본문내용 바로가기
무료배송 이벤트

해외주문 [Book] The Art of Software Security Assessment Identifying and Preventing Software Vulnerabilities

Paperback
Dowd, Mark , McDonald, John , Schuh, Justin 지음 | Addison-Wesley Professional | 2006년 11월 01일
  • 정가 : 105,590원
    판매가 : 93,980 [11%↓ 11,610원 할인]
  • 통합포인트 :
    [기본적립] 940원 적립 [1% 적립] 안내 [추가적립] 5만원 이상 구매 시 2천원 추가적립 [회원혜택] 우수회원 5만원 이상 구매 시 2~3% 추가적립
  • 추가혜택 :
    naver네이버페이 결제 시 무조건 1% 추가 적립 payco페이코 결제 시 최대 1만원 적립 okcashbag 실 결제 금액의 0.5% 적립 안내
  • 배송비 : 무료 배송비 안내
  • [배송일정] 14일 이내 출고 예정 배송일정 안내
    해외주문도서는 해외 거래처 사정에 의해 품절/지연될수 있습니다.
    스페셜오더 도서나 일서해외주문도서와 함께 주문시 배송일이 이에 맞추어 지연되오니, 이점 유의해주시기 바랍니다.

알립니다.

  • 해외주문도서는 고객님의 요청에 의해 주문하는 '개인 오더' 상품이기 때문에, 단순한 고객변심/착오로 인한 취소,반품, 교환의 경우 '해외주문 반품/취소 수수료'를 부담하셔야 합니다. 이점 유의하여 주시기 바랍니다. 반품/취소 수수료 : (1)양서-판매정가의 12%, (2)일서-판매정가의 7% (반품/취소 수수료는, 수입제반비용(FedEx수송비용, 관세사비, 보세창고료, 내륙 운송비, 통관비 등)과 재고리스크(미판매 리스크, 환차손)에 따른 비용을 포함하며, 양서는 판매정가의 12%, 일서는 판매정가의 7%가 적용됩니다.)
  • 외국도서의 경우 해외제공정보로만 서비스되어 미표기된 정보가 있을 수 있습니다. 필요한 정보가 있을경우 1:1 문의게시판 을 이용하여 주십시오.
행사도서 포함, 5만원이상 구매시 2018년 캘린더 증정
닫기
  • 비모 벽시계

이 책의 이벤트 해외주문/바로드림/제휴사주문/업체배송건의 경우 1+1 증정상품이 발송되지 않습니다.

  • MANNING, O'REILLY, PACKT, WILEY 등 해..
    03. 07 ~ 04. 30
상품상세정보
ISBN 9780321444424(0321444426)
쪽수 1174쪽
언어 English
크기 179(W) X 231(H) X 63(T) (mm)
삽화유무 삽화있음
총권수 1권
Textual Format Computer Applications
리딩지수 Level Scholarly/Undergraduate

책소개

이 책이 속한 분야

ldquo;There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude.rdquo; -Halvar Flake,CEO and head of research, SABRE Security GmbH The Definitive Insiderrsquo;s Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written.The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for ldquo;ripping apartrdquo; applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessmentcovers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real codedrawn from past flaws in many of the industry's highest-profile applications. Coverage includes bull; Code auditing: theory, practice, proven methodologies, and secrets of the trade bull; Bridging the gap between secure software design and post-implementation review bull; Performing architectural assessment: design review, threat modeling, and operational review bull; Identifying vulnerabilities related to memory management, data types, and malformed data bull; UNIX/Linux assessment: privileges, files, and processes bull; Windows-specific issues, including objects and the filesystem bull; Auditing interprocess communication, synchronization, and state bull; Evaluating network software: IP stacks, firewalls, and common application protocols bull; Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES &n
이 책의 상품구성
* 해당 상품의 상세구성정보를 준비중입니다.

원서번역서 내용 엿보기

이 책은 소프트웨어 보안 감사에 대하여 이전까지 쓰여진 어떤 책보다 상세하고, 정교하고 유용한 가이드를 제공한다. 능력 있는 보안 컨설턴트이자 VPN 같은 애플리케이션의 알려지지 않은 취약점을 개인적으로 연구하는 저자들의 특별한 경험을 바탕으로, 감지하기 어렵고 잘 숨겨진 보안 취약점들을 처음부터 끝까지 밝혀내는 방법을 소개한다. 이 책에서는 유닉스/리눅스와 윈도우 환경 모두에 대한 소프트웨어 취약점에 대한 모든 범위를 다룸으로써 네트워크와 웹 소프트웨어를 포함한 모든 종류의 애플리케이션과 함수에 대한 보안감사를 할 수 있게 해준다. 또한 과거 산업 전반에서 이목을 끌었던 취약점에 대한 소스코드 사례를 이용해 기술을 가르쳐준다.

목차

About the Authorsp. xv
Prefacep. xvii
Acknowledgmentsp. xxi
Introduction to Software Security Assessment
Software Vulnerability Fundamentalsp. 3
Introductionp. 3
Vulnerabilitiesp. 4
Security Policiesp. 5
Security Expectationsp. 7
The Necessity of Auditingp. 9
Auditing Versus Black Box Testingp. 11
Code Auditing and the Development Life Cyclep. 13
Classifying Vulnerabilitiesp. 14
Design Vulnerabilitiesp. 14
Implementation Vulnerabilitiesp. 15
Operational Vulnerabilitiesp. 16
Gray Areasp. 17
Common Threadsp. 18
Input and Data Flowp. 18
Trust Relationshipsp. 19
Assumptions and Misplaced Trustp. 20
Interfacesp. 21
Environmental Attacksp. 21
Exceptional Conditionsp. 22
Summaryp. 23
Design Reviewp. 25
Introductionp. 25
Software Design Fundamentalsp. 26
Algorithmsp. 26
Abstraction and Decompositionp. 27
Trust Relationshipsp. 28
Principles of Software Designp. 31
Fundamental Design Flawsp. 33
Enforcing Security Policyp. 36
Authenticationp. 36
Authorizationp. 38
Accountabilityp. 40
Confidentialityp. 41
Integrityp. 45
Availabilityp. 48
Threat Modelingp. 49
Information Collectionp. 50
Application Architecture Modelingp. 53
Threat Identificationp. 59
Documentation of Findingsp. 62
Prioritizing the Implementation Reviewp. 65
Summaryp. 66
Operational Reviewp. 67
Introductionp. 67
Exposurep. 68
Attack Surfacep. 68
Insecure Defaultsp. 69
Access Controlp. 69
Unnecessary Servicesp. 70
Secure Channelsp. 71
Spoofing and Identificationp. 72
Network Profilesp. 73
Web-Specific Considerationsp. 73
HTTP Request Methodsp. 73
Directory Indexingp. 74
File Handlersp. 74
Authenticationp. 75
Default Site Installationsp. 75
Overly Verbose Error Messagesp. 75
Public-Facing Administrative Interfacesp. 76
Protective Measuresp. 76
Development Measuresp. 76
Host-Based Measuresp. 79
Network-Based Measuresp. 83
Summaryp. 89
Application Review Processp. 91
Introductionp. 91
Overview of the Application Review Processp. 92
Rationalep. 92
Process Outlinep. 93
Preassessmentp. 93
Scopingp. 94
Application Accessp. 95
Information Collectionp. 96
Application Reviewp. 97
Avoid Drowningp. 98
Iterative Processp. 98
Initial Preparationp. 99
Planp. 101
Workp. 103
Reflectp. 105
Documentation and Analysisp. 106
Reporting and Remediation Supportp. 108
Code Navigationp. 109
External Flow Sensitivityp. 109
Tracing Directionp. 111
Code-Auditing Strategiesp. 111
Code Comprehension Strategiesp. 113
Candidate Point Strategiesp. 119
Design Generalization Strategiesp. 128
Code-Auditing Techniquesp. 133
Internal Flow Analysisp. 133
Subsystem and Dependency Analysisp. 135
Rereading Codep. 136
Desk-Checkingp. 137
Test Casesp. 139
Code Auditor's Toolboxp. 147
Source Code Navigatorsp. 148
Debuggersp. 151
Binary Navigation Toolsp. 155
Fuzz-Testing Toolsp. 157
Case Study: OpenSSHp. 158
Preassessmentp. 159
Implementation Analysisp. 161
High-Level Attack Vectorsp. 162
Documentation of Findingsp. 164
Summaryp. 164
Software Vulnerabilities
Memory Corruptionp. 167
Introductionp. 167
Buffer Overflowsp. 168
Process Memory Layoutp. 169
Stack Overflowsp. 169
Off-by-One Errorsp. 180
Heap Overflowsp. 183
Global and Static Data Overflowsp. 186
Shellcodep. 187
Writing the Codep. 187
Finding Your Code in Memoryp. 188
Protection Mechanismsp. 189
Stack Cookiesp. 190
Heap Implementation Hardeningp. 191
Nonexecutable Stack and Heap Protectionp. 193
Address Space Layout Randomizationp. 194
SafeSEHp. 194
Function Pointer Obfuscationp. 195
Assessing Memory Corruption Impactp. 196
Where Is the Buffer Located in Memory?p. 197
What Other Data Is Overwritten?p. 197
How Many Bytes Can Be Overwritten?p. 198
What Data Can Be Used to Corrupt Memory?p. 199
Are Memory Blocks Shared?p. 201
What Protections Are in Place?p. 202
Summaryp. 202
C Language Issuesp. 203
Introductionp. 203
C Language Backgroundp. 204
Data Storage Overviewp. 204
Binary Encodingp. 207
Byte Orderp. 209
Common Implementationsp. 209
Arithmetic Boundary Conditionsp. 211
Unsigned Integer Boundariesp. 213
Signed Integer Boundariesp. 220
Type Conversionsp. 223
Overviewp. 224
Conversion Rulesp. 225
Simple Conversionsp. 231
Integer Promotionsp. 233
Integer Promotion Applicationsp. 235
Usual Arithmetic Conversionsp. 238
Usual Arithmetic Conversion Applicationsp. 242
Type Conversion Summaryp. 244
Type Conversion Vulnerabilitiesp. 246
Signed/Unsigned Conversionsp. 246
Sign Extensionp. 248
Truncationp. 259
Comparisonsp. 265
Operatorsp. 271
The sizeof Operatorp. 271
Unexpected Resultsp. 272
Pointer Arithmeticp. 277
Pointer Overviewp. 277
Pointer Arithmetic Overviewp. 278
Vulnerabilitiesp. 280
Other C Nuancesp. 282
Order of Evaluationp. 282
Structure Paddingp. 284
Precedencep. 287
Macros/Preprocessorp. 288
Typosp. 289
Summaryp. 296
Program Building Blocksp. 297
Introductionp. 297
Auditing Variable Usep. 298
Variable Relationshipsp. 298
Structure and Object Mismanagementp. 307
Variable Initializationp. 312
Arithmetic Boundariesp. 316
Type Confusionp. 319
Lists and Tablesp. 321
Auditing Control Flowp. 326
Looping Constructsp. 327
Flow Transfer Statementsp. 336
Switch Statementsp. 337
Auditing Functionsp. 339
Function Audit Logsp. 339
Return Value Testing and Interpretationp. 340
Function Side-Effectsp. 351
Argument Meaningp. 360
Auditing Memory Managementp. 362
ACC Logsp. 362
Allocation Functionsp. 369
Allocator Scorecards and Error Domainsp. 377
Double-Freesp. 379
Summaryp. 385
Strings and Metacharactersp. 387
Introductionp. 387
C String Handlingp. 388
Unbounded String Functionsp. 388
Bounded String Functionsp. 393
Common Issuesp. 400
Metacharactersp. 407
Embedded Delimitersp. 408
NUL Character Injectionp. 411
Truncationp. 414
Common Metacharacter Formatsp. 418
Path Metacharactersp. 418
C Format Stringsp. 422
Shell Metacharactersp. 425
Perl open()p. 429
SQL Queriesp. 431
Metacharacter Filteringp. 434
Eliminating Metacharactersp. 434
Escaping Metacharactersp. 439
Metacharacter Evasionp. 441
Character Sets and Unicodep. 446
Unicodep. 446
Windows Unicode Functionsp. 450
Summaryp. 457
UNIX I: Privileges and Filesp. 459
Introductionp. 459
UNIX 101p. 460
Users and Groupsp. 461
Files and Directoriesp. 462
Processesp. 464
Privilege Modelp. 464
Privileged Programsp. 466
User ID Functionsp. 468
Group ID Functionsp. 475
Privilege Vulnerabilitiesp. 477
Reckless Use of Privilegesp. 477
Dropping Privileges Permanentlyp. 479
Dropping Privileges Temporarilyp. 486
Auditing Privilege-Management Codep. 488
Privilege Extensionsp. 491
File Securityp. 494
File IDsp. 494
File Permissionsp. 495
Directory Permissionsp. 498
Privilege Management with File Operationsp. 499
File Creationp. 500
Directory Safetyp. 503
Filenames and Pathsp. 503
Dangerous Placesp. 507
Interesting Filesp. 508
File Internalsp. 512
File Descriptorsp. 512
Inodesp. 513
Directoriesp. 514
Linksp. 515
Symbolic Linksp. 515
Hard Linksp. 522
Race Conditionsp. 526
TOCTOUp. 527
The stat() Family of Functionsp. 528
File Race Reduxp. 532
Permission Racesp. 533
Ownership Racesp. 534
Directory Racesp. 535
Temporary Filesp. 538
Unique File Creationp. 538
File Reusep. 544
Temporary Directory Cleanersp. 546
The Stdio File Interfacep. 547
Opening a Filep. 548
Reading from a Filep. 550
Writing to a Filep. 555
Closing a Filep. 556
Summaryp. 557
UNIX II: Processesp. 559
Introductionp. 559
Processesp. 560
Process Creationp. 560
fork() Variantsp. 562
Process Terminationp. 562
fork() and Open Filesp. 563
Program Invocationp. 565
Direct Invocationp. 565
Indirect Invocationp. 570
Process Attributesp. 572
Process Attribute Retentionp. 573
Resource Limitsp. 574
File Descriptorsp. 580
Environment Arraysp. 591
Process Groups, Sessions, and Terminalsp. 609
Interprocess Communicationp. 611
Pipesp. 612
Named Pipesp. 612
System V IPCp. 614
UNIX Domain Socketsp. 615
Remote Procedure Callsp. 618
RPC Definition Filesp. 619
RPC Decoding Routinesp. 622
Authenticationp. 623
Summaryp. 624
Windows I: Objects and the File Systemp. 625
Introductionp. 625
Backgroundp. 626
Objectsp. 627
Object Namespacesp. 629
Object Handlesp. 632
Sessionsp. 636
Security IDsp. 637
Logon Rightsp. 638
Access Tokensp. 639
Security Descriptorsp. 647
Access Masksp. 648
ACL Inheritancep. 649
Security Descriptors Programming Interfacesp. 649
Auditing ACL Permissionsp. 652
Processes and Threadsp. 654
Process Loadingp. 654
ShellExecute and ShellExecuteExp. 655
DLL Loadingp. 656
Servicesp. 658
File Accessp. 659
File Permissionsp. 659
The File I/O APIp. 661
Linksp. 676
The Registryp. 680
Key Permissionsp. 681
Key and Value Squattingp. 682
Summaryp. 684
Windows II: Interprocess Communicationp. 685
Introductionp. 685
Windows IPC Securityp. 686
The Redirectorp. 686
Impersonationp. 688
Window Messagingp. 689
Window Stations Objectp. 690
The Desktop Objectp. 690
Window Messagesp. 691
Shatter Attacksp. 694
DDEp. 697
Terminal Sessionsp. 697
Pipesp. 698
Pipe Permissionsp. 698
Named Pipesp. 699
Pipe Creationp. 699
Impersonation in Pipesp. 700
Pipe Squattingp. 703
Mailslotsp. 705
Mailslot Permissionsp. 705
Mailslot Squattingp. 706
Remote Procedure Callsp. 706
RPC Connectionsp. 706
RPC Transportsp. 707
Microsoft Interface Definition Languagep. 708
IDL File Structurep. 708
Application Configuration Filesp. 710
RPC Serversp. 711
Impersonation in RPCp. 716
Context Handles and Statep. 718
Threading in RPCp. 721
Auditing RPC Applicationsp. 722
COMp. 725
COM: A Quick Primerp. 725
DCOM Configuration Utilityp. 731
DCOM Application Identityp. 732
DCOM Subsystem Access Permissionsp. 733
DCOM Access Controlsp. 734
Impersonation in DCOMp. 736
MIDL Revisitedp. 738
Active Template Libraryp. 740
Auditing DCOM Applicationsp. 741
ActiveX Securityp. 749
Summaryp. 754
Synchronization and Statep. 755
Introductionp. 755
Synchronization Problemsp. 756
Reentrancy and Asynchronous-Safe Codep. 757
Race Conditionsp. 759
Starvation and Deadlocksp. 760
Process Synchronizationp. 762
System V Process Synchronizationp. 762
Windows Process Synchronizationp. 765
Vulnerabilities with Interprocess Synchronizationp. 770
Signalsp. 783
Sending Signalsp. 786
Handling Signalsp. 786
Jump Locationsp. 788
Signal Vulnerabilitiesp. 791
Signals Scoreboardp. 809
Threadsp. 810
PThreads APIp. 811
Windows APIp. 813
Threading Vulnerabilitiesp. 815
Summaryp. 825
Software Vulnerabilities in Practice
Network Protocolsp. 829
Introductionp. 829
Internet Protocolp. 831
IP Addressing Primerp. 832
IP Packet Structuresp. 834
Basic IP Header Validationp. 836
IP Options Processingp. 844
Source Routingp. 851
Fragmentationp. 853
User Datagram Protocolp. 863
Basic UDP Header Validationp. 864
UDP Issuesp. 864
Transmission Control Protocolp. 864
Basic TCP Header Validationp. 866
TCP Options Processingp. 867
TCP Connectionsp. 869
TCP Streamsp. 872
TCP Processingp. 880
Summaryp. 890
Firewallsp. 891
Introductionp. 891
Overview of Firewallsp. 892
Proxy Versus Packet Filtersp. 893
Attack Surfacep. 895
Proxy Firewallsp. 895
Packet-Filtering Firewallsp. 896
Stateless Firewallsp. 896
TCPp. 896
UDPp. 899
FTPp. 901
Fragmentationp. 902
Simple Stateful Firewallsp. 905
TCPp. 905
UDPp. 906
Directionalityp. 906
Fragmentationp. 907
Stateful Inspection Firewallsp. 909
Layering Issuesp. 911
Spoofing Attacksp. 914
Spoofing from a Distancep. 914
Spoofing Up Closep. 917
Spooky Action at a Distancep. 919
Summaryp. 920
Network Application Protocolsp. 921
Introductionp. 921
Auditing Application Protocolsp. 922
Collect Documentationp. 922
Identify Elements of Unknown Protocolsp. 923
Match Data Types with the Protocolp. 927
Data Verificationp. 935
Access to System Resourcesp. 935
Hypertext Transfer Protocolp. 937
Header Parsingp. 937
Accessing Resourcesp. 940
Utility Functionsp. 941
Posting Datap. 942
Internet Security Association and Key Management Protocolp. 948
Payloadsp. 952
Payload Typesp. 956
Encryption Vulnerabilitiesp. 971
Abstract Syntax Notation (ASN.1)p. 972
Basic Encoding Rulesp. 975
Canonical Encoding and Distinguished Encodingp. 976
Vulnerabilities in BER, CER; and DER Implementationsp. 977
Packed Encoding Rules (PER)p. 979
XML Encoding Rulesp. 983
XER Vulnerabilitiesp. 984
Domain Name Systemp. 984
Domain Names and Resource Recordsp. 984
Name Servers and Resolversp. 986
Zonesp. 987
Resource Record Conventionsp. 988
Basic Use Casep. 989
DNS Protocol Structure Primerp. 990
DNS Namesp. 993
Length Variablesp. 996
DNS Spoofingp. 1002
Summaryp. 1005
Web Applicationsp. 1007
Introductionp. 1007
Web Technology Overviewp. 1008
The Basicsp. 1009
Static Contentp. 1009
CGIp. 1009
Web Server APIsp. 1010
Server-Side Includesp. 1011
Server-Side Transformationp. 1012
Server-Side Scriptingp. 1013
HTTPp. 1014
Overviewp. 1014
Versionsp. 1017
Headersp. 1018
Methodsp. 1020
Parameters and Formsp. 1022
State and HTTP Authenticationp. 1027
Overviewp. 1028
Client IP Addressesp. 1029
Referer Request Headerp. 1030
Embedding State in HTML and URLsp. 1032
HTTP Authenticationp. 1033
Cookiesp. 1036
Sessionsp. 1038
Architecturep. 1040
Redundancyp. 1040
Presentation Logicp. 1040
Business Logicp. 1041
N-Tier Architecturesp. 1041
Business Tierp. 1043
Web Tier: Model-View-Controllerp. 1044
Problem Areasp. 1046
Client Visibilityp. 1046
Client Controlp. 1047
Page Flowp. 1048
Sessionsp. 1049
Authenticationp. 1056
Authorization and Access Controlp. 1057
Encryption and SSL/TLSp. 1058
Phishing and Impersonationp. 1059
Common Vulnerabilitiesp. 1060
SQL Injectionp. 1061
OS and File System Interactionp. 1066
XML Injectionp. 1069
XPath Injectionp. 1070
Cross-Site Scriptingp. 1071
Threading Issuesp. 1074
C/C++ Problemsp. 1075
Harsh Realities of the Webp. 1075
Auditing Strategyp. 1078
Summaryp. 1081
Web Technologiesp. 1083
Introductionp. 1083
Web Services and Service-Oriented Architecturep. 1084
SOAPp. 1085
RESTp. 1085
AJAXp. 1085
Web Application Platformsp. 1086
CGIp. 1086
Indexed Queriesp. 1086
Environment Variablesp. 1087
Path Confusionp. 1091
Perlp. 1093
SQL Injectionp. 1093
File Accessp. 1094
Shell Invocationp. 1095
File Inclusionp. 1095
Inline Evaluationp. 1095
Cross-Site Scriptingp. 1096
Taint Modep. 1096
PHPp. 1096
SQL Injectionp. 1097
File Accessp. 1098
Shell Invocationp. 1099
File Inclusionp. 1101
Inline Evaluationp. 1101
Cross-Site Scriptingp. 1103
Configurationp. 1104
Javap. 1105
SQL Injectionp. 1106
File Accessp. 1107
Shell Invocationp. 1108
File Inclusionp. 1108
JSP File Inclusionp. 1109
Inline Evaluationp. 1110
Cross-Site Scriptingp. 1110
Threading Issuesp. 1111
Configurationp. 1112
ASPp. 1113
SQL Injectionp. 1113
File Accessp. 1115
Shell Invocationp. 1115
File Inclusionp. 1116
Inline Evaluationp. 1117
Cross-Site Scriptingp. 1118
Configurationp. 1118
ASP.NETp. 1118
SQL Injectionp. 1118
File Accessp. 1119
Shell Invocationp. 1120
File Inclusionp. 1120
Inline Evaluationp. 1121
Cross-Site Scriptingp. 1121
Configurationp. 1121
ViewStatep. 1121
Summaryp. 1123
Bibliographyp. 1125
Indexp. 1129
Table of Contents provided by Ingram. All Rights Reserved.

북로그 리뷰 (0) 쓰러가기

도서 구매 후 리뷰를 작성하시면 통합포인트를 드립니다.
결제 90일 이내 작성 시 300원 / 발송 후 5일 이내 작성시 400원 / 이 상품의 첫 리뷰 작성 시 500원
(포인트 적립은 작성 후 다음 날 혹은 해당 도서 출고 후 익일에 적립됩니다.
외서/eBook/음반/DVD/GIFT 및 잡지 상품 제외)
안내
  • 해당도서의 리뷰가 없습니다.

간단리뷰 (0)

도서 구매 후 리뷰를 작성하시면 통합포인트를 드립니다.
결제 90일 이내 작성 시 50원 / 발송 후 5일 이내 작성 시 100원
(포인트 적립은 작성 후 다음 날 혹은 해당 도서 출고 후 익일에 적립됩니다.
외서/eBook/음반/DVD/GIFT 및 잡지 상품 제외) 안내
0/1000자
컨텐츠평가
5점 만점에
0점 1점 2점 3점 4점 5점
이미지첨부
(파일용량은 1MB 이하이며, 파일형식은 jpg, jpeg 파일만 업로드 가능합니다.)

    교환/반품/품절안내

    ※ 상품 설명에 반품/교환 관련한 안내가 있는 경우 그 내용을 우선으로 합니다. (업체 사정에 따라 달라질 수 있습니다.)

    교환/반품/품절안내
    반품/교환방법 마이룸 > 주문관리 > 주문/배송내역 > 주문조회 > 반품/교환신청 ,
    [1:1상담>반품/교환/환불] 또는 고객센터 (1544-1900)

    ※ 오픈마켓, 해외배송주문, 기프트 주문시 [1:1상담>반품/교환/환불]
        또는 고객센터 (1544-1900)
    반품/교환가능 기간 변심반품의 경우 수령 후 7일 이내,
    상품의 결함 및 계약내용과 다를 경우 문제점 발견 후 30일 이내
    반품/교환비용 변심 혹은 구매착오로 인한 반품/교환은 반송료 고객 부담
    반품/교환 불가 사유
    • 소비자의 책임 있는 사유로 상품 등이 손실 또는 훼손된 경우
      (단지 확인을 위한 포장 훼손은 제외)
    • 소비자의 사용, 포장 개봉에 의해 상품 등의 가치가 현저히 감소한 경우
      예) 화장품, 식품, 가전제품(악세서리 포함) 등
    • 복제가 가능한 상품 등의 포장을 훼손한 경우
      예) 음반/DVD/비디오, 소프트웨어, 만화책, 잡지, 영상 화보집
    • 소비자의 요청에 따라 개별적으로 주문 제작되는 상품의 경우 ((1)해외주문도서)
    • 디지털 컨텐츠인 eBook, 오디오북 등을 1회 이상 다운로드를 받았을 경우
    • 시간의 경과에 의해 재판매가 곤란한 정도로 가치가 현저히 감소한 경우
    • 전자상거래 등에서의 소비자보호에 관한 법률이 정하는 소비자 청약철회 제한 내용에
      해당되는 경우
    (1) 해외주문도서 : 이용자의 요청에 의한 개인주문상품으로 단순변심 및 착오로 인한 취소/교환/반품 시 ‘해외주문 반품/취소 수수료’ 고객 부담 (해외주문 반품/취소 수수료 : ①양서-판매정가의 12%, ②일서-판매정가의 7%를 적용)
    상품 품절 공급사(출판사) 재고 사정에 의해 품절/지연될 수 있으며, 품절 시 관련 사항에 대해서는
    이메일과 문자로 안내드리겠습니다.
    소비자 피해보상
    환불지연에 따른 배상
    • 상품의 불량에 의한 교환, A/S, 환불, 품질보증 및 피해보상 등에 관한 사항은
      소비자분쟁해결 기준 (공정거래위원회 고시)에 준하여 처리됨
    • 대금 환불 및 환불지연에 따른 배상금 지급 조건, 절차 등은 전자상거래 등에서의
      소비자 보호에 관한 법률에 따라 처리함

    이 책의 원서번역서

    안내

    이 분야의 베스트

    • Hope, Tom
      52,130원
    • Martin, Robert ...
      41,110원
    • 89,760원
    • Stephens-davido...
      29,190원
    • Jang, Michael
      62,570원
    더보기+

    이 분야의 신간

    • Wittenbrink, He...
      46,190원
    더보기+

    바로가기

    • 우측 확장형 배너 2

    최근 본 상품