Unauthorised Access: Physical Penetration Testing For IT Security Teams [NOOK Book]

Overview

The first guide to planning and performing a physical penetration test on your computer's security

Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration ...

See more details below
Unauthorised Access: Physical Penetration Testing For IT Security Teams

Available on NOOK devices and apps  
  • NOOK Devices
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK Study
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$25.99
BN.com price
(Save 42%)$45.00 List Price
Note: This NOOK Book can be purchased in bulk. Please email us for more information.

Overview

The first guide to planning and performing a physical penetration test on your computer's security

Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security.

Featuring a Foreword written by world-renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception, this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.

  • Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance
  • Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels
  • Includes safeguards for consultants paid to probe facilities unbeknown to staff
  • Covers preparing the report and presenting it to management

In order to defend data, you need to think like a thief-let Unauthorised Access show you how to get inside.

Read More Show Less

Product Details

  • ISBN-13: 9780470970027
  • Publisher: Wiley, John & Sons, Incorporated
  • Publication date: 3/25/2010
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 1
  • Pages: 302
  • Sales rank: 891,623
  • Product dimensions: 7.46 (w) x 9.42 (h) x 0.69 (d)
  • File size: 4 MB

Table of Contents

Preface.

Acknowledgements.

Foreword.

1 The Basics of Physical Penetration Testing.

What Do Penetration Testers Do?

Security Testing in the Real World.

Legal and Procedural Issues.

Know the Enemy.

Engaging a Penetration Testing Team.

Summary.

2 Planning Your Physical Penetration Tests.

Building the Operating Team.

Project Planning and Workflow.

Codes, Call Signs and Communication.

Summary.

3 Executing Tests.

Common Paradigms for Conducting Tests.

Conducting Site Exploration.

Example Tactical Approaches.

Mechanisms of Physical Security.

Summary.

4 An Introduction to Social Engineering Techniques.

Introduction to Guerilla Psychology.

Tactical Approaches to Social Engineering.

Summary.

5 Lock Picking.

Lock Picking as a Hobby.

Introduction to Lock Picking.

Advanced Techniques.

Attacking Other Mechanisms.

Summary.

6 Information Gathering.

Dumpster Diving.

Shoulder Surfing.

Collecting Photographic Intelligence.

Finding Information From Public Sources and the Internet.

Electronic Surveillance.

Covert Surveillance.

Summary.

7 Hacking Wireless Equipment.

Wireless Networking Concepts.

Introduction to Wireless Cryptography.

Cracking Encryption.

Attacking a Wireless Client.

Mounting a Bluetooth Attack.

Summary.

8 Gathering the Right Equipment.

The ‘‘Get of Jail Free’’ Card.

Photography and Surveillance Equipment.

Computer Equipment.

Wireless Equipment.

Global Positioning Systems.

Lock Picking Tools.

Forensics Equipment.

Communications Equipment.

Scanners.

Summary.

9 Tales from the Front Line.

SCADA Raiders.

Night Vision.

Unauthorized Access.

Summary.

10 Introducing Security Policy Concepts.

Physical Security.

Protectively Marked or Classified GDI Material.

Protective Markings in the Corporate World.

Communications Security.

Staff Background Checks.

Data Destruction.

Data Encryption.

Outsourcing Risks.

Incident Response Policies.

Summary.

11 Counter Intelligence.

Understanding the Sources of Information Exposure.

Social Engineering Attacks.

Protecting Against Electronic Monitoring.

Securing Refuse.

Protecting Against Tailgating and Shoulder Surfing.

Performing Penetration Testing.

Baseline Physical Security.

Summary.

Appendix A: UK Law.

Computer Misuse Act.

Human Rights Act.

Regulation of Investigatory Powers Act.

Data Protection Act.

Appendix B: US Law.

Computer Fraud and Abuse Act.

Electronic Communications Privacy Act.

SOX and HIPAA.

Appendix C: EU Law.

European Network and Information Security Agency.

Data Protection Directive.

Appendix D: Security Clearances.

Clearance Procedures in the United Kingdom.

Levels of Clearance in the United Kingdom.

Levels of Clearance in the United States.

Appendix E: Security Accreditations.

Certified Information Systems Security Professional.

Communication–Electronics Security Group CHECK.

Global Information Assurance Certification.

INFOSEC Assessment and Evaluation.

Index.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)