Network Security Bible,

Network Security Bible Second Edition

About the Author

About the Technical Editor

Credits

Acknowledgments

Contents at a Glance

Contents

Introduction

The Goal of This Book

How to Use This Book

Who Should Read This Book

How This Book Is Organized

Where To Go From Here

Part I: Network Security Landscape

Chapter 1: State of Network Security

Cyber Security

Summary

Chapter 2: New Approaches to Cyber Security

General Trends

The Changing Face of Cyber Security

Summary

Chapter 3: Interfacing with the Organization

An Enterprise Security Methodology

Key Questions to Manage Risk

Summary

Part II: Security Principles and Practices

Chapter 4: Information System Security Principles

Key Principles of Network Security

Formal Processes

Risk Management

Calculating and Managing Risk

Summary

Chapter 5: Information System Security Management

Security Policies

Security Awareness

Managing the Technical Effort

Configuration Management

Business Continuity and Disaster Recovery Planning

Physical Security

Legal and Liability Issues

Summary

Chapter 6: Access Control

Control Models

Types of Access Control Implementations

Identification and Authentication

Databases

Remote Access

Summary

Chapter 7: Attacks and Threats

Malicious Code

Review of Common Attacks

External Attack Methodologies Overview

Internal Threat Overview

Summary

Part III: Operating Systems and Applications

Chapter 8: Windows Security

Windows Security at the Heart of the Defense

Out-of-the-Box Operating System Hardening

Installing Applications

Putting the Workstation on the Network

Operating Windows Safely

Upgrades and Patches

Maintain and Test the Security

Attacks Against the Windows Workstation

Summary

Chapter 9: UNIX and Linux Security

The Focus of UNIX/Linux Security

Physical Security

Controlling the Configuration

Operating UNIX Safely

Hardening UNIX

Summary

Chapter 10: Web Browser and Client Security

Web Browser and Client Risk

How a Web Browser Works

Web Browser Attacks

Operating Safely

Web Browser Configurations

Summary

Chapter 11: Web Security

What Is HTTP?

How Does HTTP Work?

Server Content

Client Content

State

Attacking Web Servers

Web Services

Summary

Chapter 12: Electronic mail (E-mail) Security

The E-mail Risk

The E-mail Protocols

E-mail Authentication

Operating Safely When Using E-mail

Summary

Chapter 13: Domain Name System

DNS Basics

Purpose of DNS

Setting Up DNS

Security Issues with DNS

DNS Attacks

Designing DNS

Master Slave DNS

Detailed DNS Architecture

DNS SEC

Summary

Chapter 14: Server Security

General Server Risks

Security by Design

Operating Servers Safely

Server Applications

Multi-Level Security and Digital Rights Management

Summary

Part IV: Network Security Fundamentals

Chapter 15: Network Protocols

Protocols

The Open Systems Interconnect Model

The OSI Layers

The TCP/IP Model

TCP/IP Model Layers

Internet Protocol

VoIP

Summary

Chapter 16: Wireless Security

Electromagnetic Spectrum

The Cellular Phone Network

Placing a Cellular Telephone Call

Wireless Transmission Systems

Pervasive Wireless Data Network Technologies

IEEE Wireless LAN Specifications

IEEE 802.11

IEEE 802.11 Wireless Security

Bluetooth

Wireless Application Protocol

Future of Wireless

Summary

Chapter 17: Network Architecture Fundamentals

Network Segments

Perimeter Defense

Network Address Translation

Basic Architecture Issues

Subnetting, Switching, and VLANs

Address Resolution Protocol and Media Access Control

Dynamic Host Configuration Protocol and Addressing Control

Zero Configuration Networks

System Design and Architecture Against Insider Threats

Common Attacks

Summary

Chapter 18: Firewalls

Firewalls

Firewall Rules

The Use of Personal Firewalls

Summary

Chapter 19: Intrusion Detection/Prevention

Intrusion Detection Systems

Responses to Intrusion Detection

Emerging Technologies in Intrusion Detection Systems

Summary

Part V: Communication

Chapter 20: Secret Communication

What is Cryptography?

General Terms

Principles of Cryptography

Historic Cryptography

The Four Cryptographic Primitives

Putting These Primitives Together to Achieve CIA

The Difference Between Algorithm and Implementation

Proprietary Versus Open Source Algorithms

Attacks on Hash Functions

Quantum Cryptography

Summary

Chapter 21: Covert Communication

Where Hidden Data Hides

Where Did It Come From?

Where Is It Going?

Overview of Steganography

History of Steganography

Core Areas of Network Security and Their Relation to Steganography

Principles of Steganography

Steganography Compared to Cryptography

Types of Steganography

Products That Implement Steganography

Steganography Versus Digital Watermarking

Types of Digital Watermarking

Goals of Digital Watermarking

Digital Watermarking and Stego

Summary

Chapter 22: Applications of Secure/Covert Communication

E-mail

Authentication Servers

Working Model

Public Key Infrastructure

Virtual Private Networks

Secure Sockets Layer/Transport Layer Security

SSL Handshake

Summary

Part VI: The Security Threat and Response

Chapter 23: Intrusion Detection and Response

Intrusion Detection Mechanisms

Honeypots

Incident Handling

Summary

Chapter 24: Digital Forensics

Computer Forensics Defined

Traditional Computer Forensics

Proactive Forensics

Future Research Areas

The Forensic Life Cycle

Summary

Chapter 25: Security Assessments, Testing, and Evaluation

Information Assurance Approaches and Methodologies

Certification and Accreditation

DIACAP

Federal Information Processing Standard 102

OMB Circular A-130

The National Institute of Standards and Technology Assessment Guidelines

Penetration Testing

Auditing and Monitoring

Summary

Part VII: Integrated Cyber Security

Chapter 26: Validating Your Security

Overview

Current State of Penetration Testing

Formal Penetration Testing Methodology

Steps to Exploiting a System

Summary

Chapter 27: Data Protection

Endpoint Security

Insider Threats and Data Protection

Summary

Chapter 28: Putting Everything Together

Critical Problems Facing Organizations

General Tips for Protecting a Site

Security Best Practices

Summary

Chapter 29: The Future

Approaching the Problem

Mission Resilience

Limiting Failure Points

Summary

Index