中图网(原中国图书网):网上书店,中文字幕在线一区二区三区,尾货特色书店,中文字幕在线一区,30万种特价书低至2折!

歡迎光臨中圖網 請 | 注冊

包郵 工業網絡安全

出版社:東南大學出版社出版時間:2018-10-01
開本: 24cm 頁數: 440頁
中 圖 價:¥34.7(3.5折) 定價  ¥99.0 登錄后可看到會員價
加入購物車 收藏
開年大促, 全場包郵
?新疆、西藏除外
溫馨提示:5折以下圖書主要為出版社尾貨,大部分為全新(有塑封/無塑封),個別圖書品相8-9成新、切口
有劃線標記、光盤等附件不全詳細品相說明>>
本類五星書更多>

工業網絡安全 版權信息

工業網絡安全 內容簡介

  《工業網絡安全(影印版)》首先介紹了工業控制系統(ICS)技術,包括芯片的體系結構、通信媒介和協議。在介紹了ICS相關的攻擊場景之后,討論了ICS的安全性,包括網絡分割、縱深防御策略和保護解決方案等主題。除了保護工業控制系統的實際例子外,本書還詳細介紹了安全評估、風險管理和安全程序開發。它還涵蓋了網絡安全方面的內容,如威脅檢測和訪問管理,討論了與端點硬化相關的主題,如監視、更新和反惡意軟件實現。

工業網絡安全 目錄

Preface Chapter 1: Industrial Control Systems An overview of an Industrial control system The view function The monitor function The control function The Industrial control system architecture Programmable logic controllers Human Machine Interface Supervisory Control and Data Acquisition Distributed control system Safety instrumented system The Purdue model for Industrial control systems The enterprise zone Level 5 - Enterprise network Level 4 - Site business planning and logistics Industrial Demilitarized Zone The manufacturing zone Level 3 - Site operations Level 2 - Area supervisory control Level 1 - Basic control Level 0 - Process Industrial control system communication media and protocols Regular information technology network protocols Process automation protocols Industrial control system protocols Building automation protocols Automatic meter reading protocols Communication protocols in the enterprise zone Communication protocols in the Industrial zone Summary Chapter 2: Insecure by Inheritance Industrial control system history Modbus and Modbus TCP/IP Breaking Modbus Using Python and Scapy to communicate over Modbus Replaying captured Modbus packets PROFINET PROFINET packet replay attacks $7 communication and the stop CPU vulnerability EtherNet/IP and the Common Industrial Protocol Shodan: The scariest search engine on the internet Common IT protocols found in the ICS HTTP File Transfer Protocol Telnet Address Resolution Protocol ICMP echo request Summary Chapter 3: Anatomy of an ICS Attack Scenario Setting the stage The Slumbertown paper mill Trouble in paradise Building a virtual test network Clicking our heels What can the attacker do with their access The cyber kill chain Phase two of the Slumbertown Mill ICS attack Other attack scenarios Summary Chapter 4: Industrial Control System Risk Assessment Attacks, objectives, and consequences Risk assessments A risk assessment example Step 1 - Asset identification and system characterization Step 2 - Vulnerability identification and threat modeling Discovering vulnerabilities Threat modeling Step 3 - Risk calculation and mitigation Summary Chapter 5: The Purdue Model and a Converged Plantwide Ethernet The Purdue Enterprise Reference Architecture The Converged Plantwide Enterprise The safety zone Cell/area zones Level 0 - The process Level 1 - Basic control Level 2 - Area supervisory control The manufacturing zone Level 3 - Site manufacturing operations and control The enterprise zone Level 4 - Site business planning and logistics Level 5 - Enterprise Level 3.5 - The Industrial Demilitarized Zone The CPwE industrial network security framework Summary Chapter 6: The Defense-in-depth Model ICS security restrictions How to go about defending an ICS The ICS is extremely defendable The defense-in-depth model Physical security Network security Computer security Application security Device security Policies, procedures, and awareness Summary Chapter 7: Physical ICS Security The ICS security bubble analogy Segregation exercise Down to it - Physical security Summary Chapter 8: ICS Network Security Designing network architectures for security Network segmentation The Enterprise Zone The Industrial Zone Cell Area Zones Level 3 site operations The Industrial Demilitarized Zone Communication conduits Resiliency and redundancy Architectural overview Firewalls Configuring the active-standby pair of firewalls Security monitoring and logging Network packet capturing Event logging Security information and event management Firewall logs Configuring the Cisco ASA firewall to send log data to the OSSIM server Setting the syslog logging level for Cisco devices Network intrusion detection logs Why not intrusion prevention Configuring the Cisco Sourcefire IDS to send log data to the OSSIM server Router and switch logs Configuring Cisco lOS to log to the syslog service of the OSSIM server Operating system logs Collecting logs from a Windows system Installing and configuring NXLog CE across your Windows hosts Application logs Reading an application log file with an HIDS agent on Windows Network visibility Summary Chapter 9: ICS Computer Security Endpoint hardening Narrowing the attack surface Limiting the impact of a compromise Microsoft Enhanced Mitigation Experience Toolkit Configuring EMET for a Rockwell Automation application server Microsoft AppLocker Microsoft AppLocker configuration Configuration and change management Patch management Configuring Microsoft Windows Server Update Services for the industrial zone Configuring the Cisco ASA firewall Creating the Windows Server Update Services server Configuring Windows client computers to get updates from the WSUS server Endpoint protection software Host-based firewalls Anti-malware software Types of malware Application whitelisting software Application whitelisting versus blacklisting How application whitelisting works Symantec's Embedded Security: Critical system protection Building the Symantec's Embedded Security: Critical System Protection management server Monitoring and logging Summary Chapter 10: ICS Application Security Application security Input validation vulnerabilities Software tampering Authentication vulnerabilities Authorization vulnerabilities Insecure configuration vulnerabilities Session management vulnerabilities Parameter manipulation vulnerabilities Application security testing OpenVAS security scan ICS application patching ICS secure SDLC The definition of secure SDLC Summary Chapter 11: ICS Device Security ICS device hardening ICS device patching The ICS device life cycle ICS device security considerations during the procurement phase ICS device security considerations during the installation phase ICS device security considerations during the operation phase ICS device security considerations for decommissioning and disposal Summary Chapter 12: The ICS Cybersecurity Program Development Process The NIST Guide to Industrial control systems security Obtaining senior management buy-in Building and training a cross-functional team Defining charter and scope Defining ICS-specific security policies and procedures Implementing an ICS security risk-management framework Categorizing ICS systems and network assets Selecting ICS security controls Performing (initial) risk assessment Implementing the security controls The ICS security program development process Security policies, standards, guidelines, and procedures Defining ICS-specific security policies, standards, and procedures Defining and inventorying the ICS assets Performing an initial risk assessment on discovered ICS assets The Slumbertown Paper Mill initial risk assessment Defining and prioritizing mitigation activities Defining and kicking off the security improvement cycle Summary Index
展開全部

工業網絡安全 作者簡介

帕斯卡·阿克曼(Pascal Ackerman) is a seasoned industrial security professional with a degree in electrical engineering and over 15 years of experience in designing, troubleshooting, and securing large-scale industrial control systems and the various types of network technologies they utilize. After more than a decade of hands-on, in-the-field experience, he joined Rockwell Automation in 2015 and is currently employed as Senior Consultant of Industrial Cybersecurity with the Network and Security Services Group. He recently became a digital nomad and now travels the world with his family while fighting cyber adversaries.

商品評論(0條)
暫無評論……
書友推薦
本類暢銷
編輯推薦
返回頂部
中圖網
在線客服
主站蜘蛛池模板: 深圳货架厂_仓库货架公司_重型仓储货架_线棒货架批发-深圳市诺普泰仓储设备有限公司 | 阿里巴巴诚信通温州、台州、宁波、嘉兴授权渠道商-浙江联欣科技提供阿里会员办理 | 熔体泵|换网器|熔体齿轮泵|熔体计量泵厂家-郑州巴特熔体泵有限公司 | 风电变桨伺服驱动器-风电偏航变桨系统-深圳众城卓越科技有限公司 | 电池高低温试验箱-气态冲击箱-双层电池防爆箱|简户百科 | 一体化净水器_一体化净水设备_一体化水处理设备-江苏旭浩鑫环保科技有限公司 | 进口消泡剂-道康宁消泡剂-陶氏消泡剂-大洋消泡剂 | 球形钽粉_球形钨粉_纳米粉末_难熔金属粉末-广东银纳官网 | 蜂窝块状沸石分子筛-吸附脱硫分子筛-萍乡市捷龙环保科技有限公司 | 电主轴-高速精密电主轴-高速电机厂家-瑞德沃斯品牌有限公司 | 广东西屋电气有限公司-广东西屋电气有限公司 | 高压包-点火器-高压发生器-点火变压器-江苏天网 | 苏州注册公司_苏州代理记账_苏州工商注册_苏州代办公司-恒佳财税 | 洛阳防爆合格证办理-洛阳防爆认证机构-洛阳申请国家防爆合格证-洛阳本安防爆认证代办-洛阳沪南抚防爆电气技术服务有限公司 | 智慧水务|智慧供排水利信息化|水厂软硬件系统-上海敢创 | 深圳标识制作公司-标识标牌厂家-深圳广告标识制作-玟璟广告-深圳市玟璟广告有限公司 | Eiafans.com_环评爱好者 环评网|环评论坛|环评报告公示网|竣工环保验收公示网|环保验收报告公示网|环保自主验收公示|环评公示网|环保公示网|注册环评工程师|环境影响评价|环评师|规划环评|环评报告|环评考试网|环评论坛 - Powered by Discuz! | 无锡网站建设_企业网站定制-网站制作公司-阿凡达网络 | 陶瓷加热器,履带式加热器-吴江市兴达电热设备厂 | PVC地板|PVC塑胶地板|PVC地板厂家|地板胶|防静电地板-无锡腾方装饰材料有限公司-咨询热线:4008-798-128 | 棉服定制/厂家/公司_棉袄订做/价格/费用-北京圣达信棉服 | 水篦子|雨篦子|镀锌格栅雨水篦子|不锈钢排水篦子|地下车库水箅子—安平县云航丝网制品厂 | 工作心得_读书心得_学习心得_找心得体会范文就上学道文库 | 吉祥新世纪铝塑板_生产铝塑板厂家_铝塑板生产厂家_临沂市兴达铝塑装饰材料有限公司 | 陕西华春网络科技股份有限公司 | 蒸汽热收缩机_蒸汽发生器_塑封机_包膜机_封切收缩机_热收缩包装机_真空机_全自动打包机_捆扎机_封箱机-东莞市中堡智能科技有限公司 | 热回收盐水机组-反应釜冷水机组-高低温冷水机组-北京蓝海神骏科技有限公司 | 语料库-提供经典范文,文案句子,常用文书,您的写作得力助手 | 振动传感器,检波器-威海广达勘探仪器有限公司 | 临沂招聘网_人才市场_招聘信息_求职招聘找工作请认准【马头商标】 | 减速机三参数组合探头|TSM803|壁挂式氧化锆分析仪探头-安徽鹏宸电气有限公司 | 一体化污水处理设备,一体化污水设备厂家-宜兴市福源水处理设备有限公司 | 车间除尘设备,VOCs废气处理,工业涂装流水线,伸缩式喷漆房,自动喷砂房,沸石转轮浓缩吸附,机器人喷粉线-山东创杰智慧 | 磨煤机配件-高铬辊套-高铬衬板-立磨辊套-盐山县宏润电力设备有限公司 | 首页 - 张店继勇软件开发工作室| 伟秀电气有限公司-10kv高低压开关柜-高低压配电柜-中置柜-充气柜-欧式箱变-高压真空断路器厂家 | 无锡网站建设-做网站-建网站-网页设计制作-阿凡达建站公司 | 淄博不锈钢,淄博不锈钢管,淄博不锈钢板-山东振远合金科技有限公司 | 电脑刺绣_绣花厂家_绣花章仔_织唛厂家-[源欣刺绣]潮牌刺绣打版定制绣花加工厂家 | 苏州柯瑞德货架-仓库自动化改造解决方案 | 中控室大屏幕-上海亿基自动化控制系统工程有限公司 |