Du er ikke logget ind
Beskrivelse
The contemporary IT landscape is littered with various technologies that vendors claim will "solve" an organization's cybersecurity challenges. These technologies are powerful and, in the right context, can be very effective. But misunderstood and misused, they either do no provide effective protection or do not protect the right things. This results in unnecessary expenditures, false beliefs of security, and interference with an organization's mission.This book introduces major technologies that are employed in today's cybersecurity landscape and the fundamental principles and philosophies behind them. By grasping these core concepts, professionals in every organization are better equipped to know what kind of technology they need, ask the right questions of vendors, and better interface with their CISO and security organization. The book is largely directed to non-security experts. In fact, it is meant to be readable by a non-technical professional.
What you'll learn
Authentication tech, including secure password storage and how hackers "crack" password listsAccess control tech, such as BLP, BIBA, and other modelsCore cryptography tech, including symmetric and asymmetric cryptographyClassical host security tech, such as malware (viruses, trojans, ransomware)Classical network security tech, such as border security (gateways, firewalls, proxies), virtual private network (VPN), and network IDS and IPSWeb security tech, including cookies, state, and session defenses, API security, and domain name securityEmail and social media security threats like spam, phishing, social media, and other email threatsCloud security tech, including authenticating and authorizing across domains and multitenancy security for storage and operationsModern security tech like advanced persistent threats, zero-trust networking, deception technologies, and moreBlockchain tech, which includes peer-to-peer technology, distributed ledgers, public and private, cryptocurrencies, and more
Who This Book Is For
Primarily non-technical professionals. Secondarily, technical professionals that are not security experts. Tertiary is security professionals that may not be familiar with this breadth of technology.