book

Computer and Information Security Handbook (2-Volume Set), 4th Edition

Name: Computer and Information Security Handbook (2-Volume Set), 4th Edition
Author: John R. Vacca
ISBN: 9780443132247

by John R. Vacca

August 2024

Intermediate to advanced

1600 pages

108h 3m

English

Morgan Kaufmann

Read now

Unlock full access

Cover image
Title page
Table of Contents
Copyright
Dedication
Contributors to Volume I
Contributors to Volume II
About the editor
Foreword
Preface

Acknowledgments
Contents to Volume I
Part I. Overview of System and Network Security: A Comprehensive Introduction
Chapter 1. Information Security in the Modern Enterprise
1. Introduction2. Challenges Facing Information Security3. Assessment and Planning4. Policies and Procedures5. Training6. SummaryChapter Review Questions/ExercisesExercise
Chapter 2. Building a Secure Organization
1. Introduction: Navigating the Labrynthe World of Cybersecurity and Its Multifaceted Imperatives2. ISO/IEC 27002:2022 and the Broader Landscape of Standards3. Integrating Standards Within a Risk-Based Data Protection Framework4. Cultivating a Cybersecurity Culture: The Bedrock of a Robust Risk-Based Approach5. Conclusion: A Convergence of Standards, Culture, and Trust—The Way Forward in Cybersecurity and Data Protection6. SummaryChapter Review Questions/ExercisesExercise
Chapter 3. A Cryptography Primer
1. What Is Cryptography? What Is Encryption?2. Famous Cryptographic Devices3. Ciphers4. Modern Cryptography5. The Computer Age6. How Advanced Encryption Standard Works7. Selecting Cryptography: the Process8. SummaryChapter Review Questions/ExercisesExercise
Chapter 4. Verifying User and Host Identity
1. Introduction: Verifying the User2. Identity Access Management: Authentication and Authorization3. Synthetic or Real User Logging4. Verifying a User in Cloud Environments5. Verifying Hosts6. Verifying Host Domain Name System and Internet Protocol Information7. SummaryChapter Review Questions/ExercisesExercise
Chapter 5. Detecting System Intrusions
1. Introduction2. Developing Threat Models3. Securing Communications4. Network Security Monitoring and Intrusion Detection Systems5. Installing Security Onion to a Bare-Metal Server6. Putting It All Together7. Securing Your Installation8. Managing an Intrusion Detection System in a Network Security Monitoring Framework9. Setting the Stage10. Alerts and Events11. Sguil: Tuning Graphics Processing Unit Rules, Alerts, and Responses12. Developing Process13. Understanding, Exploring, and Managing Alerts14. SummaryChapter Review Questions/ExercisesExercise
Chapter 6. Intrusion Detection in Contemporary Environments
1. Introduction2. Mobile Operating Systems3. Mobile Device Malware Risks4. Cloud Computing Models5. Cloud Computing Attack Risks6. Source of Attacks on Mobile Devices7. Source or Origin of Intrusions in Cloud Computing8. Classes of Mobile Malware9. Types of Cloud Computing Attacks10. Malware Techniques in Android11. Cloud Computing Intrusions Techniques12. Examples of Smartphone Malware13. Examples of Cloud Attacks14. Types of Intrusion Detection Systems for Mobile Devices15. Types of Intrusion Detection Systems for Cloud Computing16. Intrusion Detection System Performance Metrics17. SummaryChapter Review Questions/ExercisesExercise
Chapter 7. Preventing System Intrusions
1. So, What Is an Intrusion?2. Sobering Numbers3. Know Your Enemy: Hackers Versus Crackers4. Motives5. The Crackers' Tools of the Trade6. Bots7. Symptoms of Intrusions8. What Can You Do?9. Security Policies10. Risk Analysis11. Tools of Your Trade12. Controlling User Access13. Intrusion Prevention Capabilities14. SummaryChapter Review Questions/ExercisesExercise
Chapter 8. Guarding Against Network Intrusions
1. Introduction2. Traditional Reconnaissance and Attacks3. Malicious Software4. Defense in Depth5. Preventive Measures6. Intrusion Monitoring and Detection7. Reactive Measures8. Network-Based Intrusion Protection9. SummaryChapter Review Questions/ExercisesExercise
Chapter 9. Fault Tolerance and Resilience in Cloud Computing Environments
1. Introduction2. Cloud Computing Fault Model3. Basic Concepts of Fault Tolerance4. Different Levels of Fault Tolerance in Cloud Computing5. Fault Tolerance Against Crash Failures in Cloud Computing6. Fault Tolerance Against Byzantine Failures in Cloud Computing7. Fault Tolerance as a Service in Cloud Computing8. SummaryChapter Review Questions/ExercisesExercise
Chapter 10. Securing Web Applications, Services, and Servers
1. Setting the Stage2. Basic Security for HTTP Applications and Services3. Basic Security for SOAP Services4. Identity Management and Web Services5. Authorization Patterns6. Security Considerations7. Challenges8. SummaryChapter Review Questions/ExercisesExercise
Chapter 11. UNIX and Linux Security
1. Introduction2. UNIX and Security3. Basic UNIX Security Overview4. Achieving UNIX Security5. Protecting User Accounts and Strengthening Authentication6. Limiting Superuser Privileges7. Securing Local and Network File Systems8. Network Configuration9. Improving the Security of Linux and UNIX Systems10. Additional Resources11. SummaryChapter Review Questions/ExercisesExercise
Chapter 12. Eliminating the Security Weakness of Linux and UNIX Operating Systems
1. Introduction2. Establishing Secure Configurations3. Managing System Updates4. Hardening Access Controls for Linux/UNIX5. Firewalls and Intrusion Prevention6. Malware Prevention7. Ongoing Vigilance8. SummaryChapter Review Questions/ExercisesExercise
Chapter 13. Internet Security
1. Internet Protocol Architecture2. An Internet Threat Model3. Defending Against Attacks on the Internet4. Internet Security Checklist5. SummaryChapter Review Questions/ExercisesExercise
Chapter 14. The Botnet Problem
1. Introduction2. Internet of Things3. Software4. Botnets5. Botnet Attacks6. The Problem With Botnets7. SummaryChapter Review Questions/ExercisesExercise
Chapter 15. Intranet Security
1. Smartphones and Tablets in the Intranet2. Security Considerations3. Plugging the Gaps: Network Access Control and Access Control4. Measuring Risk: Audits5. Guardian at the Gate: Authentication and Encryption6. Wireless Network Security7. Shielding the Wire: Network Protection8. Weakest Link in Security: User Training9. Documenting the Network: Change Management10. Rehearse the Inevitable: Disaster Recovery11. Controlling Hazards: Physical and Environmental Protection12. Know Your Users: Personnel Security13. Protecting Data Flow: Information and System Integrity14. Security Assessments15. Risk Assessments16. Intranet Security Implementation Process Checklist17. SummaryChapter Review Questions/ExercisesExercise
Chapter 16. Local Area Network Security
1. Identify Network Threats2. Establish Network Access Controls3. Risk Assessment4. Listing Network Resources5. Threats6. Security Policies7. The Incident-Handling Process8. Secure Design Through Network Access Controls9. Intrusion Detection System Defined10. Network Intrusion Detection System: Scope and Limitations11. A Practical Illustration of Network Intrusion Detection System12. Firewalls13. Dynamic Network Address Translation Configuration14. The Perimeter15. Access List Details16. Types of Firewalls17. Packet Filtering: Internet Protocol Filtering Routers18. Application-Layer Firewalls: Proxy Servers19. Stateful Inspection Firewalls20. Network Intrusion Detection System Complements Firewalls21. Monitor and Analyze System Activities22. Signature Analysis23. Statistical Analysis24. Signature Algorithms25. Local Area Network Security Countermeasures Implementation Checklist26. SummaryChapter Review Questions/ExercisesExercise
Chapter 17. Wireless Network Security
1. Cellular Networks2. Wireless Ad Hoc Networks3. Security Protocols4. Wired Equivalent Privacy5. Secure Routing6. Authenticated Routing for Ad Hoc Networks7. Secure Link State Routing Protocol8. Key Establishment9. Ingemarsson, Tang, and Wong10. Management Countermeasures11. SummaryChapter Review Questions/ExercisesExercise
Chapter 18. Wireless Sensor Network Security: The Internet of Things
1. Introduction to Wireless Sensor Networks2. Threats to Privacy3. Cryptographic Security in Wireless Sensor Networks4. Secure Routing in Wireless Sensor Networks5. Routing Protocols in Wireless Sensor Networks6. Wireless Sensor Networks and Internet of Things7. SummaryChapter Review Questions/ExercisesExercise
Chapter 19. Security for the Internet of Things
1. Introduction2. Security Challenges in the Internet of Things3. Authentication and Access Control4. Attribute-Based Access Control5. Data Integrity and Confidentiality6. Secure Communication Protocols7. Secure Software Development Practices8. IoT Security Standards and Frameworks9. Emerging Trends and Future Directions10. Conclusion11. SummaryChapter Review Questions/ExercisesExercise
Chapter 20. Cellular Network Security
1. Introduction2. Overview of Cellular Networks3. The State of the Art of Cellular Network Security4. Cellular Network Attack Taxonomy5. Cellular Network Vulnerability Analysis6. SummaryChapter Review Questions/ExercisesExercise
Chapter 21. Radio Frequency Identification Security
1. Radio Frequency Identification Introduction2. Radio Frequency Identification Challenges3. Radio Frequency Identification Protections4. SummaryChapter Review Questions/ExercisesExercise
Chapter 22. Optical Network Security
1. Optical Networks2. Securing Optical Networks3. Identifying Vulnerabilities4. Corrective Actions5. SummaryChapter Review Questions/ExercisesExercise
Chapter 23. Optical Wireless Security
1. Optical Wireless Systems Overview2. Deployment Architectures3. High Bandwidth4. Low Cost5. Implementation6. Surface Area7. SummaryChapter Review Questions/ExercisesExercise
Part II. Managing Information Security
Chapter 24. Information Security Essentials for IT Managers: Protecting Mission-Critical Systems
1. Introduction2. Living in an Hybrid World3. It Takes a Village4. Identifying Your Assets5. Protecting Your Assets6. Cyber Hygiene7. Risk Management8. NIST Cybersecurity Framework9. MITRE CVE and CWE10. Security by Design11. Incident Response12. SummaryChapter Review Questions/ExercisesExercise
Chapter 25. Security Management Systems
1. Introduction2. Security Management Systems Standards3. Training Requirements4. Principles of Information Security5. Roles and Responsibilities of Personnel6. Security Policies7. Security Controls8. Network Access9. Risk Assessment10. Incident Response11. SummaryChapter Review Questions/ExercisesExercise
Chapter 26. Policy-Driven System Management
1. Introduction2. Security and Policy-Based Management3. Classification and Languages4. Controls for Enforcing Security Policies in Distributed Systems5. Products and Technologies6. Research Projects7. SummaryChapter Review Questions/ExercisesExercise
Chapter 27. Information Technology Security Management
1. Introduction2. Alignment With Business Strategy3. Cybersecurity Management Frameworks4. People, Process, Technology5. Organizational Structure and Alignment6. Security Management Execution7. Risk-Oriented Security Management8. Developing a Security Strategy9. SummaryChapter Review Questions/ExercisesExercise
Chapter 28. The Enemy (The Intruder's Genesis)
1. Introduction2. Active Reconnaissance3. Enumeration4. Penetration and Gain Access5. Maintain Access6. Defend Network Against Unauthorized Access7. SummaryChapter Review Questions/ExercisesExercise
Chapter 29. Social Engineering Deceptions and Defenses
1. Introduction2. Counter-Social Engineering3. Vulnerabilities4. Using a Layered Defense Approach5. Attack Scenarios6. Suspect Everyone: Network Vector7. Policy and Training8. Physical Access9. SummaryChapter Review Questions/ExercisesExercise
Chapter 30. Hacking in an Ethical Way
1. Introduction2. Ethical—Who Decides?3. Can it be Ethical if it is Illegal?4. Vulnerability Disclosure Policy5. Hacker Tools6. Responsible Disclosure7. Targets of Hacking8. How to Prevent Hacking9. Top Hacks10. Defcon (defcon.org)11. SummaryChapter Review Questions/ExercisesExercise
Chapter 31. What Is Vulnerability Assessment?
1. Introduction2. Reportin3. The “It Will Not Happen to Us” Factor4. Why Vulnerability Assessment?5. Penetration Testing Versus Vulnerability Assessment6. Vulnerability Assessment Goal7. Mapping the Network8. Selecting the Right Scanners9. Central Scans Versus Local Scans10. Defense in Depth Strategy11. Vulnerability Assessment Tools12. Security Auditor's Research Assistant13. Security Administrator's Integrated Network Tool14. Microsoft Baseline Security Analyzer15. Scanner Performance16. Scan Verification17. Scanning Cornerstones18. Network Scanning Countermeasures19. Vulnerability Disclosure Date20. Proactive Security Versus Reactive Security21. Vulnerability Causes22. Do It Yourself Vulnerability Assessment23. SummaryChapter Review Questions/ExercisesExercise
Chapter 32. Introduction to Vulnerabilities Below the Operating System
1. Introduction2. Firmware: A Hidden Attack Vector3. Conclusion4. SummaryChapter Review Questions/ExercisesExercise
Chapter 33. Security Metrics: An Introduction and Literature Review
1. Introduction2. Why Security Metrics?3. The Nature of Security Metrics4. Getting Started With Security Metrics5. Metrics in Action: Toward an Intelligent Security Dashboard6. Security Metrics in the Literature7. SummaryChapter Review Questions/ExercisesExercise
Chapter 34. Security Education, Training, and Awareness
1. Security Education, Training, and Awareness (SETA) Programs2. Users, Behavior, and Roles3. Security Education, Training, and Awareness (SETA) Program Design4. Security Education, Training, and Awareness (SETA) Program Development5. Implementation and Delivery6. Technologies and Platforms7. SummaryChapter Review Questions/ExercisesExercise
Chapter 35. Risk Management
1. Introduction2. The Concept of Risk3. Expressing and Measuring Risk4. The Risk Management Methodology5. Integrating Risk Management Into the System Development Life Cycle6. Risk Management Methods7. Risk Management Standards8. SummaryChapter Review Questions/ExercisesExercise
Chapter 36. Insider Threats
1. Introduction2. Defining Insider Threat3. Motivations of the Insider Threat Actors4. Examples of Insider Treats5. Impacts6. Analysis7. Manage and Mitigate the Insider Threat8. Conclusion9. SummaryChapter Review Questions/ExercisesExercise
Part III. Disaster Recovery Security
Chapter 37. Disaster Recovery
1. Introduction2. Measuring Risk and Avoiding Disaster3. The Business Impact Assessment4. SummaryChapter Review Questions/ExercisesExercise
Chapter 38. Disaster Recovery Plans for Small and Medium Business (SMB)
1. Introduction2. Identifying the Need for a Disaster Recovery Plan3. Recovery4. Threat Analysis5. Methodology6. Train and Test the Plan7. Communication8. Recovery9. Conclusion10. SummaryChapter Review Questions/ExercisesExercise
Part IV. Security Standards And Policies
Chapter 39. Security Certification and Standards Implementation
1. Introduction: The Security Compliance Puzzle2. The Age of Digital Regulations3. Security Regulations and Laws: Technology Challenges4. Implementation: The Compliance Foundation5. SummaryChapter Review Questions/ExercisesExercise
Chapter 40. Security Policies and Plans Development
1. Introduction: Policies and Planning: Security Framework Foundation2. CIA: Not the Central Intelligence Agency3. Security Policy Structure4. Security Policy: Sign Off Approval5. SummaryChapter Review Questions/ExercisesExercise
Part V. Cyber, Network, and Systems Forensics Security and Assurance
Chapter 41. Cyber Forensics
1. What Is Cyber Forensics?2. Analysis of Data3. Cyber Forensics in the Court System4. Understanding Internet History5. Temporary Restraining Orders and Labor Disputes6. First Principles7. Hacking a Windows XP Password8. Network Analysis9. Cyber Forensics Applied10. Tracking, Inventory, Location of Files, Paperwork, Backups, and So on11. Testifying as an Expert12. Beginning to End in Court13. SummaryChapter Review Questions/ExercisesExercise
Chapter 42. Cyber Forensics and Incidence Response
1. Introduction to Cyber Forensics2. Handling Preliminary Investigations3. Controlling an Investigation4. Conducting Disc-Based Analysis5. Investigating Information-Hiding Techniques6. Scrutinizing Email7. Validating Email Header Information8. Tracing Internet Access9. Searching Memory in Real Time10. SummaryChapter Review Questions/ExercisesExercise
Chapter 43. Securing e-Discovery
1. Information Management2. Legal and Regulatory Obligation3. SummaryChapter Review Questions/ExercisesExercise
Chapter 44. Network Forensics
1. Introduction2. Network Forensic Analysis3. Email Investigations4. Validating Process5. SummaryChapter Review Questions/ExercisesExercise
Chapter 45. Microsoft Office and Metadata Forensics: A Deeper Dive
1. Introduction2. In a Perfect World3. Microsoft Excel4. Exams!5. Items Outside of Office Metadata6. SummaryChapter Review Questions/ExercisesExercise
Chapter 46. Hard Drive Imaging
1. Introduction2. Hard Disc Drives3. Solid State Drives4. Hardware Tools5. Software Tools6. Techniques7. SummaryChapter Review Questions/ExercisesExercise
Part VI. Encryption Technology
Chapter 47. Data Encryption
1. Need for Cryptography2. Mathematical Prelude to Cryptography3. Classical Cryptography4. Modern Symmetric Ciphers5. Algebraic Structure
6. The Internal Functions of Rijndael in Advanced Encryption Standard Implementation
7. Use of Modern Block Ciphers8. Public-Key Cryptography9. Cryptanalysis of Rivest–Shamir–Adleman10. Diffie–Hellman Algorithm
11. Elliptic Curve Cryptosystems
12. Message Integrity and Authentication13. Triple Data Encryption Algorithm Block Cipher14. SummaryChapter Review Questions/ExercisesExercise
Chapter 48. Satellite Encryption
1. Introduction2. The Need for Satellite Encryption3. Implementing Satellite Encryption4. Pirate Decryption of Satellite Transmissions5. Satellite Encryption Policy6. Satellite Encryption Service (SES)7. The Future of Satellite Encryption8. SummaryChapter Review Questions/ExercisesExercise
Chapter 49. Public Key Infrastructure
1. Cryptographic Background2. Overview of Public Key Infrastructure3. The X.509 Model4. X.509 Implementation Architectures5. X.509 Certificate Validation6. X.509 Certificate Revocation7. Server-Based Certificate Validity Protocol8. X.509 Bridge Certification Systems9. X.509 Certificate Format10. Public Key Infrastructure Policy Description11. Public Key Infrastructure Standards Organizations12. Pretty Good Privacy Certificate Formats13. Pretty Good Privacy Public Key Infrastructure Implementations14. World Wide Web Consortium15. Is Public Key Infrastructure Secure?16. Alternative Public Key Infrastructure Architectures17. Modified X.509 Architectures18. Alternative Key Management Models19. SummaryChapter Review Questions/ExercisesExercise
Chapter 50. Password-Based Authenticated Key Establishment Protocols
1. Introduction to Key Exchange2. Password-Authenticated Key Exchange3. Concrete Protocols4. SummaryChapter Review Questions/ExercisesExercise
Chapter 51. Context-Aware Multifactor Authentication Survey
1. Introduction2. Classic Approach to Multifactor Authentication3. Modern Approaches to Multifactor Authentication4. Comparative Summary5. SummaryChapter Review Questions/ExercisesExercise
Chapter 52. Instant-Messaging Security
1. Why Should I Care About Instant Messaging?2. What Is Instant Messaging?3. The Evolution of Networking Technologies4. Game Theory and Instant Messaging5. The Nature of the Threat6. Common Instant Messaging Applications7. Defensive Strategies8. Instant-Messaging Security Maturity and Solutions9. Processes10. SummaryChapter Review Questions/ExercisesExercise
Contents to Volume II
Part VII. Privacy and Access Management
Chapter 53. Online Privacy
1. Introduction2. The Quest for Online Privacy3. Market and Industry4. On Regulatory Frameworks5. Privacy and Technologies6. SummaryChapter Review Questions/ExercisesExercise
Chapter 54. Privacy-Enhancing Technologies
1. Introduction2. Privacy-Enhancing Techniques3. Data Obfuscation4. Encrypted Data Processing5. Federated and Distributed Analytics6. Data Accountability Tools7. SummaryChapter Review Questions/ExercisesExercise
Chapter 55. Personal Privacy Policies
1. Introduction2. Information to be Provided to Data Subjects3. Concise, Transparent, Intelligible, and Easily Accessible Information4. DATA Protection Icons5. Conclusion6. SummaryChapter Review Questions/ExercisesExercise
Chapter 56. Detection of Conflicts in Security Policies
1. Introduction2. Conflicts in Security Policies3. Conflicts in Executable Security Policies4. Conflicts in Network Security Policies5. Query-Based Conflict Detection6. Semantic Web Technology for Conflict Detection7. SummaryChapter Review Questions/ExercisesExercise
Chapter 57. Supporting User Privacy Preferences in Digital Interactions
1. Introduction2. Basic Concepts and Desiderata3. Cost-Sensitive Trust Negotiation4. Point-Based Trust Management5. Logical-Based Minimal Credential Disclosure6. Privacy Preferences in Credential-Based Interactions7. Fine-Grained Disclosure of Sensitive Access Policies8. Open Issues9. SummaryChapter Review Questions/ExercisesExercise
Chapter 58. Privacy and Security in Environmental Monitoring Systems: Issues and Solutions
1. Introduction2. System Architectures3. Environmental Data4. Security and Privacy Issues in Environmental Monitoring5. Countermeasures6. SummaryChapter Review Questions/ExercisesExercise
Chapter 59. Virtual Private Networks
1. Introduction2. History3. Who is in Charge?4. Virtual Private Network Types5. Authentication Methods6. Symmetric Encryption7. Asymmetric Cryptography8. Edge Devices9. Passwords10. Security Tips for VPN Systems11. Mobile Virtual Private Networks12. Virtual Private Network Deployments13. SummaryChapter Review Questions/ExercisesExercise
Chapter 60. Identity Theft
1. Introduction2. Definition and Types of Identity Theft3. Historical Background and Evolution of Identity Theft in the Digital Age4. Technical Details of Identity Theft Techniques, Prevention, and Protection5. SummaryChapter Review Questions/Exercises
Chapter 61. VoIP Security
1. Introduction2. Overview of Threats3. Security in Voice Over Internet Protocol4. Future Trends5. SummaryChapter Review Questions/ExercisesExercise
Part VIII. Storage Security
Chapter 62. SAN Security
1. Organizational Structure2. Access Control Lists and Policies3. Physical Access4. Change Management5. Password Policies6. Defense-in-Depth7. Vendor Security Review8. Data Classification9. Security Management10. Auditing11. Security Maintenance12. Host Access: Partitioning13. Data Protection: Replicas14. Encryption in Storage15. Application of Encryption16. SummaryChapter Review Questions/ExercisesExercise
Chapter 63. Storage Area Networking Security Devices
1. Introduction2. Storage Area Network Device Security3. Introduction to SANs4. Conclusion5. SummaryChapter Review Questions/ExercisesExercise
Part IX. Cloud Security
Chapter 64. Securing Cloud Computing Systems
1. Introduction2. General Cloud Security Domains3. Illustration of Cloud Security Standards: CSA Cloud Controls Matrix4. SummaryChapter Review Questions/ExercisesExercise
Chapter 65. Cloud Security
1. Introduction2. SummaryChapter Review Questions/ExercisesExercise
Chapter 66. Cloud Security Trends
1. Introduction2. Encryption3. Self-Regulatory Frameworks4. EUCS—Cloud Services Scheme5. Summary6. Create New QuestionsChapter Review Questions/ExercisesExercise
Chapter 67. Private Cloud Security
1. Introduction: Private Cloud System Management2. From Physical to Network Security Base Focus3. Benefits of Private Cloud Security Infrastructures4. Private Cloud Security Standards and Best Practices5. “As-a-Service” Universe: Service Models6. Private Cloud Service Model: Layer Considerations7. Privacy or Public: The Cloud Security Challenges8. SummaryChapter Review Questions/ExercisesExercise
Chapter 68. Virtual Private Cloud Security
1. Introduction: Virtual Networking in a Private Cloud2. Security Console: Centralized Control Dashboard Management3. Security Designs: Virtual Private Cloud Setups4. Security Object Group Allocations: Functional Control Management Practices5. Virtual Private Cloud Performance Versus Security6. SummaryChapter Review Questions/ExercisesExercise
Part X. Virtual Security
Chapter 69. Protecting Virtual Infrastructure
1. Virtualization in Computing2. Virtual Data Center Security3. Hypervisor Security4. Enterprise Segmentation5. Active Containerized Security6. Virtual Absorption of Volume Attacks7. Open Source Versus Proprietary Security Capabilities8. SummaryChapter Review Questions/ExercisesExercise
Chapter 70. Software-Defined Networking and Network Function Virtualization Security
1. Introduction to Software-Defined Networking2. Software-Defined Networking and Network Function Virtualization Overview3. Software-Defined Networking and Network Function Virtualization for Internet Service Providers4. Software-Defined Networking Controller Security5. Improved Patching With Software-Defined Networking6. Dynamic Security Service Chaining in Software-Defined Networking7. Future Virtualized Management Security Support in Software-Defined Networking8. SummaryChapter Review Questions/ExercisesExercise
Part XI. Cyber Physical Security
Chapter 71. Physical Security
1. Overview2. Physical Security Threats3. Physical Security Prevention and Mitigation Measures4. Recovery From Physical Security Breaches5. Threat Assessment, Planning, and Plan Implementation6. Example: A Corporate Physical Security Policy7. Integration of Physical and Logical Security8. Physical Security Checklist9. SummaryChapter Review Questions/ExercisesExercise
Chapter 72. Biometrics
1. Introduction2. Type of Biometrics in Use Today3. Privacy and Security of Biometrics4. Legal and Ethical Considerations5. The Future of Biometrics6. SummaryChapter Review Questions/ExercisesExerciseOptional Team Case Project
Part XII. Practical Security
Chapter 73. Online Identity and User Management Services
1. Introduction2. Evolution of Identity Management Requirements3. The Requirements Fulfilled by Identity Management Technologies4. Identity Management 1.05. Social Login and User Management6. Identity 2.0 for Mobile Users7. SummaryChapter Review Questions/ExercisesExercise
Chapter 74. Intrusion Prevention and Detection Systems
1. What Is an “Intrusion” Anyway?2. Physical Theft3. Abuse of Privileges (the Insider Threat)4. Unauthorized Access by Outsider5. Malicious Software Infection6. Role of the “Zero-Day”7. The Rogue's Gallery: Attackers and Motives8. A Brief Introduction to Transmission Control Protocol/Internet Protocol9. Transmission Control Protocol/Internet Protocol Data Architecture and Data Encapsulation10. Survey of Intrusion Detection and Prevention Technologies11. Antimalicious Software12. Network-Based Intrusion Detection Systems13. Network-Based Intrusion Prevention Systems14. Host-Based Intrusion Prevention Systems15. Security Information Management Systems16. Network Session Analysis17. Digital Forensics18. System Integrity Validation19. SummaryChapter Review Questions/ExercisesExercise
Chapter 75. Transmission Control Protocol/Internet Protocol Packet Analysis
1. The Internet Model2. SummaryChapter Review Questions/ExercisesExercise
Chapter 76. Firewalls
1. Introduction2. Network Firewalls3. Firewall Security Policies4. A Simple Mathematical Model for Policies, Rules, and Packets5. First-Match Firewall Policy Anomalies6. Policy Optimization7. Firewall Types8. Host and Network Firewalls9. Software and Hardware Firewall Implementations10. Choosing the Correct Firewall11. Firewall Placement and Network Topology12. Firewall Installation and Configuration13. Supporting Outgoing Services Through Firewall Configuration14. Secure External Services Provisioning15. Network Firewalls for Voice and Video Applications16. Firewalls and Important Administrative Service Protocols17. Internal IP Services Protection18. Firewall Remote Access Configuration19. Load Balancing and Firewall Arrays20. Highly Available Firewalls21. Firewall Management22. SummaryChapter Review Questions/ExercisesExercise
Chapter 77. Penetration Testing
1. What Is Penetration Testing?2. Why Would You Do It?3. How Do You Do It?5. SummaryChapter Review Questions/ExercisesExercise
Chapter 78. System Security
1. Foundations of Security2. Basic Countermeasures3. SummaryChapter Review Questions/ExercisesExercise
Chapter 79. Access Controls
1. Infrastructure Weaknesses: Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC)2. Strengthening the Infrastructure: Authentication Systems3. SummaryChapter Review Questions/ExercisesExercise
Chapter 80. Endpoint Security
1. Introduction: Endpoint Security Defined2. Endpoint Solution: Options3. Standard Requirements: Security Decisions4. Endpoint Architecture: Functional Challenges5. Endpoint Intrusion Security: Management Systems6. Intrusion Prevention System (IPS) Network Logging Tools: Seek and Target (the Offender)7. Endpoint Unification: Network Access Control (NAC) Design Approach (From the Ground-Up)8. Software-as-a-Service (SaaS) Endpoint Security9. SummaryChapter Review Questions/ExercisesExercise
Chapter 81. Assessments and Audits
1. Assessing Vulnerabilities and Risk: Penetration Testing and Vulnerability Assessments2. Risk Management: Quantitative Risk Measurements3. SummaryChapter Review Questions/ExercisesExercise
Chapter 82. Fundamentals of Cryptography
1. Assuring Privacy With Encryption2. SummaryChapter Review Questions/ExercisesExercise
Part XIII. Critical Infrastructure Security
Chapter 83. Securing the Infrastructure
1. Communication Security Goals2. Attacks and Countermeasures3. SummaryChapter Review Questions/ExercisesExercise
Chapter 84. Cyberattacks Against the Grid Infrastructure
1. Introduction2. Why is There a Threat to the Power Grid3. How Power Grids Can be Hacked4. How Hackers Can Shut Down the Power Grid5. What Would Happen if the us Power Grid Went Down6. Why the Power Grid is so Vulnerable to Cyber Attacks7. SummaryChapter Review Questions/ExercisesExercise
Chapter 85. Energy Infrastructure Cyber Security
1. Introduction2. Energy Sector Cyber Security Program as it Relates to the Electric Power Grid and Pipelines Subsectors3. Summary of Risks to Computer-Based Control Systems Used in Energy Sector Subsectors and Recent Cyber Attacks4. Review of Legislative Authorities and Policy Guidance Directing US Department of Energy Cybersecurity Programs and Activities and it’s Relationship With National Laboratories and Other Federal Agencies With Cybersecurity Roles5. Concluding Discussion of Key Policy Issues for Congress6. SummaryChapter Review Questions/ExercisesExercise
Chapter 86. Homeland Security and Cybersecurity
1. Introduction2. Defining Homeland Security3. 9/11 Commission Report and the “New Terrorism”4. The Organization of Homeland Security and Cybersecurity5. Typology of Cyberthreats and Homeland Security6. Homeland Security Organization and Key Agencies in Cybersecurity7. Legislation Influencing Homeland Security and Cybersecurity8. The Future of Homeland Security9. Summary and ConclusionChapter Review Questions/ExercisesExercise
Chapter 87. Cyber Warfare
1. Introduction2. The Primary Components of Cyber Warfare3. Intelligence Gathering in Cyber Warfare4. Technical Aspects of Cyber Warfare5. Strategic Aspects of Cyber Warfare6. SummaryChapter Review Questions/ExercisesExercise
Chapter 88. Cyber Attack Process
1. Introduction2. What is a Cyber Attack3. The Cyber Attack Process4. Attack Difficulty and Complexity5. Attack Vectors6. Beginning the Cyber Attack Process7. Cyber Attack Impacts8. Defending Against Cyber Attacks9. SummaryChapter Review Questions/ExercisesExercise
Part XIV. Cyber Security for the Smart City And Smart Homes
Chapter 89. Smart Cities: Cybersecurity Concerns
1. Introduction2. Understanding Smart Cities3. Cybersecurity Challenges4. Types of Cyberthreats5. Current Cybersecurity Measures6. Future Considerations7. Open Problems8. SummaryChapter Review Questions/ExercisesExercise
Chapter 90. Disaster Management Cycle, Smart Technologies, Urban Form, Traditional Developments, and Sprawl
1. Introduction2. Disaster Management and the Disaster Management Cycle3. Smart Technology and Disasters4. Human Behavior and Disaster Management5. Disaster Management Cycle and Urban Form6. Conclusions7. SummaryChapter Review Questions/ExercisesExercise
Chapter 91. Cyber Security in Smart Homes
1. Introduction2. Organization3. Background4. Security Challenges of Smart Homes5. Threats on Smart Home Layers6. Security Solutions and Best Practices7. Conclusion8. SummaryChapter Review Questions/ExercisesExercise
Chapter 92. Future Trends for Cyber Security for Smart Cities and Homes
1. Introduction2. “Smart City” Dispersion and Centralization Attributes: Stakeholders, Implications3. “Smart Cities”—A Modern Day “Panopticon” Writ Large4. Complex Systems Analysis—A Tool for “Smart City” Development5. The Basics of Smart City Infrastructure, Buildings, and “OPEN Spaces”6. Public–Private Partnerships7. Societal Resilience Enhancement8. The Rudiments of “the Technology Side” to “Smart Cities”9. “Smart-City” Perimeters and Borders10. Smart City Policing11. The City-Scape Security Typology—a First Pass12. City-Scape Matrices13. Final Reflections14. SummaryChapter Review Questions/ExercisesExercise
Part XV. Cyber Security Of Connected And Automated Vehicles
Chapter 93. An Overview of Cyber Attacks and Defenses on Intelligent Connected Vehicles
1. Introduction2. Background3. Challenges4. AV Forensics5. Communications6. Over-the-Air Updates7. Open Problems8. SummaryChapter Review Questions/ExercisesExercise
Part XVI. Advanced Security
Chapter 94. Security Through Diversity
1. Ubiquity2. Example Attacks Against Uniformity3. Attacking Ubiquity With Antivirus Tools4. The Threat of Worms5. Automated Network Defense6. Diversity and the Browser7. Sandboxing and Virtualization8. Domain Name Server Example of Diversity Through Security9. Recovery From Disaster Is Survival10. SummaryChapter Review Questions/ExercisesExercise
Chapter 95. Online e-Reputation Management Services
1. Introduction2. Reputation in the Online ERA3. Online Reputation Management Architectures4. Privacy Issues in Online Reputation Management5. Conclusion6. SummaryChapter Review Questions/ExercisesExercise
Chapter 96. Content Filtering
1. Defining the Problem2. Why Content Filtering Is Important3. Content Categorization Technologies4. Perimeter Hardware and Software Solutions5. Categories6. Legal Issues7. Circumventing Content Filtering8. Additional Items to Consider: Overblocking and Underblocking9. Related Products10. SummaryChapter Review Questions/ExercisesExercise
Chapter 97. Data Loss Protection
1. Precursors of DLP2. What Is Data Loss Protection (DLP)?3. Where to Begin?4. Data Is Like Water5. You Don't Know What You Don't Know6. How Do Data Loss Protection (DLP) Applications Work?7. Eat Your Vegetables8. IT's a Family Affair, Not Just IT Security's Problem9. Vendors, Vendors Everywhere! Who Do You Believe?10. SummaryChapter Review Questions/ExercisesExercise
Chapter 98. Satellite Cyber Attack Search and Destroy
1. Introduction2. Historical Perspective and Changing Threat Landscape3. Threats to Satellite Security4. International Cooperation and Challenges5. Limited Security Inclusion6. Future Perspectives and Challenges7. Hacks and Attacks8. Satellites in Orbit9. SummaryChapter Review Questions/ExercisesExercise
Chapter 99. Verifiable Voting Systems
1. Introduction2. Security Requirements3. Verifiable Voting Schemes4. Building Blocks5. Survey of Noteworthy Schemes6. Threats to Verifiable Voting Systems7. SummaryChapter Review Questions/ExercisesExercise
Chapter 100. Advanced Data Encryption
1. Mathematical Concepts Reviewed2. The RIVEST, SHAMIR, AND ADELMAN Cryptosystem3. SummaryChapter Review Questions/ExercisesExercise
Chapter 101. Use of Artificial Intelligence (AI) in Cybersecurity
1. Introduction2. AI Fundamentals3. Impact of AI on Cybersecurity4. Dark Side of AI5. AI-Powered Cybersecurity Adoption and its Future6. SummaryChapter Review Questions/ExercisesExercise
Chapter 102. AI Abuse: Investigating the Threat Landscape
1. Introduction2. Background3. Attack Models4. Case Studies5. SummaryChapter Review Questions/ExercisesExercise
Part XVII. Future Cyber Security Trends And Directions
Chapter 103. Future Trends for Cyber Attacks in the Healthcare Industry
1. Introduction2. Internet of Medical Things3. Rural and Small-Sized Hospitals are at a Greater Risk of Suffering a Cyber Attacked4. What Cyber Threats or Attacks is the Healthcare Most at Risk Off?5. Autocratic Regimes and the Healthcare Industry6. The Threat Landscape of the Future: Digital Healthcare and Integrated Healthcare7. Mitigating Healthcare Data Breaches in the Healthcare Industry8. SummaryChapter Review Questions/ExercisesExercise
Chapter 104. Future Trends in Maritime Cybersecurity
1. Introduction2. Factors of Change in the Maritime Industry3. Cybersecurity Solutions and Approaches4. Future Directions and Trends5. SummaryChapter Review Questions/ExercisesExercise
Part XVIII. Appendices
Appendix A. List of Top Information and Network Security Implementation and Deployment Companies
Appendix B. List of Security Products
Appendix C. List of Security Standards
Appendix D. List of Miscellaneous Security Resources
Appendix E. Frequently Asked Questions
Appendix F. Case Studies
Appendix G. Answers to Review Questions/Exercises, Hands-on Projects, Case Projects, and Optional Team Case Project by Chapter
Appendix H. Glossary
Index
Index

Content preview from Computer and Information Security Handbook (2-Volume Set), 4th Edition

Chapter 75: Transmission Control Protocol/Internet Protocol Packet Analysis

Pramod Pandya California State University Fullerton, Fullerton, CA, United States

Abstract

To manage network security, you need an in-depth understanding of the Transmission Control Protocol/Internet Protocol (TCP/IP) stack. This chapter will discuss how TCP/IP packets are constructed and analyzed, to interpret applications that use the TCP/IP stack. The intrusion detection principle relies on being able to analyze the packets and detect a potential attack or an attack in progress. We will introduce the Internet model to develop the argument to support packet data networking for local and wide area networks that include the Internet.

Keywords

Data link layer; Data rate; ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Computer Security Fundamentals, 5th Edition

Publisher Resources

ISBN: 9780443132247

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills