Eric Cole
Network Security Bible
Eric Cole
Network Security Bible
- Broschiertes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
The comprehensive A-to-Z guide on network security, fully revised and updated
Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side.
Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security. Covers all core areas of…mehr
Andere Kunden interessierten sich auch für
- Eric ColeWiley Pathways Network Security Fundamentals Project Manual50,99 €
- Steve AnsonMastering Windows Network Forensics and Investigation51,99 €
- Bruce SchneierSecrets and Lies22,99 €
- Kevin D. MitnickThe Art of Deception41,99 €
- David LitchfieldDatabase Hacker's Handbook w/WS36,99 €
- Dominic ChellThe Mobile Application Hacker's Handbook67,99 €
- Wil AllsoppUnauthorised Access33,99 €
-
-
-
The comprehensive A-to-Z guide on network security, fully revised and updated
Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side.
Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security.
Covers all core areas of network security and how they interrelate
Fully revised to address new techniques, technology, and methods for securing an enterprise worldwide
Examines new trends and best practices in use by organizations to secure their enterprises
Features additional chapters on areas related to data protection/correlation and forensics
Includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats
If you need to get up to date or stay current on network security, Network Security Bible, 2nd Edition covers everything you need to know.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side.
Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security.
Covers all core areas of network security and how they interrelate
Fully revised to address new techniques, technology, and methods for securing an enterprise worldwide
Examines new trends and best practices in use by organizations to secure their enterprises
Features additional chapters on areas related to data protection/correlation and forensics
Includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats
If you need to get up to date or stay current on network security, Network Security Bible, 2nd Edition covers everything you need to know.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
- Produktdetails
- Bible
- Verlag: Wiley & Sons
- Artikelnr. des Verlages: 14550249000
- 2. Aufl.
- Seitenzahl: 944
- Erscheinungstermin: 1. September 2009
- Englisch
- Abmessung: 232mm x 189mm x 50mm
- Gewicht: 1569g
- ISBN-13: 9780470502495
- ISBN-10: 0470502495
- Artikelnr.: 26432874
- Herstellerkennzeichnung
- Libri GmbH
- Europaallee 1
- 36244 Bad Hersfeld
- 06621 890
- Bible
- Verlag: Wiley & Sons
- Artikelnr. des Verlages: 14550249000
- 2. Aufl.
- Seitenzahl: 944
- Erscheinungstermin: 1. September 2009
- Englisch
- Abmessung: 232mm x 189mm x 50mm
- Gewicht: 1569g
- ISBN-13: 9780470502495
- ISBN-10: 0470502495
- Artikelnr.: 26432874
- Herstellerkennzeichnung
- Libri GmbH
- Europaallee 1
- 36244 Bad Hersfeld
- 06621 890
Eric Cole holds a PhD and CISSP and has been a security consultant for international banks and the Fortune 500. He made his mark working for the CIA for more than seven years and as a member of the Honeynet Project. He was also a member of the Commission on Cyber Security for the 44th Presidency. He has appeared as a security expert on CBS News and 60 Minutes and is a regular security expert for CNN Headline News.
Introduction xxxv
Part I: Network Security Landscape
Chapter 1: State of Network Security 3
Cyber Security 3
Summary 7
Chapter 2: New Approaches to Cyber Security 9
General Trends 9
The Changing Face of Cyber Security 16
Summary 17
Chapter 3: Interfacing with the Organization 19
An Enterprise Security Methodology 19
Key Questions to Manage Risk 27
Summary 32
Part II: Security Principles and Practices
Chapter 4: Information System Security Principles 35
Key Principles of Network Security 35
Formal Processes 37
Risk Management 60
Calculating and Managing Risk 70
Summary 71
Chapter 5: Information System Security Management 73
Security Policies 73
Security Awareness 77
Managing the Technical Effort 79
Configuration Management 87
Business Continuity and Disaster Recovery Planning 90
Physical Security 98
Legal and Liability Issues 105
Summary 107
Chapter 6: Access Control 109
Control Models 109
Types of Access Control Implementations 112
Identification and Authentication 115
Databases 121
Remote Access 123
Summary 125
Chapter 7: Attacks and Threats 127
Malicious Code 127
Review of Common Attacks 129
External Attack Methodologies Overview 136
Internal Threat Overview 140
Summary 142
Part III: Operating Systems and Applications
Chapter 8: Windows Security 145
Windows Security at the Heart of the Defense 147
Out-of-the-Box Operating System Hardening 151
Installing Applications 171
Putting the Workstation on the Network 175
Operating Windows Safely 177
Upgrades and Patches 191
Maintain and Test the Security 194
Attacks Against the Windows Workstation 198
Summary 205
Chapter 9: UNIX and Linux Security 207
The Focus of UNIX/Linux Security 207
Physical Security 212
Controlling the Configuration 217
Operating UNIX Safely 224
Hardening UNIX 245
Summary 253
Chapter 10: Web Browser and Client Security 255
Web Browser and Client Risk 255
How a Web Browser Works 259
Web Browser Attacks 268
Operating Safely 271
Web Browser Configurations 276
Summary 286
Chapter 11: Web Security 287
What Is HTTP? 287
How Does HTTP Work? 289
Server Content 301
Client Content 303
State 309
Attacking Web Servers 315
Web Services 317
Summary 321
Chapter 12: Electronic mail (E-mail) Security 323
The E-mail Risk 323
The E-mail Protocols 340
E-mail Authentication 345
Operating Safely When Using E-mail 348
Summary 355
Chapter 13: Domain Name System 357
DNS Basics 358
Purpose of DNS 364
Setting Up DNS 375
Security Issues with DNS 377
DNS Attacks 384
Designing DNS 386
Master Slave DNS 388
Detailed DNS Architecture 388
DNS SEC 389
Summary 393
Chapter 14: Server Security 395
General Server Risks 395
Security by Design 396
Operating Servers Safely 413
Server Applications 417
Multi-Level Security and Digital Rights Management 421
Summary 427
Part IV: Network Security Fundamentals
Chapter 15: Network Protocols 431
Protocols 431
The Open Systems Interconnect Model 432
The OSI Layers 433
The TCP/IP Model 439
TCP/IP Model Layers 441
Internet Protocol 442
VoIP 450
Summary 457
Chapter 16: Wireless Security 459
Electromagnetic Spectrum 459
The Cellular Phone Network 462
Placing a Cellular Telephone Call 464
Wireless Transmission Systems 469
Pervasive Wireless Data Network Technologies 473
IEEE Wireless LAN Specifications 478
IEEE 802.11 480
IEEE 802.11 Wireless Security 485
Bluetooth 503
Wireless Application Protocol 504
Future of Wireless 506
Summary 508
Chapter 17: Network Architecture Fundamentals 509
Network Segments 510
Perimeter Defense 511
Network Address Translation 511
Basic Architecture Issues 513
Subnetting, Switching, and VLANs 516
Address Resolution Protocol and Media Access Control 517
Dynamic Host Configuration Protocol and Addressing Control 518
Zero Configuration Networks 519
System Design and Architecture Against Insider Threats 525
Common Attacks 528
Summary 529
Chapter 18: Firewalls 531
Firewalls 531
Firewall Rules 537
The Use of Personal Firewalls 542
Summary 548
Chapter 19: Intrusion Detection/Prevention 549
Intrusion Detection Systems 549
Responses to Intrusion Detection 556
Emerging Technologies in Intrusion Detection Systems 556
Summary 567
Part V: Communication
Chapter 20: Secret Communication 571
What is Cryptography? 572
General Terms 576
Principles of Cryptography 577
The Four Cryptographic Primitives 587
Putting These Primitives Together to Achieve CIA 602
The Difference Between Algorithm and Implementation 603
Proprietary Versus Open Source Algorithms 606
Attacks on Hash Functions 607
Quantum Cryptography 617
Summary 628
Chapter 21: Covert Communication 631
Where Hidden Data Hides 631
Where Did It Come From? 633
Where Is It Going? 633
Overview of Steganography 634
History of Steganography 639
Core Areas of Network Security and Their Relation to Steganography 641
Principles of Steganography 643
Steganography Compared to Cryptography 644
Types of Steganography 646
Products That Implement Steganography 654
Steganography Versus Digital Watermarking 673
Types of Digital Watermarking 675
Goals of Digital Watermarking 676
Digital Watermarking and Stego 676
Summary 679
Chapter 22: Applications of Secure/Covert Communication 681
E-mail 682
Authentication Servers 685
Working Model 686
Public Key Infrastructure 688
Virtual Private Networks 692
Secure Sockets Layer/Transport Layer Security 699
SSL Handshake 700
Summary 704
Part VI: The Security Threat and Response
Chapter 23: Intrusion Detection and Response 707
Intrusion Detection Mechanisms 707
Honeypots 712
Incident Handling 716
Summary 727
Chapter 24: Digital Forensics 729
Computer Forensics Defined 730
Traditional Computer Forensics 730
Proactive Forensics 746
Future Research Areas 748
The Forensic Life Cycle 750
Summary 750
Chapter 25: Security Assessments, Testing, and Evaluation 751
Information Assurance Approaches and Methodologies 751
Certification and Accreditation 756
Diacap 760
Federal Information Processing Standard 102 763
OMB Circular A-130 764
The National Institute of Standards and Technology Assessment Guidelines
765
Penetration Testing 770
Auditing and Monitoring 772
Summary 774
Part VII: Integrated Cyber Security
Chapter 26: Validating Your Security 777
Overview 777
Current State of Penetration Testing 780
Formal Penetration Testing Methodology 783
Steps to Exploiting a System 787
Summary 795
Chapter 27: Data Protection 797
Endpoint Security 799
Insider Threats and Data Protection 805
Summary 806
Chapter 28: Putting Everything Together 809
Critical Problems Facing Organizations 809
General Tips for Protecting a Site 815
Security Best Practices 819
Summary 834
Chapter 29: The Future 835
Approaching the Problem 835
Mission Resilience 837
Limiting Failure Points 844
Summary 847
Index 849
Part I: Network Security Landscape
Chapter 1: State of Network Security 3
Cyber Security 3
Summary 7
Chapter 2: New Approaches to Cyber Security 9
General Trends 9
The Changing Face of Cyber Security 16
Summary 17
Chapter 3: Interfacing with the Organization 19
An Enterprise Security Methodology 19
Key Questions to Manage Risk 27
Summary 32
Part II: Security Principles and Practices
Chapter 4: Information System Security Principles 35
Key Principles of Network Security 35
Formal Processes 37
Risk Management 60
Calculating and Managing Risk 70
Summary 71
Chapter 5: Information System Security Management 73
Security Policies 73
Security Awareness 77
Managing the Technical Effort 79
Configuration Management 87
Business Continuity and Disaster Recovery Planning 90
Physical Security 98
Legal and Liability Issues 105
Summary 107
Chapter 6: Access Control 109
Control Models 109
Types of Access Control Implementations 112
Identification and Authentication 115
Databases 121
Remote Access 123
Summary 125
Chapter 7: Attacks and Threats 127
Malicious Code 127
Review of Common Attacks 129
External Attack Methodologies Overview 136
Internal Threat Overview 140
Summary 142
Part III: Operating Systems and Applications
Chapter 8: Windows Security 145
Windows Security at the Heart of the Defense 147
Out-of-the-Box Operating System Hardening 151
Installing Applications 171
Putting the Workstation on the Network 175
Operating Windows Safely 177
Upgrades and Patches 191
Maintain and Test the Security 194
Attacks Against the Windows Workstation 198
Summary 205
Chapter 9: UNIX and Linux Security 207
The Focus of UNIX/Linux Security 207
Physical Security 212
Controlling the Configuration 217
Operating UNIX Safely 224
Hardening UNIX 245
Summary 253
Chapter 10: Web Browser and Client Security 255
Web Browser and Client Risk 255
How a Web Browser Works 259
Web Browser Attacks 268
Operating Safely 271
Web Browser Configurations 276
Summary 286
Chapter 11: Web Security 287
What Is HTTP? 287
How Does HTTP Work? 289
Server Content 301
Client Content 303
State 309
Attacking Web Servers 315
Web Services 317
Summary 321
Chapter 12: Electronic mail (E-mail) Security 323
The E-mail Risk 323
The E-mail Protocols 340
E-mail Authentication 345
Operating Safely When Using E-mail 348
Summary 355
Chapter 13: Domain Name System 357
DNS Basics 358
Purpose of DNS 364
Setting Up DNS 375
Security Issues with DNS 377
DNS Attacks 384
Designing DNS 386
Master Slave DNS 388
Detailed DNS Architecture 388
DNS SEC 389
Summary 393
Chapter 14: Server Security 395
General Server Risks 395
Security by Design 396
Operating Servers Safely 413
Server Applications 417
Multi-Level Security and Digital Rights Management 421
Summary 427
Part IV: Network Security Fundamentals
Chapter 15: Network Protocols 431
Protocols 431
The Open Systems Interconnect Model 432
The OSI Layers 433
The TCP/IP Model 439
TCP/IP Model Layers 441
Internet Protocol 442
VoIP 450
Summary 457
Chapter 16: Wireless Security 459
Electromagnetic Spectrum 459
The Cellular Phone Network 462
Placing a Cellular Telephone Call 464
Wireless Transmission Systems 469
Pervasive Wireless Data Network Technologies 473
IEEE Wireless LAN Specifications 478
IEEE 802.11 480
IEEE 802.11 Wireless Security 485
Bluetooth 503
Wireless Application Protocol 504
Future of Wireless 506
Summary 508
Chapter 17: Network Architecture Fundamentals 509
Network Segments 510
Perimeter Defense 511
Network Address Translation 511
Basic Architecture Issues 513
Subnetting, Switching, and VLANs 516
Address Resolution Protocol and Media Access Control 517
Dynamic Host Configuration Protocol and Addressing Control 518
Zero Configuration Networks 519
System Design and Architecture Against Insider Threats 525
Common Attacks 528
Summary 529
Chapter 18: Firewalls 531
Firewalls 531
Firewall Rules 537
The Use of Personal Firewalls 542
Summary 548
Chapter 19: Intrusion Detection/Prevention 549
Intrusion Detection Systems 549
Responses to Intrusion Detection 556
Emerging Technologies in Intrusion Detection Systems 556
Summary 567
Part V: Communication
Chapter 20: Secret Communication 571
What is Cryptography? 572
General Terms 576
Principles of Cryptography 577
The Four Cryptographic Primitives 587
Putting These Primitives Together to Achieve CIA 602
The Difference Between Algorithm and Implementation 603
Proprietary Versus Open Source Algorithms 606
Attacks on Hash Functions 607
Quantum Cryptography 617
Summary 628
Chapter 21: Covert Communication 631
Where Hidden Data Hides 631
Where Did It Come From? 633
Where Is It Going? 633
Overview of Steganography 634
History of Steganography 639
Core Areas of Network Security and Their Relation to Steganography 641
Principles of Steganography 643
Steganography Compared to Cryptography 644
Types of Steganography 646
Products That Implement Steganography 654
Steganography Versus Digital Watermarking 673
Types of Digital Watermarking 675
Goals of Digital Watermarking 676
Digital Watermarking and Stego 676
Summary 679
Chapter 22: Applications of Secure/Covert Communication 681
E-mail 682
Authentication Servers 685
Working Model 686
Public Key Infrastructure 688
Virtual Private Networks 692
Secure Sockets Layer/Transport Layer Security 699
SSL Handshake 700
Summary 704
Part VI: The Security Threat and Response
Chapter 23: Intrusion Detection and Response 707
Intrusion Detection Mechanisms 707
Honeypots 712
Incident Handling 716
Summary 727
Chapter 24: Digital Forensics 729
Computer Forensics Defined 730
Traditional Computer Forensics 730
Proactive Forensics 746
Future Research Areas 748
The Forensic Life Cycle 750
Summary 750
Chapter 25: Security Assessments, Testing, and Evaluation 751
Information Assurance Approaches and Methodologies 751
Certification and Accreditation 756
Diacap 760
Federal Information Processing Standard 102 763
OMB Circular A-130 764
The National Institute of Standards and Technology Assessment Guidelines
765
Penetration Testing 770
Auditing and Monitoring 772
Summary 774
Part VII: Integrated Cyber Security
Chapter 26: Validating Your Security 777
Overview 777
Current State of Penetration Testing 780
Formal Penetration Testing Methodology 783
Steps to Exploiting a System 787
Summary 795
Chapter 27: Data Protection 797
Endpoint Security 799
Insider Threats and Data Protection 805
Summary 806
Chapter 28: Putting Everything Together 809
Critical Problems Facing Organizations 809
General Tips for Protecting a Site 815
Security Best Practices 819
Summary 834
Chapter 29: The Future 835
Approaching the Problem 835
Mission Resilience 837
Limiting Failure Points 844
Summary 847
Index 849
Introduction xxxv
Part I: Network Security Landscape
Chapter 1: State of Network Security 3
Cyber Security 3
Summary 7
Chapter 2: New Approaches to Cyber Security 9
General Trends 9
The Changing Face of Cyber Security 16
Summary 17
Chapter 3: Interfacing with the Organization 19
An Enterprise Security Methodology 19
Key Questions to Manage Risk 27
Summary 32
Part II: Security Principles and Practices
Chapter 4: Information System Security Principles 35
Key Principles of Network Security 35
Formal Processes 37
Risk Management 60
Calculating and Managing Risk 70
Summary 71
Chapter 5: Information System Security Management 73
Security Policies 73
Security Awareness 77
Managing the Technical Effort 79
Configuration Management 87
Business Continuity and Disaster Recovery Planning 90
Physical Security 98
Legal and Liability Issues 105
Summary 107
Chapter 6: Access Control 109
Control Models 109
Types of Access Control Implementations 112
Identification and Authentication 115
Databases 121
Remote Access 123
Summary 125
Chapter 7: Attacks and Threats 127
Malicious Code 127
Review of Common Attacks 129
External Attack Methodologies Overview 136
Internal Threat Overview 140
Summary 142
Part III: Operating Systems and Applications
Chapter 8: Windows Security 145
Windows Security at the Heart of the Defense 147
Out-of-the-Box Operating System Hardening 151
Installing Applications 171
Putting the Workstation on the Network 175
Operating Windows Safely 177
Upgrades and Patches 191
Maintain and Test the Security 194
Attacks Against the Windows Workstation 198
Summary 205
Chapter 9: UNIX and Linux Security 207
The Focus of UNIX/Linux Security 207
Physical Security 212
Controlling the Configuration 217
Operating UNIX Safely 224
Hardening UNIX 245
Summary 253
Chapter 10: Web Browser and Client Security 255
Web Browser and Client Risk 255
How a Web Browser Works 259
Web Browser Attacks 268
Operating Safely 271
Web Browser Configurations 276
Summary 286
Chapter 11: Web Security 287
What Is HTTP? 287
How Does HTTP Work? 289
Server Content 301
Client Content 303
State 309
Attacking Web Servers 315
Web Services 317
Summary 321
Chapter 12: Electronic mail (E-mail) Security 323
The E-mail Risk 323
The E-mail Protocols 340
E-mail Authentication 345
Operating Safely When Using E-mail 348
Summary 355
Chapter 13: Domain Name System 357
DNS Basics 358
Purpose of DNS 364
Setting Up DNS 375
Security Issues with DNS 377
DNS Attacks 384
Designing DNS 386
Master Slave DNS 388
Detailed DNS Architecture 388
DNS SEC 389
Summary 393
Chapter 14: Server Security 395
General Server Risks 395
Security by Design 396
Operating Servers Safely 413
Server Applications 417
Multi-Level Security and Digital Rights Management 421
Summary 427
Part IV: Network Security Fundamentals
Chapter 15: Network Protocols 431
Protocols 431
The Open Systems Interconnect Model 432
The OSI Layers 433
The TCP/IP Model 439
TCP/IP Model Layers 441
Internet Protocol 442
VoIP 450
Summary 457
Chapter 16: Wireless Security 459
Electromagnetic Spectrum 459
The Cellular Phone Network 462
Placing a Cellular Telephone Call 464
Wireless Transmission Systems 469
Pervasive Wireless Data Network Technologies 473
IEEE Wireless LAN Specifications 478
IEEE 802.11 480
IEEE 802.11 Wireless Security 485
Bluetooth 503
Wireless Application Protocol 504
Future of Wireless 506
Summary 508
Chapter 17: Network Architecture Fundamentals 509
Network Segments 510
Perimeter Defense 511
Network Address Translation 511
Basic Architecture Issues 513
Subnetting, Switching, and VLANs 516
Address Resolution Protocol and Media Access Control 517
Dynamic Host Configuration Protocol and Addressing Control 518
Zero Configuration Networks 519
System Design and Architecture Against Insider Threats 525
Common Attacks 528
Summary 529
Chapter 18: Firewalls 531
Firewalls 531
Firewall Rules 537
The Use of Personal Firewalls 542
Summary 548
Chapter 19: Intrusion Detection/Prevention 549
Intrusion Detection Systems 549
Responses to Intrusion Detection 556
Emerging Technologies in Intrusion Detection Systems 556
Summary 567
Part V: Communication
Chapter 20: Secret Communication 571
What is Cryptography? 572
General Terms 576
Principles of Cryptography 577
The Four Cryptographic Primitives 587
Putting These Primitives Together to Achieve CIA 602
The Difference Between Algorithm and Implementation 603
Proprietary Versus Open Source Algorithms 606
Attacks on Hash Functions 607
Quantum Cryptography 617
Summary 628
Chapter 21: Covert Communication 631
Where Hidden Data Hides 631
Where Did It Come From? 633
Where Is It Going? 633
Overview of Steganography 634
History of Steganography 639
Core Areas of Network Security and Their Relation to Steganography 641
Principles of Steganography 643
Steganography Compared to Cryptography 644
Types of Steganography 646
Products That Implement Steganography 654
Steganography Versus Digital Watermarking 673
Types of Digital Watermarking 675
Goals of Digital Watermarking 676
Digital Watermarking and Stego 676
Summary 679
Chapter 22: Applications of Secure/Covert Communication 681
E-mail 682
Authentication Servers 685
Working Model 686
Public Key Infrastructure 688
Virtual Private Networks 692
Secure Sockets Layer/Transport Layer Security 699
SSL Handshake 700
Summary 704
Part VI: The Security Threat and Response
Chapter 23: Intrusion Detection and Response 707
Intrusion Detection Mechanisms 707
Honeypots 712
Incident Handling 716
Summary 727
Chapter 24: Digital Forensics 729
Computer Forensics Defined 730
Traditional Computer Forensics 730
Proactive Forensics 746
Future Research Areas 748
The Forensic Life Cycle 750
Summary 750
Chapter 25: Security Assessments, Testing, and Evaluation 751
Information Assurance Approaches and Methodologies 751
Certification and Accreditation 756
Diacap 760
Federal Information Processing Standard 102 763
OMB Circular A-130 764
The National Institute of Standards and Technology Assessment Guidelines
765
Penetration Testing 770
Auditing and Monitoring 772
Summary 774
Part VII: Integrated Cyber Security
Chapter 26: Validating Your Security 777
Overview 777
Current State of Penetration Testing 780
Formal Penetration Testing Methodology 783
Steps to Exploiting a System 787
Summary 795
Chapter 27: Data Protection 797
Endpoint Security 799
Insider Threats and Data Protection 805
Summary 806
Chapter 28: Putting Everything Together 809
Critical Problems Facing Organizations 809
General Tips for Protecting a Site 815
Security Best Practices 819
Summary 834
Chapter 29: The Future 835
Approaching the Problem 835
Mission Resilience 837
Limiting Failure Points 844
Summary 847
Index 849
Part I: Network Security Landscape
Chapter 1: State of Network Security 3
Cyber Security 3
Summary 7
Chapter 2: New Approaches to Cyber Security 9
General Trends 9
The Changing Face of Cyber Security 16
Summary 17
Chapter 3: Interfacing with the Organization 19
An Enterprise Security Methodology 19
Key Questions to Manage Risk 27
Summary 32
Part II: Security Principles and Practices
Chapter 4: Information System Security Principles 35
Key Principles of Network Security 35
Formal Processes 37
Risk Management 60
Calculating and Managing Risk 70
Summary 71
Chapter 5: Information System Security Management 73
Security Policies 73
Security Awareness 77
Managing the Technical Effort 79
Configuration Management 87
Business Continuity and Disaster Recovery Planning 90
Physical Security 98
Legal and Liability Issues 105
Summary 107
Chapter 6: Access Control 109
Control Models 109
Types of Access Control Implementations 112
Identification and Authentication 115
Databases 121
Remote Access 123
Summary 125
Chapter 7: Attacks and Threats 127
Malicious Code 127
Review of Common Attacks 129
External Attack Methodologies Overview 136
Internal Threat Overview 140
Summary 142
Part III: Operating Systems and Applications
Chapter 8: Windows Security 145
Windows Security at the Heart of the Defense 147
Out-of-the-Box Operating System Hardening 151
Installing Applications 171
Putting the Workstation on the Network 175
Operating Windows Safely 177
Upgrades and Patches 191
Maintain and Test the Security 194
Attacks Against the Windows Workstation 198
Summary 205
Chapter 9: UNIX and Linux Security 207
The Focus of UNIX/Linux Security 207
Physical Security 212
Controlling the Configuration 217
Operating UNIX Safely 224
Hardening UNIX 245
Summary 253
Chapter 10: Web Browser and Client Security 255
Web Browser and Client Risk 255
How a Web Browser Works 259
Web Browser Attacks 268
Operating Safely 271
Web Browser Configurations 276
Summary 286
Chapter 11: Web Security 287
What Is HTTP? 287
How Does HTTP Work? 289
Server Content 301
Client Content 303
State 309
Attacking Web Servers 315
Web Services 317
Summary 321
Chapter 12: Electronic mail (E-mail) Security 323
The E-mail Risk 323
The E-mail Protocols 340
E-mail Authentication 345
Operating Safely When Using E-mail 348
Summary 355
Chapter 13: Domain Name System 357
DNS Basics 358
Purpose of DNS 364
Setting Up DNS 375
Security Issues with DNS 377
DNS Attacks 384
Designing DNS 386
Master Slave DNS 388
Detailed DNS Architecture 388
DNS SEC 389
Summary 393
Chapter 14: Server Security 395
General Server Risks 395
Security by Design 396
Operating Servers Safely 413
Server Applications 417
Multi-Level Security and Digital Rights Management 421
Summary 427
Part IV: Network Security Fundamentals
Chapter 15: Network Protocols 431
Protocols 431
The Open Systems Interconnect Model 432
The OSI Layers 433
The TCP/IP Model 439
TCP/IP Model Layers 441
Internet Protocol 442
VoIP 450
Summary 457
Chapter 16: Wireless Security 459
Electromagnetic Spectrum 459
The Cellular Phone Network 462
Placing a Cellular Telephone Call 464
Wireless Transmission Systems 469
Pervasive Wireless Data Network Technologies 473
IEEE Wireless LAN Specifications 478
IEEE 802.11 480
IEEE 802.11 Wireless Security 485
Bluetooth 503
Wireless Application Protocol 504
Future of Wireless 506
Summary 508
Chapter 17: Network Architecture Fundamentals 509
Network Segments 510
Perimeter Defense 511
Network Address Translation 511
Basic Architecture Issues 513
Subnetting, Switching, and VLANs 516
Address Resolution Protocol and Media Access Control 517
Dynamic Host Configuration Protocol and Addressing Control 518
Zero Configuration Networks 519
System Design and Architecture Against Insider Threats 525
Common Attacks 528
Summary 529
Chapter 18: Firewalls 531
Firewalls 531
Firewall Rules 537
The Use of Personal Firewalls 542
Summary 548
Chapter 19: Intrusion Detection/Prevention 549
Intrusion Detection Systems 549
Responses to Intrusion Detection 556
Emerging Technologies in Intrusion Detection Systems 556
Summary 567
Part V: Communication
Chapter 20: Secret Communication 571
What is Cryptography? 572
General Terms 576
Principles of Cryptography 577
The Four Cryptographic Primitives 587
Putting These Primitives Together to Achieve CIA 602
The Difference Between Algorithm and Implementation 603
Proprietary Versus Open Source Algorithms 606
Attacks on Hash Functions 607
Quantum Cryptography 617
Summary 628
Chapter 21: Covert Communication 631
Where Hidden Data Hides 631
Where Did It Come From? 633
Where Is It Going? 633
Overview of Steganography 634
History of Steganography 639
Core Areas of Network Security and Their Relation to Steganography 641
Principles of Steganography 643
Steganography Compared to Cryptography 644
Types of Steganography 646
Products That Implement Steganography 654
Steganography Versus Digital Watermarking 673
Types of Digital Watermarking 675
Goals of Digital Watermarking 676
Digital Watermarking and Stego 676
Summary 679
Chapter 22: Applications of Secure/Covert Communication 681
E-mail 682
Authentication Servers 685
Working Model 686
Public Key Infrastructure 688
Virtual Private Networks 692
Secure Sockets Layer/Transport Layer Security 699
SSL Handshake 700
Summary 704
Part VI: The Security Threat and Response
Chapter 23: Intrusion Detection and Response 707
Intrusion Detection Mechanisms 707
Honeypots 712
Incident Handling 716
Summary 727
Chapter 24: Digital Forensics 729
Computer Forensics Defined 730
Traditional Computer Forensics 730
Proactive Forensics 746
Future Research Areas 748
The Forensic Life Cycle 750
Summary 750
Chapter 25: Security Assessments, Testing, and Evaluation 751
Information Assurance Approaches and Methodologies 751
Certification and Accreditation 756
Diacap 760
Federal Information Processing Standard 102 763
OMB Circular A-130 764
The National Institute of Standards and Technology Assessment Guidelines
765
Penetration Testing 770
Auditing and Monitoring 772
Summary 774
Part VII: Integrated Cyber Security
Chapter 26: Validating Your Security 777
Overview 777
Current State of Penetration Testing 780
Formal Penetration Testing Methodology 783
Steps to Exploiting a System 787
Summary 795
Chapter 27: Data Protection 797
Endpoint Security 799
Insider Threats and Data Protection 805
Summary 806
Chapter 28: Putting Everything Together 809
Critical Problems Facing Organizations 809
General Tips for Protecting a Site 815
Security Best Practices 819
Summary 834
Chapter 29: The Future 835
Approaching the Problem 835
Mission Resilience 837
Limiting Failure Points 844
Summary 847
Index 849