Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley WILEY
|
|
- Delilah Powell
- 8 years ago
- Views:
Transcription
1 WILEY Wiley Publishing, Inc. Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley
2 Contents Acknowledgments Introduction Part I: Security Principles and Practices Chapter 1: Information System Security Principles 3 Key Principles of Network Security 3 Confidentiality '.'.['. 4 Integrity 4 Availability 4 Other important terms 4 Formal Processes c The systems engineering process '.'.'.'. 5 The Information Assurance Technical Framework 6 The Information Systems Security Engineering process 11 The Systems Development Life Cycle.'!! 21 Information systems security and the SDLC '.'.'.'.'.'. 22 Risk Management 31 Definitions 32 Risk management and the SDLC [ ' ' [ 33 Summary 42 Chapter 2: Information System Security Management 43 Security Policies 43 Senior management policy statement [ [[ 44 Standards, guidelines, procedures, and baselines 45 Security Awareness 46 Training [ 46 Measuring awareness [ 47 Managing the Technical Effort 48 Program manager 48 Program management plan '!! 48 Systems engineering management plan 48 Configuration Management 56 Primary functions of configuration management [ [ [ 56 Definitions and procedures 57
3 XI j Contents Business Continuity and Disaster Recovery Planning 59 Business continuity planning 60 Disaster recovery planning 64 Physical Security 67 Controls 68 Environmental issues 72 Fire suppression 73 Object reuse and data remanence 74 Legal and Liability Issues 75 Types of computer crime 75 Electronic monitoring 76 Liability 76 Summary 77 Chapter 3: Access Control Considerations 79 Control Models 79 Discretionary access control 79 Mandatory access control 80 Non-discretionary access control 81 Types of Access Control Implementations 81 Preventive/Administrative 81 Preventive/Technical 82 Preventive/Physical 82 Detective/Administrative 82 Detective/Technical 83 Detective/Physical 83 Centralized/Decentralized access controls 84 Identification and Authentication 84 Passwords 85 Biometrics 85 Single Sign-On 86 Databases 90 Relational databases 90 Other database types 92 Remote Access 93 RADIUS 93 TACACS and TACACS+ 93 Password Authentication Protocol 94 Challenge Handshake Authentication Protocol 94 Callback 95 Summary 95
4 Contents Part II: Operating Systems and Applications Chapter 4: Windows Security 99 Windows Security at the Heart of the Defense 101 Who would target me? 101 Be afraid 102 Microsoft recommendations 103 Out-of-the-Box Operating System Hardening 105 Prior to system hardening 105 The general process of system hardening 105 Windows 2003 new installation example 107 Specifics of system hardening 110 Securing the typical Windows business workstation 114 Securing the typical Windows gaming system 114 Installing Applications 115 Antivirus protection 116 Personal firewalls 118 Secure Shell 118 Secure FTP 119 Pretty Good Privacy 119 Putting the Workstation on the Network 120 Test the hardened workstation 120 Physical security 120 Architecture 120 Firewall 121 Intrusion detection systems 122 Operating Windows Safely 122 Separate risky behavior 122 Physical security issues 124 Configuration issues 125 Configuration control 127 Operating issues 130 Upgrades and Patches 138 Keep current with Microsoft upgrades and patches 138 Keep current with application upgrades and patches 139 Keep current with antivirus signatures 139 Use the most modern Windows version 140 Maintain and Test the Security 140 Scan for vulnerabilities 141 Test questionable applications 141 Be sensitive to the performance of the system 141 Replace old Windows systems 142 Periodically re-evaluate and rebuild 142 Monitoring 143 Logging and auditing 144
5 XIV Contents Clean up the system 144 Prepare for the eventual attack 145 Attacks Against the Windows Workstation 145 Viruses 145 Worms 146 Trojan horses 147 Spyware and ad support 148 Spyware and "Big Brother" 149 Physical attacks 149 TEMPEST attacks 150 Backdoors 150 Denial-of-service attacks 151 File extensions 151 Packet sniffing 152 Hijacking and session replay 152 Social engineering 152 Summary 153 Chapter 5: UNIX and Linux Security 155 The Focus of UNIX/Linux Security 155 UNIX as a target 155 UNIX/Linux as a poor target 157 Open source issues 158 Physical Security 160 Limiting access 161 Detecting hardware changes 162 Disk partitioning 163 Prepare for the eventual attack 164 Controlling the Configuration 166 Installed packages 166 Kernel configurations 167 Operating UNIX Safely 174 Controlling processes 174 Controlling users 187 Encryption and certificates 194 Hardening UNIX 196 Configuration items 196 TCP wrapper 198 Checking strong passwords 198 Packet filtering with iptables 199 Summary 200 Chapter 6: Web Browser and Client Security 201 Web Browser and Client Risk 201 Privacy versus security 202 Web browser convenience 202
6 Contents Web browser productivity and popularity 202 Web browser evolution 203 Web browser risks Issues working against the attacker How a Web Browser Works 205 HTTP, the browser protocol 205 Cookies 208 Maintaining state 210 Caching 212 Secure Socket Layer 212 Web Browser Attacks Hijacking attack Replay attack 217 Browser parasites 218 Operating Safely 219 Keeping current with patches 220 Avoiding viruses 220 Using secure sites 220 Securing the network environment 222 Using a secure proxy 223 Avoid using private data 223 General recommendations 224 Web Browser Configurations Cookies Plugins 226 Netscape-specific issues Internet Explorer-specific issues Summary 236 Chapter 7: Web Security 237 What Is HTTP? How Does HTTP Work? HTTP implementation 242 Persistent connections 244 The client/server model 248 Put Get BurstableTCP HTML Server Content 252 CGI scripts PHP pages Client Content 254 JavaScript 254 Java 255 ActiveX 257
7 XVI Contents State 260 What is state? 260 How does it relate to HTTP? 260 What applications need state? 260 Tracking state 261 Cookies 261 Web bugs 264 URL tracking 265 Hidden frames 265 Hidden fields 266 Attacking Web Servers 266 Account harvesting 266 SQL injection 267 E-commerce Design 269 Physical location 269 Summary 271 Chapter 8: Security 273 The Risk 273 Data vulnerabilities 273 Simple versus collaboration 274 Spam 285 Maintaining confidentiality 288 Maintaining integrity 289 availability issues 290 The Protocols 290 SMTP 290 POP 294 IMAP 295 Authentication 296 Plain login 296 Login authentication 297 APOP 297 NTLM/SPA 298 +OK logged onpop before SMTP 299 Kerberos and GSSAPI 299 Operating Safely When Using 300 Be paranoid 300 Mail client configurations 301 Application versions 302 Architectural considerations 302 SSH tunnel 303 PGPandGPG 307 Summary 308
8 Contents Chapter 9: Domain Name System 309 Purpose of DNS Forward lookups Reverse lookups 316 Alternative Approaches to Name Resolution 318 Security Issues with DNS 319 Misconfigurations Zone transfers Predictable query IDs 325 Recursion and iterative queries 325 DNS Attacks Simple DNS attack Cache poisoning 327 Designing DNS 329 Split DNS Split-split DNS Master Slave DNS 331 Detailed DNS Architecture 331 Summary 332 Chapter 10: Server Security 333 General Server Risks 333 Security by Design 334 Maintain a security mindset Establishing a secure development environment Secure development practices 344 Test, test, test 351 Operating Servers Safely Controlling the server configuration Controlling users and access 356 Passwords Monitoring, auditing, and logging Server Applications 358 Data sharing 358 Peer to peer 362 Instant messaging and chat 363 Summary 364 Part III: Network Security Fundamentals Chapter 11: Network Protocols 367 Protocols 367 The Open Systems Interconnect Model 368
9 XVIII Contents The OSI Layers The Application layer The Presentation layer 370 The Session Layer 370 The Transport layer 371 The Network layer 372 The Data Link layer The Physical layer The TCP/IP Model TCP/IP Model Layers Network Address Translation 379 Summary 379 Chapter 12: Wireless Security 381 Electromagnetic Spectrum 381 The Cellular Phone Network 383 Placing a Cellular Telephone Call 385 Wireless Transmission Systems 386 Time Division Multiple Access 386 Frequency Division Multiple Access 386 Code Division Multiple Access 387 Wireless transmission system types 388 Pervasive Wireless Data Network Technologies 393 Spread spectrum 393 Spread spectrum basics IEEE Wireless LAN Specifications The PHY layer The MAC layer IEEE802.il Wireless Security WEP WEP security upgrades Bluetooth 413 Wireless Application Protocol Summary Chapter 13: Network Architecture Fundamentals 417 Network Segments 418 Public networks 418 Semi-private networks 418 Private networks 419 Perimeter Defense 419 Network Address Translation 420 Basic Architecture Issues 422 Subnetting, Switching, and VLANs 424 Address Resolution Protocol and Media Access Control Addresses
10 Contents Dynamic Host Configuration Protocol and Addressing Control 428 Firewalls 429 Packet filtering firewalls 430 Stateful packet filtering 432 Proxy firewalls 433 Disadvantages of firewalls 434 Intrusion Detection Systems 435 Types of intrusion detection systems 436 Methods and modes of intrusion detection 439 Responses to Intrusion Detection 442 Common Attacks 442 Summary 444 Part IV: Communications Chapter 14: Secret Communication 447 General Terms Historic Cryptography Substitution ciphers 449 Ciphers that shaped history 455 The Four Cryptographic Primitives 455 Random number generation Cast Introduction Symmetric Encryption 460 Stream ciphers Block ciphers Sharing keys 465 Asymmetric Encryption (Two-Key Encryption) Using a Certificate Authority Using a web of trust 469 Digital signatures 470 Hash functions 471 Keyed hash functions Putting These Primitives Together to Achieve CIA The Difference Between Algorithm and Implementation 475 Proprietary Versus Open Source Algorithms 476 Summary 477 Chapter 15: Covert Communication 479 Where Hidden Data Hides 479 Where Did It Come From? 481 Where Is It Going? 482 Overview of Steganography 482 Why do we need steganography? 483 Pros of steganography 484
11 XX Contents Cons of steganography 485 Comparison to other technologies 485 History of Steganography 488 Using steganography in the fight for the Roman Empire 488 Steganography during war 489 Core Areas of Network Security and Their Relation to Steganography Confidentiality Integrity Availability Additional goals of steganography Principles of Steganography 492 Steganography Compared to Cryptography 493 Protecting your ring example Putting all of the pieces together Types of Steganography 495 Original classification scheme New classification scheme Color tables Products That Implement Steganography S-Tools Hide and Seek Jsteg 508 EZ-Stego 511 Image Hide 512 Digital Picture Envelope Camouflage Gif Shuffle 517 Spam Mimic Steganography Versus Digital Watermarking What is digital watermarking? 521 Why do we need digital watermarking? 521 Properties of digital watermarking 521 Types of Digital Watermarking 522 Invisible watermarking 522 Visible watermarking 523 Goals of Digital Watermarking 523 Digital Watermarking and Stego 524 Uses of digital watermarking 524 Removing digital watermarks Summary Chapter 16: Applications of Secure/Covert Communication POP/IMAP protocols 530 Pretty Good Privacy 531 Kerberos 532 Authentication Servers 534
12 Contents Working Model 535 Public Key Infrastructure [ 537 Public and private keys \ [ 538 Key management 54O Web of trust 541 Virtual Private Networks [ 5 41 Design issues 543 IPSec-based VPN 544 IPsec header modes PPTP/PPP-based VPNs.....'. 547 Secure Shell 54g Secure Sockets Layer/Transport Layer Security [ [ '_ ' ' 549 SSL Handshake Summary Chapter 17: Intrusion Detection and Response 557 Malicious Code 557 Viruses 557 Review of Common Attacks [ 559 Denial-of-service/Distributed denial-of-service attacks '559 Back door Spoofing ' ' " ' Man-in-the-middle 5gj Re P la y '. '.'. ' '. '.'. '. '.'.'.'.'.'. '.'.'.'.'.'. 561 TCP/Hijacking 561 Fragmentation attacks '.'.'.'.' 562 Weak keys cg2 Mathematical attacks '.'.'.'.' 563 Social engineering gg3 Port scanning '.'.'.' 564 Dumpster diving 5g4 Birthday attacks ][[ 5g 4 Password guessing [ [ ' gg5 Software exploitation Inappropriate system use 5gg Eavesdropping 5gg War driving 5g7 TCP sequence number attacks [ 5g7 War dialing/demon dialing attacks [ 5g7 Intrusion Detection Mechanisms '.'.'.'.' 567 Antivirus approaches '.'.'.'' 567 Intrusion detection and response 5gg IDS issues 571
13 B XXII Contents Honeypots 573 Purposes 573 Honeypot categories 574 When to use a honeypot When not to use a honeypot Current solutions 576 Honeynet Project Incident Handling CERT/CC practices 578 Internet Engineering Task Force guidance 583 Layered security and IDS 584 Computer Security and Incident Response Teams 585 Security Incident Notification Process 587 Automated notice and recovery mechanisms 588 Summary 589 Chapter 18: Security Assessments, Testing, and Evaluation 591 Information Assurance Approaches and Methodologies 591 The Systems Security Engineering Capability Maturity Model NSA Infosec Assessment Methodology 594 Operationally Critical Threat, Asset, and Vulnerability Evaluation 595 Federal Information Technology Security Assessment Framework 595 Certification and Accreditation 596 The National Information Assurance Certification and Accreditation Process 596 Four phases of NIACAP 597 DoD Information Technology Security Certification and Accreditation Process 598 The four phases of DITSCAP 599 Federal Information Processing Standard OMB Circular A The National Institute of Standards and Technology Assessment Guidelines 602 SP SP SP SP Penetration Testing 607 Internal penetration test External penetration test Full knowledge test 609 Partial knowledge test 609 Zero knowledge test 609
14 Contents XXI Closed-box test 610 Open-box test Auditing and Monitoring Auditing Monitoring Summary 612 Chapter 19: Putting Everything Together 613 Critical Problems Facing Organizations 613 How do I convince management security is a problem and that they should spend money on it? 613 How do I keep up with the increased number of attacks? 615 How do you make employees part of the solution and not part of the problem? 615 How do you analyze all of the log data? How do I keep up with all of the different systems across 616 my enterprise and make sure they are all secure? 617 How do I know if I am a target of corporate espionage or some other threat? 617 Top 10 common mistakes 618 General Tips for Protecting a Site Defense in depth Principle of least privilege 621 Know what is running on your system Prevention is ideal but detection is a must Apply and test patches 623 Regular checks of systems 623 Summary 623 Index 625
EUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationFundamentals of Network Security - Theory and Practice-
Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring
More informationNetworking: EC Council Network Security Administrator NSA
coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA
More informationSecurity + Certification (ITSY 1076) Syllabus
Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and
More informationCompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill
CompTIA Security+ Certification Study Guide (Exam SYO-301) Glen E. Clarke McGraw-Hill is an independent entity from CompTIA,This publication and CD may be used in assisting students to prepare for the
More informationJoseph Migga Kizza. A Guide to Computer Network Security. 4) Springer
Joseph Migga Kizza A Guide to Computer Network Security 4) Springer Contents Part I Understanding Computer Network Security 1 Computer Network Fundamentals 1.1 Introduction 1.2 Computer Network Models
More informationBUY ONLINE FROM: http://www.itgovernance.co.uk/products/497
CISSP EXAM CRAM 2 1. The CISSP Certification Exam. Assessing Exam Readiness. Taking the Exam. Multiple-Choice Question Format. Exam Strategy. Question-Handling Strategies. Mastering the Inner Game. 2.
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationNSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs
Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary
More informationJK0 015 CompTIA E2C Security+ (2008 Edition) Exam
JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router
More informationPRINCE GEORGE'S COMMUNITY COLLEGE OFFICE OF INSTRUCTION MASTER COURSE SYLLABUS
PRINCE GEORGE'S COMMUNITY COLLEGE OFFICE OF INSTRUCTION MASTER COURSE SYLLABUS CIS 162 Computer Security, Security+ Michael Burt 12/19/2006 Course Designator and Title Prepared by Date Barry Bugg Dr. Aaron
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationInformation Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
More informationFBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.
Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and
More informationComputer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON
Introduction to Computer Security International Edition Michael T. Goodrich Department of Computer Science University of California, Irvine Roberto Tamassia Department of Computer Science Brown University
More informationEthical Hacking Course Layout
Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type
More informationEleventh Hour Security+
Eleventh Hour Security+ Exam SYO-201 Study Guide I do Dubrawsky Technical Editor Michael Cross AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO SYNGRESS.
More informationDescription: Objective: Attending students will learn:
Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationDetailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
More informationAPNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &
More informationICANWK602A Plan, configure and test advanced server based security
ICANWK602A Plan, configure and test advanced server based security Release: 1 ICANWK602A Plan, configure and test advanced server based security Modification History Release Release 1 Comments This Unit
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationEthical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours
Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology
More informationSonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity
SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationform approved June/2006 revised 11-02-06 Page 1 of 7
Administrative-Master Syllabus form approved June/2006 revised 11-02-06 Page 1 of 7 Administrative - Master Syllabus I. Topical Outline Each offering of this course must include the following topics (be
More informationLinux Network Security
Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols
More informationNetwork Security Fundamentals
APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationContents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers
Contents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers 1 Introduction 2 Essential Concepts 3 Servers, Services, and Clients 3
More informationHigher National Unit specification: general information
Higher National Unit specification: general information Unit code: H17V 34 Superclass: CB Publication date: March 2012 Source: Scottish Qualifications Authority Version: 01 Unit purpose This Unit is designed
More informationNETWORK SECURITY (W/LAB) Course Syllabus
6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationBuild Your Own Security Lab
Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers
More informationE-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
More informationCompTIA Security+ (Exam SY0-410)
CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationComputer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings
Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationINFORMATION SECURITY TRAINING CATALOG (2015)
INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,
More informationHow To Pass A Credit Course At Florida State College At Jacksonville
Form 2A, Page 1 FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE COURSE NUMBER: CTS 2658 COURSE TITLE: PREREQUISITE(S): COREQUISITE(S): Managing Network Security CNT 2210 with grade
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationEC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led
EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationCH ENSA EC-Council Network Security Administrator Detailed Course Outline
CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationNetwork Security and Firewall 1
Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week
More informationAn expert s tips for cracking tough CISSP exam
35 / 83 Chapter 6 An expert s tips for cracking tough CISSP exam Rahul Kokcha, an experienced instructor for CISSP explains how to prepare for the CISSP exam, what are important topics, and what you do
More informationQuestion Name C 1.1 Do all users and administrators have a unique ID and password? Yes
Category Question Name Question Text C 1.1 Do all users and administrators have a unique ID and password? C 1.1.1 Passwords are required to have ( # of ) characters: 5 or less 6-7 8-9 Answer 10 or more
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More information642 552 Securing Cisco Network Devices (SND)
642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,
More informationhttps://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting
https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests
More information10605164 Medical Networks and Operating Systems
Western Technical College 10605164 Medical Networks and Operating Systems Course Outcome Summary Course Information Description Instructional Level Total Credits 4.00 Total Hours 108.00 A course studying
More informationWLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.
Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised
More informationState of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005
State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology
More informationGovt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester
Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering Sixth Semester Subject: Network Security & Management Contact Hrs / week: 4 Total hrs: 64 Table of Contents
More informationWeighted Total Mark. Weighted Exam Mark
CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationChapter 4: Networking and the Internet
Chapter 4: Networking and the Internet Computer Science: An Overview Eleventh Edition by J. Glenn Brookshear Copyright 2012 Pearson Education, Inc. Chapter 4: Networking and the Internet 4.1 Network Fundamentals
More informationSystems and Principles Unit Syllabus
Systems and Principles Unit Syllabus Level 3 Implementing an ICT systems security policy 7540-032 www.cityandguilds.com September 2010 Version 1.0 About City & Guilds City & Guilds is the UK s leading
More informationThe Information Security Problem
Chapter 10 Objectives Describe the major concepts and terminology of EC security. Understand phishing and its relationship to financial crimes. Describe the information assurance security principles. Identify
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationSCP - Strategic Infrastructure Security
SCP - Strategic Infrastructure Security Lesson 1 - Cryptogaphy and Data Security Cryptogaphy and Data Security History of Cryptography The number lock analogy Cryptography Terminology Caesar and Character
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Fundamental Principles of a Secure Network
More informationDiploma in Information Security Control, Audit and Management (CISSP Certification)
Diploma in Information Security Control, Audit and This course is designed and delivered by experienced information security professionals and is useful to information system managers, information security
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationNEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus CSCI - 440 Network Security and Perimeter Protection 3-0-3 CATALOG DESCRIPTION This
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationCONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker
ALL ElNis ONE CEH Certified Ethical Hacker EXAM GUIDE Matt Walker Mc Grain/ New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto McGraw-Hill
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls
More informationSecurity Technology: Firewalls and VPNs
Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up
More informationAsheville-Buncombe Technical Community College Department of Networking Technology. Course Outline
Course Number: SEC 150 Course Title: Security Concepts Hours: 2 Lab Hours: 2 Credit Hours: 3 Course Description: This course provides an overview of current technologies used to provide secure transport
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationAssessing Network Security
Microsoft Assessing Network Security Kevin Lam David LeBlanc Ben Smith Acknowledgments Foreword Introduction xxi xxiii xxvii Parti 1 Introduction to Performing Security Assessments 3 Role of Security Assessments
More informationINFORMATION SECURITY TRAINING
INFORMATION SECURITY TRAINING Course Duration: 45 days Pre-Requisite: Basic Knowledge of Internet Course Content Course Fee: 15,000 ( Online Examination Fee, Books, Certification, Tools & Software's Included
More informationIntroduction p. 2. Introduction to Information Security p. 1. Introduction
Introduction p. xvii Introduction to Information Security p. 1 Introduction p. 2 What Is Information Security? p. 3 Critical Characteristics of Information p. 4 CNSS Security Model p. 5 Securing Components
More informationFRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY
More informationInformation Technology Career Cluster Advanced Cybersecurity Course Number: 11.48200
Information Technology Career Cluster Advanced Cybersecurity Course Number: 11.48200 Course Description: Advanced Cybersecurity is designed to provide students the advanced concepts and terminology of
More informationSSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.
SSL-TLS VPN 3.0 Certification Report For: Array Networks, Inc. Prepared by: ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 USA http://www.icsalabs.com SSL-TLS VPN 3.0 Certification
More informationCYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE
CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE Due to the encouraging feedback this series of articles has received, we decided to explore yet another type of cyber intrusionthe Man In The Middle (MITM)
More informationTIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13
COURSE TITLE : INFORMATION SECURITY COURSE CODE : 5136 COURSE CATEGORY : ELECTIVE PERIODS/WEEK : 4 PERIODS/SEMESTER : 52 CREDITS : 4 TIME SCHEDULE MODULE TOPICS PERIODS 1 Introduction to Computer Security
More informationA host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationCEH Version8 Course Outline
CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information
More informationNetwork Security: A Practical Approach. Jan L. Harrington
Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of
More informationinformation security and its Describe what drives the need for information security.
Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.
More informationWEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project
WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure
More informationAdvanced Higher Computing. Computer Networks. Homework Sheets
Advanced Higher Computing Computer Networks Homework Sheets Topic : Network Protocols and Standards. Name the organisation responsible for setting international standards and explain why network standards
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More information