Home Page Icon
Home Page
Table of Contents for
Title page
Close
Title page
by John R. Vacca, John R. Vacca, John R. Vacca
Computer and Information Security Handbook
Cover image
Title page
Table of Contents
Copyright
Dedication
Foreword
Preface
Organization of this Book
Acknowledgments
About the Editor
Contributors
Part I: Overview of System and Network Security: A Comprehensive Introduction
Chapter 1. Building a Secure Organization
1. Obstacles to Security
2. Ten Steps to Building a Secure Organization
Chapter 2. A Cryptography Primer
1. What is Cryptography? What is Encryption?
2. Famous Cryptographic Devices
3. Ciphers
4. Modern Cryptography
5. The Computer Age
Chapter 3. Preventing System Intrusions
1. So, What is an Intrusion?
2. Sobering Numbers
3. Know Your Enemy: Hackers Versus Crackers
4. Motives
5. Tools of the Trade
6. Bots
7. Symptoms of Intrusions
8. What Can You Do?
9. Security Policies
10. Risk Analysis
11. Tools of Your Trade
12. Controlling User Access
13. Conclusion
Chapter 4. Guarding Against Network Intrusions
1. Traditional Reconnaissance and Attacks
2. Malicious Software
3. Defense in Depth
4. Preventive Measures
5. Intrusion Monitoring and Detection
6. Reactive Measures
7. Conclusions
Chapter 5. Unix and Linux Security
1. Unix and Security
2. Basic Unix Security
3. Protecting User Accounts and Strengthening Authentication
4. Reducing Exposure to Threats by Limiting Superuser Privileges
5. Safeguarding Vital Data by Securing Local and Network File Systems
Chapter 6. Linux and Unix Security
1. Introduction to Linux and Unix
2. Hardening Linux and Unix
3. Proactive Defense for Linux and Unix
Chapter 7. Internet Security
1. Internet Protocol Architecture
2. An Internet Threat Model
3. Defending Against Attacks on the Internet
4. Conclusion
Chapter 8. The Botnet Problem
1. Introduction
2. Botnet Overview
3. Typical Bot Life Cycle
4. The Botnet Business Model
5. Botnet Defense
6. Botmaster Traceback
7. Summary
Chapter 9. Intranet Security
1. Plugging the Gaps: NAC and Access Control
2. Measuring Risk: Audits
3. Guardian at the Gate: Authentication and Encryption
4. Wireless Network Security
5. Shielding the Wire: Network Protection
6. Weakest Link in Security: User Training
7. Documenting the Network: Change Management
8. Rehearse the Inevitable: Disaster Recovery
9. Controlling Hazards: Physical and Environmental Protection
10. Know Your Users: Personnel Security
11. Protecting Data Flow: Information and System Integrity
12. Security Assessments
13. Risk Assessments
14. Conclusion
Chapter 10. Local Area Network Security
1. Identify Network Threats
2. Establish Network Access Controls
3. Risk Assessment
4. Listing Network Resources
5. Threats
6. Security Policies
7. The Incident-Handling Process
8. Secure Design Through Network Access Controls
9. IDS Defined
10. NIDS: Scope and Limitations
11. A Practical Illustration of NIDS
12. Firewalls
13. Dynamic NAT Configuration
14. The Perimeter
15. Access List Details
16. Types of Firewalls
17. Packet Filtering: IP Filtering Routers
18. Application-layer Firewalls: Proxy Servers
19. Stateful Inspection Firewalls
20. NIDS Complements Firewalls
21. Monitor and Analyze System Activities
22. Signature Analysis
23. Statistical Analysis
24. Signature Algorithms
Chapter 11. Wireless Network Security
1. Cellular Networks
2. Wireless Ad Hoc Networks
3. Security Protocols
4. Secure Routing
5. Key Establishment
References
Chapter 12. Cellular Network Security
1. Introduction
2. Overview of Cellular Networks
3. The State of the Art of Cellular Network Security
4. Cellular Network Attack Taxonomy
5. Cellular Network Vulnerability Analysis
6. Discussion
References
Chapter 13. RFID Security
1. RFID Introduction
2. RFID Challenges
3. RFID Protections
References
Part II: Managing Information Security
Chapter 14. Information Security Essentials for IT Managers: Protecting Mission-Critical Systems
1. Information Security Essentials for it Managers, Overview
2. Protecting Mission-critical Systems
3. Information Security from the Ground up
4. Security Monitoring and Effectiveness
References
Chapter 15. Security Management Systems
1. Security Management System Standards
2. Training Requirements
3. Principles of Information Security
4. Roles and Responsibilities of Personnel
5. Security Policies
6. Security Controls
7. Network Access
8. Risk Assessment
9. Incident Response
10. Summary
Chapter 16. Information Technology Security Management
1. Information Security Management Standards
2. Information Technology Security Aspects
3. Conclusion
Chapter 17. Identity Management
1. Introduction
2. Evolution of Identity Management Requirements
3. The Requirements Fulfilled by Current Identity Management Technologies
4. Identity 2.0 for mobile users
5. Conclusion
Chapter 18. Intrusion Prevention and Detection Systems
1. What is an “Intrusion,” Anyway?
2. Unauthorized Access by an Outsider
3. Malware Infection
4. The Role of the “0-Day”
5. The Rogue’s Gallery: Attackers and Motives
6. A Brief Introduction to TCP/IP
7. The TCP/IP Data Architecture and Data Encapsulation
8. Survey of Intrusion Detection and Prevention Technologies
9. Anti-Malware Software
10. Network-based Intrusion Detection Systems
11. Network-based Intrusion Prevention Systems
12. Host-based Intrusion Prevention Systems
13. Security Information Management Systems
14. Network Session Analysis
15. Digital Forensics
16. System Integrity Validation
17. Putting it all Together
Chapter 19. Computer Forensics
1. What is Computer Forensics?
2. Analysis of Data
3. Computer Forensics in the Court System
4. Understanding Internet History
5. Temporary Restraining Orders and Labor Disputes
5. First Principles
6. Hacking a Windows XP Password
7. Network Analysis
8. Computer Forensics Applied
9. Testifying as an Expert
10. Beginning to End in Court
Chapter 20. Network Forensics
1. Scientific Overview
2. The Principles of Network Forensics
3. Attack Traceback and Attribution
4. Critical Needs Analysis
5. Research Directions
Chapter 21. Firewalls
1. Network Firewalls
2. Firewall Security Policies
3. A Simple Mathematical Model for Policies, Rules, and Packets
4. First-match Firewall Policy Anomalies
5. Policy Optimization
6. Firewall Types
7. Host and Network Firewalls
8. Software and Hardware Firewall Implementations
9. Choosing the Correct Firewall
10. Firewall Placement and Network Topology
11. Firewall Installation and Configuration
12. Supporting Outgoing Services Through Firewall Configuration
13. Secure External Services Provisioning
14. Network Firewalls for Voice and Video Applications
15. Firewalls and Important Administrative Service Protocols
16. Internal IP Services Protection
17. Firewall Remote Access Configuration
18. Load Balancing and Firewall Arrays
19. Highly Available Firewalls
20. Firewall Management
21. Conclusion
Chapter 22. Penetration Testing
1. What is Penetration Testing?
2. How does Penetration Testing Differ from an Actual “Hack?”
3. Types of Penetration Testing
4. Phases of Penetration Testing
5. Defining What’s Expected
6. The Need for a Methodology
7. Penetration Testing Methodologies
8. Methodology in Action
9. Penetration Testing Risks
10. Liability Issues
11. Legal Consequences
12. “Get Out of Jail Free” Card
13. Penetration Testing Consultants
14. Required Skill Sets
15. Accomplishments
16. Hiring a Penetration Tester
17. Why Should a Company Hire You?
18. All’s Well that Ends Well
Chapter 23. What Is Vulnerability Assessment?
1. Reporting
2. The “It Won’t Happen to Us” Factor
3. Why Vulnerability Assessment?
4. Penetration Testing Versus Vulnerability Assessment
5. Vulnerability Assessment Goal
6. Mapping the Network
7. Selecting the Right Scanners
8. Central Scans Versus Local Scans
9. Defense in Depth Strategy
10. Vulnerability Assessment Tools
11. Scanner Performance
12. Scan Verification
13. Scanning Cornerstones
14. Network Scanning Countermeasures
15. Vulnerability Disclosure Date
16. Proactive Security Versus Reactive Security
17. Vulnerability Causes
18. DIY Vulnerability Assessment
19. Conclusion
Part III: Encryption Technology
Chapter 24. Data Encryption
1. Need for Cryptography
2. Mathematical Prelude to Cryptography
3. Classical Cryptography
4. Modern Symmetric Ciphers
5. Algebraic Structure
6. The Internal Functions of Rijndael in AES Implementation
7. Use of Modern Block Ciphers
8. Public-key Cryptography
9. Cryptanalysis of RSA
10. Diffie-Hellman Algorithm
11. Elliptic Curve Cryptosystems
12. Message Integrity and Authentication
13. Summary
References
Chapter 25. Satellite Encryption
1. The Need for Satellite Encryption
2. Satellite Encryption Policy
3. Implementing Satellite Encryption
4. The Future of Satellite Encryption
Chapter 26. Public Key Infrastructure
1. Cryptographic Background
2. Overview of PKI
3. The X.509 Model
4. X.509 Implementation Architectures
5. X.509 Certificate Validation
6. X.509 Certificate Revocation
7. Server-based Certificate Validity Protocol
8. X.509 Bridge Certification Systems
9. X.509 Certificate Format
10. PKI Policy Description
11. PKI Standards Organizations
12. PGP Certificate Formats
13. PGP PKI Implementations
14. W3C
15. Alternative PKI architectures
16. Modified X.509 Architectures
17. Alternative Key Management Models
Chapter 27. Instant-Messaging Security
1. Why Should I Care About Instant Messaging?
2. What is Instant Messaging?
3. The Evolution of Networking Technologies
4. Game Theory and Instant Messaging
5. The Nature of the Threat
6. Common IM Applications
7. Defensive Strategies
8. Instant-messaging Security Maturity and Solutions
9. Processes
10. Conclusion
Part IV: Privacy and Access Management
Chapter 28. NET Privacy
1. Privacy in the Digital Society
2. The Economics of Privacy
3. Privacy-Enhancing Technologies
4. Network Anonymity
5. Conclusion
Chapter 29. Personal Privacy Policies
1. Introduction
2. Content of Personal Privacy Policies
3. Semiautomated Derivation of Personal Privacy Policies
4. Specifying Well-Formed Personal Privacy Policies
5. Preventing Unexpected Negative Outcomes
6. The Privacy Management Model
7. Discussion and Related Work
8. Conclusions and Future Work
Chapter 30. Virtual Private Networks
1. History
2. Who is in Charge?
3. VPN Types
4. Authentication Methods
5. Symmetric Encryption
6. Asymmetric Cryptography
7. Edge Devices
8. Passwords
9. Hackers and Crackers
Chapter 31. Identity Theft
1. Experimental Design
2. Results and Analysis
3. Implications for Crimeware
4. Conclusion
Chapter 32. VoIP Security
1. Introduction
2. Overview of Threats
3. Security in Voip
4. Future Trends
5. Conclusion
Part V: Storage Security
Chapter 33. SAN Security
1. Organizational Structure
2. Access Control Lists (ACL) and Policies
3. Physical Access
4. Change Management
5. Password Policies
6. Defense in Depth
7. Vendor Security Review
8. Data Classification
9. Security Management
10. Auditing
11. Management Access: Separation of Functions
12. Host Access: Partitioning
13. Data Protection: Replicas
15. Encryption in Storage
16. Application of Encryption
17. Conclusion
References
Chapter 34. Storage Area Networking Security Devices
1. What is a SAN?
2. SAN Deployment Justifications
3. The Critical Reasons for SAN Security
4. SAN Architecture and Components
5. SAN General Threats and Issues
6. Conclusion
Chapter 35. Risk Management
1. The Concept of Risk
2. Expressing and Measuring Risk
3. The Risk Management Methodology
4. Risk Management Laws and Regulations
5. Risk Management Standards
6. Summary
Part VI: Physical Security
Chapter 36. Physical Security Essentials
1. Overview
2. Physical Security Threats
3. Physical Security Prevention and Mitigation Measures
4. Recovery from physical security breaches
5. Threat Assessment, Planning, and Plan Implementation
6. Example: a Corporate Physical Security Policy
7. Integration of Physical and Logical Security
References
Chapter 37. Biometrics
1. Relevant Standards
2. Biometric System Architecture
3. Using Biometric Systems
4. Security Considerations
5. Conclusion
Chapter 38. Homeland Security
1. Statutory Authorities
2. Homeland Security Presidential Directives
3. Organizational Actions
4. Conclusion
Chapter 39. Information Warfare
1. Information Warfare Model
2. Information Warfare Defined
3. IW: Myth or Reality?
4. Information Warfare: Making Iw Possible
5. Preventative Strategies
6. Legal Aspects of IW
7. Holistic View of Information Warfare
8. Conclusion
Part VII: Advanced Security
Chapter 40. Security Through Diversity
1. Ubiquity
2. Example Attacks Against Uniformity
3. Attacking Ubiquity with Antivirus Tools
4. The Threat of Worms
5. Automated Network Defense
6. Diversity and the Browser
7. Sandboxing and Virtualization
8. DNS Example of Diversity Through Security
9. Recovery from Disaster is Survival
10. Conclusion
Chapter 41. Reputation Management
1. The Human Notion of Reputation
2. Reputation Applied to the Computing World
3. State of the Art of Attack-Resistant Reputation Computation
4. Overview of Current Online Reputation Service
5. Conclusion
Chapter 42. Content Filtering
1. The Problem with Content Filtering
2. User Categories, Motivations, and Justifications
3. Content Blocking Methods
4. Technology and Techniques for Content-Filtering Control
5. Categories
6. Legal Issues
7. Issues and Problems with Content Filtering
9. Related Products
10. Conclusion
Chapter 43. Data Loss Protection
1. Precursors of DLP
2. What is DLP?
3. Where to Begin?
4. Data is Like Water
5. You Don’t Know What You Don’t Know
6. How Do DLP Applications Work?
7. Eat Your Vegetables
8. It’s a Family Affair, Not Just It Security’s Problem
9. Vendors, Vendors Everywhere! Who Do You Believe?
10. Conclusion
Part VIII: Appendices
Appendix A. Configuring Authentication Service on Microsoft Windows Vista
1. Backup and Restore of Stored Usernames and Passwords
2. Credential Security Service Provider and SSO for Terminal Services Logon
3. TLS/SSL Cryptographic Enhancements
4. Kerberos Enhancements
5. Smart Card Authentication Changes
6. Previous Logon Information
Appendix B. Security Management and Resiliency
Appendix C. List of Top Security Implementation and Deployment Companies
List of SAN Implementation and Deployment Companies
SAN Security Implementation and Deployment Companies:
Appendix D. List of Security Products
Security Software
Appendix E. List of Security Standards
Appendix F. List of Miscellaneous Security Resources
Conferences
Consumer Information
Directories
Help and Tutorials
Mailing Lists
News and Media
Organizations
Products and Tools
Research
Content Filtering Links
Other Logging Resources
Appendix G. Ensuring Built-in Frequency Hopping Spread Spectrum Wireless Network Security
Accomplishment
Background
Additional Information
Appendix H. Configuring Wireless Internet Security Remote Access
Adding the Access Points as RADIUS Clients to IAS
Adding Access Points to the First IAS Server
Scripting the Addition of Access Points to IAS Server (Alternative Procedure)
Configuring the Wireless Access Points
Enabling Secure WLAN Authentication on Access Points
Additional Settings to Secure Wireless Access Points
Replicating RADIUS Client Configuration to Other IAS Servers
Appendix I. Frequently Asked Questions
Appendix J. Glossary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cover image
Next
Next Chapter
Table of Contents
Computer and Information Security Handbook
Edited by
John R. Vacca
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset