Unauthorised Access – Physical Penetration Testing For IT Security Teams

Autor W Allsopp
en Limba Engleză Paperback – 7 aug 2009
A guide to planning and performing a physical penetration test on your computer's security. It guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.
Citește tot Restrânge

Preț: 18969 lei

Puncte Express: 285

Preț estimativ în valută:
3632 3938$ 3095£

Carte disponibilă

Livrare economică 13-27 iunie
Livrare express 29 mai-04 iunie pentru 3371 lei

Preluare comenzi: 021 569.72.76


ISBN-13: 9780470747612
ISBN-10: 0470747617
Pagini: 308
Ilustrații: Illustrations
Dimensiuni: 189 x 235 x 17 mm
Greutate: 0.58 kg
Editura: Wiley
Locul publicării:Chichester, United Kingdom

Public țintă

This book is for IT security professionals and consultants who need to understand, plan and execute physical penetration tests as part of a security audit.

Descriere scurtă


Preface. Acknowledgements. Foreword. 1 The Basics of Physical Penetration Testing. What Do Penetration Testers Do? Security Testing in the Real World. Legal and Procedural Issues. Know the Enemy. Engaging a Penetration Testing Team. Summary. 2 Planning Your Physical Penetration Tests. Building the Operating Team. Project Planning and Workflow. Codes, Call Signs and Communication. Summary. 3 Executing Tests. Common Paradigms for Conducting Tests. Conducting Site Exploration. Example Tactical Approaches. Mechanisms of Physical Security. Summary. 4 An Introduction to Social Engineering Techniques. Introduction to Guerilla Psychology. Tactical Approaches to Social Engineering. Summary. 5 Lock Picking. Lock Picking as a Hobby. Introduction to Lock Picking. Advanced Techniques. Attacking Other Mechanisms. Summary. 6 Information Gathering. Dumpster Diving. Shoulder Surfing. Collecting Photographic Intelligence. Finding Information From Public Sources and the Internet. Electronic Surveillance. Covert Surveillance. Summary. 7 Hacking Wireless Equipment. Wireless Networking Concepts. Introduction to Wireless Cryptography. Cracking Encryption. Attacking a Wireless Client. Mounting a Bluetooth Attack. Summary. 8 Gathering the Right Equipment. The ''Get of Jail Free'' Card. Photography and Surveillance Equipment. Computer Equipment. Wireless Equipment. Global Positioning Systems. Lock Picking Tools. Forensics Equipment. Communications Equipment. Scanners. Summary. 9 Tales from the Front Line. SCADA Raiders. Night Vision. Unauthorized Access. Summary. 10 Introducing Security Policy Concepts. Physical Security. Protectively Marked or Classified GDI Material. Protective Markings in the Corporate World. Communications Security. Staff Background Checks. Data Destruction. Data Encryption. Outsourcing Risks. Incident Response Policies. Summary. 11 Counter Intelligence. Understanding the Sources of Information Exposure. Social Engineering Attacks. Protecting Against Electronic Monitoring. Securing Refuse. Protecting Against Tailgating and Shoulder Surfing. Performing Penetration Testing. Baseline Physical Security. Summary. Appendix A: UK Law. Computer Misuse Act. Human Rights Act. Regulation of Investigatory Powers Act. Data Protection Act. Appendix B: US Law. Computer Fraud and Abuse Act. Electronic Communications Privacy Act. SOX and HIPAA. Appendix C: EU Law. European Network and Information Security Agency. Data Protection Directive. Appendix D: Security Clearances. Clearance Procedures in the United Kingdom. Levels of Clearance in the United Kingdom. Levels of Clearance in the United States. Appendix E: Security Accreditations. Certified Information Systems Security Professional. Communication-Electronics Security Group CHECK. Global Information Assurance Certification. INFOSEC Assessment and Evaluation. Index.

Notă biografică

Wil Allsopp (Netherlands) is an IT security expert who has provided security audits for some of the largest companies in the UK including top tier banking, government and most of the Fortune 100. His job requires him to be part hacker, and part thief as companies hire him to probe their security measures to the extreme.