Securing the Virtual Environment : How to Defend the Enterprise Against Attack (with DVD).
A step-by-step guide to identifying and defending against attacks on the virtual environmentAs more and more data is moved into virtual environments the need to secure them becomes increasingly important.€Useful for service providers as well as enterprise and small business IT professionals the book...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Electronic eBook |
Language: | English |
Published: |
Hoboken :
John Wiley & Sons,
2012.
|
Subjects: | |
Online Access: |
Full text (Wentworth users only) |
Local Note: | ProQuest Ebook Central |
Table of Contents:
- Securing the Virtual Environment; Contents; Introduction; Chapter 1 Virtualized Environment Attacks; A Brief Introduction to the Cloud; Flavors of "Cloud"; Powering the Cloud; Why the Cloud Is Here to Stay; Managing Cloud Security; Principles of Information Security; Information Assets; Potential Threats; Potential Vulnerabilities; Potential Consequences; Incremental Risk Mitigation; Deny by Default; Never Trust Input; Assume the Worst; Confidentiality, Integrity, and Availability; The Human Factor; Managing Cloud Risks; Asset Management; Vulnerability Assessment; Communication.
- Authentication and AuthorizationSoftware; Managing Cloud Compliance; Defining Compliance and Security; Making Use of Warnings; Cloud and the PKI; Summary; Chapter 2 Attacking from the Outside; Who Is an Outsider?; HR Policies and Procedures; Contracting and Outsourcing Talent; Friends and Family Discount; Configuring Cloud Audit Logs; Keeping Tabs on Accounts; Extending and Trusting Communication; Delegating and Spreading Roles in Order to Scale; Novice Users Empowered by Cloud Environments; Outsourced and Offshored Resources; SaaS Software Development at "Cloud Speed."
- The Needs of Bespoke SolutionsEnsuring Continuity; Underspecialization; How to Piggyback on Fixes; Sudo and Shell Logging; Spoofing a Certificate; Summary; Chapter 3 Making the Complex Simple; Looking Around Without Getting Caught; Checking to See If Anyone Is Watching; Checking for Gaps in Awareness; Checking for Responsiveness; Complexity and the Cloud; Choosing a Spot with a View; The Hypervisor; The Director/Orchestrator/Manager; Assessing the Risk from Assessors; Slicing and Dicing Data; Detecting Layers of Virtualization Technology; Identifying and Targeting Assets; Versions.
- Supporting InfrastructureMail Servers; Web Servers; Domain Name Service; Databases and Directory Services; Timing an Attack; Long-versus Short-Term Objectives; How Long before You Are Ready to Attack?; How Long before You Can Attack Again?; Summary; Chapter 4 Denial of Service; Finding Signal in Noise; Improving Denial; Distributing Denial; Defining Success; Finding Service Vulnerabilities; Scanning and Validating Service Levels; Abstracting and Overcommitting; Validating Complexity; Limits of Penetration Testing; Denial of Testing; Testing for Denial.
- Abusing Proximity of Services: Step Attacks and Speed AttacksExploiting Service Vulnerabilities; Breaking Connections Between Services; Exhausting Resources; CPU; Memory; Disk Space and IOPS; The Dangers of Overcommitment; Locking Out Others; Summary; Chapter 5 Abusing the Hypervisor; Replacing Hardware Layers with Software; Relating Physical to Virtual; Displays; Memory; Disk; Network; Compromising the Kernel; Low-Level Interception; Real-World Example: Duqu; Classification and Defense; Breaking Out of KVM; Attacking Virtual CPU and Memory; The Cup Is Half Secure; Taking Plato's Shadow Pill.