Introduction p. 2. Introduction to Information Security p. 1. Introduction



Similar documents
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Exam 1 - CSIS 3755 Information Assurance

Network Security Administrator

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

information security and its Describe what drives the need for information security.

Network Access Security. Lesson 10

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Security + Certification (ITSY 1076) Syllabus

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

How To Pass A Credit Course At Florida State College At Jacksonville

CompTIA Security+ (Exam SY0-410)

Security Technology: Firewalls and VPNs

Network Security and Firewall 1

Networking: EC Council Network Security Administrator NSA

Network Security: A Practical Approach. Jan L. Harrington

How To Protect Your Network From Attack

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Fundamentals of Network Security - Theory and Practice-

Systems and Principles Unit Syllabus

CS5008: Internet Computing

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

BlackRidge Technology Transport Access Control: Overview

Diploma in Information Security Control, Audit and Management (CISSP Certification)

BUY ONLINE FROM:

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

NETWORK SECURITY (W/LAB) Course Syllabus

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

Name. Description. Rationale

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

ICANWK406A Install, configure and test network security

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

IINS Implementing Cisco Network Security 3.0 (IINS)

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

INTRUSION DETECTION SYSTEMS and Network Security

CISCO IOS NETWORK SECURITY (IINS)

Cisco Certified Security Professional (CCSP)

Network Security Topologies. Chapter 11

Firewall Environments. Name

Chapter 1 The Principles of Auditing 1

Cisco Advanced Services for Network Security

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

MCSA Security + Certification Program

SonicWALL PCI 1.1 Implementation Guide

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון טל' פקס בשיתוף עם מכללת הנגב ע"ש ספיר

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Recommended IP Telephony Architecture

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Implementing Cisco IOS Network Security

Information Technology Career Cluster Advanced Cybersecurity Course Number:

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

Basics of Internet Security

Firewall Architectures of E-Commerce

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Chapter 4: Security of the architecture, and lower layer security (network security) 1

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Payment Card Industry Data Security Standard

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Introduction to Cyber Security / Information Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Domain 6.0: Network Security

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Eleventh Hour Security+

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Windows Remote Access

Local Area Networks (LANs) Blueprint (May 2012 Release)

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Guideline on Auditing and Log Management

Securing Cisco Network Devices (SND)

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Remote Access Security

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Security perimeter. Internet. - Access control, monitoring and management. Differentiate between insiders and outsiders - Different types of outsiders

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

MSSTAN 1504: Supplier Security Requirements and Expectations (SSRE) Web Applications For Externally Facing (Public) Data

Firewalls, Tunnels, and Network Intrusion Detection

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

ICANWK602A Plan, configure and test advanced server based security

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

INCIDENT RESPONSE CHECKLIST

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Recommended Wireless Local Area Network Architecture

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Understanding Windows Server 2003 Networking p. 1 The OSI Model p. 2 Protocol Stacks p. 4 Communication between Stacks p. 13 Microsoft's Network

Tim Bovles WILEY. Wiley Publishing, Inc.

Ohio Supercomputer Center

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI

Transcription:

Introduction p. xvii Introduction to Information Security p. 1 Introduction p. 2 What Is Information Security? p. 3 Critical Characteristics of Information p. 4 CNSS Security Model p. 5 Securing Components p. 6 Balancing Information Security and Access p. 6 Business Needs First p. 7 Protecting the Functionality of an Organization p. 7 Enabling the Safe Operation of Applications p. 8 Protecting Data That Organizations Collect and Use p. 8 Safeguarding Technology Assets in Organizations p. 8 Security Professionals and the Organization p. 8 Data Ownership p. 9 Threats p. 10 Human Error or Failure p. 11 Compromises to Intellectual Property p. 12 Espionage or Trespass p. 13 Information Extortion p. 16 Sabotage or Vandalism p. 16 Theft p. 17 Software Attacks p. 17 Forces of Nature p. 20 Deviations in Quality of Service p. 21 Hardware Failures or Errors p. 22 Software Failures or Errors p. 23 Obsolescence p. 23 Attacks p. 23 Malicious Code p. 23 "Hoaxes" p. 24 Back Doors p. 24 Password Crack p. 25 Brute Force p. 25 Dictionary p. 25 Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) p. 25 Spoofing p. 26 Man-in-the-Middle p. 27 Spam p. 28 Mail Bombing p. 28 Sniffers p. 28

Social Engineering p. 28 Buffer Overflow p. 30 Timing Attack p. 30 Chapter Summary p. 30 Review Questions p. 31 Exercises p. 32 Case Exercises p. 33 An Introduction to Networking p. 37 Introduction p. 38 Networking Fundamentals p. 38 Reasons to Network p. 39 Types of Networks p. 40 Network Standards p. 42 Internet Society (ISOC) p. 42 Internet Assigned Numbers Authority (IANA) p. 42 American National Standards Institute (ANSI) p. 43 International Telecommunication Union (ITU) p. 43 Institute of Electrical and Electronics Engineers (IEEE) p. 43 Telecommunications Industry Association (TIA) p. 43 International Organization for Standardization (ISO) p. 44 OSI Reference Model and Security p. 44 The Physical Layer p. 45 Data Link Layer p. 53 Network Layer p. 56 Transport Layer p. 59 Session Layer p. 64 Presentation Layer p. 64 Application Layer p. 64 The Internet and TCP/IP p. 66 The World Wide Web p. 66 TCP/IP p. 67 Chapter Summary p. 69 Review Questions p. 70 Exercises p. 71 Case Exercises p. 71 Security Policies, Standards, and Planning p. 73 Introduction p. 74 Information Security Policy, Standards, and Practices p. 75 Definitions p. 75 Enterprise Information Security Policy (EISP) p. 77 Issue-Specific Security Policy (ISSP) p. 78

System-Specific Policy (SysSP) p. 81 Policy Management p. 83 Frameworks and Industry Standards p. 85 The ISO 27000 Series p. 86 NIST Security Models p. 90 IETF Security Architecture p. 91 Benchmarking and Best Business Practices p. 91 Security Architecture p. 92 Security Education, Training, and Awareness Program p. 95 Security Education p. 96 Security Training p. 96 Security Awareness p. 97 Continuity Strategies p. 98 Business Impact Analysis p. 101 Incident Response Planning p. 104 Disaster Recovery Planning p. 104 Business Continuity Planning p. 105 Crisis Management p. 106 Chapter Summary p. 107 Review Questions p. 108 Exercises p. 109 Case Exercises p. 110 Finding Network Vulnerabilities p. 113 Introduction p. 114 Common Vulnerabilities p. 114 Defects in Software or Firmware p. 114 Weaknesses in Processes and Procedures p. 121 Scanning and Analysis Tools p. 121 Port Scanners p. 125 Firewall Analysis Tools p. 126 Operating System Detection Tools p. 127 Vulnerability Scanners p. 128 Packet Sniffers p. 133 Wireless Security Tools p. 134 Penetration Testing p. 135 Chapter Summary p. 138 Review Questions p. 138 Exercises p. 139 Case Exercises p. 139 Firewall Planning and Design p. 141 Introduction p. 142

Misconceptions About Firewalls p. 143 Firewalls Explained p. 143 An Analogy: Office Tower Security Guard p. 144 Firewall Security Features p. 145 Firewall User Protection p. 145 Firewall Network Perimeter Security p. 145 Firewall Components p. 146 Firewall Security Tasks p. 147 Types of Firewall Protection p. 152 Packet Filtering p. 152 PAT and NAT p. 159 Application Layer Gateways p. 160 Firewall Categories p. 162 Processing Mode p. 162 Firewall Generation p. 164 Firewall Structures p. 165 Firewall Architectures p. 174 Limitations of Firewalls p. 178 Chapter Summary p. 178 Review Questions p. 179 Exercises p. 180 Case Exercises p. 181 Packet Filtering p. 183 Introduction p. 184 Understanding Packets and Packet Filtering p. 184 Packet-Filtering Devices p. 184 Anatomy of a Packet p. 185 Packet-Filtering Rules p. 187 Packet-Filtering Methods p. 189 Stateless Packet Filtering p. 190 Stateful Packet Filtering p. 195 Filtering Based on Packet Content p. 197 Setting Specific Packet Filter Rules p. 197 Best Practices for Firewall Rules p. 197 Rules That Cover Multiple Variations p. 199 Rules for ICMP Packets p. 199 Rules That Enable Web Access p. 201 Rules That Enable DNS p. 202 Rules That Enable FTP p. 202 Rules That Enable E-Mail p. 203 Chapter Summary p. 205

Review Questions p. 205 Exercises p. 206 Case Exercises p. 207 Working with Proxy Servers and Application-Level Firewalls p. 209 Introduction p. 210 Overview of Proxy Servers p. 210 How Proxy Servers Work p. 210 How Proxy Servers Differ from Packet Filters p. 212 Sample Proxy Server Configurations p. 212 Goals of Proxy Servers p. 214 Concealing Internal Clients p. 215 Blocking URLs p. 216 Blocking and Filtering Content p. 216 E-Mail Proxy Protection p. 217 Improving Performance p. 217 Ensuring Security p. 218 Providing User Authentication p. 218 Redirecting URLs p. 219 Proxy Server Configuration Considerations p. 219 Providing for Scalability p. 219 Working with Client Configurations p. 219 Working with Service Configurations p. 221 Creating Filter Rules p. 221 Recognizing the Single Point of Failure p. 222 Recognizing Buffer Overflow Vulnerabilities p. 222 Choosing a Proxy Server p. 222 Transparent Proxies p. 222 Nontransparent Proxies p. 223 SOCKS-Based Proxies p. 223 Proxy Server-Based Firewalls Compared p. 224 T.REX Open-Source Firewall p. 225 Squid p. 225 WinGate p. 225 Symantec Enterprise Firewall p. 226 Microsoft Internet Security & Acceleration Server p. 226 Reverse Proxies p. 226 When a Proxy Service Isn't the Correct Choice p. 228 Chapter Summary p. 229 Review Questions p. 229 Exercises p. 230 Case Exercises p. 231

Firewall Configuration and Administration p. 233 Introduction p. 234 Establishing Firewall Rules and Restrictions p. 235 The Role of the Rules File p. 235 Restrictive Firewalls p. 235 Connectivity-Based Firewalls p. 236 Firewall Configuration Strategies p. 237 Scalability p. 237 Productivity p. 237 Dealing with IP Address Issues p. 238 Approaches That Add Functionality to Your Firewall p. 239 NAT/PAT p. 239 Encryption p. 239 Application Proxies p. 240 VPNs p. 240 Intrusion Detection and Prevention Systems p. 241 Enabling a Firewall to Meet New Needs p. 243 Verifying Resources Needed by the Firewall p. 244 Identifying New Risks p. 245 Adding Software Updates and Patches p. 245 Adding Hardware p. 246 Dealing with Complexity on the Network p. 247 Adhering to Proven Security Principles p. 248 Environmental Management p. 248 BIOS, Boot, and Screen Locks p. 248 Remote Management Interface p. 249 Why Remote Management Tools Are Important p. 249 Security Concerns p. 250 Basic Features of Remote Management Tools p. 250 Automating Security Checks p. 251 Configuring Advanced Firewall Functions p. 251 Data Caching p. 251 Hot Standby Redundancy p. 252 Load Balancing p. 253 Filtering Content p. 254 Chapter Summary p. 256 Review Questions p. 257 Exercises p. 257 Case Exercises p. 258 Encryption and Firewalls p. 259 Introduction p. 260

Firewalls and Encryption p. 260 The Cost of Encryption p. 262 Preserving Data Integrity p. 262 Maintaining Confidentiality p. 262 Authenticating Network Clients p. 263 Enabling Virtual Private Networks (VPNs) p. 263 Principles of Cryptography p. 263 Encryption Definitions p. 264 Cryptographic Notation p. 264 Encryption Operations p. 265 Using Cryptographic Controls p. 276 E-mail Security p. 277 Securing the Web p. 277 Securing Authentication p. 278 Attacks on Cryptosystems p. 280 Man-in-the-Middle Attack p. 281 Correlation Attacks p. 281 Dictionary Attacks p. 281 Timing Attacks p. 282 Defending from Attacks p. 282 Chapter Summary p. 283 Review Questions p. 283 Exercises p. 284 Case Exercises p. 285 Authenticating Users p. 287 Introduction p. 288 The Authentication Process in General p. 288 How Firewalls Implement the Authentication Process p. 289 Firewall Authentication Methods p. 290 User Authentication p. 291 Client Authentication p. 291 Session Authentication p. 292 Centralized Authentication p. 293 Kerberos p. 294 TACACS+ p. 295 Remote Authentication Dial-In User Service (RADIUS) p. 296 TACACS+ and RADIUS Compared p. 296 Password Security Issues p. 298 Passwords That Can Be Cracked p. 298 Password Vulnerabilities p. 298 Lax Security Habits p. 298

Password Security Tools p. 299 One-Time Password Software p. 299 The Shadow Password System p. 299 Other Authentication Systems p. 300 Single-Password Systems p. 300 One-Time Password Systems p. 300 Certificate-Based Authentication p. 301 802.1X Wi-Fi Authentication p. 302 Chapter Summary p. 303 Review Questions p. 303 Exercises p. 304 Case Exercises p. 305 Setting Up a Virtual Private Network p. 307 Introduction p. 308 VPN Components and Operations p. 309 VPN Components p. 309 Essential Activities of VPNs p. 313 Benefits and Drawbacks of VPNs p. 314 VPNs Extend Network Boundaries p. 314 Types of VPNs p. 315 VPN Appliances p. 316 Software VPN Systems p. 317 VPN Combinations of Hardware and Software p. 318 Combination VPNs p. 318 VPN Setups p. 318 Mesh Configuration p. 318 Hub-and-Spoke Configuration p. 319 Hybrid Configuration p. 321 Configurations and Extranet and Intranet Access p. 321 Tunneling Protocols Used with VPNs p. 322 IPSec/IKE p. 322 PPTP p. 323 L2TP p. 324 PPP Over SSL/PPP Over SSH p. 324 Enabling Remote Access Connections Within VPNs p. 325 Configuring the Server p. 325 Configuring Clients p. 326 VPN Best Practices p. 327 The Need for a VPN Policy p. 327 Packet Filtering and VPNs p. 327 Auditing and Testing the VPN p. 330

Chapter Summary p. 33 Review Questions p. 334 Exercises p. 334 Case Exercises p. 335 Contingency Planning p. 337 Introduction p. 338 What Is Contingency Planning? p. 339 Components of Contingency Planning p. 341 Business Impact Analysis p. 342 Incident Response Plan p. 343 Disaster Recovery Plan p. 344 Business Continuity Plan p. 344 Incident Response: Preparation, Organization, and Prevention p. 345 Planning for the Response During the Incident p. 347 Planning for After the Incident p. 349 Planning for Before the Incident p. 349 Incident Classification and Detection p. 351 Classifying Incidents p. 352 Data Collection p. 354 Detecting Compromised Software p. 356 Challenges in Intrusion Detection p. 357 Incident Reaction p. 357 Selecting an IR Strategy p. 357 Notification p. 359 Documenting an Incident p. 360 Incident Containment Strategies p. 360 Interviewing Individuals Involved in the Incident p. 361 Recovering from Incidents p. 361 Identify and Resolve Vulnerabilities p. 362 Restore Data p. 363 Restore Services and Processes p. 363 Restore Confidence Across the Organization p. 363 IR Plan Maintenance p. 363 The After-Action Review p. 363 IR Plan Review and Maintenance p. 365 Training p. 365 Rehearsal p. 365 Data and Application Resumption p. 366 Disk-to-Disk-to-Tape p. 366 Backup Strategies p. 366 Tape Backup and Recovery p. 367

Redundancy-Based Backup and Recovery Using RAID p. 369 Database Backups p. 371 Application Backups p. 372 Real-Time Protection, Server Recovery, and Application Recovery p. 372 Service Agreements p. 377 Chapter Summary p. 378 Review Questions p. 379 Exercises p. 379 Case Exercises p. 380 Intrusion Detection and Prevention Systems p. 383 Introduction p. 384 Intrusion Detection and Prevention p. 384 IDPS Terminology p. 385 Why Use an IDPS? p. 387 Network-Based IDPS p. 390 Host-Based IDPS p. 394 IDPS Detection Methods p. 396 IDPS Response Behavior p. 398 Selecting IDPS Approaches and Products p. 401 Strengths and Limitations of IDPSs p. 406 Deployment and Implementation of an IDPS p. 407 Measuring the Effectiveness of IDPSs p. 415 Honey Pots, Honey Nets, and Padded Cell System p. 417 Trap and Trace Systems p. 419 Active Intrusion Prevention p. 420 Chapter Summary p. 420 Review Questions p. 421 Exercises p. 422 Case Exercises p. 422 Digital Forensics p. 425 Introduction p. 426 The Digital Forensic Team p. 426 The First Response Team p. 427 The Analysis Team p. 428 Digital Forensics Methodology p. 430 Affidavits and Search Warrants p. 430 Acquiring the Evidence p. 432 Identifying Sources p. 432 Authenticating Evidence p. 433 Collecting Evidence p. 434 Maintaining the Chain of Custody p. 447

Analyzing Evidence p. 449 Searching for Evidence p. 451 Reporting the Findings p. 453 Interacting with Law Enforcement p. 453 Anti-Forensics p. 455 Chapter Summary p. 456 Review Questions p. 456 Exercises p. 457 Case Exercise p. 457 Glossary p. 459 Index p. 473 Table of Contents provided by Blackwell's Book Services and R.R. Bowker. Used with permission.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information