book

Computer and Information Security Handbook, 3rd Edition

Name: Computer and Information Security Handbook, 3rd Edition
Author: John R. Vacca
ISBN: 9780128039298

by John R. Vacca

May 2017

Intermediate to advanced

1280 pages

94h 8m

English

Morgan Kaufmann

Read now

Unlock full access

Cover image
Title page
Table of Contents
Copyright
Dedication
Contributors
About the Editor
Foreword
Preface
Acknowledgments

Part I. Overview of System and Network Security: A Comprehensive Introduction
Chapter 1. Information Security in the Modern Enterprise
1. Introduction2. Challenges Facing Information Security3. Assessment and Planning4. Policies and Procedures5. Training6. SummaryChapter Review Questions/ExercisesExercise
Chapter 2. Building a Secure Organization
1. Obstacles to Security2. Computers Are Powerful and Complex3. Current Trend Is to Share, Not Protect4. Security Is Not About Hardware and Software5. Ten Steps to Building a Secure Organization6. Preparing for the Building of Security Control Assessments7. SummaryChapter Review Questions/ExercisesExercise
Chapter 3. A Cryptography Primer
1. What Is Cryptography? What Is Encryption?2. Famous Cryptographic Devices3. Ciphers4. Modern Cryptography5. The Computer Age6. How Advanced Encryption Standard Works7. Selecting Cryptography: the Process8. SummaryChapter Review Questions/ExercisesExercise
Chapter 4. Verifying User and Host Identity
1. Introduction: Verifying the User2. Identity Access Management: Authentication and Authorization3. Synthetic or Real User Logging4. Verifying a User in Cloud Environments5. Verifying Hosts6. Verifying Host Domain Name System and Internet Protocol Information7. SummaryChapter Review Questions/ExercisesExercise
Chapter 5. Detecting System Intrusions
1. Introduction2. Developing Threat Models3. Securing Communications4. Network Security Monitoring and Intrusion Detection Systems5. Installing Security Onion to a Bare-Metal Server6. Putting It All Together7. Securing Your Installation8. Managing an Intrusion Detection System in a Network Security Monitoring Framework9. Setting the Stage10. Alerts and Events11. Sguil: Tuning Graphics Processing Unit Rules, Alerts, and Responses12. Developing Process13. Understanding, Exploring, and Managing Alerts14. SummaryChapter Review Questions/ExercisesExercise
Chapter 6. Intrusion Detection in Contemporary Environments
1. Introduction2. Mobile Operating Systems3. Mobile Device Malware Risks4. Cloud Computing Models5. Cloud Computing Attack Risks6. Source of Attacks on Mobile Devices7. Source or Origin of Intrusions in Cloud Computing8. Classes of Mobile Malware9. Types of Cloud Computing Attacks10. Malware Techniques in Android11. Cloud Computing Intrusions Techniques12. Examples of Smartphone Malware13. Examples of Cloud Attacks14. Types of Intrusion Detection Systems for Mobile Devices15. Types of Intrusion Detection Systems for Cloud Computing16. Intrusion Detection System Performance Metrics17. SummaryChapter Review Questions/ExercisesExercise
Chapter 7. Preventing System Intrusions
1. So, What Is an Intrusion?2. Sobering Numbers3. Know Your Enemy: Hackers Versus Crackers4. Motives5. The Crackers' Tools of the Trade6. Bots7. Symptoms of Intrusions8. What Can You Do?9. Security Policies10. Risk Analysis11. Tools of Your Trade12. Controlling User Access13. Intrusion Prevention Capabilities14. SummaryChapter Review Questions/ExercisesExercise
Chapter 8. Guarding Against Network Intrusions
1. Introduction2. Traditional Reconnaissance and Attacks3. Malicious Software4. Defense in Depth5. Preventive Measures6. Intrusion Monitoring and Detection7. Reactive Measures8. Network-Based Intrusion Protection9. SummaryChapter Review Questions/ExercisesExercise
Chapter 9. Fault Tolerance and Resilience in Cloud Computing Environments
1. Introduction2. Cloud Computing Fault Model3. Basic Concepts of Fault Tolerance4. Different Levels of Fault Tolerance in Cloud Computing5. Fault Tolerance Against Crash Failures in Cloud Computing6. Fault Tolerance Against Byzantine Failures in Cloud Computing7. Fault Tolerance as a Service in Cloud Computing8. SummaryChapter Review Questions/ExercisesExercise
Chapter 10. Securing Web Applications, Services, and Servers
1. Setting the Stage2. Basic Security for HTTP Applications and Services3. Basic Security for SOAP Services4. Identity Management and Web Services5. Authorization Patterns6. Security Considerations7. Challenges8. SummaryChapter Review Questions/ExercisesExercise
Chapter 11. UNIX and Linux Security
1. Introduction2. UNIX and Security3. Basic UNIX Security Overview4. Achieving UNIX Security5. Protecting User Accounts and Strengthening Authentication6. Limiting Superuser Privileges7. Securing Local and Network File Systems8. Network Configuration9. Improving the Security of Linux and UNIX Systems10. Additional Resources11. SummaryChapter Review Questions/ExercisesExercise
Chapter 12. Eliminating the Security Weakness of Linux and UNIX Operating Systems
1. Introduction to Linux and UNIX2. Hardening Linux and UNIX3. Proactive Defense for Linux and UNIX4. SummaryChapter Review Questions/ExercisesExercise
Chapter 13. Internet Security
1. Internet Protocol Architecture2. An Internet Threat Model3. Defending Against Attacks on the Internet4. Internet Security Checklist5. SummaryChapter Review Questions/ExercisesExercise
Chapter 14. The Botnet Problem
1. Introduction2. What Is a Botnet?3. Building a Botnet4. The Problem With Botnets5. Botnet Case Studies and Known Botnets6. SummaryChapter Review Questions/ExercisesExercise
Chapter 15. Intranet Security
1. Smartphones and Tablets in the Intranet2. Security Considerations3. Plugging the Gaps: Network Access Control and Access Control4. Measuring Risk: Audits5. Guardian at the Gate: Authentication and Encryption6. Wireless Network Security7. Shielding the Wire: Network Protection8. Weakest Link in Security: User Training9. Documenting the Network: Change Management10. Rehearse the Inevitable: Disaster Recovery11. Controlling Hazards: Physical and Environmental Protection12. Know Your Users: Personnel Security13. Protecting Data Flow: Information and System Integrity14. Security Assessments15. Risk Assessments16. Intranet Security Implementation Process Checklist17. SummaryChapter Review Questions/ExercisesExercise
Chapter e16. Local Area Network Security
1. Identify Network Threats2. Establish Network Access Controls3. Risk Assessment4. Listing Network Resources5. Threats6. Security Policies7. The Incident-Handling Process8. Secure Design Through Network Access Controls9. Intrusion Detection System Defined10. Network Intrusion Detection System: Scope and Limitations11. A Practical Illustration of Network Intrusion Detection System12. Firewalls13. Dynamic Network Address Translation Configuration14. The Perimeter15. Access List Details16. Types of Firewalls17. Packet Filtering: Internet Protocol Filtering Routers18. Application-Layer Firewalls: Proxy Servers19. Stateful Inspection Firewalls20. Network Intrusion Detection System Complements Firewalls21. Monitor and Analyze System Activities22. Signature Analysis23. Statistical Analysis24. Signature Algorithms25. Local Area Network Security Countermeasures Implementation Checklist26. SummaryChapter Review Questions/ExercisesExercise
Chapter 17. Wireless Network Security
1. Cellular Networks2. Wireless Ad Hoc Networks3. Security Protocols4. Wired Equivalent Privacy5. Secure Routing6. Authenticated Routing for Ad Hoc Networks7. Secure Link State Routing Protocol8. Key Establishment9. Ingemarsson, Tang, and Wong10. Management Countermeasures11. SummaryChapter Review Questions/ExercisesExercise
Chapter 18. Wireless Sensor Network Security: The Internet of Things
1. Introduction to Wireless Sensor Networks2. Threats to Privacy3. Cryptographic Security in Wireless Sensor Networks4. Secure Routing in Wireless Sensor Networks5. Routing Protocols in Wireless Sensor Networks6. Wireless Sensor Networks and Internet of Things7. SummaryChapter Review Questions/ExercisesExercise
Chapter 19. Security for the Internet of Things
1. Introduction2. ITU-T Internet of Things (IoT) Reference Model3. Internet of Things (IoT) Security4. SummaryChapter Review Questions/ExercisesExercise
Chapter 20. Cellular Network Security
1. Introduction2. Overview of Cellular Networks3. The State of the Art of Cellular Network Security4. Cellular Network Attack Taxonomy5. Cellular Network Vulnerability Analysis6. SummaryChapter Review Questions/ExercisesExercise
Chapter 21. Radio Frequency Identification Security
1. Radio Frequency Identification Introduction2. Radio Frequency Identification Challenges3. Radio Frequency Identification Protections4. SummaryChapter Review Questions/ExercisesExercise
Chapter e22. Optical Network Security
1. Optical Networks2. Securing Optical Networks3. Identifying Vulnerabilities4. Corrective Actions5. SummaryChapter Review Questions/ExercisesExercise
Chapter e23. Optical Wireless Security
1. Optical Wireless Systems Overview2. Deployment Architectures3. High Bandwidth4. Low Cost5. Implementation6. Surface Area7. SummaryChapter Review Questions/ExercisesExercise
Part II. Managing Information Security
Chapter 24. Information Security Essentials for Information Technology Managers: Protecting Mission-Critical Systems
1. Introduction2. Protecting Mission-Critical Systems3. Information Security Essentials for Information Technology Managers4. Systems and Network Security5. Application Security6. Cloud Security7. Data Protection8. Wireless and Mobile Security9. Identity and Access Management10. Security Operations11. Policies, Plans, and Programs12. SummaryChapter Review Questions/ExercisesExercise
Chapter 25. Security Management Systems
1. Security Management System Standards2. Training Requirements3. Principles of Information Security4. Roles and Responsibilities of Personnel5. Security Policies6. Security Controls7. Network Access8. Risk Assessment9. Incident Response10. SummaryChapter Review Questions/ExercisesExercise
Chapter 26. Policy-Driven System Management
1. Introduction2. Security and Policy-Based Management3. Classification and Languages4. Controls for Enforcing Security Policies in Distributed Systems5. Products and Technologies6. Research Projects7. SummaryChapter Review Questions/ExercisesExercise
Chapter e27. Information Technology Security Management
1. Information Security Management Standards2. Other Organizations Involved in Standards3. Information Technology Security Aspects4. SummaryChapter Review Questions/ExercisesExercise
Chapter e28. The Enemy (The Intruder's Genesis)
1. Introduction2. Active Reconnaissance3. Enumeration4. Penetration and Gain Access5. Maintain Access6. Defend Network Against Unauthorized Access7. SummaryChapter Review Questions/ExercisesExercise
Chapter 29. Social Engineering Deceptions and Defenses
1. Introduction2. Counter-Social Engineering3. Vulnerabilities4. Using a Layered Defense Approach5. Attack Scenarios6. Suspect Everyone: Network Vector7. Policy and Training8. Physical Access9. SummaryChapter Review Questions/ExercisesExercise
Chapter 30. Ethical Hacking
1. Introduction2. Hacker's Toolbox3. Attack Vectors4. Physical Penetrations5. SummaryChapter Review Questions/ExercisesExercise
Chapter 31. What Is Vulnerability Assessment?
1. Introduction2. Reporting3. The “It Will Not Happen to Us” Factor4. Why Vulnerability Assessment?5. Penetration Testing Versus Vulnerability Assessment6. Vulnerability Assessment Goal7. Mapping the Network8. Selecting the Right Scanners9. Central Scans Versus Local Scans10. Defense in Depth Strategy11. Vulnerability Assessment Tools12. Security Auditor's Research Assistant13. Security Administrator's Integrated Network Tool14. Microsoft Baseline Security Analyzer15. Scanner Performance16. Scan Verification17. Scanning Cornerstones18. Network Scanning Countermeasures19. Vulnerability Disclosure Date20. Proactive Security Versus Reactive Security21. Vulnerability Causes22. Do It Yourself Vulnerability Assessment23. SummaryChapter Review Questions/ExercisesExercise
Chapter e32. Security Metrics: An Introduction and Literature Review
1. Introduction2. Why Security Metrics?3. The Nature of Security Metrics4. Getting Started With Security Metrics5. Metrics in Action: Toward an Intelligent Security Dashboard6. Security Metrics in the Literature7. SummaryChapter Review Questions/ExercisesExercise
Chapter 33. Security Education, Training, and Awareness
1. Security Education, Training, and Awareness (SETA) Programs2. Users, Behavior, and Roles3. Security Education, Training, and Awareness (SETA) Program Design4. Security Education, Training, and Awareness (SETA) Program Development5. Implementation and Delivery6. Technologies and Platforms7. SummaryChapter Review Questions/ExercisesExercise
Chapter 34. Risk Management
1. The Concept of Risk2. Expressing and Measuring Risk3. The Risk Management Methodology4. Risk Management Laws and Regulations5. Risk Management Standards6. SummaryChapter Review Questions/ExercisesExercise
Chapter 35. Insider Threat
1. Introduction2. Defining Insider Threat3. Motivations of the Insider Threat Actors4. Insider Threat Indicators5. Examples of Insider Threats6. Impacts7. Analysis: Relevance8. Manage and Mitigate the Insider Threat9. SummaryChapter Review Questions/ExercisesExercise
Part III. Disaster Recovery Security
Chapter 36. Disaster Recovery
1. Introduction2. Measuring Risk and Avoiding Disaster3. The Business Impact Assessment4. SummaryChapter Review Questions/ExercisesExercise
Chapter 37. Disaster Recovery Plans for Small and Medium Businesses (SMBs)
1. Introduction2. Identifying the Need for a Disaster Recovery Plan3. Recovery4. Threat Analysis5. Methodology6. Train and Test the Plan7. Communication8. Recovery9. SummaryChapter Review Questions/ExercisesExercise
Part IV. Security Standards and Policies
Chapter 38. Security Certification and Standards Implementation
1. Introduction: The Security Compliance Puzzle2. The Age of Digital Regulations3. Security Regulations and Laws: Technology Challenges4. Implementation: The Compliance Foundation5. SummaryChapter Review Questions/ExercisesExercise
Chapter 39. Security Policies and Plans Development
1. Introduction: Policies and Planning: Security Framework Foundation2. CIA: Not the Central Intelligence Agency3. Security Policy Structure4. Security Policy: Sign Off Approval5. SummaryChapter Review Questions/ExercisesExercise
Part V. Cyber, Network, and Systems Forensics Security and Assurance
Chapter 40. Cyber Forensics
1. What Is Cyber Forensics?2. Analysis of Data3. Cyber Forensics in the Court System4. Understanding Internet History5. Temporary Restraining Orders and Labor Disputes6. First Principles7. Hacking a Windows XP Password8. Network Analysis9. Cyber Forensics Applied10. Tracking, Inventory, Location of Files, Paperwork, Backups, and So on11. Testifying as an Expert12. Beginning to End in Court13. SummaryChapter Review Questions/ExercisesExercise
Chapter 41. Cyber Forensics and Incidence Response
1. Introduction to Cyber Forensics2. Handling Preliminary Investigations3. Controlling an Investigation4. Conducting Disc-Based Analysis5. Investigating Information-Hiding Techniques6. Scrutinizing Email7. Validating Email Header Information8. Tracing Internet Access9. Searching Memory in Real Time10. SummaryChapter Review Questions/ExercisesExercise
Chapter 42. Securing e-Discovery
1. Information Management2. Legal and Regulatory Obligation3. SummaryChapter Review Questions/ExercisesExercise
Chapter e43. Network Forensics
1. Scientific Overview2. The Principles of Network Forensics3. Attack Trace-Back and Attribution4. Critical Needs Analysis5. Research Directions6. SummaryChapter Review Questions/ExercisesExercise
Chapter 44. Microsoft Office and Metadata Forensics: A Deeper Dive
1. Introduction2. In a Perfect World3. Microsoft Excel4. Exams!5. Items Outside of Office Metadata6. SummaryChapter Review Questions/ExercisesExercise
Chapter 45. Hard Drive Imaging
1. Introduction2. Hard Disc Drives3. Solid State Drives4. Hardware Tools5. Software Tools6. Techniques7. SummaryChapter Review Questions/ExercisesExercise
Part VI. Encryption Technology
Chapter e46. Data Encryption
1. Need for Cryptography
2. Mathematical Prelude to Cryptography
3. Classical Cryptography
4. Modern Symmetric Ciphers
5. Algebraic Structure
6. The Internal Functions of Rijndael in Advanced Encryption Standard Implementation
7. Use of Modern Block Ciphers
8. Public-Key Cryptography
9. Cryptanalysis of Rivest–Shamir–Adleman
10. Diffie–Hellman Algorithm
11. Elliptic Curve Cryptosystems
12. Message Integrity and Authentication
13. Triple Data Encryption Algorithm Block Cipher
14. Summary
Chapter Review Questions/Exercises
Exercise
Chapter 47. Satellite Encryption
1. Introduction2. The Need for Satellite Encryption3. Implementing Satellite Encryption4. Pirate Decryption of Satellite Transmissions5. Satellite Encryption Policy6. Satellite Encryption Service (SES)7. The Future of Satellite Encryption8. SummaryChapter Review Questions/ExercisesExercise
Chapter 48. Public Key Infrastructure
1. Cryptographic Background2. Overview of Public Key Infrastructure3. The X.509 Model4. X.509 Implementation Architectures5. X.509 Certificate Validation6. X.509 Certificate Revocation7. Server-Based Certificate Validity Protocol8. X.509 Bridge Certification Systems9. X.509 Certificate Format10. Public Key Infrastructure Policy Description11. Public Key Infrastructure Standards Organizations12. Pretty Good Privacy Certificate Formats13. Pretty Good Privacy Public Key Infrastructure Implementations14. World Wide Web Consortium15. Is Public Key Infrastructure Secure?16. Alternative Public Key Infrastructure Architectures17. Modified X.509 Architectures18. Alternative Key Management Models19. SummaryChapter Review Questions/ExercisesExercise
Chapter e49. Password-Based Authenticated Key Establishment Protocols
1. Introduction to Key Exchange2. Password-Authenticated Key Exchange3. Concrete Protocols4. SummaryChapter Review Questions/ExercisesExercise
Chapter 50. Context-Aware Multifactor Authentication Survey
1. Introduction2. Classic Approach to Multifactor Authentication3. Modern Approaches to Multifactor Authentication4. Comparative Summary5. SummaryChapter Review Questions/ExercisesExercise
Chapter 51. Instant-Messaging Security
1. Why Should I Care About Instant Messaging?2. What Is Instant Messaging?3. The Evolution of Networking Technologies4. Game Theory and Instant Messaging5. The Nature of the Threat6. Common Instant Messaging Applications7. Defensive Strategies8. Instant-Messaging Security Maturity and Solutions9. Processes10. SummaryChapter Review Questions/ExercisesExercise
Part VII. Privacy and Access Management
Chapter 52. Online Privacy
1. The Quest for Privacy2. Trading Personal Data3. Control of Personal Data4. Privacy and Technologies5. SummaryChapter Review Questions/ExercisesExercise
Chapter 53. Privacy-Enhancing Technologies
1. The Concept of Privacy2. Legal Privacy Principles3. Classification of Privacy-Enhancing Technologies (PETs)4. Traditional Privacy Goals of Privacy-Enhancing Technologies (PETs)5. Privacy Metrics6. Data Minimization Technologies7. Transparency-Enhancing Tools8. SummaryChapter Review Questions/ExercisesExercise
Chapter e54. Personal Privacy Policies
1. Introduction2. Content of Personal Privacy Policies3. Semiautomated Derivation of Personal Privacy Policies4. Specifying Well-Formed Personal Privacy Policies5. Preventing Unexpected Negative Outcomes6. The Privacy Management Model7. Discussion and Related Work8. SummaryChapter Review Questions/ExercisesExercise
Chapter 55. Detection of Conflicts in Security Policies
1. Introduction2. Conflicts in Security Policies3. Conflicts in Executable Security Policies4. Conflicts in Network Security Policies5. Query-Based Conflict Detection6. Semantic Web Technology for Conflict Detection7. SummaryChapter Review Questions/ExercisesExercise
Chapter 56. Supporting User Privacy Preferences in Digital Interactions
1. Introduction2. Basic Concepts and Desiderata3. Cost-Sensitive Trust Negotiation4. Point-Based Trust Management5. Logical-Based Minimal Credential Disclosure6. Privacy Preferences in Credential-Based Interactions7. Fine-Grained Disclosure of Sensitive Access Policies8. Open Issues9. SummaryChapter Review Questions/ExercisesExercise
Chapter 57. Privacy and Security in Environmental Monitoring Systems: Issues and Solutions
1. Introduction2. System Architectures3. Environmental Data4. Security and Privacy Issues in Environmental Monitoring5. Countermeasures6. SummaryChapter Review Questions/ExercisesExercise
Chapter 58. Virtual Private Networks
1. History2. Who Is in Charge?3. Virtual Private Network Types4. Authentication Methods5. Symmetric Encryption6. Asymmetric Cryptography7. Edge Devices8. Passwords9. Hackers and Crackers10. Mobile Virtual Private Network11. Virtual Private Network Deployments12. SummaryChapter Review Questions/ExercisesExercise
Chapter e59. Identity Theft
1. Experimental Design2. Results and Analysis3. Implications for CrimewareChapter Review Questions/ExercisesExercise
Chapter 60. VoIP Security
1. Introduction2. Overview of Threats3. Security in Voice Over Internet Protocol4. Future Trends5. SummaryChapter Review Questions/ExercisesExercise
Part VIII. Storage Security
Chapter e61. SAN Security
1. Organizational Structure2. Access Control Lists and Policies3. Physical Access4. Change Management5. Password Policies6. Defense-in-Depth7. Vendor Security Review8. Data Classification9. Security Management10. Auditing11. Security Maintenance12. Host Access: Partitioning13. Data Protection: Replicas14. Encryption in Storage15. Application of Encryption16. SummaryChapter Review Questions/ExercisesExercise
Chapter 62. Storage Area Networking Security Devices
1. What Is Storage Area Networking (SAN)?2. Storage Area Networking (SAN) Deployment Justifications3. The Critical Reasons for Storage Area Networking (SAN) Security4. Storage Area Networking (SAN) Architecture and Components5. Storage Area Networking (SAN) General Threats and Issues6. SummaryChapter Review Questions/ExercisesExercise
Part IX. Cloud Security
Chapter 63. Securing Cloud Computing Systems
1. Cloud Computing Essentials: Examining the Cloud Layers2. Software as a Service: Managing Risks in the Cloud3. Platform as a Service: Securing the Platform4. Infrastructure as a Service5. Leveraging Provider-Specific Security Options6. Achieving Security in a Private Cloud7. Meeting Compliance Requirements8. Preparing for Disaster Recovery9. SummaryChapter Review Questions/ExercisesExercise
Chapter 64. Cloud Security
1. Cloud Overview: Public, Private, Hybrid2. Cloud Security Threats3. Internet Service Provider Cloud Virtual Private Network Peering Services4. Cloud Access Security Brokers5. Cloud Encryption6. Cloud Security Microsegmentation7. Cloud Security Compliance8. SummaryChapter Review Questions/ExercisesExercise
Chapter 65. Private Cloud Security
1. Introduction: Private Cloud System Management2. From Physical to Network Security Base Focus3. Benefits of Private Cloud Security Infrastructures4. Private Cloud Security Standards and Best Practices5. “As-a-Service” Universe: Service Models6. Private Cloud Service Model: Layer Considerations7. Privacy or Public: The Cloud Security Challenges8. SummaryChapter Review Questions/ExercisesExercise
Chapter 66. Virtual Private Cloud Security
1. Introduction: Virtual Networking in a Private Cloud2. Security Console: Centralized Control Dashboard Management3. Security Designs: Virtual Private Cloud Setups4. Security Object Group Allocations: Functional Control Management Practices5. Virtual Private Cloud Performance Versus Security6. SummaryChapter Review Questions/ExercisesExercise
Part X. Virtual Security
Chapter 67. Protecting Virtual Infrastructure
1. Virtualization in Computing2. Virtual Data Center Security3. Hypervisor Security4. Enterprise Segmentation5. Active Containerized Security6. Virtual Absorption of Volume Attacks7. Open Source Versus Proprietary Security Capabilities8. SummaryChapter Review Questions/ExercisesExercise
Chapter 68. Software-Defined Networking and Network Function Virtualization Security
1. Introduction to Software-Defined Networking2. Software-Defined Networking and Network Function Virtualization Overview3. Software-Defined Networking and Network Function Virtualization for Internet Service Providers4. Software-Defined Networking Controller Security5. Improved Patching With Software-Defined Networking6. Dynamic Security Service Chaining in Software-Defined Networking7. Future Virtualized Management Security Support in Software-Defined Networking8. SummaryChapter Review Questions/ExercisesExercise
Part XI. Cyber Physical Security
Chapter 69. Physical Security Essentials
1. Overview2. Physical Security Threats3. Physical Security Prevention and Mitigation Measures4. Recovery From Physical Security Breaches5. Threat Assessment, Planning, and Plan Implementation6. Example: A Corporate Physical Security Policy7. Integration of Physical and Logical Security8. Physical Security Checklist9. SummaryChapter Review Questions/ExercisesExercise
Chapter e70. Biometrics
1. Relevant Standards2. Biometric System Architecture3. Using Biometric Systems4. Security Considerations5. SummaryChapter Review Questions/ExercisesExercise
Part XII. Practical Security
Chapter 71. Online Identity and User Management Services
1. Introduction2. Evolution of Identity Management Requirements3. The Requirements Fulfilled by Identity Management Technologies4. Identity Management 1.05. Social Login and User Management6. Identity 2.0 for Mobile Users7. SummaryChapter Review Questions/ExercisesExercise
Chapter 72. Intrusion Prevention and Detection Systems
1. What Is an “Intrusion” Anyway?2. Physical Theft3. Abuse of Privileges (the Insider Threat)4. Unauthorized Access by Outsider5. Malicious Software Infection6. Role of the “Zero-Day”7. The Rogue's Gallery: Attackers and Motives8. A Brief Introduction to Transmission Control Protocol/Internet Protocol9. Transmission Control Protocol/Internet Protocol Data Architecture and Data Encapsulation10. Survey of Intrusion Detection and Prevention Technologies11. Antimalicious Software12. Network-Based Intrusion Detection Systems13. Network-Based Intrusion Prevention Systems14. Host-Based Intrusion Prevention Systems15. Security Information Management Systems16. Network Session Analysis17. Digital Forensics18. System Integrity Validation19. SummaryChapter Review Questions/ExercisesExercise
Chapter e73. Transmission Control Protocol/Internet Protocol Packet Analysis
1. The Internet Model2. SummaryChapter Review Questions/ExercisesExercise
Chapter e74. Firewalls
1. Introduction2. Network Firewalls3. Firewall Security Policies4. A Simple Mathematical Model for Policies, Rules, and Packets5. First-Match Firewall Policy Anomalies6. Policy Optimization7. Firewall Types8. Host and Network Firewalls9. Software and Hardware Firewall Implementations10. Choosing the Correct Firewall11. Firewall Placement and Network Topology12. Firewall Installation and Configuration13. Supporting Outgoing Services Through Firewall Configuration14. Secure External Services Provisioning15. Network Firewalls for Voice and Video Applications16. Firewalls and Important Administrative Service Protocols17. Internal IP Services Protection18. Firewall Remote Access Configuration19. Load Balancing and Firewall Arrays20. Highly Available Firewalls21. Firewall Management22. SummaryChapter Review Questions/ExercisesExercise
Chapter 75. Penetration Testing
1. What Is Penetration Testing?2. Why Would You Do It?3. How Do You Do It?4. Examples of Penetration Test Scenarios5. SummaryChapter Review Questions/ExercisesExercise
Chapter e76. System Security
1. Foundations of Security2. Basic Countermeasures3. SummaryChapter Review Questions/ExercisesExercise
Chapter 77. Access Controls
1. Infrastructure Weaknesses: Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC)2. Strengthening the Infrastructure: Authentication Systems3. SummaryChapter Review Questions/ExercisesExercise
Chapter 78. Endpoint Security
1. Introduction: Endpoint Security Defined2. Endpoint Solution: Options3. Standard Requirements: Security Decisions4. Endpoint Architecture: Functional Challenges5. Endpoint Intrusion Security: Management Systems6. Intrusion Prevention System (IPS) Network Logging Tools: Seek and Target (the Offender)7. Endpoint Unification: Network Access Control (NAC) Design Approach (From the Ground-Up)8. Software-as-a-Service (SaaS) Endpoint Security9. SummaryChapter Review Questions/ExercisesExercise
Chapter e79. Assessments and Audits
1. Assessing Vulnerabilities and Risk: Penetration Testing and Vulnerability Assessments2. Risk Management: Quantitative Risk Measurements3. SummaryChapter Review Questions/ExercisesExercise
Chapter 80. Fundamentals of Cryptography
1. Assuring Privacy With Encryption2. SummaryChapter Review Questions/ExercisesExercise
Part XIII. Critical Infrastructure Security
Chapter 81. Securing the Infrastructure
1. Communication Security Goals2. Attacks and Countermeasures3. SummaryChapter Review Questions/ExercisesExercise
Chapter e82. Homeland Security
1. Statutory Authorities2. Homeland Security Presidential Directives3. Organizational Actions4. SummaryChapter Review Questions/ExercisesExercise
Chapter 83. Cyber Warfare
1. Cyber Warfare Model2. Cyber Warfare Defined3. Cyber Warfare: Myth or Reality?4. Participants, Roles, Attribution, and Asymmetry5. Making Cyber Warfare Possible6. Legal Aspects of Cyber Warfare7. Holistic View of Cyber Warfare8. SummaryChapter Review Questions/ExercisesExercise
Chapter 84. Cyber-Attack Process
1. What Is a Cyber-Attack?2. Cyber-Attack Adversaries3. Cyber-Attack Targets4. Cyber-Attack Process5. Tools and Tactics of a Cyber-Attack6. Cyber-Attack Case Studies7. Advanced Persistent Threat8. Additional Considerations9. SummaryChapter Review Questions/ExercisesExercise
Part XIV. Advanced Security
Chapter 85. Security Through Diversity
1. Ubiquity2. Example Attacks Against Uniformity3. Attacking Ubiquity With Antivirus Tools4. The Threat of Worms5. Automated Network Defense6. Diversity and the Browser7. Sandboxing and Virtualization8. Domain Name Server Example of Diversity Through Security9. Recovery From Disaster Is Survival10. SummaryChapter Review Questions/ExercisesExercise
Chapter 86. e-Reputation and Online Reputation Management Survey
1. Introduction2. The Human Notion of Reputation3. Reputation Applied to the Computing World4. State of the Art of Attack-Resistant Reputation Computation5. Overview of Past and Current Online Reputation Services6. SummaryChapter Review Questions/ExercisesExercise
Chapter e87. Content Filtering
1. Defining the Problem2. Why Content Filtering Is Important3. Content Categorization Technologies4. Perimeter Hardware and Software Solutions5. Categories6. Legal Issues7. Circumventing Content Filtering8. Additional Items to Consider: Overblocking and Underblocking9. Related Products10. SummaryChapter Review Questions/ExercisesExercise
Chapter 88. Data Loss Protection
1. Precursors of DLP2. What Is Data Loss Protection (DLP)?3. Where to Begin?4. Data Is Like Water5. You Don't Know What You Don't Know6. How Do Data Loss Protection (DLP) Applications Work?7. Eat Your Vegetables8. IT's a Family Affair, Not Just IT Security's Problem9. Vendors, Vendors Everywhere! Who Do You Believe?10. SummaryChapter Review Questions/ExercisesExercise
Chapter 89. Satellite Cyber Attack Search and Destroy
1. Hacks, Interference, and Jamming2. SummaryChapter Review Questions/ExercisesExercise
Chapter e90. Verifiable Voting Systems
1. Introduction2. Security Requirements3. Verifiable Voting Schemes4. Building Blocks5. Survey of Noteworthy Schemes6. Threats to Verifiable Voting Systems7. SummaryChapter Review Questions/ExercisesExercise
Chapter 91. Advanced Data Encryption
1. Mathematical Concepts Reviewed2. The RIVEST, SHAMIR, AND ADELMAN Cryptosystem3. SummaryChapter Review Questions/ExercisesExercise
Part XV. Appendices
Appendix eA. Configuring Authentication Service On Microsoft Windows 10
Appendix eB. Security Management and Resiliency
Appendix eC. List of Top Information and Network Security Implementation and Deployment Companies
Appendix eD. List of Security Products
Appendix eE. List of Security Standards
Appendix eF. List of Miscellaneous Security Resources
Appendix eG. Ensuring Built-in, Frequency-Hopping Spread-Spectrum, Wireless Network Security
Appendix eH. Configuring Wireless Security Remote Access
Appendix eI. Frequently Asked Questions
Appendix eJ. Case Studies
Appendix eK. Answers to Review Questions/Exercises, Hands-on Projects, Case Projects and Optional Team Case Project by Chapter
Appendix eL. Glossary
Index

Content preview from Computer and Information Security Handbook, 3rd Edition

Chapter e73

Transmission Control Protocol/Internet Protocol Packet Analysis

Pramod Pandya CSU Fullerton, Avante, CA, United States

Abstract

To manage network security, you need an in-depth understanding of the Transmission Control Protocol/Internet Protocol (TCP/IP) stack. This chapter will discuss how TCP/IP packets are constructed and analyzed, to interpret applications that use the TCP/IP stack. The intrusion detection principle relies on being able to analyze the packets and detect a potential attack or an attack in progress. We will introduce the Internet model to develop the argument to support packet data networking for local and wide area networks that include the Internet.

Keywords

Data link layer; Data rate; Error control; Flow control; ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Computer and Information Security Handbook, 2nd Edition

Publisher Resources

ISBN: 9780128039298

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills