The Resource Securing the Virtual Environment : How to Defend the Enterprise Against Attack (with DVD)

Securing the Virtual Environment : How to Defend the Enterprise Against Attack (with DVD)

Label
Securing the Virtual Environment : How to Defend the Enterprise Against Attack (with DVD)
Title
Securing the Virtual Environment
Title remainder
How to Defend the Enterprise Against Attack (with DVD)
Creator
Contributor
Subject
Language
eng
Summary
A step-by-step guide to identifying and defending against attacks on the virtual environmentAs more and more data is moved into virtual environments the need to secure them becomes increasingly important.€Useful for service providers as well as enterprise and small business IT professionals the book offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities unique to virtual environments. A companion€DVD is included with recipes and testing scripts. Examines the difference in a virtual model versus traditional computing models and
Cataloging source
EBLCP
Dewey number
006.8
Index
index present
LC call number
HF5548.2
Literary form
non fiction
Nature of contents
  • dictionaries
  • bibliography
Label
Securing the Virtual Environment : How to Defend the Enterprise Against Attack (with DVD)
Publication
Note
Demonstrating the Risks
Bibliography note
Includes bibliographical references and index
http://library.link/vocab/branchCode
  • net
Carrier category
online resource
Carrier category code
cr
Carrier MARC source
rdacarrier
Content category
text
Content type code
txt
Content type MARC source
rdacontent
Contents
  • Securing the Virtual Environment; Contents; Introduction; Chapter 1 Virtualized Environment Attacks; A Brief Introduction to the Cloud; Flavors of "Cloud"; Powering the Cloud; Why the Cloud Is Here to Stay; Managing Cloud Security; Principles of Information Security; Information Assets; Potential Threats; Potential Vulnerabilities; Potential Consequences; Incremental Risk Mitigation; Deny by Default; Never Trust Input; Assume the Worst; Confidentiality, Integrity, and Availability; The Human Factor; Managing Cloud Risks; Asset Management; Vulnerability Assessment; Communication
  • Abusing Proximity of Services: Step Attacks and Speed AttacksExploiting Service Vulnerabilities; Breaking Connections Between Services; Exhausting Resources; CPU; Memory; Disk Space and IOPS; The Dangers of Overcommitment; Locking Out Others; Summary; Chapter 5 Abusing the Hypervisor; Replacing Hardware Layers with Software; Relating Physical to Virtual; Displays; Memory; Disk; Network; Compromising the Kernel; Low-Level Interception; Real-World Example: Duqu; Classification and Defense; Breaking Out of KVM; Attacking Virtual CPU and Memory; The Cup Is Half Secure; Taking Plato's Shadow Pill
  • Authentication and AuthorizationSoftware; Managing Cloud Compliance; Defining Compliance and Security; Making Use of Warnings; Cloud and the PKI; Summary; Chapter 2 Attacking from the Outside; Who Is an Outsider?; HR Policies and Procedures; Contracting and Outsourcing Talent; Friends and Family Discount; Configuring Cloud Audit Logs; Keeping Tabs on Accounts; Extending and Trusting Communication; Delegating and Spreading Roles in Order to Scale; Novice Users Empowered by Cloud Environments; Outsourced and Offshored Resources; SaaS Software Development at "Cloud Speed."
  • Supporting InfrastructureMail Servers; Web Servers; Domain Name Service; Databases and Directory Services; Timing an Attack; Long-versus Short-Term Objectives; How Long before You Are Ready to Attack?; How Long before You Can Attack Again?; Summary; Chapter 4 Denial of Service; Finding Signal in Noise; Improving Denial; Distributing Denial; Defining Success; Finding Service Vulnerabilities; Scanning and Validating Service Levels; Abstracting and Overcommitting; Validating Complexity; Limits of Penetration Testing; Denial of Testing; Testing for Denial
  • The Needs of Bespoke SolutionsEnsuring Continuity; Underspecialization; How to Piggyback on Fixes; Sudo and Shell Logging; Spoofing a Certificate; Summary; Chapter 3 Making the Complex Simple; Looking Around Without Getting Caught; Checking to See If Anyone Is Watching; Checking for Gaps in Awareness; Checking for Responsiveness; Complexity and the Cloud; Choosing a Spot with a View; The Hypervisor; The Director/Orchestrator/Manager; Assessing the Risk from Assessors; Slicing and Dicing Data; Detecting Layers of Virtualization Technology; Identifying and Targeting Assets; Versions
Control code
ocn792684082
Dimensions
unknown
Extent
1 online resource (458 pages)
Form of item
online
Isbn
9781118225974
Media category
computer
Media MARC source
rdamedia
Media type code
c
http://library.link/vocab/ext/overdrive/overdriveId
3c6e078e-ff08-4184-bf35-0a2e0f634d86
http://library.link/vocab/recordID
.b26373269
Specific material designation
remote
System control number
  • (OCoLC)792684082
  • pebcs111822597X

Library Locations

    • Deakin University Library - Geelong Waurn Ponds CampusBorrow it
      75 Pigdons Road, Waurn Ponds, Victoria, 3216, AU
      -38.195656 144.304955
Processing Feedback ...