Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer
|
|
- Sophie Marsha Rose
- 8 years ago
- Views:
Transcription
1 Joseph Migga Kizza A Guide to Computer Network Security 4) Springer
2 Contents Part I Understanding Computer Network Security 1 Computer Network Fundamentals 1.1 Introduction 1.2 Computer Network Models 1.3 Computer Network Types Local Area Networks (LANs) Wide Area Networks (WANs) Metropolitan Area Networks (MANs) 1.4 Data Communication Media Technology Transmission Technology Transmission Media 1.5 Network Topology Mesh Tree Bus Star Ring 1.6 Network Connectivity and Protocols Open System Interconnection (OSI) Protocol Suite Transport Control Protocol/Internet Protocol (TCP/IP) Model 1.7 Network Services Connection Services Network Switching Services 1.8 Network Connecting Devices LAN Connecting Devices Internetworking Devices 1.9 Network Technologies LAN Technologies WAN Technologies Wireless LANs 1.10 Conclusion xi
3 xii Contents Exercises 40 Advanced Exercises 41 References 41 2 Understanding Computer Network Security Introduction Computer Security Network Security Information Security Securing the Computer Network Hardware Software Forms of Protection Access Control Authentication Confidentiality Integrity Nonrepudiation Security Standards Security Standards Based an Type of Service/Industry Security Standards Based ön Size/Implementation Security Standards Based an Interests Best Practices in Security 56 Exercises 58 Advanced Exercises 58 References 59 Part II Security Challenges to Computer Networks 3 Security Threats to Computer Networks Introduction Sources of Security Threats Design Philosophy Weaknesses in Network Infrastructure and Communication Protocols Rapid Growth of Cyberspace The Growth of the Hacker Community Vulnerability in Operating System Protocol The Invisible Security Threat The Insider Effect 79
4 Contents xiii Social Engineering Physical Theft Security Threat Motives Terrorism Military Espionage Economic Espionage Targeting the National Information Infrastructure Vendetta/Revenge Hate (National Origin, Gender, and Race) Notoriety Greed Ignorance Security Threat Management Risk Assessment Forensic Analysis Security Threat Correlation Threat Information Quality Security Threat Awareness 85 Exercises 86 Advanced Exercises 87 References 88 4 Computer Network Vulnerabilities Definition Sources of Vulnerabilities Design Flaws Poor Security Management Incorrect Implementation Internet Technology Vulnerability Changing Nature of Hacker Technologies and Activities Difficulty of Fixing Vulnerable Systems Limits of Effectiveness of Reactive Solutions Social Engineering Vulnerability Assessment Vulnerability Assessment Services Advantages of Vulnerability Assessment Services 105 Exercises 105 Advanced Exercises 106 References 106
5 xiv Contents 5 Cyber Crimes and Hackers Introduction Cyber Crimes Ways of Executing Cyber Crimes Cyber Criminals Hackers History of Hacking Types of Hackers Hacker Motives Hacking Topologies Hackers' Tools of System Exploitation Types of Attacks Dealing with the Rising Tide of Cyber Crimes Prevention Detection Recovery Conclusion 130 Exercises 131 Advanced Exercises 131 References Hostile Scripts Introduction Introduction to the Common Gateway Interface (CGI) CGI Scripts in a Three-Way Handshake Server CGI Interface CGI Script Security Issues Web Script Security Issues Dealing with the Script Security Problems Scripting Languages Server-Side Scripting Languages Client-Side Scripting Languages 141 Exercises 143 Advanced Exercises 143 References Security Assessment, Analysis, and Assurance Introduction System Security Policy 147
6 Contents xv 7.3 Building a Security Policy Security Policy Access Rights Matrix Policy and Procedures Security Requirements Specification Threat Identification Human Factors Natural Disasters Infrastructure Failures Threat Analysis Approaches to Security Threat Analysis Vulnerability Identification and Assessment Hardware Software Humanware Policies, Procedures, and Practices Security Certification Phases of a Certification Process Benefits of Security Certification Security Monitoring and Auditing Monitoring Tools Type of Data Gathered Analyzed Information Auditing Products and Services 168 Exercises 168 Advanced Exercises 169 References 169 Additional References 169 Part III Dealing with Network Security Challenges 8 Disaster Management Introduction Categories of Disasters Disaster Prevention Disaster Response Disaster Recovery Planning for a Disaster Recovery Procedures of Recovery Make your Business Disaster Ready 181
7 xvi Contents Always Be Ready for a Disaster Always Backup Media Risk Assessment Resources for Disaster Planning and Recovery Local Disaster Resources 183 Exercises 183 Advanced Exercises Case Studies 183 References Access Control and Authorization Definitions Access Rights Access Control Techniques and Technologies Access Control Systems Physical Access Control Access Cards Electronic Surveillance Biometrics Event Monitoring Authorization Authorization Mechanisms Types of Authorization Systems Centralized Decentralized Implicit Explicit Authorization Principles Least Privileges Separation of Duties Authorization Granularity Fine Grain Authorization Coarse Grain Authorization Web Access and Authorization 203 Exercises 203 Advanced Exercises 204 References 204
8 Contents xvii 10 Authentication Definition Multiple Factors and Effectiveness of Authentication Authentication Elements Person or Group Seeking Authentication Distinguishing Characteristics for Authentication The Authenticator The Authentication Mechanism Access Control Mechanism Types of Authentication Nonrepudiable Authentication Repudiable Authentication Authentication Methods Password Authentication Public-Key Authentication Remote Authentication Anonymous Authentication Digital Signature-Based Authentication Wireless Authentication Developing an Authentication Policy 223 Exercises 224 Advanced Exercises 225 References Cryptography Definition Block Ciphers Symmetrie Encryption Symmetrie Encryption Algorithms Problems with Symmetrie Encryption Public Key Encryption Public Key Encryption Algorithms Problems with Public Key Encryption Public Key Encryption Services Enhancing Security: Combining Symmetrie and Public Key Encryptions Key Management: Generation, Transportation, and Distribution The Key Exchange Problem Key Distribution Centers (KDCs) Public Key Management Key Escrow 242
9 xviii Contents 11.6 Public Key Infrastructure (PKI) Certificates Certificate Authority Registration Authority (RA) Lightweight Directory Access Protocols (LDAP) Role of Cryptography in Communication Hash Function Digital Signatures 246 Exercises 247 Advanced Exercises 248 References Firewalls Definition Types of Firewalls Packet Inspection Firewalls Application Proxy Server: Filtering Based an Known Services Virtual Private Network (VPN) Firewalls Small Office or Home (SOHO) Firewalls Configuration and Implementation of a Firewall The Demilitarized Zone (DMZ) Scalability and Increasing Security in a DMZ Improving Security Through the Firewall Firewall Forensics Firewall Services and Limitations Firewall Services Limitations of Firewalls 269 Exercises 270 Advanced Exercises 270 References System Intrusion Detection and Prevention Definition Intrusion Detection The System Intrusion Process The Dangers of System Intrusions 275
10 Contents xix 13.3 Intrusion Detection Systems (IDSs) Anomaly Detection Misuse Detection Types of Intrusion Detection Systems Network-Based Intrusion Detection Systems (NIDSs) Host-Based Intrusion Detection Systems (HIDSs) The Hybrid Intrusion Detection System The Changing Nature of IDS Tools Other Types of Intrusion Detection Systems System Integrity Verifiers (SIVs) Log File Monitors (LFM) Honeypots Response to System Intrusion Incident Response Team IDS Logs as Evidence Challenges to Intrusion Detection Systems Deploying IDS in Switched Environments Implementing an Intrusion Detection System Intrusion Prevention Systems (IPSs) Network-Based Intrusion Prevention Systems (NIPSs) Host-Based Intrusion Prevention Systems (HIPSs) Intrusion Detection Tools 295 Exercises 297 Advanced Exercises 297 References Computer and Network Forensics Definition Computer Forensics History of Computer Forensics Elements of Computer Forensics Investigative Procedures Analysis of Evidence Network Forensics Intrusion Analysis Damage Assessment Forensics Tools Computer Forensic Tools Network Forensic Tools 326 Exercises 327
11 xx Contents Advanced Exercises 328 References Virus and Content Filtering Definition Scanning, Filtering, and Blocking Content Scanning Inclusion Filtering Exclusion Filtering Other Types of Content Filtering Location of Content Filters Virus Filtering Viruses Content Filtering Application Level Filtering Packet-Level Filtering and Blocking Filtered Material Spam 348 Exercises 350 Advanced Exercises 350 References Standardization and Security Criteria: Security Evaluation of Computer Products Introduction Product Standardization Need for the Standardization of (Security) Products Common Computer Product Standards Security Evaluations Purpose of Evaluation Security Evaluation Criteria Basic Elements of an Evaluation Outcomes/Benefits Major Security Evaluation Criteria Common Criteria (CC) FIPS The Orange Book/TCSEC 358
12 Contents xxi Information Technology Security Evaluation Criteria (ITSEC) The Trusted Network Interpretation (TNI): The Red Book Does Evaluation Mean Security? 362 Exercises 362 Advanced Exercises 363 References Computer Network Security Protocols Introduction Application Level Security Pretty Good Privacy (PGP) Secure/Multipurpose Internet Mail Extension (S/MIME) Secure-HTTP (S-HTTP) Hypertext Transfer Protocol over Secure Socket Layer (HTTPS) Secure Electronic Transactions (SET) Kerberos Security in the Transport Layer Secure Socket Layer (SSL) Transport Layer Security (TLS) Security in the Network Layer Internet Protocol Security (IPSec) Virtual Private Networks (VPN) Security in the Link Layer and over LANS Point-to-Point Protocol (PPP) Remote Authentication Dial-In User Service (RADIUS) Terminal Access Controller Access Control System (TACACS +) 394 Exercises 394 Advanced Exercises 395 References 395
13 xxii Contents 18 Security in Wireless Networks and Devices Introduction Cellular Wireless Communication Network Infrastructure Development of Cellular Technology Limited and Fixed Wireless Communication Networks Wireless LAN (WLAN) or Wireless Fidelity (Wi-Fi) WLAN (Wi-Fi) Technology Mobile IP and Wireless Application Protocol (WAP) Standards for Wireless Networks The IEEE Bluetooth Security in Wireless Networks WLANs Security Concerns Best Practices for Wi-Fi Security Hope an the Horizon for WEP 420 Exercises 420 Advanced Exercises 421 References Security in Sensor Networks Introduction The Growth of Sensor Networks Design Factors in Sensor Networks Routing Power Consumption Fault Tolerance Scalability Product Costs Nature of Hardware Deployed Topology of Sensor Networks Transmission Media Security in Sensor Networks Security Challenges Sensor Network Vulnerabilities and Attacks Securing Sensor Networks Security Mechanisms and Best Practices for Sensor Networks 433
14 Contents xxiii 19.6 Trends in Sensor Network Security Research Cryptography Key Management Confidentiality, Authentication, and Freshness Resilience to Capture 436 Exercises 437 Advanced Exercises 437 References Other Efforts to Secure Information and Computer Networks Introduction Legislation Regulation Self-Regulation Hardware-Based Self-Regulation Software-Based Self-Regulation Education Focused Education Mass Education Reporting Centers Market Forces Activism Advocacy Hotlines 446 Exercises 446 Advanced Exercises 447 References Security Beyond Computer Networks: Information Assurance Introduction Collective Security Initiatives and Best Practices The U.S. National Strategy to Secure Cyberspace Council of Europe Convention an Cyber Crime 452 References 453
15 xxiv Contents Part IV Projects 22 Projects Introduction Part I: Weekly/Biweekly Laboratory Assignments Part 11: Semester Projects Intrusion Detection Systems Scanning Tools for System Vulnerabilities The Following Tools Are Used to Enhance Security in Web Applications Public Key Infrastructure Part III: Research Projects Consensus Defense Specialized Security Protecting an Extended Network Automated Vulnerability Reporting Turn-Key Product for Network Security Testing The Role of Local Networks in the Defense of the National Critical Infrastructure Enterprise VPN Security Perimeter Security Enterprise Security Password Security Investigating the Weaknesses 469 Index 471
EUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationSecurity + Certification (ITSY 1076) Syllabus
Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and
More informationBUY ONLINE FROM: http://www.itgovernance.co.uk/products/497
CISSP EXAM CRAM 2 1. The CISSP Certification Exam. Assessing Exam Readiness. Taking the Exam. Multiple-Choice Question Format. Exam Strategy. Question-Handling Strategies. Mastering the Inner Game. 2.
More informationFundamentals of Network Security - Theory and Practice-
Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring
More informationHow To Pass A Credit Course At Florida State College At Jacksonville
Form 2A, Page 1 FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE COURSE NUMBER: CTS 2658 COURSE TITLE: PREREQUISITE(S): COREQUISITE(S): Managing Network Security CNT 2210 with grade
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationNetworking: EC Council Network Security Administrator NSA
coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA
More informationHow NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements
How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards
More informationCH ENSA EC-Council Network Security Administrator Detailed Course Outline
CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical
More informationEC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led
EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.
More informationFBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.
Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationNetwork Security and Firewall 1
Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More informationComputer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings
Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,
More informationNetwork Security Foundations
Network Security Foundations Matthew Strebe O San SrBBC Francisco London Introduction xv Chapter 1 Security Principles 1 Why Computers Aren't Secure 2 The History of Computer Security 4-1945 5 1945-1955
More informationState of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005
State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology
More informationICANWK602A Plan, configure and test advanced server based security
ICANWK602A Plan, configure and test advanced server based security Release: 1 ICANWK602A Plan, configure and test advanced server based security Modification History Release Release 1 Comments This Unit
More informationContents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers
Contents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers 1 Introduction 2 Essential Concepts 3 Servers, Services, and Clients 3
More informationInformation Security Policy
Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current
More informationCompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill
CompTIA Security+ Certification Study Guide (Exam SYO-301) Glen E. Clarke McGraw-Hill is an independent entity from CompTIA,This publication and CD may be used in assisting students to prepare for the
More informationInformation Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationSystems and Principles Unit Syllabus
Systems and Principles Unit Syllabus Level 3 Implementing an ICT systems security policy 7540-032 www.cityandguilds.com September 2010 Version 1.0 About City & Guilds City & Guilds is the UK s leading
More informationAdvanced Security and Mobile Networks
Advanced Security and Mobile Networks W.Buchanan (1) 3. Encryption 4. Forensic Computing Advanced Security and Mobile Networks: Learning Outcomes: 2. IDS 1. Network Security 5. Software Security 6. Network
More informationNEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus CSCI - 440 Network Security and Perimeter Protection 3-0-3 CATALOG DESCRIPTION This
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationIntroduction p. 2. Introduction to Information Security p. 1. Introduction
Introduction p. xvii Introduction to Information Security p. 1 Introduction p. 2 What Is Information Security? p. 3 Critical Characteristics of Information p. 4 CNSS Security Model p. 5 Securing Components
More informationIT Networking and Security
elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationBachelor of Information Technology (Network Security)
Bachelor of Information Technology (Network Security) Course Structure Year 1: Level 100 Foundation knowledge subjects SEMESTER 1 SEMESTER 2 ITICT101A Fundamentals of Computer Organisation ITICT104A Internetworking
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationA host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationPRINCIPLES AND PRACTICE OF INFORMATION SECURITY
PRINCIPLES AND PRACTICE OF INFORMATION SECURITY Protecting Computers from Hackers and Lawyers Linda Volonino, Ph.D. Canisius College Stephen R. Robinson Verity Partners, LLC with contributions by Charles
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationICTTEN8195B Evaluate and apply network security
ICTTEN8195B Evaluate and apply network security Release 1 ICTTEN8195B Evaluate and apply network security Modification History Release Release 2 Comments This version first released with ICT10 Integrated
More informationEleventh Hour Security+
Eleventh Hour Security+ Exam SYO-201 Study Guide I do Dubrawsky Technical Editor Michael Cross AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO SYNGRESS.
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More information70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network
70 299 Implementing and Administering Security in a Microsoft Windows Server 2003 Network Course Number: 70 299 Length: 1 Day(s) Course Overview This course is part of the MCSA training.. Prerequisites
More informationQuestion Name C 1.1 Do all users and administrators have a unique ID and password? Yes
Category Question Name Question Text C 1.1 Do all users and administrators have a unique ID and password? C 1.1.1 Passwords are required to have ( # of ) characters: 5 or less 6-7 8-9 Answer 10 or more
More informationGovt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester
Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering Sixth Semester Subject: Network Security & Management Contact Hrs / week: 4 Total hrs: 64 Table of Contents
More informationNetwork Security Essentials:
Network Security Essentials: Applications and Standards Fifth Edition William Stallings International Editions contributions by B. R. Chandavarkar National Institute of Technology Karnataka, Surathkal
More informationFRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY
More informationThe Information Security Problem
Chapter 10 Objectives Describe the major concepts and terminology of EC security. Understand phishing and its relationship to financial crimes. Describe the information assurance security principles. Identify
More informationNETWORK SECURITY (W/LAB) Course Syllabus
6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More informationCompTIA Security+ (Exam SY0-410)
CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationNetwork Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley WILEY
WILEY Wiley Publishing, Inc. Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley Contents Acknowledgments Introduction Part I: Security Principles and Practices Chapter 1: Information
More informationSecure SCADA Network Technology and Methods
Secure SCADA Network Technology and Methods FARKHOD ALSIHEROV, TAIHOON KIM Dept. Multimedia Engineering Hannam University Daejeon, South Korea sntdvl@yahoo.com, taihoonn@paran.com Abstract: The overall
More informationTHE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI
THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI Introduction. I. VULNERABILITIES AND TECHNOLOGIES. 1. Hackers and Threats. Contending with Vulnerability Realizing Value in Security
More informationTim Bovles WILEY. Wiley Publishing, Inc.
Tim Bovles WILEY Wiley Publishing, Inc. Contents Introduction xvii Assessment Test xxiv Chapter 1 Introduction to Network Security 1 Threats to Network Security 2 External Threats 3 Internal Threats 5
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationPROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES
PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationINTRUSION DETECTION SYSTEMS and Network Security
INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS
More informationinformation security and its Describe what drives the need for information security.
Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationFicha técnica de curso Código: IFCAD111
Curso de: Objetivos: Managing Cisco Network Security: Building Rock-Solid Networks Dar a conocer la filosofía CISCO desde el punto de vista de la seguridad y como construir una red solidad. Como hacer
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationFundamentals of a Windows Server Infrastructure MOC 10967
Fundamentals of a Windows Server Infrastructure MOC 10967 Course Outline Module 1: Installing and Configuring Windows Server 2012 This module explains how the Windows Server 2012 editions, installation
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationComputer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON
Introduction to Computer Security International Edition Michael T. Goodrich Department of Computer Science University of California, Irvine Roberto Tamassia Department of Computer Science Brown University
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationIT Networking and Security
elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software powered by Calibrate www.medallionlearning.com
More informationSecuring an IP SAN. Application Brief
Securing an IP SAN Application Brief All trademark names are the property of their respective companies. This publication contains opinions of StoneFly, Inc., which are subject to change from time to time.
More informationBuild Your Own Security Lab
Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers
More informationGuide to Wireless Network Security
Guide to Wireless Network Security Guide to Wireless Network Security by John R. Vacca USA Springer John R. Vacca Author and IT Consultant 34679 TR 382 Pomeroy, Ohio 45769 e-mail: jvacca@hti.net http://www.johnvacca.com/
More informationNetwork Security: A Practical Approach. Jan L. Harrington
Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationCurran, K. Tutorials. Independent study (including assessment) N/A
MODULE TITLE: MODULE CODE: Systems Security COM535 YEAR OF REVISION: 2013/14 MODULE LEVEL: 6 CREDIT POINTS: 20 MODULE STATUS: SEMESTER: 1 LOCATION: E-LEARNING: PREREQUISITE(S): CO-REQUISITE(S): MODULE
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
More informationCisco ASA. Administrators
Cisco ASA for Accidental Administrators Version 1.1 Corrected Table of Contents i Contents PRELUDE CHAPTER 1: Understanding Firewall Fundamentals What Do Firewalls Do? 5 Types of Firewalls 6 Classification
More informationDepartment of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus
Department of Computer & Information Sciences CSCI-445: Computer and Network Security Syllabus Course Description This course provides detailed, in depth overview of pressing network security problems
More informationICAWEB423A Ensure dynamic website security
ICAWEB423A Ensure dynamic website security Release: 1 ICAWEB423A Ensure dynamic website security Modification History Release Release 1 Comments This Unit first released with ICA11 Information and Communications
More informationSCADA/Business Network Separation: Securing an Integrated SCADA System
SCADA/Business Network Separation: Securing an Integrated SCADA System This white paper is based on a utility example but applies to any SCADA installation from power generation and distribution to water/wastewater
More informationSCADA SYSTEMS AND SECURITY WHITEPAPER
SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationHow To Protect Your Network From Attack
Department of Computer Science Institute for System Architecture, Chair for Computer Networks Internet Services & Protocols Internet (In)Security Dr.-Ing. Stephan Groß Room: INF 3099 E-Mail: stephan.gross@tu-dresden.de
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More informationPrivacy + Security + Integrity
Privacy + Security + Integrity Docufree Corporation Data Security Checklist Security by Design Docufree is very proud of our security record and our staff works diligently to maintain the greatest levels
More informationSECURITY ISSUES INTERNET WORLD WIDE WEB FOR THE AND THE
SECURITY ISSUES FOR THE INTERNET AND THE WORLD WIDE WEB - Internet connections: a back door into the enterpre. - Internet security incidents. - Viruses and how they spread. - The internet as a hacker s
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationAbout the Authors Preface Acknowledgements List of Acronyms
Contents About the Authors Preface Acknowledgements List of Acronyms xiii xv xvii xix Part One Wireless Ad Hoc, Sensor and Mesh Networking 1 1 Introduction 3 1.1 Information Security 4 1.1.1 Computer Security
More informationNetwork Security Course Specifications2011-2012
Assiut University Faculty of Computers & Information Department of Information Technology Quality Assurance Unit Network Security Course Specifications2011-2012 Relevant program B.Sc. in Computers and
More informationFirewall Environments. Name
Complliiance Componentt DEEFFI INITION Description Rationale Firewall Environments Firewall Environment is a term used to describe the set of systems and components that are involved in providing or supporting
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationDescription: Objective: Attending students will learn:
Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of
More informationGSEC GIAC Security. Essentials Certification ONE ALL IN EXAM GUIDE. Ric Messier. Singapore Sydney Toronto
ALL IN ONE GSEC GIAC Security Essentials Certification EXAM GUIDE Ric Messier New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore Sydney Toronto "4 McGraw-Hill Education
More informationOCR LEVEL 3 CAMBRIDGE TECHNICAL
Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT NETWORKED SYSTEMS SECURITY J/601/7332 LEVEL 3 UNIT 28 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 NETWORKED SYSTEMS SECURITY
More informationAPNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &
More information