The most comprehensive book on computer and information security available today. This text is a must-have for students and professionals!
Part I Overview of System and Network Security: A Comprehensive
Introduction
Chapter 1 Building a Secure Organization
1.1 OBSTACLES TO SECURITY 1.2 TEN STEPS TO BUILDING A SECURE
ORGANIZATION 1.3 DON’T FORGET THE BASICS 1.4 PREPARING FOR THE
BUILDING OF SECURITY CONTROL ASSESSMENTS 1.5 SUMMARY 1.6 CHAPTER
REVIEW QUESTIONS/EXERCISES 1.7 OPTIONAL TEAM CASE PROJECT
Chapter 2 A Cryptography Primer
2.1 WHAT IS CRYPTOGRAPHY? WHAT IS ENCRYPTION? 2.2 FAMOUS
CRYPTOGRAPHIC DEVICES 2.3 CIPHERS 2.4 MODERN CRYPTOGRAPHY 2.5 THE
COMPUTER AGE 2.6 HOW AES WORKS 2.7 SELECTING CRYPTOGRAPHY: THE
PROCESS 2.8 SUMMARY 2.9 CHAPTER REVIEW QUESTIONS/EXERCISES 2.9
OPTIONAL TEAM CASE PROJECT
Chapter 3 Detecting System Intrusions
3.1 INTRODUCTION 3.2 MONITORING KEY FILES IN THE SYSTEM 3.3
SECURITY OBJECTIVES 3.4 0DAY ATTACKS 3.5 GOOD KNOWN STATE 3.6
ROOTKITS 3.7 LOW HANGING FRUIT 3.8 ANTIVIRUS SOFTWARE 3.9 HOMEGROWN
INTRUSION DETECTION 3.10 FULL PACKET CAPTURE DEVICES 3.11 OUT OF
BAND ATTACK VECTORS 3.12 SECURITY AWARENESS TRAINING 3.13 DATA
CORRELATION 3.14 SIEM 3.15 OTHER WEIRD STUFF ON THE SYSTEM 3.16
DETECTION 3.17 NETWORK-BASED DETECTION OF SYSTEM INTRUSIONS (DSIS)
3.18 SUMMARY 3.19 CHAPTER REVIEW QUESTIONS/EXERCISES 3.20 OPTIONAL
TEAM CASE PROJECT
Chapter 4 Preventing System Intrusions
4.1 SO, WHAT IS AN INTRUSION? 4.2 SOBERING NUMBERS 4.3 KNOW YOUR
ENEMY: HACKERS VERSUS CRACKERS 4.4 MOTIVES 4.5 THE CRACKERS’ TOOLS
OF THE TRADE 4.6 BOTS 4.7 SYMPTOMS OF INTRUSIONS 4.8 WHAT CAN YOU
DO? 4.9 SECURITY POLICIES 4.10 RISK ANALYSIS 4.11 TOOLS OF YOUR
TRADE 4.12 CONTROLLING USER ACCESS 4.13 INTRUSION PREVENTION
CAPABILITIES 4.14 SUMMARY 4.15 CHAPTER REVIEW QUESTIONS/EXERCISES
4.16 OPTIONAL TEAM CASE PROJECT
CHAPTER 5 Guarding Against Network Intrusions
5.1 TRADITIONAL RECONNAISSANCE AND ATTACKS 5.2 MALICIOUS SOFTWARE
5.3 DEFENSE IN DEPTH 5.4 PREVENTIVE MEASURES 5.5 INTRUSION
MONITORING AND DETECTION 5.6 REACTIVE MEASURES 5.7 NETWORK-BASED
INTRUSION PROTECTION 5.6 SUMMARY 5.7 CHAPTER REVIEW
QUESTIONS/EXERCISES 5.8 OPTIONAL TEAM CASE PROJECT
CHAPTER 6 Securing Cloud Computing Systems
6.1 CLOUD COMPUTING ESSENTIALS: EXAMINING THE CLOUD LAYERS 6.2
SOFTWARE AS A SERVICE (SAAS): MANAGING RISKS IN THE CLOUD 6.3
PLATFORM AS A SERVICE (PAAS): SECURING THE PLATFORM 6.4
INFRASTRUCTURE AS A SERVICE (IAAS) 6.5 LEVERAGING PROVIDER-SPECIFIC
SECURITY OPTIONS 6.6 ACHIEVING SECURITY IN A PRIVATE CLOUD 6.7
MEETING COMPLIANCE REQUIREMENTS 6.8 PREPARING FOR DISASTER RECOVERY
6.9 SUMMARY 6.10 CHAPTER REVIEW QUESTIONS/EXERCISES 6.11 OPTIONAL
TEAM CASE PROJECT
CHAPTER 7 Fault Tolerance and Resilience in Cloud Computing
Environments
7.1 INTRODUCTION 7.2 CLOUD COMPUTING FAULT MODEL 7.3 BASIC CONCEPTS
ON FAULT TOLERANCE 7.4 DIFFERENT LEVELS OF FAULT TOLERANCE IN CLOUD
COMPUTING 7.5 FAULT TOLERANCE AGAINST CRASH FAILURES IN CLOUD
COMPUTING 7.6 FAULT TOLERANCE AGAINST BYZANTINE FAILURES IN CLOUD
COMPUTING 7.7 FAULT TOLERANCE AS A SERVICE IN CLOUD COMPUTING 7.8
SUMMARY 7.9 CHAPTER REVIEW QUESTIONS/EXERCISES 7.10 OPTIONAL TEAM
CASE PROJECT
CHAPTER 8 Securing Web Applications, Services and Servers
8.1 SETTING THE STAGE 8.2 BASIC SECURITY FOR HTTP APPLICATIONS AND
SERVICES 8.3 BASIC SECURITY FOR SOAP SERVICES 8.4 IDENTITY
MANAGEMENT AND WEB SERVICES 8.5 AUTHORIZATION PATTERNS 8.6 SECURITY
CONSIDERATIONS 8.7 CHALLENGES 8.8 SUMMARY 8.9 CHAPTER REVIEW
QUESTIONS/EXERCISES 8.10 OPTIONAL TEAM CASE PROJECT
CHAPTER 9 Unix and Linux Security
9.1 UNIX AND SECURITY 9.2 BASIC UNIX SECURITY OVERVIEW 9.3
ACHIEVING UNIX SECURITY 9.4 PROTECTING USER ACCOUNTS AND
STRENGTHENING AUTHENTICATION 9.5 LIMITING SUPERUSER PRIVILEGES 9.6
SECURING LOCAL AND NETWORK FILE SYSTEMS 9.7 NETWORK CONFIGURATION
9.8 ADDITIONAL RESOURCES 9.9 IMPROVING THE SECURITY OF LINUX AND
UNIX SYSTEMS 9.10 SUMMARY 9.11 CHAPTER REVIEW QUESTIONS/EXERCISES
9.12 OPTIONAL TEAM CASE PROJECT
CHAPTER 10 Eliminating the Security Weakness of Linux and UNIX
Operating Systems
10.1 INTRODUCTION 10.2 HARDENING LINUX AND UNIX 10.3 PROACTIVE
DEFENSE FOR LINUX AND UNIX 10.4 SUMMARY 10.5 CHAPTER REVIEW
QUESTIONS/EXERCISES 10.6 OPTIONAL TEAM CASE PROJECT
CHAPTER 11 Internet Security
11.1 INTERNET PROTOCOL ARCHITECTURE 11.2 AN INTERNET THREAT MODEL
11.3 DEFENDING AGAINST ATTACKS ON THE INTERNET 11.4 INTERNET
SECURITY CHECKLIST 11.5 SUMMARY 11.6 CHAPTER REVIEW
QUESTIONS/EXERCISES 11.7 OPTIONAL TEAM CASE PROJECT
CHAPTER 12 The Botnet Problem
12.1 INTRODUCTION 12.2 BOTNET OVERVIEW 12.3 TYPICAL BOT LIFE CYCLE
12.4 THE BOTNET BUSINESS MODEL 12.5 BOTNET DEFENSE 12.6 BOTMASTER
TRACEBACK 12.7 PREVENTING BOTNETS 12.8 SUMMARY 12.9 CHAPTER REVIEW
QUESTIONS/EXERCISES 12.10 OPTIONAL TEAM CASE PROJECT
CHAPTER 13 Intranet Security
13.1 SMARTPHONES & TABLETS IN THE INTRANET 13.2 SECURITY
CONSIDERATIONS 13.3 PLUGGING THE GAPS: NAC AND ACCESS CONTROL 13.4
MEASURING RISK: AUDITS 13.5 GUARDIAN AT THE GATE: AUTHENTICATION
AND ENCRYPTION 13.6 WIRELESS NETWORK SECURITY 13.7 SHIELDING THE
WIRE: NETWORK PROTECTION 13.8 WEAKEST LINK IN SECURITY: USER
TRAINING 13.9 DOCUMENTING THE NETWORK: CHANGE MANAGEMENT 13.10
REHEARSE THE INEVITABLE: DISASTER RECOVERY 13.11 CONTROLLING
HAZARDS: PHYSICAL AND ENVIRONMENTAL PROTECTION 13.12 KNOW YOUR
USERS: PERSONNEL SECURITY 13.13 PROTECTING DATA FLOW: INFORMATION
AND SYSTEM INTEGRITY 13.14 SECURITY ASSESSMENTS 13.15 RISK
ASSESSMENTS 13.16 INTRANET SECURITY CHECKLIST 13.17 SUMMARY 13.18
CHAPTER REVIEW QUESTIONS/EXERCISES 13.19 OPTIONAL TEAM CASE
PROJECT
CHAPTER 14 Local Area Network Security
14.1 IDENTIFY NETWORK THREATS 14.2 ESTABLISH NETWORK ACCESS
CONTROLS 14.3 RISK ASSESSMENT 14.4 LISTING NETWORK RESOURCES 14.5
THREATS 14.6 SECURITY POLICIES 14.7 THE INCIDENT-HANDLING PROCESS
14.8 SECURE DESIGN THROUGH NETWORK ACCESS CONTROLS 14.9 IDS DEFINED
14.10 NIDS: SCOPE AND LIMITATIONS 14.11 A PRACTICAL ILLUSTRATION OF
NIDS 14.12 FIREWALLS 14.13 DYNAMIC NAT CONFIGURATION 14.14 THE
PERIMETER 14.15 ACCESS LIST DETAILS 14.16 TYPES OF FIREWALLS 14.17
PACKET FILTERING: IP FILTERING ROUTERS 14.18 APPLICATION-LAYER
FIREWALLS: PROXY SERVERS 14.19 STATEFUL INSPECTIO FIREWALLS 14.20
NIDS COMPLEMENTS FIREWALLS 14.21 MONITOR AND ANALYZE SYSTEM
ACTIVITIES 14.22 SIGNATURE ANALYSIS 14.23 STATISTICAL ANALYSIS
14.24 SIGNATURE ALGORITHMS 14.25 SUMMARY 14.26 CHAPTER REVIEW
QUESTIONS/EXERCISES 14.27 OPTIONAL TEAM CASE PROJECT
CHAPTER 15 Wireless Network Security
15.1 CELLULAR NETWORKS 15.2 WIRELESS AD HOC NETWORKS 15.3 SECURITY
PROTOCOLS 15.4 WEP 15.5 WPA and WPA2 15.6 SPINS: Security Protocols
for Sensor Networks 15.7 SECURE ROUTING 15.8 SEAD 15.9 ARAN 15.10
SLSP 15.11 KEY ESTABLISHMENT 15.12 ING 15.13 MANAGEMENT
COUNTERMEASURES 15.14 SUMMARY 15.15 CHAPTER REVIEW
QUESTIONS/EXERCISES 15.16 OPTIONAL TEAM CASE PROJECT
CHAPTER 16 Wireless Sensor Network Security
16.1 INTRODUCTION TO WIRELESS SENSOR NETWORK (WSN) 16.2 SUMMARY
16.3 CHAPTER REVIEW QUESTIONS/EXERCISES 16.4 OPTIONAL TEAM CASE
PROJECT
CHAPTER 17 Cellular Network Security
17.1 INTRODUCTION TO WIRELESS SENSOR NETWORK (WSN) 17.2 OVERVIEW OF
CELLULAR NETWORKS 17.3 THE STATE OF THE ART OF CELLULAR NETWORK
SECURITY 17.4 CELLULAR NETWORK ATTACK TAXONOMY 17.5 CELLULAR
NETWORK VULNERABILITY ANALYSIS 17.6 (aCAT) 17.7 (eCAT) 17.8 SUMMARY
17.9 CHAPTER REVIEW QUESTIONS/EXERCISES 17.10 OPTIONAL TEAM CASE
PROJECT
CHAPTER 18 RFID Security
18.1 RFID INTRODUCTION 18.2 RFID CHALLENGES 18.3 RFID PROTECTIONS
18.4 SUMMARY 18.5 CHAPTER REVIEW QUESTIONS/EXERCISES 18.6 OPTIONAL
TEAM CASE PROJECT
CHAPTER 19 Optical Network Security
19.1 OPTICAL NETWORKS 19.2 SECURING OPTICAL NETWORKS 19.3 IDENTIFY
VULNERABILITIES 19.4 CORRECTIVE ACTIONS 19.5 SUMMARY 19.6 CHAPTER
REVIEW QUESTIONS/EXERCISES 19.7 OPTIONAL TEAM CASE PROJECT
CHAPTER 20 Optical Wireless Security
20.1 OPTICAL WIRELESS SYSTEMS OVERVIEW 20.2 DEPLOYMENT
ARCHITECTURES 20.3 HIGH BANDWIDTH 20.4 LOW COST 20.5 IMPLEMENTATION
20.6 SURFACE AREA 20.7 SUMMARY 20.8 CHAPTER REVIEW
QUESTIONS/EXERCISES 20.9 OPTIONAL TEAM CASE PROJECT
Part II Managing Information Security
CHAPTER 21 Information Security Essentials for IT Managers:
Protecting Mission-Critical Systems
21.1 INFORMATION SECURITY ESSENTIALS FOR IT MANAGERS 21.2 OVERVIEW
21.3 PROTECTING MISSION-CRITICAL SYSTEMS 21.4 INFORMATION SECURITY
FROM THE GROUND UP 21.5 SECURITY MONITORING AND EFFECTIVENESS 21.6
SUMMARY 21.7 CHAPTER REVIEW QUESTIONS/EXERCISES 21.8 OPTIONAL TEAM
CASE PROJECT
CHAPTER 22 Security Management Systems
22.1 SECURITY MANAGEMENT SYSTEM STANDARDS 22.2 TRAINING
REQUIREMENTS 22.3 PRINCIPLES OF INFORMATION SECURITY 22.4 ROLES AND
RESPONSIBILITIES OF PERSONNEL 22.5 SECURITY POLICIES 22.6 SECURITY
CONTROLS 22.7 NETWORK ACCESS 22.8 RISK ASSESSMENT 22.9 INCIDENT
RESPONSE 22.10 SUMMARY 22.11 CHAPTER REVIEW QUESTIONS/EXERCISES
22.12 OPTIONAL TEAM CASE PROJECT
CHAPTER 23 Policy-driven System Management
23.1 INTRODUCTION 23.2 SECURITY AND POLICY-BASED MANAGEMENT 23.3
CLASSIFICAION AND LANGUAGES 23.4 CONTROLS FOR ENFORCING SECURITY
POLICIES IN DISTRIBUTED SYSTEMS 23.5 PRODUCTS AND TECHNOLOGIES 23.6
RESEARCH PROJECTS 23.7 SUMMARY 23.8 CHAPTER REVIEW
QUESTIONS/EXERCISES 23.9 OPTIONAL TEAM CASE PROJECT
CHAPTER 24 Information Technology Security Management
24.1 INFORMATION SECURITY MANAGEMENT STANDARDS 24.2 OTHER
ORGANIZATIONS INVOLVED IN STANDARDS 24.3 INFORMATION TECHNOLOGY
SECURITY ASPECTS 24.4 SUMMARY 24.5 CHAPTER REVIEW
QUESTIONS/EXERCISES 24.6 OPTIONAL TEAM CASE PROJECT
CHAPTER 25 Online Identity and User Management Services
25.1 INTRODUCTION 25.2 EVOLUTION OF IDENTITY MANAGEMENT
REQUIREMENTS 25.3 THE REQUIREMENTS FULFILLED BY IDENTITY MANAGEMENT
TECHNOLOGIES 25.4 IDENTITY MANAGEMENT 1.0 25.5 SOCIAL LOGIN AND
USER MANAGEMENT 25.6 IDENTITY 2.0 FOR MOBILE USERS 25.7 SUMMARY
25.8 CHAPTER REVIEW QUESTIONS/EXERCISES 25.9 OPTIONAL TEAM CASE
PROJECT
CHAPTER 26 Intrusion Prevention and Detection Systems
26.1 WHAT IS AN ‘INTRUSION’ ANYWAY? 26.2 PHYSICAL THEFT 26.3 ABUSE
OF PRIVILEGES (THE INSIDER THREAT) 26.4 UNAUTHORIZED ACCESS BY
OUTSIDER 26.5 MALWARE INFECTION 26.6 THE ROLE OF THE ‘0-DAY’ 26.7
THE ROGUE’S GALLERY: ATTACKERS AND MOTIVES 26.8 A BRIEF
INTRODUCTION TO TCP/IP 26.9 THE TCP/IP DATA ARCHITECTURE AND DATA
ENCAPSULATION 26.10 SURVEY OF INTRUSION DETECTION AND PREVENTION
26.11 TECHNOLOGIES 26.12 ANTI-MALWARE SOFTWARE 26.13 NETWORK-BASED
INTRUSION DETECTION SYSTEMS 26.14 NETWORK-BASED INTRUSION
PREVENTION SYSTEMS 26.15 HOST-BASED INTRUSION PREVENTION SYSTEMS
26.16 SECURITY INFORMATION MANAGEMENT SYSTEMS 26.17 NETWORK SESSION
ANALYSIS 26.18 DIGITAL FORENSICS 26.19 SYSTEM INTEGRITY VALIDATION
26.20 SUMMARY 26.21 CHAPTER REVIEW QUESTIONS/EXERCISES 26.22
OPTIONAL TEAM CASE PROJECT
CHAPTER 27 TCP/IP Packet Analysis
27.1 THE INTERNET MODEL 27.2 SUMMARY 27.3 CHAPTER REVIEW
QUESTIONS/EXERCISES 27.4 OPTIONAL TEAM CASE PROJECT
CHAPTER 28 The Enemy (The Intruder’s Genesis)
28.1 INTRODUCTION 28.2 ACTIVE RECONNAISSANCE 28.3 ENUMERATION 28.4
PENETRATION & GAIN ACCESS 28.5 MAINTAIN ACCESS 28.6 DEFEND NETWORK
AGAINST UNAUTHORIZED ACCESS 28.7 SUMMARY 28.8 CHAPTER REVIEW
QUESTIONS/EXERCISES 28.9 OPTIONAL TEAM CASE PROJECT
CHAPTER 29 Firewalls
29.1 INTRODUCTION 29.2 NETWORK FIREWALLS 29.3 FIREWALL SECURITY
POLICIES 29.4 A SIMPLE MATHEMATICAL MODEL FOR POLICIES, RULES, AND
PACKETS 29.5 FIRST-MATCH FIREWALL POLICY ANOMALIES 29.6 POLICY
OPTIMIZATION 29.7 FIREWALL TYPES 29.8 HOST AND NETWORK FIREWALLS
29.9 SOFTWARE AND HARDWARE FIREWALL IMPLEMENTATIONS 29.10 CHOOSING
THE CORRECT FIREWALL 29.11 FIREWALL PLACEMENT AND NETWORK TOPOLOGY
29.12 FIREWALL INSTALLATION AND CONFIGURATION 29.13 SUPPORTING
OUTGOING SERVICES THROUGH FIREWALL CONFIGURATION 29.14 SECURE
EXTERNAL SERVICES PROVISIONING 29.15 NETWORK FIREWALLS FOR VOICE
AND VIDEO APPLICATIONS 29.16 FIREWALLS AND IMPORTANT ADMINISTRATIVE
SERVICE PROTOCOLS 29.17 INTERNAL IP SERVICES PROTECTION 29.18
FIREWALL REMOTE ACCESS CONFIGURATION 29.19 LOAD BALANCING AND
FIREWALL ARRAYS 29.20 HIGHLY AVAILABLE FIREWALLS 29.21 FIREWALL
MANAGEMENT 29.22 SUMMARY 29.23 CHAPTER REVIEW QUESTIONS/EXERCISES
29.24 OPTIONAL TEAM CASE PROJECT
CHAPTER 30 Penetration Testing
30.1 INTRODUCTION 30.2 WHAT IS PENETRATION TESTING? 30.3 HOW DOES
PENETRATION TESTING DIFFER FROM AN ACTUAL “HACK? 30.4 TYPES OF
PENETRATION TESTING 30.5 PHASES OF PENETRATION TESTING 30.6
DEFINING WHAT’S EXPECTED 30.7 THE NEED FOR A METHODOLOGY 30.8
PENETRATION TESTING METHODOLOGIES 30.9 METHODOLOGY IN ACTION 30.10
PENETRATION TESTING RISKS 30.11 LIABILITY ISSUES 30.12 LEGAL
CONSEQUENCES 30.13 “GET OUT OF JAIL FREE CARD 30.14 PENETRATION
TESTING CONSULTANTS 30.15 REQUIRED SKILL SETS 30.16 ACCOMPLISHMENTS
30.17 HIRING A PENETRATION TESTER 30.18 WHY SHOULD A COMPANY HI RE
YOU? 30.19 SUMMARY 30.20 CHAPTER REVIEW QUESTIONS/EXERCISES 30.21
OPTIONAL TEAM CASE PROJECT
CHAPTER 31 What Is Vulnerability Assessment?
31.1 INTRODUCTION 31.2 REPORTING 31.3 THE “IT WON’T HAPPEN TO US
FACTOR 31.4 WHY VULNERABILITY ASSESSMENT? 31.5 PENETRATION TESTING
VERSUS VULNERABILITY ASSESSMENT 31.6 VULNERABILITY ASSESSMENT GOAL
31.7 MAPPING THE NETWORK 31.8 SELECTING THE RIGHT SCANNERS 31.9
CENTRAL SCANS VERSUS LOCAL SCANS 31.10 DEFENSE IN DEPTH STRATEGY
31.11 VULNERABILITY ASSESSMENT TOOLS 31.12 SARA 31.13 SAINT 31.14
MBSA 31.15 SCANNER PERFORMANCE 31.16 SCAN VERIFICATION 31.17
SCANNING CORNERSTONES 31.18 NETWORK SCANNING COUNTERMEASURES 31.19
VULNERABILITY DISCLOSURE DATE 31.20 PROACTIVE SECURITY VERSUS
REACTIVE SECURITY 31.21 VULNERABILITY CAUSES 31.22 DIY
VULNERABILITY ASSESSMENT 31.23 SUMMARY 31.24 CHAPTER REVIEW
QUESTIONS/EXERCISES 31.25 OPTIONAL TEAM CASE PROJECT
CHAPTER 32 Security Metrics: An Introduction and Literature
Review
32.1 INTRODUCTION 32.2 WHY SECURITY METRICS? 32.3 THE NATURE OF
SECURITY METRICS 32.4 GETTING STARTED WITH SECURITY METRICS 32.5
METRICS IN ACTION–TOWARDS AN INTELLIGENT SECURITY DASHBOARD 32.6
SECURITY METRICS IN THE LITERATURE 32.7 SUMMARY 32.8 CHAPTER REVIEW
QUESTIONS/EXERCISES 32.9 OPTIONAL TEAM CASE PROJECT
Part III Cyber, Network, and Systems Forensics Security and
Assurance
CHAPTER 33 Cyber Forensics
33.1 WHAT IS CYBER FORENSICS? 33.2 ANALYSIS OF DATA 33.3 CYBER
FORENSICS IN THE COURT SYSTEM 33.4 UNDERSTANDING INTERNET HISTORY
33.5 TEMPORARY RESTRAINING ORDERS AND LABOR DISPUTES 33.6 NTFS 33.7
FIRST PRINCIPLES 33.8 HACKING A WINDOWS XP PASSWORD 33.9 NETWORK
ANALYSIS 33.10 CYBER FORENSICS APPLIED 33.11 TESTIFYING AS AN
EXPERT 33.12 BEGINNING TO END IN COURT 33.13 SUMMARY 33.14 CHAPTER
REVIEW QUESTIONS/EXERCISES 33.15 OPTIONAL TEAM CASE
PROJECT
CHAPTER 34 Cyber Forensics and Incidence Response
34.1 INTRODUCTION TO CYBER FORENSICS 34.2 HANDLING PRELIMINARY
INVESTIGATIONS 34.3 CONTROLLING AN INVESTIGATION 34.4
CONDUCTING DISK-BASED ANALYSIS 34.5 INVESTIGATING
INFORMATION-HIDING TECHNIQUES 34.6 SCRUTINIZING E-MAIL 34.7
VALIDATING E-MAIL HEADER INFORMATION 34.8 TRACING INTERNET ACCESS
34.9 SEARCHING MEMORY IN REAL TIME 34.10 SUMMARY 34.11 CHAPTER
REVIEW QUESTIONS/EXERCISES 34.12 OPTIONAL TEAM CASE
PROJECT
CHAPTER 35 Securing e-Discovery
35.1 INFORMATION MANAGEMENT 35.2 SUMMARY 35.3 CHAPTER REVIEW
QUESTIONS/EXERCISES 35.4 OPTIONAL TEAM CASE PROJECT
CHAPTER 36 Network Forensics
36.1 SCIENTIFIC OVERVIEW 36.2 THE PRINCIPLES OF NETWORK FORENSICS
36.3 ATTACK TRACEBACK AND ATTRIBUTION 36.4 CRITICAL NEEDS ANALYSIS
36.5 RESEARCH DIRECTIONS 36.6 SUMMARY 36.7 CHAPTER REVIEW
QUESTIONS/EXERCISES 36.8 OPTIONAL TEAM CASE PROJECT
Part IV Encryption Technology
CHAPTER 37 Data Encryption
37.1 NEED FOR CRYPTOGRAPHY 37.2 MATHEMATICAL PRELUDE TO
CRYPTOGRAPHY 37.3 CLASSICAL CRYPTOGRAPHY 37.4 MODERN SYMMETRIC
CIPHERS 37.5 ALGEBRAIC STRUCTURE 37.6 THE INTERNAL FUNCTIONS OF
RIJNDAEL IN AES IMPLEMENTATION 37.7 USE OF MODERN BLOCK CIPHERS
37.8 PUBLIC-KEY CRYPTOGRAPHY 37.9 CRYPTANALYSIS OF RSA 37.10
DIFFIE-HELLMAN ALGORITHM 37.11 ELLIPTIC CURVE CRYPTOSYSTEMS 37.12
MESSAGE INTEGRITY AND AUTHENTICATION 37.13 TRIPLE DATA ENCRYPTION
ALGORITHM (TDEA) BLOCK CIPHER 37.14 SUMMARY 37.15 CHAPTER REVIEW
QUESTIONS/EXERCISES 37.16 OPTIONAL TEAM CASE
PROJECT
CHAPTER 38 Satellite Encryption
38.1 INTRODUCTION 38.2 THE NEED FOR SATELLITE ENCRYPTION 38.3
IMPLEMENTING SATELLITE ENCRYPTION 38.4 PIRATE DECRYPTION OF
SATELLITE TRANSMISSIONS 38.5 SUMMARY 38.6 CHAPTER REVIEW
QUESTIONS/EXERCISES 38.7 OPTIONAL TEAM CASE PROJECT
CHAPTER 39 Public Key Infrastructure
39.1 CRYPTOGRAPHIC BACKGROUND 39.2 OVERVIEW OF PKI 39.3 THE X.509
MODEL 39.4 X.509 IMPLEMENTATION ARCHITECTURES 39.5 X.509
CERTIFICATE VALIDATION 39.6 X.509 CERTIFICATE REVOCATION 39.7
SERVER-BASED CERTIFICATE VALIDITY PROTOCOL 39.8 X.509 BRIDGE
CERTIFICATION SYSTEMS 39.9 X.509 CERTIFICATE FORMAT 39.10 PKI
POLICY DESCRIPTION 39.11 PKI STANDARDS ORGANIZATIONS 39.12 PGP
CERTIFICATE FORMATS 39.13 PGP PKI IMPLEMENTATIONS 39.14 W3C 39.15
IS PKI SECURE 39.16 ALTERNATIVE PKI ARCHITECTURES 39.17 MODIFIED
X.509 ARCHITECTURES 39.18 ALTERNATIVE KEY MANAGEMENT MODELS 39.19
SUMMARY 39.20 CHAPTER REVIEW QUESTIONS/EXERCISES 39.21
OPTIONAL TEAM CASE PROJECT
CHAPTER 40 Password-based Authenticated Key Establishment
Protocol
[TOC TBD]
CHAPTER 41 Instant-Messaging Security
41.1 WHY SHOULD I CARE ABOUT INSTANT MESSAGING? 41.2 WHAT IS
INSTANT MESSAGING? 41.3 THE EVOLUTION OF NETWORKING TECHNOLOGIES
41.3 GAME THEORY AND INSTANT MESSAGING 41.4 THE NATURE OF THE
THREAT 41.5 COMMON IM APPLICATIONS 41.6 DEFENSIVE STRATEGIES 41.7
INSTANT-MESSAGING SECURITY MATURITY AND SOLUTIONS 41.8 PROCESSES
41.9 SUMMARY 41.10 EXAMPLE ANSWERS TO KEY FACTORS 41.11 CHAPTER
REVIEW QUESTIONS/EXERCISES 41.12 OPTIONAL TEAM CASE
PROJECT
Part V Privacy and Access Management
CHAPTER 42 Privacy on the Internet
42.1 PRIVACY IN THE DIGITAL SOCIETY 42.2 THE ECONOMICS OF PRIVACY
42.3 PRIVACY-ENHANCING TECHNOLOGIES 42.4 NETWORK ANONYMITY 42.5
SUMMARY 42.6 CHAPTER REVIEW QUESTIONS/EXERCISES
42.7 OPTIONAL TEAM CASE PROJECT
CHAPTER 43 Privacy-enhancing Technologies
43.1 THE CONCEPT OF PRIVACY 43.2 LEGAL PRIVACY PRINCIPLES 43.3
CLASSIFICATION OF PETS 43.4 TRADITIONAL PRIVACY GOALS OF PETS 43.5
PRIVACY METRICS 43.6 DATA MINIMIZATION TECHNOLOGIES 43.7
TRANSPARENCY-ENHANCING TOOLS 43.8 SUMMARY 43.9 CHAPTER REVIEW
QUESTIONS/EXERCISES 43.10 OPTIONAL TEAM CASE
PROJECT
CHAPTER 44 Personal Privacy Policies
44.1 INTRODUCTION 44.2 CONTENT OF PERSONAL PRIVACY POLICIES 44.3
SEMIAUTOMATED DERIVATION OF PERSONAL PRIVACY POLICIES 44.4
SPECIFYING WELL-FORMED PERSONAL PRIVACY POLICIES 44.5 PREVENTING
UNEXPECTED NEGATIVE OUTCOMES 44.6 THE PRIVACY MANAGEMENT MODEL 44.7
DISCUSSION AND RELATED WORK 44.8 SUMMARY 44.9 CHAPTER REVIEW
QUESTIONS/EXERCISES 44.10 OPTIONAL TEAM CASE
PROJECT
CHAPTER 45 Detection Of Conflicts In Security Policies
45.1 INTRODUCTION 45.2 CONFLICTS IN SECURITY POLICIES 45.3
CONFLICTS IN EXECUTABLE SECURITY POLICIES 45.4 CONFLICTS IN NETWORK
SECURITY POLICIES 45.5 SEMANTIC WEB TECHNOLOGY FOR CONFLICT
DETECTION 45.6 SUMMARY 45.7 CHAPTER REVIEW
QUESTIONS/EXERCISES 45.8 OPTIONAL TEAM CASE PROJECT
CHAPTER 46 Supporting User Privacy Preferences in Digital
Interactions
46.1 INTRODUCTION 46.2 BASIC CONCEPTS AND DESIDERATA 46.3
COST-SENSITIVE TRUST NEGOTIATION 46.4 POINT-BASED TRUST MANAGEMENT
46.5 LOGICAL-BASED MINIMAL CREDENTIAL DISCLOSURE 46.6 PRIVACY
PREFERENCES IN CREDENTIAL-BASED INTERACTIONS 46.7 FINE-GRAINED
DISCLOSURE OF SENSITIVE ACCESS POLICIES 46.8 OPEN ISSUES 46.9
SUMMARY 46.10 CHAPTER REVIEW QUESTIONS/EXERCISES 46.11
OPTIONAL TEAM CASE PROJECT
CHAPTER 47 Privacy and Security in Environmental Monitoring
Systems: Issues and Solutions
47.1 INTRODUCTION 47.2 SYSTEM ARCHITECTURES 47.3 ENVIRONMENTAL DATA
47.4 SECURITY AND PRIVACY ISSUES IN ENVIRONMENTAL MONITORING
47.5 COUNTERMEASURES 47.6 SUMMARY 47.7 CHAPTER REVIEW
QUESTIONS/EXERCISES 47.8 OPTIONAL TEAM CASE
PROJECT
CHAPTER 48 Virtual Private Networks
48.1 HISTORY 48.2 WHO IS IN CHARGE? 48.3 VPN TYPES 48.4
AUTHENTICATION METHODS 48.5 SYMMETRIC ENCRYPTION 48.6 ASYMMETRIC
CRYPTOGRAPHY 48.7 EDGE DEVICES 48.8 PASSWORDS 48.9 HACKERS AND
CRACKERS 48.10 MOBILE VPN 48.11 SSL VPN DEPLOYMENTS 48.12 SUMMARY
48.13 CHAPTER REVIEW QUESTIONS/EXERCISES 48.14 OPTIONAL TEAM CASE
PROJECT
CHAPTER 49 Identity Theft
49.1 EXPERIMENTAL DESIGN 49.2 RESULTS AND ANALYSIS 49.3
IMPLICATIONS FOR CRIMEWARE 49.4 SUMMARY 49.5 CHAPTER REVIEW
QUESTIONS/EXERCISES 49.6 OPTIONAL TEAM CASE PROJECT
CHAPTER 50 VoIP Security
50.1 INTRODUCTION 50.2 OVERVIEW OF THREATS 50.3 SECURITY IN VoIP
50.4 FUTURE TRENDS 50.5 SUMMARY 50.6 CHAPTER REVIEW
QUESTIONS/EXERCISES 50.7 OPTIONAL TEAM CASE PROJECT
Part VI Storage Security
CHAPTER 51 SAN Security
51.1 ORGANIZATIONAL STRUCTURE 51.2 ACCESS CONTROL LISTS (ACL) AND
POLICIES 51.3 PHYSICAL ACCESS 51.4 CHANGE MANAGEMENT 51.5
PASSWORD POLICIES 51.6 DEFENSE IN DEPTH 51.7 VENDOR SECURITY REVIEW
51.8 DATA CLASSIFICATION 51.9 SECURITY MANAGEMENT 51.10 AUDITING
51.11 SECURITY MAINTENANCE 51.12 HOST ACCESS: PARTITIONING 51.13
DATA PROTECTION: REPLICAS 51.14 ENCRYPTION IN STORAGE 51.15
APPLICATION OF ENCRYPTION 51.16 SUMMARY 51.17 CHAPTER REVIEW
QUESTIONS/EXERCISES 51.18 OPTIONAL TEAM CASE PROJECT
CHAPTER 52 Storage Area Networking Security Devices
52.1 WHAT IS A SAN? 52.2 SAN DEPLOYMENT JUSTIFICATIONS 52.3 THE
CRITICAL REASONS FOR SAN SECURITY 52.4 SAN ARCHITECTURE AND
COMPONENTS 52.5 SAN GENERAL THREATS AND ISSUES 52.6 OWASP 52.7
OSSTMM 52.8 ISSA 52.9 ISACA 52.10 SUMMARY 52.11 CHAPTER REVIEW
QUESTIONS/EXERCISES 52.12 OPTIONAL TEAM CASE PROJECT
CHAPTER 53 Risk Management
53.1 THE CONCEPT OF RISK 53.2 EXPRESSING AND MEASURING RISK 53.3
THE RISK MANAGEMENT METHODOLOGY 53.4 RISK MANAGEMENT LAWS AND
REGULATIONS 53.5 RISK MANAGEMENT STANDARDS 53.6 SUMMARY 53.7
CHAPTER REVIEW QUESTIONS/EXERCISES 53.8 OPTIONAL TEAM CASE
PROJECT
Part VII Physical Security
CHAPTER 54 Physical Security Essentials
54.1 OVERVIEW 54.2 PHYSICAL SECURITY THREATS 54.3 PHYSICAL SECURITY
PREVENTION AND MITIGATION MEASURES 54.4 RECOVERY FROM PHYSICAL
SECURITY BREACHES 54.5 THREAT ASSESSMENT, PLANNING, AND PLAN
IMPLEMENTATION 54.6 EXAMPLE: A CORPORATE PHYSICAL SECURITY POLICY
54.7 INTEGRATION OF PHYSICAL AND LOGICAL SECURITY 54.8 PHYSICAL
SECURITY CHECKLIST 54.9 SUMMARY 54.10 CHAPTER REVIEW
QUESTIONS/EXERCISES 54.11 OPTIONAL TEAM CASE PROJECT
CHAPTER 55 Disaster Recovery
55.1 INTRODUCTION 55.2 MEASURING RISK AND AVOIDING DISASTER 55.3
THE BUSINESS IMPACT ASSESSMENT (BIA) 55.4 SUMMARY 55.5 CHAPTER
REVIEW QUESTIONS/EXERCISES 55.6 OPTIONAL TEAM CASE PROJECT
CHAPTER 56 Biometrics
56.1 RELEVANT STANDARDS 56.2 BIOMETRIC SYSTEM ARCHITECTURE 56.3
USING BIOMETRIC SYSTEMS 56.4 SECURITY CONSIDERATIONS 56.5 SUMMARY
56.6 CHAPTER REVIEW QUESTIONS/EXERCISES 56.7 OPTIONAL TEAM CASE
PROJECT
CHAPTER 57 Homeland Security
57.1 STATUTORY AUTHORITIES 57.2 HOMELAND SECURITY PRESIDENTIAL
DIRECTIVES 57.3 ORGANIZATIONAL ACTIONS 57.4 SUMMARY 57.5 CHAPTER
REVIEW QUESTIONS/EXERCISES 57.6 OPTIONAL TEAM CASE PROJECT
CHAPTER 58 Cyber Warfare
58.1 CYBER WARFARE MODEL 58.2 CYBER WARFARE DEFINED 58.3 CW: MYTH
OR REALITY? 58.4 CYBER WARFARE: MAKING CW POSSIBLE 58.5 LEGAL
ASPECTS OF CW 58.6 HOLISTIC VIEW OF CYBER WARFARE 58.7 SUMMARY 58.8
CHAPTER REVIEW QUESTIONS/EXERCISES 58.9 OPTIONAL TEAM CASE
PROJECT
CHAPTER 59 System Security
59.1 FOUNDATIONS OF SECURITY 59.2 BASIC COUNTERMEASURES 59.3
SUMMARY 59.4 CHAPTER REVIEW QUESTIONS/EXERCISES 59.5 OPTIONAL TEAM
CASE PROJECT
CHAPTER 60 Securing the Infrastructure
60.1 COMMUNICATION SECURITY GOALS 60.2 ATTACKS AND COUNTERMEASURES
60.3 SUMMARY 60.4 CHAPTER REVIEW QUESTIONS/EXERCISES 60.5
OPTIONAL TEAM CASE PROJECT
CHAPTER 61 Access Controls
61.1 INFRASTRUCTURE WEAKNESSES: DAC, MAC, AND RBAC 61.2
STRENGTHENING THE INFRASTRUCTURE: AUTHENTICATION SYSTEMS 61.3
SUMMARY 61.4 CHAPTER REVIEW QUESTIONS/EXERCISES 61.5 OPTIONAL TEAM
CASE PROJECT
CHAPTER 62 Assessments and Audits
62.1 ASSESSING VULNERABILITIES AND RISK: PENETRATION TESTING AND
VULNERABILITY ASSESSMENTS 62.2 RISK MANAGEMENT: QUANTITATIVE RISK
MEASUREMENTS 62.3 SUMMARY 62.4 CHAPTER REVIEW QUESTIONS/EXERCISES
62.5 OPTIONAL TEAM CASE PROJECT
CHAPTER 63 Fundamentals of Cryptography
63.1 ASSURING PRIVACY WITH ENCRYPTION 63.2 SUMMARY 63.3 CHAPTER
REVIEW QUESTIONS/EXERCISES 63.4 OPTIONAL TEAM CASE PROJECT
Part IX Advanced Security
CHAPTER 64 Security Through Diversity
64.1 UBIQUITY 64.2 EXAMPLE ATTACKS AGAINST UNIFORMITY 64.3
ATTACKING UBIQUITY WITH ANTIVIRUS TOOLS 64.4 THE THREAT OF WORMS
64.5 AUTOMATED NETWORK DEFENSE 64.6 DIVERSITY AND THE BROWSER 64.7
SANDBOXING AND VIRTUALIZATION 64.8 DNS EXAMPLE OF DIVERSITY THROUGH
SECURITY 64.9 RECOVERY FROM DISASTER IS SURVIVAL 64.10
SUMMARY 64.11 CHAPTER REVIEW QUESTIONS/EXERCISES 64.12 OPTIONAL
TEAM CASE PROJECT
CHAPTER 65 Online e-Reputation Management Services
65.1 INTRODUCTION 65.2 THE HUMAN NOTION OF REPUTATION 65.3
REPUTATION APPLIED TO THE COMPUTING WORLD 65.4 STATE OF THE ART OF
ATTACK--RESISTANT REPUTATION COMPUTATION 65.5 OVERVIEW OF CURRENT
ONLINE REPUTATION SERVICE 65.6 SUMMARY 65.7 CHAPTER REVIEW
QUESTIONS/EXERCISES 65.8 OPTIONAL TEAM CASE PROJECT
CHAPTER 66 Content Filtering
66.1 DEFINING THE PROBLEM 66.2 WHY CONTENT FILTERING IS IMPORTANT
66.3 CONTENT CATEGORIZATION TECHNOLOGIES 66.4 PERIMETER HARDWARE
AND SOFTWARE SOLUTIONS 66.5 CATEGORIES 66.6 LEGAL ISSUES 66.7
CIRCUMVENTING CONTENT FILTERING 66.8 ADDITIONAL ITEMS TO CONSIDER:
OVERBLOCKING AND UNDERBLOCKING 66.9 RELATED PRODUCTS 66.10 SUMMARY
66.11 CHAPTER REVIEW QUESTIONS/EXERCISES 66.12 OPTIONAL TEAM CASE
PROJECT
CHAPTER 67 Data Loss Protection
67.1 PRECURSORS OF DLP 67.2 WHAT IS DLP? 67.3 WHERE TO BEGIN 67.4
DATA IS LIKE WATER 67.5 YOU DON’T KNOW WHAT YOU DON’T KNOW 67.6 HOW
DO DLP APPLICATIONS WORK? 67.7 EAT YOUR VEGETABLES 67.8 IT’S A
FAMILY AFFAIR, NOT JUST IT SECURITY’S PROBLEM 67.9 VENDORS,
VENDORS EVERYWHERE! WHO DO YOU BELIEVE? 67.10 SUMMARY 67.11 CHAPTER
REVIEW QUESTIONS/EXERCISES 67.12 OPTIONAL TEAM CASE PROJECT
CHAPTER 68 Satellite Cyber Attack Search and Destroy
68.1 HACKS, INTERFERENCE AND JAMMING 68.2 SUMMARY 68.3 CHAPTER
REVIEW QUESTIONS/EXERCISES 68.4 OPTIONAL TEAM CASE PROJECT
CHAPTER 69 Verifiable Voting Systems
69.1 SECURITY REQUIREMENTS 69.2 VERIFIABLE VOTING SCHEMES 69.3
BUILDING BLOCKS 69.4 SURVEY OF NOTEWORTHY SCHEMES 69.5 PRÊT À VOTER
69.6 THREATS TO VERIFIABLE VOTING SYSTEMS 69.7 SUMMARY 69.8 CHAPTER
REVIEW QUESTIONS/EXERCISES 69.9 OPTIONAL TEAM CASE PROJECT
CHAPTER 70 Advanced Data Encryption
70.1 MATHEMATICAL CONCEPTS REVIEWED 70.2 THE RSA CRYPTOSYSTEM 70.3
SUMMARY 70.4 CHAPTER REVIEW QUESTIONS/EXERCISES 70.5 OPTIONAL TEAM
CASE PROJECT
Part X Appendices
Appendix A Configuring Authentication Service On Microsoft Windows
7
Appendix B Security Management and Resiliency Appendix C
List of Top Information and Network Security Implementation and
Deployment Companies
Appendix D List of Security Products Appendix E List of
Security Standards Appendix F List of Miscellaneous Security
Resources Appendix G Ensuring Built-in Frequency Hopping
Spread Spectrum Wireless Network Security Appendix H
Configuring Wireless Internet Security Remote Access
Appendix I Frequently Asked Questions
Appendix J Case Studies
John Vacca is an information technology consultant, professional writer, editor, reviewer and internationally-known, best-selling author based in Pomeroy, Ohio. Since 1982, John has authored 72 books, including: Identity Theft (Cybersafety) (Publisher: Chelsea House Pub (April 1, 2012 ); System Forensics, Investigation, And Response (Publisher: Jones & Bartlett Learning (September 24, 2010); Managing Information Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010)); Network and Systems Security (Publisher: Syngress (an imprint of Elsevier Inc.) (March 29, 2010)); Computer and Information Security Handbook (Publisher: Morgan Kaufmann (an imprint of Elsevier Inc.) (June 2, 2009)); Biometric Technologies and Verification Systems (Publisher: Elsevier Science & Technology Books (March 16, 2007)); Practical Internet Security (Hardcover): (Publisher: Springer (October 18, 2006)); Optical Networking Best Practices Handbook (Hardcover): (Publisher: Wiley-Interscience (November 28, 2006)); Computer Forensics: Computer Crime Scene Investigation (With CD-ROM), 2nd Edition (Publisher: Charles River Media (May 26, 2005) John Vacca has also written more than 600 articles in the areas of advanced storage, computer security and aerospace technology (copies of articles and books are available upon request). John was also a configuration management specialist, computer specialist, and the computer security official (CSO) for NASA's space station program (Freedom) and the International Space Station Program, from 1988 until his retirement from NASA in 1995. In addition, John is also an independent online book reviewer. Finally, John was one of the security consultants for the MGM movie titled: "AntiTrust," which was released on January 12, 2001.
"This is the 2nd edition of the classic reference on system security but encompasses many new topics that have become relevant since the 1st edition.In this huge volume (1171 pages and online content) the numerous chapters cover almost every conceivable aspect of information and system security."--Reference & Research Book News, October 2013 "The handbook is well organized and homogeneous, despite contributions by various authors. The new section on practical security is a welcome addition.this handbook will continue to be a very useful resource for professionals and students. I strongly recommend it for individuals as well as libraries."--ComputingReviews.com, September 12, 2013
Ask a Question About this Product More... |