CDN$ 32.75
  • List Price: CDN$ 51.99
  • You Save: CDN$ 19.24 (37%)
Usually ships within 1 to 3 months.
Ships from and sold by
Gift-wrap available.
Add to Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Inside Network Security Assessment: Guarding Your IT Infrastructure Paperback – Nov 18 2005

Amazon Price New from Used from
"Please retry"
CDN$ 32.75
CDN$ 32.75 CDN$ 3.50

Join Amazon Student in Canada

Customers Who Bought This Item Also Bought


Product Details

Inside This Book (Learn More)
Explore More
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

There are no customer reviews yet on
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on (beta) 3 reviews
3 of 4 people found the following review helpful
Excellent overview of current state of the art for network security assessment April 23 2006
By uniq - Published on
Format: Paperback
If you need an overview of the current state of the art for network security assessment - this book is for you. It describes a security assessment process end-to-end, covering all aspects of it: reasons for the assessment, risk assessment methodologies, scoping of an assessment project and its goals, how to conduct the assessment, what to put into the final report, and what is involved in the post-assessment activities. The book also gives an overview of contemporary government standards and security evaluation tools, and even offers security assessment forms and a sample report. This book is *NOT* a detailed description of the intrinsic and technology behind the attacks or ways of warding them off, even though the authors do a superb job of explaining most major concepts and terms.

While anything that ends with the word "process" promises the excitement of watching paint dry, I've found this book quite informative and written very well. For me, it is more important to understand than remember; every statement in a book is logically solid and supported by a reason or explanation. With respect to this, the authors have not disappointed me.

I disagree with negative comments mentioned in the F. Yan's review below. For example, indeed, on page 111 the authors stated that the greatest threat to an organization and its IT infrastructure are employees, contractors, and third-party users; on the same page they named insecure computing habits of the *employees* as the 2nd threat, and on page 112 they listed *disgruntled* employees as the 3rd greatest threat. I don't see any contradiction, since disgruntled employees are a subset of the total population of employees. Similarly, I could not find validation to other negative comments.

Nevertheless, the book has a couple of rather small shortcomings. One is a bit dry style of some chapters consisting primarily of bullet point lists, although the points themselves are sharp, concrete, and important. I also wish that the book's cover were made from a more practical and durable material.

Overall, this is an excellent and useful book, that delivers on its promises.
2 of 3 people found the following review helpful
Broad Range of Information March 4 2006
By John Bailey - Published on
Format: Paperback
In my experience what's important is to have an overall structure when performing any task. That's one of the things I liked about this book as it didn't get bogged down with an endless review of a million tools. The book offers a look at the bigger picture providing information on the overall structure and flow of the assessment. While it is evident that it was written by two writers, those individuals planning on performing an assessment or involved with one should find this book useful. I believe this book would also be helpful to people new to the security assessment area. When reading a book my objective is to learn something I did not know before or to add to my skill set. This book met that mark for me.
2 of 4 people found the following review helpful
This book needs better editing and review Feb. 2 2006
By F. Yan - Published on
Format: Paperback
After reading a few chapters of the book, I find this book was not thoroughly edited or reviewed before being published. It is not well structured while it is inconsistent and even self-contradictory.

Take chapter 6 as an example. In terms of bad structure, the overview presented four characteristics about attackers, but in the chapter only two have big headings.

Also, when the four kinds of attacks are discussed, it starts off with a paragraph of short description for each. Then it goes to further not-so-detailed (or even repeated) explanation for each attack. Why can the short description and the not-so-detailed explanation for each attack NOT be combined?

On inconsistency: while there is a tip for a few security countermeasures after discussing coordinated attacks, there are none for the other three kinds of attack.

On self-contradiction: the authors say the greatest threat is internal/disgruntled employees. Then on the following page it mentions disgruntled employees again in a different heading but as the "third" greatest threat.

I am sure the authors are very technically knowledgeable in security as the book provides a lot of security-related materials. However, they need to polish their writing skills so that the next book they write will not be as chaotic as this one.