Table of Contents
Part I: Overview of System and Network Security: A Comprehensive Introduction
Chapter 1. Building a Secure Organization
2. Ten Steps to Building a Secure Organization
Chapter 2. A Cryptography Primer
1. What is Cryptography? What is Encryption?
2. Famous Cryptographic Devices
Chapter 3. Preventing System Intrusions
3. Know Your Enemy: Hackers Versus Crackers
Chapter 4. Guarding Against Network Intrusions
1. Traditional Reconnaissance and Attacks
5. Intrusion Monitoring and Detection
Chapter 5. Unix and Linux Security
3. Protecting User Accounts and Strengthening Authentication
4. Reducing Exposure to Threats by Limiting Superuser Privileges
5. Safeguarding Vital Data by Securing Local and Network File Systems
Chapter 6. Linux and Unix Security
1. Introduction to Linux and Unix
3. Proactive Defense for Linux and Unix
1. Internet Protocol Architecture
3. Defending Against Attacks on the Internet
1. Plugging the Gaps: NAC and Access Control
3. Guardian at the Gate: Authentication and Encryption
5. Shielding the Wire: Network Protection
6. Weakest Link in Security: User Training
7. Documenting the Network: Change Management
8. Rehearse the Inevitable: Disaster Recovery
9. Controlling Hazards: Physical and Environmental Protection
10. Know Your Users: Personnel Security
11. Protecting Data Flow: Information and System Integrity
Chapter 10. Local Area Network Security
2. Establish Network Access Controls
7. The Incident-Handling Process
8. Secure Design Through Network Access Controls
10. NIDS: Scope and Limitations
11. A Practical Illustration of NIDS
17. Packet Filtering: IP Filtering Routers
18. Application-layer Firewalls: Proxy Servers
19. Stateful Inspection Firewalls
20. NIDS Complements Firewalls
21. Monitor and Analyze System Activities
Chapter 11. Wireless Network Security
Chapter 12. Cellular Network Security
2. Overview of Cellular Networks
3. The State of the Art of Cellular Network Security
4. Cellular Network Attack Taxonomy
5. Cellular Network Vulnerability Analysis
Part II: Managing Information Security
Chapter 14. Information Security Essentials for IT Managers: Protecting Mission-Critical Systems
1. Information Security Essentials for it Managers, Overview
2. Protecting Mission-critical Systems
3. Information Security from the Ground up
4. Security Monitoring and Effectiveness
Chapter 15. Security Management Systems
1. Security Management System Standards
3. Principles of Information Security
4. Roles and Responsibilities of Personnel
Chapter 16. Information Technology Security Management
1. Information Security Management Standards
2. Information Technology Security Aspects
Chapter 17. Identity Management
2. Evolution of Identity Management Requirements
3. The Requirements Fulfilled by Current Identity Management Technologies
4. Identity 2.0 for mobile users
Chapter 18. Intrusion Prevention and Detection Systems
1. What is an “Intrusion,” Anyway?
2. Unauthorized Access by an Outsider
5. The Rogue’s Gallery: Attackers and Motives
6. A Brief Introduction to TCP/IP
7. The TCP/IP Data Architecture and Data Encapsulation
8. Survey of Intrusion Detection and Prevention Technologies
10. Network-based Intrusion Detection Systems
11. Network-based Intrusion Prevention Systems
12. Host-based Intrusion Prevention Systems
13. Security Information Management Systems
16. System Integrity Validation
Chapter 19. Computer Forensics
1. What is Computer Forensics?
3. Computer Forensics in the Court System
4. Understanding Internet History
5. Temporary Restraining Orders and Labor Disputes
6. Hacking a Windows XP Password
2. The Principles of Network Forensics
3. Attack Traceback and Attribution
3. A Simple Mathematical Model for Policies, Rules, and Packets
4. First-match Firewall Policy Anomalies
8. Software and Hardware Firewall Implementations
9. Choosing the Correct Firewall
10. Firewall Placement and Network Topology
11. Firewall Installation and Configuration
12. Supporting Outgoing Services Through Firewall Configuration
13. Secure External Services Provisioning
14. Network Firewalls for Voice and Video Applications
15. Firewalls and Important Administrative Service Protocols
16. Internal IP Services Protection
17. Firewall Remote Access Configuration
18. Load Balancing and Firewall Arrays
19. Highly Available Firewalls
Chapter 22. Penetration Testing
1. What is Penetration Testing?
2. How does Penetration Testing Differ from an Actual “Hack?”
3. Types of Penetration Testing
4. Phases of Penetration Testing
7. Penetration Testing Methodologies
12. “Get Out of Jail Free” Card
13. Penetration Testing Consultants
16. Hiring a Penetration Tester
17. Why Should a Company Hire You?
Chapter 23. What Is Vulnerability Assessment?
2. The “It Won’t Happen to Us” Factor
3. Why Vulnerability Assessment?
4. Penetration Testing Versus Vulnerability Assessment
5. Vulnerability Assessment Goal
7. Selecting the Right Scanners
8. Central Scans Versus Local Scans
10. Vulnerability Assessment Tools
14. Network Scanning Countermeasures
15. Vulnerability Disclosure Date
16. Proactive Security Versus Reactive Security
18. DIY Vulnerability Assessment
Part III: Encryption Technology
2. Mathematical Prelude to Cryptography
6. The Internal Functions of Rijndael in AES Implementation
7. Use of Modern Block Ciphers
11. Elliptic Curve Cryptosystems
12. Message Integrity and Authentication
Chapter 25. Satellite Encryption
1. The Need for Satellite Encryption
2. Satellite Encryption Policy
3. Implementing Satellite Encryption
4. The Future of Satellite Encryption
Chapter 26. Public Key Infrastructure
4. X.509 Implementation Architectures
5. X.509 Certificate Validation
6. X.509 Certificate Revocation
7. Server-based Certificate Validity Protocol
8. X.509 Bridge Certification Systems
11. PKI Standards Organizations
15. Alternative PKI architectures
16. Modified X.509 Architectures
17. Alternative Key Management Models
Chapter 27. Instant-Messaging Security
1. Why Should I Care About Instant Messaging?
3. The Evolution of Networking Technologies
4. Game Theory and Instant Messaging
8. Instant-messaging Security Maturity and Solutions
Part IV: Privacy and Access Management
1. Privacy in the Digital Society
3. Privacy-Enhancing Technologies
Chapter 29. Personal Privacy Policies
2. Content of Personal Privacy Policies
3. Semiautomated Derivation of Personal Privacy Policies
4. Specifying Well-Formed Personal Privacy Policies
5. Preventing Unexpected Negative Outcomes
6. The Privacy Management Model
7. Discussion and Related Work
8. Conclusions and Future Work
Chapter 30. Virtual Private Networks
2. Access Control Lists (ACL) and Policies
11. Management Access: Separation of Functions
Chapter 34. Storage Area Networking Security Devices
2. SAN Deployment Justifications
3. The Critical Reasons for SAN Security
4. SAN Architecture and Components
5. SAN General Threats and Issues
2. Expressing and Measuring Risk
3. The Risk Management Methodology
4. Risk Management Laws and Regulations
Chapter 36. Physical Security Essentials
3. Physical Security Prevention and Mitigation Measures
4. Recovery from physical security breaches
5. Threat Assessment, Planning, and Plan Implementation
6. Example: a Corporate Physical Security Policy
7. Integration of Physical and Logical Security
2. Biometric System Architecture
2. Homeland Security Presidential Directives
Chapter 39. Information Warfare
2. Information Warfare Defined
4. Information Warfare: Making Iw Possible
7. Holistic View of Information Warfare
Chapter 40. Security Through Diversity
2. Example Attacks Against Uniformity
3. Attacking Ubiquity with Antivirus Tools
7. Sandboxing and Virtualization
8. DNS Example of Diversity Through Security
9. Recovery from Disaster is Survival
Chapter 41. Reputation Management
1. The Human Notion of Reputation
2. Reputation Applied to the Computing World
3. State of the Art of Attack-Resistant Reputation Computation
4. Overview of Current Online Reputation Service
1. The Problem with Content Filtering
2. User Categories, Motivations, and Justifications
4. Technology and Techniques for Content-Filtering Control
7. Issues and Problems with Content Filtering
Chapter 43. Data Loss Protection
5. You Don’t Know What You Don’t Know
6. How Do DLP Applications Work?
8. It’s a Family Affair, Not Just It Security’s Problem
9. Vendors, Vendors Everywhere! Who Do You Believe?
Appendix A. Configuring Authentication Service on Microsoft Windows Vista
1. Backup and Restore of Stored Usernames and Passwords
2. Credential Security Service Provider and SSO for Terminal Services Logon
3. TLS/SSL Cryptographic Enhancements
5. Smart Card Authentication Changes
Appendix B. Security Management and Resiliency
Appendix C. List of Top Security Implementation and Deployment Companies
List of SAN Implementation and Deployment Companies
SAN Security Implementation and Deployment Companies:
Appendix D. List of Security Products
Appendix E. List of Security Standards
Appendix F. List of Miscellaneous Security Resources
Appendix G. Ensuring Built-in Frequency Hopping Spread Spectrum Wireless Network Security
Appendix H. Configuring Wireless Internet Security Remote Access
Adding the Access Points as RADIUS Clients to IAS
Adding Access Points to the First IAS Server
Scripting the Addition of Access Points to IAS Server (Alternative Procedure)
Configuring the Wireless Access Points
Enabling Secure WLAN Authentication on Access Points
Additional Settings to Secure Wireless Access Points
Replicating RADIUS Client Configuration to Other IAS Servers