book

Computer Security Fundamentals, Third Edition

by Chuck Easttom

June 2016

Beginner

448 pages

12h 35m

English

Pearson IT Certification

Read now

Unlock full access

About the Technical Reviewer

IntroductionHow Seriously Should You Take Threats to Network Security?Identifying Types of ThreatsMalwareCompromising System SecurityDoS AttacksWeb AttacksSession HijackingInsider ThreatsDNS PoisoningNew AttacksAssessing the Likelihood of an Attack on Your NetworkBasic Security TerminologyHacker SlangProfessional TermsConcepts and ApproachesHow Do Legal Issues Impact Network Security?Online Security ResourcesCERTMicrosoft Security AdvisorF-SecureSANS InstituteSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionNetwork BasicsThe Physical Connection: Local NetworksFaster Connection SpeedsData TransmissionHow the Internet WorksIP AddressesCIDRUniform Resource LocatorsWhat Is a Packet?Basic CommunicationsHistory of the InternetBasic Network UtilitiesIPConfigPingTracertNetstatNSLookupOther Network DevicesAdvanced Network Communications TopicsThe OSI ModelMedia Access Control (MAC) AddressesSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionHow Internet Fraud WorksInvestment OffersAuction FraudsIdentity TheftPhishingCyber StalkingReal Cyber Stalking CasesHow to Evaluate Cyber StalkingCrimes Against ChildrenLaws About Internet FraudProtecting Yourself Against Cyber CrimeProtecting Against Investment FraudProtecting Against Identity TheftSecure Browser SettingsSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionDoSIllustrating an AttackCommon Tools Used for DoSDoS WeaknessesSpecific DoS AttacksLand AttackDDoSSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionVirusesHow a Virus SpreadsTypes of VirusesVirus ExamplesRombertikGameover ZeuSCryptoLocker and CryptoWallFakeAVMacDefenderTroj/Invo-ZipW32/Netsky-PThe Sobig VirusThe Mimail VirusThe Bagle VirusA Nonvirus VirusFlameRules for Avoiding VirusesTrojan HorsesThe Buffer-Overflow AttackThe Sasser Virus/Buffer OverflowSpywareLegal Uses of SpywareHow Is Spyware Delivered to a Target System?Obtaining Spyware SoftwareOther Forms of MalwareRootkitMalicious Web-Based CodeLogic BombsSpamAdvanced Persistent ThreatsDetecting and Eliminating Viruses and SpywareAntivirus SoftwareAntispyware SoftwareRemediation StepsSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionBasic TerminologyThe Reconnaissance PhasePassive Scanning TechniquesActive Scanning TechniquesActual AttacksSQL Script InjectionCross-Site ScriptingPassword CrackingMalware CreationWindows Hacking TechniquesPenetration TestingNIST 800-115National Security Agency Information Assessment MethodologyPCI Penetration Testing StandardSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionWhat Is Industrial Espionage?Information as an AssetReal-World Examples of Industrial EspionageExample 1: Houston AstrosExample 2: University Trade SecretsExample 3: VIA TechnologyExample 4: General MotorsExample 5: Bloomberg, Inc.Example 6: Interactive Television Technologies, Inc.Trends in Industrial EspionageIndustrial Espionage and YouHow Does Espionage Occur?Low-Tech Industrial EspionageSpyware Used in Industrial EspionageSteganography Used in Industrial EspionagePhone Taps and BugsProtecting Against Industrial EspionageIndustrial Espionage ActSpear PhishingSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionCryptography BasicsHistory of EncryptionThe Caesar CipherAtbashMulti-Alphabet SubstitutionRail FenceEnigmaBinary OperationsModern MethodsSingle-Key (Symmetric) EncryptionModification of Symmetric MethodsPublic Key (Asymmetric) EncryptionRSADiffie-HellmanElliptic CurvePGPLegitimate Versus Fraudulent Encryption MethodsDigital SignaturesHashingMD5SHARipeMDMAC and HMACRainbow TablesSteganographyHistorical SteganographyMethods and ToolsCryptanalysisFrequency AnalysisModern MethodsCryptography Used on the InternetSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionVirus ScannersHow Does a Virus Scanner Work?Virus-Scanning TechniquesCommercial Antivirus SoftwareFirewallsBenefits and Limitation of FirewallsFirewall Types and ComponentsFirewall ConfigurationsCommercial and Free Firewall ProductsFirewall LogsAntispywareIDSIDS CategorizationIdentifying an IntrusionIDS ElementsSnortHoney PotsDatabase Activity MonitoringOther Preemptive TechniquesAuthenticationDigital CertificatesSSL/TLSVirtual Private NetworksPoint-to-Point Tunneling ProtocolLayer 2 Tunneling ProtocolIPsecWi-Fi SecurityWired Equivalent PrivacyWi-Fi Protected AccessWPA2SummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionWhat Is a Policy?Defining User PoliciesPasswordsInternet UseEmail UsageInstalling/Uninstalling SoftwareInstant MessagingDesktop ConfigurationBring Your Own DeviceFinal Thoughts on User PoliciesDefining System Administration PoliciesNew EmployeesDeparting EmployeesChange RequestsSecurity BreachesVirus InfectionDoS AttacksIntrusion by a HackerDefining Access ControlDevelopmental PoliciesStandards, Guidelines, and ProceduresData ClassificationDoD ClearancesDisaster RecoveryDisaster Recovery PlanBusiness Continuity PlanImpact Analysis?Fault ToleranceImportant LawsHIPAASarbanes-OxleyPayment Card Industry Data Security StandardsSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionBasics of Assessing a SystemPatchPortsProtectPoliciesProbePhysicalSecuring Computer SystemsSecuring an Individual WorkstationSecuring a ServerSecuring a NetworkScanning Your NetworkMBSANESSUSGetting Professional HelpSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionActual Cases of Cyber TerrorismThe Chinese Eagle UnionChina’s Advanced Persistent ThreatIndia and PakistanRussian HackersWeapons of Cyber WarfareStuxnetFlameStopGeorgia.ru MalwareFinFisherBlackEnergyNSA ANT CatalogEconomic AttacksMilitary Operations AttacksGeneral AttacksSupervisory Control and Data Acquisitions (SCADA)Information WarfarePropagandaInformation ControlDisinformationActual CasesFuture TrendsPositive TrendsNegative TrendsDefense Against Cyber TerrorismTerrorist Recruiting and CommunicationTOR and the Dark WebSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionGeneral SearchesCourt Records and Criminal ChecksSex Offender RegistriesCivil Court RecordsOther ResourcesUsenetSummaryTest Your SkillsMultiple Choice QuestionsExercisesProjects
IntroductionGeneral GuidelinesDon’t Touch the Suspect DriveImage a Drive with Forensic ToolkitCan You Ever Conduct Forensics on a Live Machine?Document TrailSecure the EvidenceChain of CustodyFBI Forensics GuidelinesU.S. Secret Service Forensics GuidelinesEU Evidence GatheringScientific Working Group on Digital EvidenceLocard’s Principle of TransferenceToolsFinding Evidence on the PCFinding Evidence in the BrowserFinding Evidence in System LogsWindows LogsLinux LogsGetting Back Deleted FilesOperating System UtilitiesNet SessionsOpenfilesFcNetstatThe Windows RegistrySpecific EntriesMobile Forensics: Cell Phone ConceptsCell Concepts ModuleCellular NetworksiOSAndroidWindowsWhat You Should Look ForThe Need for Forensic CertificationExpert WitnessesFederal Rule 702DaubertAdditional Types of ForensicsNetwork ForensicsVirtual ForensicsSummaryTest Your SkillsMultiple Choice QuestionsExercises
General Computer Crime and Cyber TerrorismGeneral KnowledgeCyber StalkingIdentity TheftPort Scanners and SniffersPassword CrackersCountermeasuresCyber Investigation ToolsGeneral ToolsVirus Research
Chapter 1Chapter 2Chapter 3Chapter 4Chapter 5Chapter 6Chapter 7Chapter 8Chapter 9Chapter 10Chapter 11Chapter 12Chapter 13Chapter 14