Ameur Salem Zaidoun

Computer Science Security

Concepts and Tools

• Gebundenes Buch

Produktbeschreibung

This book serves as a guide to help the reader develop an awareness of security vulnerabilities and attacks, and encourages them to be circumspect when using the various computer resources and tools available today. For experienced users, Computer Science Security presents a wide range of tools to secure legacy software and hardware.

Computing has infiltrated all fields nowadays. No one can escape this wave and be immune to security attacks, which continue to evolve, gradually reducing the level of expertise needed by hackers.

It is high time for each and every user to acquire basic knowledge of computer security, which would enable them to mitigate the threats they may face both personally and professionally. It is this combined expertise of individuals and organizations that will guarantee a minimum level of security for families, schools, the workplace and society in general.

---

Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.

Produktdetails

• Verlag: Wiley & Sons / Wiley-ISTE
• Artikelnr. des Verlages: 1W786307550
• 1. Auflage
• Seitenzahl: 208
• Erscheinungstermin: 21. September 2022
• Englisch
• Abmessung: 240mm x 161mm x 15mm
• Gewicht: 666g
• ISBN-13: 9781786307552
• ISBN-10: 1786307553
• Artikelnr.: 64542350

Autorenporträt

Ameur Salem Zaidoun received a National Diploma in Computer Engineering from ENSI, Tunisia, and is a university teacher at ISET of Siliana at the level of Lecturer Technologist. An ex-developer and security consultant, he is a CCNA R&S-, DevNet- and CCNA-Security-certified and a Huawei HCNA-R&S-certified Cisco Instructor.

Inhaltsangabe

List of Acronyms xi

Introduction xiii

Chapter 1 General Concepts in Security 1

1.1 Introduction 1

1.2 Reasons for security 2

1.2.1 Technical issues 2

1.2.2 Social factors 4

1.3 Security attacks 5

1.3.1 Passive/active classification of attacks 5

1.3.2 Direct/indirect classification of attacks 8

1.3.3 Examples of attacks 10

1.3.4 Some statistics 12

1.4 Security objectives 13

1.4.1 Establishing a culture 13

1.4.2 Establishing technical solutions 13

1.5 Security fields 14

1.5.1 Energy security 14

1.5.2 Organizational and physical security 15

1.5.3 Software security 16

1.6 Normalization of security 18

1.6.1 Fundamental issues and general presentation 18

1.6.2 ISO 7498-2 norm 19

1.7 Security services 24

1.7.1 Authentication 25

1.7.2 Confidentiality 27

1.7.3 Integrity 27

1.7.4 Non-repudiation 27

1.7.5 Traceability and access control 27

1.7.6 Service availability 27

1.8 Security mechanisms 28

1.8.1 Encryption 28

1.8.2 Integrity check 29

1.8.3 Access check 29

1.8.4 Electronic signature 30

1.8.5 Notarization 30

1.9 Good practices 31

1.10 Conclusion 31

Chapter 2 Security Weaknesses 33

2.1 Introduction 33

2.2 Weakness in the TCP/IP 34

2.2.1 ARPANet, the ancestor of the Internet 34

2.2.2 The Internet and security problems 34

2.2.3 The Internet and the ability to analyze 35

2.3 Weaknesses due to malware and intrusion tools 36

2.3.1 Viruses 37

2.3.2 Worms 40

2.3.3 Spam 41

2.3.4 Software bomb 42

2.3.5 Trojan horse 42

2.3.6 Spyware 43

2.3.7 Keylogger 44

2.3.8 Adware 44

2.3.9 Other malware 45

2.3.10 Comparison of intrusion tools 46

2.4 Conclusion 46

Chapter 3 Authentication Techniques and Tools 49

3.1 Introduction 49

3.2 Theoretical concepts of authentication 50

3.2.1 Identification 50

3.2.2 Authentication 51

3.3 Different types of authentications 51

3.3.1 Local service authentication 51

3.3.2 Network authentication 52

3.4 AAA service 56

3.4.1 Local AAA 57

3.4.2 Server AAA 59

3.5 Conclusion 63

Chapter 4 Techniques and Tools for Controlling Access, ACL and Firewalls 65

4.1 Introduction 65

4.2 Access control list 66

4.2.1 ACL classification 66

4.2.2 ACL configuration in Cisco 68

4.2.3 ACL configuration for Huawei 74

4.3 Firewall 78

4.3.1 Filtering function 79

4.3.2 Functionalities of tracing and NAT 81

4.3.3 Firewall architecture 82

4.3.4 How a firewall works 84

4.3.5 Firewall classifications 84

4.3.6 Stateful firewall 86

4.3.7 Zone-based firewall 87

4.3.8 Firewall examples 90

4.4 The concept of a DMZ 92

4.4.1 Implementation of topologies 92

4.5 Conclusion 95

Chapter 5 Techniques and Tools for Detecting Intrusions 97

5.1 Introduction 97

5.2 Antivirus 97

5.2.1 Functions of an antivirus 97

5.2.2 Methods for detecting a virus 98

5.2.3 Actions taken by an antivirus 98

5.2.4 Antivirus components 99

5.2.5 Antivirus and firewall comparison 99

5.3 Intrusion detection s