Table of Contents

Preface. Acknowledgments. PART I: Introducing Computer Security Concepts. Chapter 1: A Security Primer. Chapter 2: Basic Principles of System and Network Security. Chapter 3: Using Encryption Technologies. Chapter 4: Securing TCP/IP. PART II: Network Security. Chapter 5: Security Incidents and Attacks. Chapter 6: Understanding Boundary Devices. Chapter 7: Implementing Firewalls. PART III: Operating System Security. Chapter 8: Operating System Security Risks. Chapter 9: Principles of Operating System Security. Chapter 10: Operating System Hardening. Chapter 11: Securing File Systems and Resources. Chapter 12: Securing User Accounts. PART IV: Intrusion Detection and Response. Chapter 13: Defeating Network and Server Attacks and Penetration. Chapter 14: Intrusion Detection and Prevention. Chapter 15: intrusion Detection Systems. Chapter 16: Handling Security Incidents. PART V: Security Auditing, Analysis, and Intrusion Detection. Chapter 17: Principle of Security Auditing. Chapter 18: System Security Scanning and Discovery. Chapter 19: Creating and Managing Security Control Procedures. Chapter 20: Auditing System and Security Logs. Chapter 21: Acting on Audit Results. Appendix A: What's on the CD-ROM. Appendix B: Objective Map. Appendix C: Sample Exam. Appendix D: Exam Tips. Appendix E: Well-Known Ports. Appendix F: Web Resources for Security Professionals. Index. End-User License Agreement. CD-ROM Installation Instructions.

About the Author

About the Authors Mandy Andress, CISSP, CISA, CPA, is a full-time security professional and consultant. She has written regularly for InfoWorld magazine on security topics and has helped design and maintain enterprise-wide security policies for several Fortune 500 companies. Phil Cox has worked at the Computer Incident Advisory Capability for the Department of Energy and been a columnist for;login:, the USENIX magazine. The author of Windows 2000 Security Handbook, he speaks on security topics at Networld InterOp and The Internet Security Conference. Ed Tittel is a 19-year computer industry veteran. He is currently the president of LANWrights, Inc., and Vice President of IT Certifications at Leaplt.com. Ed stays busy writing magazine articles and books (he has 110 titles to his credit), teaching, and consulting.