Network Defense and Countermeasures
Pearson IT Certification (Verlag)
978-0-7897-5996-2 (ISBN)
· Clearly explains concepts, terminology, challenges, tools, and skills
· Covers key security standards and models for business and government
· The perfect introduction for all network/computer security professionals and students
Welcome to today’s most useful and practical introduction to defending modern networks. Drawing on decades of experience, Chuck Easttom brings together updated coverage of all the concepts, terminology, techniques, and solutions you’ll need to be effective.
Easttom thoroughly introduces the core technologies of modern network security, including firewalls, intrusion-detection systems, and VPNs. Next, he shows how encryption can be used to safeguard data as it moves across networks.
You’ll learn how to harden operating systems, defend against malware and network attacks, establish robust security policies, and assess network security using industry-leading standards and models. You’ll also find thorough coverage of key issues such as physical security, forensics, and cyberterrorism.
Throughout, Easttom blends theory and application, helping you understand both what to do and why. In every chapter, quizzes, exercises, projects, and web resources deepen your understanding and help you use what you’ve learned–in the classroom and in your career.
Learn How To
· Evaluate key network risks and dangers
· Choose the right network security approach for your organization
· Anticipate and counter widespread network attacks, including those based on “social engineering”
· Successfully deploy and apply firewalls and intrusion detection systems
· Secure network communication with virtual private networks
· Protect data with cryptographic public/private key systems, digital signatures, and certificates
· Defend against malware, including ransomware, Trojan horses, and spyware
· Harden operating systems and keep their security up to date
· Define and implement security policies that reduce risk
· Explore leading security standards and models, including ISO and NIST standards
· Prepare for an investigation if your network has been attacked
· Understand the growing risks of espionage and cyberterrorism
Chuck Easttom is a computer scientist, author, and inventor. He has authored 25 other books on programming, Web development, security, and Linux. He has also authored dozens of research papers on a wide range of computer science and cyber security topics. He is an inventor with 13 computer science patents. Chuck holds more than 40 different industry certifications. He also is a frequent presenter/speaker at computer and cyber security conferences such as Defcon, ISC2 Security Congress, Secure World, IEEE workshops, and more. You can reach Chuck at his website (www.chuckeasttom.com) or by e-mail at chuck@chuckeasttom.com.
Chapter 1: Introduction to Network Security
Introduction
The Basics of a Network
Basic Network Structure
Data Packets
IP Addresses
Uniform Resource Locators
MAC Addresses
Protocols
Basic Network Utilities
ipconfig
ping
tracert
netstat
The OSI Model
What Does This Mean for Security?
Assessing Likely Threats to the Network
Classifications of Threats
Malware
Compromising System Security–Intrusions
Denial of Service
Likely Attacks
Threat Assessment
Understanding Security Terminology
Hacking Terminology
Security Terminology
Choosing a Network Security Approach
Perimeter Security Approach
Layered Security Approach
Hybrid Security Approach
Network Security and the Law
Using Security Resources
Summary
Chapter 2: Types of Attacks
Introduction
Understanding Denial of Service Attacks
DoS in Action
SYN Flood
Smurf Attack
Ping of Death
UDP Flood
ICMP Flood
DHCP Starvation
HTTP Post DoS
PDoS
Distributed Reflection Denial of Service
DoS Tools
Real-World Examples
Defending Against DoS Attacks
Defending Against Buffer Overflow Attacks
Defending Against IP Spoofing
Defending Against Session Hijacking
Blocking Virus and Trojan Horse Attacks
Viruses
Types of Viruses
Trojan Horses
Summary
Chapter 3: Fundamentals of Firewalls
Introduction
What Is a Firewall?
Types of Firewalls
Packet Filtering Firewall
Stateful Packet Inspection
Application Gateway
Circuit Level Gateway
Hybrid Firewalls
Blacklisting/Whitelisting
Implementing Firewalls
Host-Based
Dual-Homed Hosts
Router-Based Firewall
Screened Hosts
Selecting and Using a Firewall
Using a Firewall
Using Proxy Servers
The WinGate Proxy Server
NAT
Summary
Chapter 4: Firewall Practical Applications
Introduction
Using Single Machine Firewalls
Windows 10 Firewall
User Account Control
Linux Firewalls
Iptables
Symantec Norton Firewall
McAfee Personal Firewall
Using Small Office/Home Office Firewalls
SonicWALL
D-Link DFL-2560 Office Firewall
Using Medium-Sized Network Firewalls
Check Point Firewall
Cisco Next-Generation Firewalls
Using Enterprise Firewalls
Summary
Chapter 5: Intrusion-Detection Systems
Introduction
Understanding IDS Concepts
Preemptive Blocking
Anomaly Detection
IDS Components and Processes
Understanding and Implementing IDSs
Snort
Cisco Intrusion-Detection and Prevention
Understanding and Implementing Honeypots
Specter
Symantec Decoy Server
Intrusion Deflection
Intrusion Deterrence
Summary
Chapter 6: Encryption Fundamentals
Introduction
The History of Encryption
The Caesar Cipher
ROT 13
Atbash Cipher
Multi-Alphabet Substitution
Rail Fence
Vigenère
Enigma
Binary Operations
Learning About Modern Encryption Methods
Symmetric Encryption
Key Stretching
PRNG
Public Key Encryption
Digital Signatures
Identifying Good Encryption
Understanding Digital Signatures and Certificates
Digital Certificates
PGP Certificates
MD5
SHA
RIPEMD
HAVAL
Understanding and Using Decryption
Cracking Passwords
John the Ripper
Using Rainbow Tables
Using Other Password Crackers
General Cryptanalysis
Steganography
Steganalysis
Quantum Computing and Quantum Cryptography
Summary
Chapter 7: Virtual Private Networks
Introduction
Basic VPN Technology
Using VPN Protocols for VPN Encryption
PPTP
PPTP Authentication
L2TP
L2TP Authentication
L2TP Compared to PPTP
IPSec
SSL/TLS
Implementing VPN Solutions
Cisco Solutions
Service Solutions
Openswan
Other Solutions
Summary
Chapter 8: Operating System Hardening
Introduction
Configuring Windows Properly
Accounts, Users, Groups, and Passwords
Setting Security Policies
Registry Settings
Services
Encrypting File System
Security Templates
Configuring Linux Properly
Patching the Operating System
Configuring Browsers
Securing Browser Settings for Microsoft Internet Explorer
Other Browsers
Summary
Chapter 9: Defending Against Virus Attacks
Introduction
Understanding Virus Attacks
What Is a Virus?
What Is a Worm?
How a Virus Spreads
The Virus Hoax
Types of Viruses
Virus Scanners
Virus Scanning Techniques
Commercial Antivirus Software
Antivirus Policies and Procedures
Additional Methods for Defending Your System
What to Do If Your System Is Infected by a Virus
Stopping the Spread of the Virus
Removing the Virus
Finding Out How the Infection Started
Summary
Chapter 10: Defending Against Trojan Horses, Spyware, and Adware
Introduction
Trojan Horses
Identifying Trojan Horses
Symptoms of a Trojan Horse
Why So Many Trojan Horses?
Preventing Trojan Horses
Spyware and Adware
Identifying Spyware and Adware
Anti-Spyware
Anti-Spyware Policies
Summary
Chapter 11: Security Policies
Introduction
Defining User Policies
Passwords
Internet Use Policy
E-mail Attachments
Software Installation and Removal
Instant Messaging
Desktop Configuration
Final Thoughts on User Policies
Defining System Administration Policies
New Employees
Leaving Employees
Change Requests
Security Breaches
Defining Access Control
Defining Developmental Policies
Summary
Chapter 12: Assessing System Security
Introduction
Risk Assessment Concepts
Evaluating the Security Risk
Conducting the Initial Assessment
Patches
Ports
Protect
Physical
Probing the Network
NetCop
NetBrute
Cerberus
Port Scanner for Unix: SATAN
SAINT
Nessus
NetStat Live
Active Ports
Other Port Scanners
Microsoft Baseline Security Analyzer
NSAuditor
NMAP
Vulnerabilities
CVE
NIST
OWASP
McCumber Cube
Goals
Information States
Safeguards
Security Documentation
Physical Security Documentation
Policy and Personnel Documentation
Probe Documents
Network Protection Documents
Summary
Chapter 13: Security Standards
Introduction
COBIT
ISO Standards
NIST Standards
NIST SP 800-14
NIST SP 800-35
NIST SP 800-30 Rev. 1
U.S. DoD Standards
Using the Orange Book
D - Minimal Protection
C - Discretionary Protection
B - Mandatory Protection
A - Verified Protection
Using the Rainbow Series
Using the Common Criteria
Using Security Models
Bell-LaPadula Model
Biba Integrity Model
Clark-Wilson Model
Chinese Wall Model
State Machine Model
U.S. Federal Regulations, Guidelines, and Standards
The Health Insurance Portability & Accountability Act of 1996 (HIPAA)
HITECH
Sarbanes-Oxley (SOX)
Computer Fraud and Abuse Act (CFAA): 18 U.S. Code § 1030
Fraud and Related Activity in Connection with Access Devices: 18 U.S. Code § 1029
General Data Protection Regulation (GDPR)
PCI DSS
Summary
Chapter 14: Physical Security and Disaster Recovery
Introduction
Physical Security
Equipment Security
Securing Building Access
Monitoring
Fire Protection
General Premises Security
Disaster Recovery
Disaster Recovery Plan
Business Continuity Plan
Determining Impact on Business
Testing Disaster Recovery
Disaster Recovery Related Standards
Ensuring Fault Tolerance
Summary
Chapter 15: Techniques Used by Attackers
Introduction
Preparing to Hack
Passively Searching for Information
Active Scanning
NSAuditor
Enumerating
Nmap
Shodan.io
Manual Scanning
The Attack Phase
Physical Access Attacks
Remote Access Attacks
Wi-Fi Hacking
Summary
Chapter 16: Introduction to Forensics
Introduction
General Forensics Guidelines
EU Evidence Gathering
Scientific Working Group on Digital Evidence
U.S. Secret Service Forensics Guidelines
Don’t Touch the Suspect Drive
Leave a Document Trail
Secure the Evidence
FBI Forensics Guidelines
Finding Evidence on the PC
In the Browser
In System Logs
Recovering Deleted Files
Operating System Utilities
The Windows Registry
Gathering Evidence from a Cell Phone
Logical Acquisition
Physical Acquisition
Chip-off and JTAG
Cellular Networks
Cell Phone Terms
Forensic Tools to Use
AccessData Forensic Toolkit
EnCase
The Sleuth Kit
OSForensics
Forensic Science
To Certify or Not to Certify?
Summary
Chapter 17: Cyber Terrorism
Introduction
Defending Against Computer-Based Espionage
Defending Against Computer-Based Terrorism
Economic Attack
Compromising Defense
General Attacks
China Eagle Union
Choosing Defense Strategies
Defending Against Information Warfare
Propaganda
Information Control
Actual Cases
Packet Sniffers
Summary
Appendix A: Answers
Glossary
9780789759962 TOC 3/21/2018
Erscheinungsdatum | 12.06.2018 |
---|---|
Verlagsort | Upper Saddle River |
Sprache | englisch |
Maße | 180 x 230 mm |
Gewicht | 920 g |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
ISBN-10 | 0-7897-5996-9 / 0789759969 |
ISBN-13 | 978-0-7897-5996-2 / 9780789759962 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich