and draws on the knowledge and experiences of the Information Security Forum's global members as well as building on other standards such as ISO 17799 and COBIT.
The Standard has been produced by the Information Security Forum (ISF), an international association of over 270 of the world's leading organisations which fund and co-operate in the development of a practical research programme in information security and best practices in IT security and information risk management. The ISF's work probably represents the most comprehensive and integrated set of reports anywhere in the world regarding the process of managing information risk.
Здесь
(6565 KB)
The Standard of Good Practice for Information Security
The Standard of Good Practice for Information Security is designed to help any organisation, irrespective of market sector, size or structure, keep the business risks associated with its information systems within acceptable limits. It is a major tool in improving the quality and efficiency of security controls applied by an organisation.
The Standard is based on over 16 years and US $75 million of investment in practical research and draws on the knowledge and experiences of the Information Security Forum's global members as well as building on other standards such as ISO 17799 and COBIT.
The Standard has been produced by the Information Security Forum (ISF), an international association of over 270 of the world's leading organisations which fund and co-operate in the development of a practical research programme in information security and best practices in IT security and information risk management. The ISF's work probably represents the most comprehensive and integrated set of reports anywhere in the world regarding the process of managing information risk.
Здесь
(6565 KB)
Last edited by a moderator:
Изменение в политику размещения файлов на Рапиде.
Здравствуйте уважаемые форумчане. Не было бы уместным такое количество небольших архивов запаковывать в один. Таким образом не пришлось бы ждать 60 минут после каждого скачаннога с Рапиды? Заранее благодарен за внесение изменений в политику размещения файлов на рапиде. С уважением Schizo.Agran said:
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #88
Защита компьютерной информации
Учебное пособие
А.В. ТЕРЕХОВ, В.Н. ЧЕРНЫШОВ,
А.В. СЕЛЕЗНЕВ, И.П. РАК
Издательство ТГТУ, Тамбов
ИСБН 5-8265-0228-2
2003. 80 с.
Формат: pdf
В пособии рассмотрены правовые аспекты защиты компьютерной информации, а также программно-технические средства и приемы работы с ними, позволяющие обеспечить защиту на достаточном уровне.
Пособие предназначено для студентов специальности 021100 «Юриспруденция».
Здесь (0,61 Мб)
Зеркало
Учебное пособие
А.В. ТЕРЕХОВ, В.Н. ЧЕРНЫШОВ,
А.В. СЕЛЕЗНЕВ, И.П. РАК
Издательство ТГТУ, Тамбов
ИСБН 5-8265-0228-2
2003. 80 с.
Формат: pdf
В пособии рассмотрены правовые аспекты защиты компьютерной информации, а также программно-технические средства и приемы работы с ними, позволяющие обеспечить защиту на достаточном уровне.
Пособие предназначено для студентов специальности 021100 «Юриспруденция».
Здесь (0,61 Мб)
Зеркало
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #89
Информационная безопасность и защита информации
в корпоративных сетях железнодорожного транспорта
Учебное пособие для ВУЗов ж.-д. транспорта
Яковлев В.В., Корниенко А.А.
М.: УМК МПС России, 2001
Формат: doc + vcd
В учебнике последовательно изложены тенденции, принципы и средства сетевой интеграции на железнодорожном транспорте, методология защиты информации и обеспечения информационной безопасности корпоративных сетей, рассмотрены основные методы и средства защиты телекоммуникационных сетей и информационных систем железнодорожного транспорта.
Предназначен для студентов ВУЗов железнодорожного транспорта. Может быть полезен аспирантам информационных специальностей и специальностей в области информационной безопасности, а также инженерам-разработчикам информационных систем и телекоммуникационных сетей, систем обеспечения их информационной безопасности.
Здесь (1,6 Мб)
Зеркало
в корпоративных сетях железнодорожного транспорта
Учебное пособие для ВУЗов ж.-д. транспорта
Яковлев В.В., Корниенко А.А.
М.: УМК МПС России, 2001
Формат: doc + vcd
В учебнике последовательно изложены тенденции, принципы и средства сетевой интеграции на железнодорожном транспорте, методология защиты информации и обеспечения информационной безопасности корпоративных сетей, рассмотрены основные методы и средства защиты телекоммуникационных сетей и информационных систем железнодорожного транспорта.
Предназначен для студентов ВУЗов железнодорожного транспорта. Может быть полезен аспирантам информационных специальностей и специальностей в области информационной безопасности, а также инженерам-разработчикам информационных систем и телекоммуникационных сетей, систем обеспечения их информационной безопасности.
Здесь (1,6 Мб)
Зеркало
Отличная книга по управлению информационной безопасностью на предприятии. Очень понравился предложенный автором системный подход к вопросу построения и управления системой информационной безопасности.
Mission-Critical Security Planner: When Hackers Won't Take No for an Answer
Book Description
Shows step-by-step how to complete a customized security improvement plan, including analyzing needs, justifying budgets, and selecting technology, while dramatically reducing time and cost.
Includes worksheets at every stage for creating a comprehensive security plan meaningful to management and technical staff.
Uses practical risk management techniques to intelligently assess and manage the network security risks facing your organization.
Presents the material in a witty and lively style, backed up by solid business planning methods.
Companion Web site provides all worksheets and the security planning template
Здесь (1450 KB)
Mission-Critical Security Planner: When Hackers Won't Take No for an Answer
Book Description
Shows step-by-step how to complete a customized security improvement plan, including analyzing needs, justifying budgets, and selecting technology, while dramatically reducing time and cost.
Includes worksheets at every stage for creating a comprehensive security plan meaningful to management and technical staff.
Uses practical risk management techniques to intelligently assess and manage the network security risks facing your organization.
Presents the material in a witty and lively style, backed up by solid business planning methods.
Companion Web site provides all worksheets and the security planning template
Здесь (1450 KB)
vadim-kiev
New member
Если у когото есть курсовик на тему
Информационная безопасность на предприятии, выложите пожалоста...
Информационная безопасность на предприятии, выложите пожалоста...
- Joined
- Oct 15, 2022
- Messages
- 505
- Reaction score
- 216
- Age
- 36
КОМПЬЮТЕРНАЯ БЕЗОПАСНОСТЬ
http://www.gloffs.com/computer_security.htm
http://www.gloffs.com/computer_security.htm
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #95
Материалы информационного бюллетеня Jet Info, посвященные информационной безопасности.
Комрады нужна рыба по следующей теме: "Регламент реагирования на инциденты информационной безопасности" - то бишь несанкционированное подключение компа в сети с левым MAC (IP), противоречивые действия инсайдера ну и так далее.
Мол обнаружил, подбежал, пальцы отрубил и докладную написал
Уже неделю думаю и не знаю с чего подступиться - Если инфа секретна - хотя бы через ПМ.
нужна рыба по следующей теме: "Регламент реагирования на инциденты информационной безопасности" - то бишь несанкционированное подключение компа в сети с левым MAC (IP), противоречивые действия инсайдера ну и так далее. Мол обнаружил, подбежал, пальцы отрубил и докладную написал
Уже неделю думаю и не знаю с чего подступиться
- Если инфа секретна - хотя бы через ПМ.
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #97
Bersarea, полистай книгу Защита от вторжений. Расследование компьютерных преступлений
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #98
Critical Incident Management
Alan B. Sterneckert
Auerbach Publications © 2004 (552 pages)
ISBN:084930010X
Формат: chm
Аннотация:
Most businesses are aware of the danger posed by malicious network intruders and other internal and external security threats. Unfortunately, in many cases the actions they have taken to secure people, information and infrastructure from outside attacks are inefficient or incomplete. Responding to security threats and incidents requires a competent mixture of risk management, security policies and procedures, security auditing, incident response, legal and law enforcement issues, and privacy.
Critical Incident Management presents an expert overview of the elements that organizations need to address in order to prepare for and respond to network and information security violations. Written in a concise, practical style that emphasizes key points, this guide focuses on the establishment of policies and actions that prevent the loss of critical information or damage to infrastructure.
CTOs, CFOs, Chief Legal Officers, and senior IT managers can rely on this book to develop plans that thwart critical security incidents. And if such incidents do occur, these executives will have a reference to help put the people and procedures in place to contain the damage and get back to business.
Здесь (2.56 Мб) pass: http://netz.ru
Зеркало
Alan B. Sterneckert
Auerbach Publications © 2004 (552 pages)
ISBN:084930010X
Формат: chm
Аннотация:
Most businesses are aware of the danger posed by malicious network intruders and other internal and external security threats. Unfortunately, in many cases the actions they have taken to secure people, information and infrastructure from outside attacks are inefficient or incomplete. Responding to security threats and incidents requires a competent mixture of risk management, security policies and procedures, security auditing, incident response, legal and law enforcement issues, and privacy.
Critical Incident Management presents an expert overview of the elements that organizations need to address in order to prepare for and respond to network and information security violations. Written in a concise, practical style that emphasizes key points, this guide focuses on the establishment of policies and actions that prevent the loss of critical information or damage to infrastructure.
CTOs, CFOs, Chief Legal Officers, and senior IT managers can rely on this book to develop plans that thwart critical security incidents. And if such incidents do occur, these executives will have a reference to help put the people and procedures in place to contain the damage and get back to business.
Здесь (2.56 Мб) pass: http://netz.ru
Зеркало
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #99
Hack I.T.: Security Through Penetration Testing
T. J. Klevinsky, Scott Laliberte, Ajay Gupta
First Edition February 01, 2002
ISBN: 0-201-71956-8, 544 pages
Формат: chm
Preface:
Why write a book about hacking? The question is really whether a book about the techniques and tools used to break into a network would be beneficial to the information security community. We, the authors, believe that penetration testing is a valuable and effective means of identifying security holes and weaknesses in a network and computing environment. Understanding how others will try to break into a network offers considerable insight into the common pitfalls and misconfigurations that make networks vulnerable. This insight is essential to creating a comprehensive network security structure.
Some may argue that providing this penetration-testing information gives script kiddies and hackers ammunition to better attack systems. However, script kiddies and hackers already have access to this information or have the time to find it—most of the material presented in this book is available from a variety of sources on the Internet. The problem is that the system and security administrators defending against attacks do not have the time or resources to research the sites necessary to compile this information. We decided to write this book to provide defenders with the information hackers already have. A hacker has to find only one hole to gain unauthorized access. The security group defending against the hackers needs to find all the holes to prevent unauthorized access.
There is no tried-and-true training that can make everyone a security expert, but there are some baseline principles, skills, and tools that must be mastered to become proficient in this field. Our goal is to provide you with those skills in a manner that helps you to understand the structure and tools used and to begin developing your own style of penetration testing.
The process described in this book is not the only way to perform a penetration test. We continue to evolve our own methodology to respond to new technologies and threats. This process has worked well for us in the past and continues to be a successful way to evaluate and test network security.
Здесь. (4,58 Мб) pass: http://netz.ru
Зеркало
T. J. Klevinsky, Scott Laliberte, Ajay Gupta
First Edition February 01, 2002
ISBN: 0-201-71956-8, 544 pages
Формат: chm
Preface:
Why write a book about hacking? The question is really whether a book about the techniques and tools used to break into a network would be beneficial to the information security community. We, the authors, believe that penetration testing is a valuable and effective means of identifying security holes and weaknesses in a network and computing environment. Understanding how others will try to break into a network offers considerable insight into the common pitfalls and misconfigurations that make networks vulnerable. This insight is essential to creating a comprehensive network security structure.
Some may argue that providing this penetration-testing information gives script kiddies and hackers ammunition to better attack systems. However, script kiddies and hackers already have access to this information or have the time to find it—most of the material presented in this book is available from a variety of sources on the Internet. The problem is that the system and security administrators defending against attacks do not have the time or resources to research the sites necessary to compile this information. We decided to write this book to provide defenders with the information hackers already have. A hacker has to find only one hole to gain unauthorized access. The security group defending against the hackers needs to find all the holes to prevent unauthorized access.
There is no tried-and-true training that can make everyone a security expert, but there are some baseline principles, skills, and tools that must be mastered to become proficient in this field. Our goal is to provide you with those skills in a manner that helps you to understand the structure and tools used and to begin developing your own style of penetration testing.
The process described in this book is not the only way to perform a penetration test. We continue to evolve our own methodology to respond to new technologies and threats. This process has worked well for us in the past and continues to be a successful way to evaluate and test network security.
Здесь. (4,58 Мб) pass: http://netz.ru
Зеркало
- Joined
- May 3, 2014
- Messages
- 6,047
- Reaction score
- 2,975
- Deposit
- $ 500
- Thread starter
- #100
Invasion of Privacy: Big Brother and the Company Hackers
Michael J. Weber
Premier Press © 2004 (275 pages)
ISBN:1592000436
Формат: chm
Introduction
I thought I knew something about technology when I started writing this. Perhaps I did, but over the course of my research the world changed, I changed, and technology changed perhaps more than anything else. One dollar invested in the NASDAQ when my research began was worth about 19 cents by the time I got around to writing about the Internet boom (and bust). When I began this investigation the greatest threat to technology was the Y2K bug. Now it's cyber-terrorism!
The list is a long one. Denial-of-service attacks (DDoS) and killer Internet worms like Nimda, Code Red, and MSBlast were virtually unheard of when I began my research. I'm not one hundred percent certain, but to the best of my knowledge the phrase "identity theft" did not yet exist.
While I researched this book, the tech boom fizzled, the Internet bubble burst, the NASDAQ collapsed, and Al Qaeda attacked America on September 11, 2001. In essence, this book is about the technological and legal ramifications of all that. What I fear most from the fallout has been dubbed "the death of privacy" by noted law professor and cyber-privacy expert A. Michael Froomkin. The institutions and corporations we trust most have begun hacking us, suggests Froomkin in his article entitled "The Death of Privacy?" published in the Stanford Law Review.
Big business and Big Brother are the biggest hackers of all! Technology has become a nasty business. You know what I'm talking about: pop-up ads, cookies, spyware, spam, junk faxes, junk mail, telemarketing calls. You're a target and your personal information is a commodity! It is systematically harvested by information brokers with vast databases that do nothing but spit out computer profiles 24 hours a day. A nice fat dossier all about you is available for under a hundred bucks at your friendly neighborhood information broker! Unfortunately, most people don't realize that.
Technology, advertising, the media, and government have converged to invade our privacy. This book exposes the dangers (Part I) and proposes a practical defense.
Здесь (9,96 Мб) pass: http://netz.ru
Зеркало
Michael J. Weber
Premier Press © 2004 (275 pages)
ISBN:1592000436
Формат: chm
Introduction
I thought I knew something about technology when I started writing this. Perhaps I did, but over the course of my research the world changed, I changed, and technology changed perhaps more than anything else. One dollar invested in the NASDAQ when my research began was worth about 19 cents by the time I got around to writing about the Internet boom (and bust). When I began this investigation the greatest threat to technology was the Y2K bug. Now it's cyber-terrorism!
The list is a long one. Denial-of-service attacks (DDoS) and killer Internet worms like Nimda, Code Red, and MSBlast were virtually unheard of when I began my research. I'm not one hundred percent certain, but to the best of my knowledge the phrase "identity theft" did not yet exist.
While I researched this book, the tech boom fizzled, the Internet bubble burst, the NASDAQ collapsed, and Al Qaeda attacked America on September 11, 2001. In essence, this book is about the technological and legal ramifications of all that. What I fear most from the fallout has been dubbed "the death of privacy" by noted law professor and cyber-privacy expert A. Michael Froomkin. The institutions and corporations we trust most have begun hacking us, suggests Froomkin in his article entitled "The Death of Privacy?" published in the Stanford Law Review.
Big business and Big Brother are the biggest hackers of all! Technology has become a nasty business. You know what I'm talking about: pop-up ads, cookies, spyware, spam, junk faxes, junk mail, telemarketing calls. You're a target and your personal information is a commodity! It is systematically harvested by information brokers with vast databases that do nothing but spit out computer profiles 24 hours a day. A nice fat dossier all about you is available for under a hundred bucks at your friendly neighborhood information broker! Unfortunately, most people don't realize that.
Technology, advertising, the media, and government have converged to invade our privacy. This book exposes the dangers (Part I) and proposes a practical defense.
Здесь (9,96 Мб) pass: http://netz.ru
Зеркало