中图网(原中国图书网):网上书店,中文字幕在线一区二区三区,尾货特色书店,中文字幕在线一区,30万种特价书低至2折!

歡迎光臨中圖網 請 | 注冊

包郵 工業網絡安全

出版社:東南大學出版社出版時間:2018-10-01
開本: 24cm 頁數: 440頁
中 圖 價:¥34.7(3.5折) 定價  ¥99.0 登錄后可看到會員價
加入購物車 收藏
開年大促, 全場包郵
?新疆、西藏除外
溫馨提示:5折以下圖書主要為出版社尾貨,大部分為全新(有塑封/無塑封),個別圖書品相8-9成新、切口
有劃線標記、光盤等附件不全詳細品相說明>>
本類五星書更多>

工業網絡安全 版權信息

工業網絡安全 內容簡介

  《工業網絡安全(影印版)》首先介紹了工業控制系統(ICS)技術,包括芯片的體系結構、通信媒介和協議。在介紹了ICS相關的攻擊場景之后,討論了ICS的安全性,包括網絡分割、縱深防御策略和保護解決方案等主題。除了保護工業控制系統的實際例子外,本書還詳細介紹了安全評估、風險管理和安全程序開發。它還涵蓋了網絡安全方面的內容,如威脅檢測和訪問管理,討論了與端點硬化相關的主題,如監視、更新和反惡意軟件實現。

工業網絡安全 目錄

Preface Chapter 1: Industrial Control Systems An overview of an Industrial control system The view function The monitor function The control function The Industrial control system architecture Programmable logic controllers Human Machine Interface Supervisory Control and Data Acquisition Distributed control system Safety instrumented system The Purdue model for Industrial control systems The enterprise zone Level 5 - Enterprise network Level 4 - Site business planning and logistics Industrial Demilitarized Zone The manufacturing zone Level 3 - Site operations Level 2 - Area supervisory control Level 1 - Basic control Level 0 - Process Industrial control system communication media and protocols Regular information technology network protocols Process automation protocols Industrial control system protocols Building automation protocols Automatic meter reading protocols Communication protocols in the enterprise zone Communication protocols in the Industrial zone Summary Chapter 2: Insecure by Inheritance Industrial control system history Modbus and Modbus TCP/IP Breaking Modbus Using Python and Scapy to communicate over Modbus Replaying captured Modbus packets PROFINET PROFINET packet replay attacks $7 communication and the stop CPU vulnerability EtherNet/IP and the Common Industrial Protocol Shodan: The scariest search engine on the internet Common IT protocols found in the ICS HTTP File Transfer Protocol Telnet Address Resolution Protocol ICMP echo request Summary Chapter 3: Anatomy of an ICS Attack Scenario Setting the stage The Slumbertown paper mill Trouble in paradise Building a virtual test network Clicking our heels What can the attacker do with their access The cyber kill chain Phase two of the Slumbertown Mill ICS attack Other attack scenarios Summary Chapter 4: Industrial Control System Risk Assessment Attacks, objectives, and consequences Risk assessments A risk assessment example Step 1 - Asset identification and system characterization Step 2 - Vulnerability identification and threat modeling Discovering vulnerabilities Threat modeling Step 3 - Risk calculation and mitigation Summary Chapter 5: The Purdue Model and a Converged Plantwide Ethernet The Purdue Enterprise Reference Architecture The Converged Plantwide Enterprise The safety zone Cell/area zones Level 0 - The process Level 1 - Basic control Level 2 - Area supervisory control The manufacturing zone Level 3 - Site manufacturing operations and control The enterprise zone Level 4 - Site business planning and logistics Level 5 - Enterprise Level 3.5 - The Industrial Demilitarized Zone The CPwE industrial network security framework Summary Chapter 6: The Defense-in-depth Model ICS security restrictions How to go about defending an ICS The ICS is extremely defendable The defense-in-depth model Physical security Network security Computer security Application security Device security Policies, procedures, and awareness Summary Chapter 7: Physical ICS Security The ICS security bubble analogy Segregation exercise Down to it - Physical security Summary Chapter 8: ICS Network Security Designing network architectures for security Network segmentation The Enterprise Zone The Industrial Zone Cell Area Zones Level 3 site operations The Industrial Demilitarized Zone Communication conduits Resiliency and redundancy Architectural overview Firewalls Configuring the active-standby pair of firewalls Security monitoring and logging Network packet capturing Event logging Security information and event management Firewall logs Configuring the Cisco ASA firewall to send log data to the OSSIM server Setting the syslog logging level for Cisco devices Network intrusion detection logs Why not intrusion prevention Configuring the Cisco Sourcefire IDS to send log data to the OSSIM server Router and switch logs Configuring Cisco lOS to log to the syslog service of the OSSIM server Operating system logs Collecting logs from a Windows system Installing and configuring NXLog CE across your Windows hosts Application logs Reading an application log file with an HIDS agent on Windows Network visibility Summary Chapter 9: ICS Computer Security Endpoint hardening Narrowing the attack surface Limiting the impact of a compromise Microsoft Enhanced Mitigation Experience Toolkit Configuring EMET for a Rockwell Automation application server Microsoft AppLocker Microsoft AppLocker configuration Configuration and change management Patch management Configuring Microsoft Windows Server Update Services for the industrial zone Configuring the Cisco ASA firewall Creating the Windows Server Update Services server Configuring Windows client computers to get updates from the WSUS server Endpoint protection software Host-based firewalls Anti-malware software Types of malware Application whitelisting software Application whitelisting versus blacklisting How application whitelisting works Symantec's Embedded Security: Critical system protection Building the Symantec's Embedded Security: Critical System Protection management server Monitoring and logging Summary Chapter 10: ICS Application Security Application security Input validation vulnerabilities Software tampering Authentication vulnerabilities Authorization vulnerabilities Insecure configuration vulnerabilities Session management vulnerabilities Parameter manipulation vulnerabilities Application security testing OpenVAS security scan ICS application patching ICS secure SDLC The definition of secure SDLC Summary Chapter 11: ICS Device Security ICS device hardening ICS device patching The ICS device life cycle ICS device security considerations during the procurement phase ICS device security considerations during the installation phase ICS device security considerations during the operation phase ICS device security considerations for decommissioning and disposal Summary Chapter 12: The ICS Cybersecurity Program Development Process The NIST Guide to Industrial control systems security Obtaining senior management buy-in Building and training a cross-functional team Defining charter and scope Defining ICS-specific security policies and procedures Implementing an ICS security risk-management framework Categorizing ICS systems and network assets Selecting ICS security controls Performing (initial) risk assessment Implementing the security controls The ICS security program development process Security policies, standards, guidelines, and procedures Defining ICS-specific security policies, standards, and procedures Defining and inventorying the ICS assets Performing an initial risk assessment on discovered ICS assets The Slumbertown Paper Mill initial risk assessment Defining and prioritizing mitigation activities Defining and kicking off the security improvement cycle Summary Index
展開全部

工業網絡安全 作者簡介

帕斯卡·阿克曼(Pascal Ackerman) is a seasoned industrial security professional with a degree in electrical engineering and over 15 years of experience in designing, troubleshooting, and securing large-scale industrial control systems and the various types of network technologies they utilize. After more than a decade of hands-on, in-the-field experience, he joined Rockwell Automation in 2015 and is currently employed as Senior Consultant of Industrial Cybersecurity with the Network and Security Services Group. He recently became a digital nomad and now travels the world with his family while fighting cyber adversaries.

商品評論(0條)
暫無評論……
書友推薦
本類暢銷
編輯推薦
返回頂部
中圖網
在線客服
主站蜘蛛池模板: 盐水蒸发器,水洗盐设备,冷凝结晶切片机,转鼓切片机,絮凝剂加药系统-无锡瑞司恩机械有限公司 | 乳化沥青设备_改性沥青设备_沥青加温罐_德州市昊通路桥工程有限公司 | 哈尔滨治「失眠/抑郁/焦虑症/精神心理」专科医院排行榜-京科脑康免费咨询 一对一诊疗 | 上海单片机培训|重庆曙海培训分支机构—CortexM3+uC/OS培训班,北京linux培训,Windows驱动开发培训|上海IC版图设计,西安linux培训,北京汽车电子EMC培训,ARM培训,MTK培训,Android培训 | 浙江宝泉阀门有限公司| ORP控制器_ORP电极价格-上优泰百科 | 苏州注册公司_苏州代理记账_苏州工商注册_苏州代办公司-恒佳财税 | 厦门ISO认证|厦门ISO9001认证|厦门ISO14001认证|厦门ISO45001认证-艾索咨询专注ISO认证行业 | 北京翻译公司-专业合同翻译-医学标书翻译收费标准-慕迪灵 | 青岛美佳乐清洁工程有限公司|青岛油烟管道清洗|酒店|企事业单位|学校工厂厨房|青岛油烟管道清洗 插针变压器-家用电器变压器-工业空调变压器-CD型电抗器-余姚市中驰电器有限公司 | 净化板-洁净板-净化板价格-净化板生产厂家-山东鸿星新材料科技股份有限公司 | 不锈钢螺丝 - 六角螺丝厂家 - 不锈钢紧固件 - 万千紧固件--紧固件一站式采购 | 高硼硅玻璃|水位计玻璃板|光学三棱镜-邯郸奥维玻璃科技有限公司 高温高压釜(氢化反应釜)百科 | 净化车间装修_合肥厂房无尘室设计_合肥工厂洁净工程装修公司-安徽盛世和居装饰 | 盘式曝气器-微孔曝气器-管式曝气器-曝气盘-斜管填料 | 郑州市前程水处理有限公司 | 二手光谱仪维修-德国OBLF光谱仪|进口斯派克光谱仪-热电ARL光谱仪-意大利GNR光谱仪-永晖检测 | 骨龄仪_骨龄检测仪_儿童骨龄测试仪_品牌生产厂家【品源医疗】 | 国标白水泥,高标号白水泥,白水泥厂家-淄博华雪建材有限公司 | 多功能三相相位伏安表-变压器短路阻抗测试仪-上海妙定电气 | 上海三信|ph计|酸度计|电导率仪-艾科仪器 | 圆盘鞋底注塑机_连帮鞋底成型注塑机-温州天钢机械有限公司 | 全自动真空上料机_粉末真空上料机_气动真空上料机-南京奥威环保科技设备有限公司 | 油罐车_加油机_加油卷盘_加油机卷盘_罐车人孔盖_各类球阀_海底阀等车用配件厂家-湖北华特专用设备有限公司 | 实体店商新零售|微赢|波后|波后合作|微赢集团 | 交联度测试仪-湿漏电流测试仪-双85恒温恒湿试验箱-常州市科迈实验仪器有限公司 | 土壤养分检测仪_肥料养分检测仪_土壤水分检测仪-山东莱恩德仪器 大型多片锯,圆木多片锯,方木多片锯,板材多片锯-祥富机械有限公司 | 无压烧结银_有压烧结银_导电银胶_导电油墨_导电胶-善仁(浙江)新材料 | 东莞精密模具加工,精密连接器模具零件,自動機零件,冶工具加工-益久精密 | 天津拓展_天津团建_天津趣味运动会_天津活动策划公司-天津华天拓展培训中心 | 路斯特伺服驱动器维修,伦茨伺服驱动器维修|万骏自动化百科 | 电子书导航网_电子书之家_电子书大全_最新电子书分享发布平台 | 东莞动力锂电池保护板_BMS智能软件保护板_锂电池主动均衡保护板-东莞市倡芯电子科技有限公司 | 万烁建筑设计院-建筑设计公司加盟,设计院加盟分公司,市政设计加盟 | 蜘蛛车-登高车-高空作业平台-高空作业车-曲臂剪叉式升降机租赁-重庆海克斯公司 | UV-1800紫外光度计-紫外可见光度计厂家-翱艺仪器(上海)有限公司 | 莱州网络公司|莱州网站建设|莱州网站优化|莱州阿里巴巴-莱州唯佳网络科技有限公司 | 六维力传感器_六分量力传感器_模腔压力传感器-南京数智微传感科技有限公司 | 模温机-油温机-电加热导热油炉-工业冷水机「欧诺智能」 | 地图标注-手机导航电子地图如何标注-房地产商场地图标记【DiTuBiaoZhu.net】 | 背压阀|减压器|不锈钢减压器|减压阀|卫生级背压阀|单向阀|背压阀厂家-上海沃原自控阀门有限公司 本安接线盒-本安电路用接线盒-本安分线盒-矿用电话接线盒-JHH生产厂家-宁波龙亿电子科技有限公司 | 蔡司三坐标-影像测量机-3D扫描仪-蔡司显微镜-扫描电镜-工业CT-ZEISS授权代理商三本工业测量 |