Computer Security: Protecting Digital Resources

Computer Security: Protecting Digital Resources

by Robert C Newman
Released February 2009
Publisher(s): Jones & Bartlett Learning
ISBN: 9780763783051

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description


Today, society is faced with numerous internet schemes, fraudulent scams, and means of identity theft that threaten our safety and our peace of mind. Computer Security: Protecting Digital Resources provides a broad approach to computer-related crime, electronic commerce, corporate networking, and Internet security, topics that have become increasingly important as more and more threats are made on our internet environment. This book is oriented toward the average computer user, business professional, government worker, and those within the education community, with the expectation that readers can learn to use the network with some degree of safety and security. The author places emphasis on the numerous vulnerabilities and threats that are inherent in the Internet environment. Efforts are made to present techniques and suggestions to avoid identity theft and fraud.

Readers will gain a clear insight into the many security issues facing the e-commerce, networking, web, and internet environments, as well as what can be done to keep personal and business information secure.

Table of contents

  1. Book Cover
  2. Title
  3. Copyright
  4. Contents (1/4)
  5. Contents (2/4)
  6. Contents (3/4)
  7. Contents (4/4)
  8. Preface
  9. Part One: Basics and General Understanding
    1. Chapter 1 Cyber Environment and Security Issues
      1. Chapter Contents
      2. Introduction
      3. An Historical Perspective
        1. Security Concerns Today
      4. Computer and Internet Environment Issues
        1. Value of the Resource
        2. Portability and Size
        3. Personal Contact
      5. Trusted Systems
        1. Trusted and Untrusted Networks
      6. The Cyber Environment
        1. The Internet and the World Wide Web
        2. Client/Server Environment
      7. Cybercrimes
      8. Cyber-Terrorism
        1. Steganography
        2. Information Warfare
      9. Resource and Asset Protection
        1. Cryptanalysis
        2. Cryptography
        3. Encryption/Decryption
      10. Content Management
      11. Electronic Threats
      12. Cyber Security Goals and Objectives
        1. Availability
        2. Integrity
        3. Confidentiality
      13. Ethics
        1. ISSA Code of Ethics
      14. Intellectual Property Protections
        1. Copyright
        2. Trademark
        3. Trade Secrets
      15. Internet Access for Children
        1. Pornography and Violence
      16. Chapter Summary
      17. Key Terms
      18. Security Review Questions
      19. Research Activities
    2. Chapter 2 Attacks, Threats, and Vulnerabilities
      1. Chapter Contents
      2. Introduction
      3. Threats
      4. Threat Targets
        1. Integrity Threat
        2. Denial of Service Threat
        3. Disclosure Threat
      5. Attacks
        1. Social Engineering
        2. Phishing
        3. Pharming
        4. Phreaking
      6. Virus Threats
      7. Countering the Virus Threat
        1. Virus Control Policies
        2. Software Detection
        3. E­Mail Viruses and Worms
        4. An Ounce of Prevention
        5. Comparing Virus, Worm, and Trojan Software
        6. Combating Viruses, Worms, and Trojans
      8. Vulnerabilities
      9. Malicious Attacks
        1. War Dialers
        2. Brute Force Attack
        3. Dictionary Attack
        4. Masquerading
        5. Eavesdropping
        6. Address Spoofing
        7. Hijackers
        8. Session Hijacking
        9. Replay Attack
        10. Man­in­the­Middle Attack
      10. Other Security Breaches
        1. Denial of Service
        2. Distributed Denial of Service
        3. Browsing
        4. Wiretapping
        5. Backdoor
        6. Data Modifications
      11. Additional Security Challenges
        1. Spam
        2. Hoax
        3. Spyware and Adware
        4. Malware
        5. Spybots
        6. Cookies
      12. Responding to Internet and Network Attacks
        1. Anti­Virus Software Packages
        2. Firewalls
      13. Network Intruders
        1. Hackers
        2. Web Players
      14. Malicious Tools
        1. War Dialer
        2. Keyloggers
      15. Chapter Summary
      16. Key Terms
      17. Security Review Questions
      18. Research Activities
    3. Chapter 3 Scams, Identity Theft, and Fraud
      1. Chapter Contents
      2. Introduction
      3. Scams and Scam Artists
        1. Free Prizes
        2. Pyramid Schemes and Chain Letters
        3. Work-at-Home Offers
        4. Charities
        5. Job Advertisements
        6. Free Credit Reports
        7. Credit Information Requests
        8. Check Cashing
        9. Questionnaires
      4. Protecting Personal Information
        1. Credit Card Fraud Prevention Tips
        2. Monitor Credit Reports
      5. Identity Theft
        1. Avoid Becoming a Victim of Identity Theft
        2. Contacts
        3. Credit Reporting Agencies
        4. Federal Deposit Insurance Corporation
        5. Check Verification Companies
      6. Internet Fraud
        1. Internet Fraud Tips
        2. New Solutions
        3. Internet Fraud Statistics
        4. Exploiting Children on the Web
      7. Combating Identity Theft and Fraud
      8. Awareness and Education
        1. Shop Online Safely
        2. Security on the Internet
      9. Laws
      10. Chapter Summary
      11. Key Terms
      12. Security Review Questions
      13. Research Activities
    4. Chapter 4 Computer and Digital Assets Security
      1. Chapter Contents
      2. Introduction
      3. Property Theft Awareness
        1. Burglaries
        2. Stolen Computer and Networking Components
      4. Educational Site Computer Security
        1. Device Security
        2. Administration Security
        3. Housing Security
        4. Precautions
        5. Carelessness
      5. Security and Integrity for Internet Users
        1. Passwords
        2. Fraudulent E­Mails and Letters
      6. Physical Property Security
        1. Physical Security for the Individual Computer and Network User
        2. Physical Security for the Data Center
        3. Physical Security for the Database and Storage Devices
      7. Preventing Damage to Physical Assets
        1. Fire Hazards
        2. Water Damage
        3. Earthquake Damage
        4. Storm Damage
        5. Human­Initiated Damage
      8. Physical Security Controls
        1. Network Access
        2. Media Access
        3. Data and Information Security
        4. Device Security
        5. Physical Access Security
        6. Personnel Security
        7. Customer Security
        8. Visitor Security
      9. Chapter Summary
      10. Key Terms
      11. Security Review Questions
      12. Research Activities
  10. Part Two: Computer Systems and Networks
    1. Chapter 5 The Internet and Web Network Environment
      1. Chapter Contents
      2. Introduction
      3. The Internet
        1. Wide Area Networks
        2. WAN Access
      4. Network Access Communication Devices
        1. Modem
        2. Modem and Access Server Considerations
        3. DSU
        4. Splitter/DSLAM
        5. Wireless Network Interface Card
      5. World Wide Web (WWW), aka the Web
        1. Web Threats
      6. Intranet and Extranet Networks
      7. Virtual Private Networks
      8. Security Issues in Virtual Networks
        1. Tunneling
        2. Authentication
        3. Encryption
        4. Integrity
        5. Nonrepudiation
        6. Content Filtering
        7. Compression
      9. Network, Hardware, and Software Components
        1. Threats to Network Components
        2. Threats to Hardware Components
        3. Threats to Software Components
      10. Network Resource Access
        1. Identification
        2. Authentication
        3. Accounting
        4. Authorization
        5. One­Time Passwords
        6. Password Maintenance
        7. Security Cards
      11. Internet Search Tools
        1. Browsers
        2. File Transfer Protocol
        3. Trivial File Transfer Protocol
        4. Gopher
        5. Newsgroups
        6. Telnet
        7. Browser Security
      12. Software
        1. Software Issues
        2. Electronic Mail
        3. E­Mail Security
      13. Security in the Network
        1. Security Issues
        2. Internet Security
        3. Privacy on the Internet
        4. Security Services
      14. Chapter Summary
      15. Key Terms
      16. Security Review Questions
      17. Research Activities
    2. Chapter 6 Wired and Wireless Local Area Networks
      1. Chapter Contents
      2. introduction
      3. Local Area Network
      4. Wired LAN Connectivity
        1. Bus Topology
        2. Ring Topology
        3. Star Topology
        4. VLAN Described
      5. Wireless LAN
        1. Wireless LAN Connectivity
        2. Access Points
        3. Roaming
      6. LAN Network Components (1/2)
      7. LAN Network Components (2/2)
        1. Firewalls, Routers, and Gateways
          1. Firewalls
          2. Routers
          3. Gateway
          4. Proxy Servers
        2. Demilitarized Zone and Bastion Hosts
        3. Servers and Workstations
      8. Extranet and Intranet LAN Issues
        1. Extranet Security
        2. Intranet Security
      9. Secure Protocols
        1. Wireless Technologies
      10. Biometric Systems
        1. Finger Scanning
        2. Finger Geometry
        3. Hand Geometry
        4. Palm Imaging
        5. Retina Recognition
        6. Iris Imaging
        7. Face Recognition
        8. Signature Verification
        9. Biometric Security
      11. Wired LAN Security
      12. LAN Network Management
      13. Chapter Summary
      14. Key Terms
      15. Security Review Questions
      16. Research Activities
    3. Chapter 7 Computer, Server, and Database Security Issues
      1. Chapter Contents
      2. Introduction
      3. Computer Systems
        1. Historical Overview
        2. Mainframe Computer System
        3. Mainframe Components
        4. Front­End Processor
        5. Controllers
        6. Operating System
        7. Directories
        8. Disk Technology
        9. RAID Storage Devices
        10. Storage Management
      4. Client/Server Systems
        1. Client/Server Components
        2. Server Issues
        3. Server Security
        4. Server Security Methods
      5. Portable Computer and Electronic Devices
      6. Database Management System
        1. Data and Database Security
      7. Data and Database Attacks
        1. Inference Problem
        2. Aggregation Problem
        3. Security Approaches
        4. Access Rights
      8. Protecting the Data and Database Asset
        1. Integrity of Data and Database Elements
        2. NIST Security Goals
        3. Backup and Data Archiving
        4. Data and Database Restoration
        5. Application Programming Interface
        6. Software Threats
      9. Voice Communication Systems
        1. Private Branch Exchange
        2. Automatic Call Distributors
        3. Key Systems
        4. Hybrid Systems
        5. Voice Over IP Systems
        6. Voice Security Issues
      10. Physical Asset Protection
        1. Natural Disasters
        2. Vandals and Destructive Individuals
        3. Fire and Water Damage
        4. Power Loss
        5. Heat and Humidity
        6. Environmental Safeguards Recap
      11. Chapter Summary
      12. Key Terms
      13. Security Review Questions
      14. Research Activities
    4. Chapter 8 E­Commerce Security Mechanisms
      1. Chapter Contents
      2. Introduction
      3. E­Commerce Environment
      4. Electronic Commerce and Transactions
        1. Secure Electronic Transaction
      5. Securing Network Transactions
        1. Digital Certificates and Signatures
        2. Certificates and Certificate Systems
        3. Public and Private Keys
        4. Digital Envelopes
      6. Data Security and Encryption
        1. Symmetric Encryption
        2. Asymmetric Encryption
        3. Hash Functions
      7. E­Commerce Security and Distributed Computing
        1. Securing Electronic Transactions
        2. Security Services
      8. Financial Transactions
        1. Payment Protocols
        2. Smart Card
        3. Credit Card Transactions
        4. SET and E­Commerce
      9. Wireless LAN
        1. Service Access Points
        2. Hotspot
        3. Wireless Application Protocol
        4. War Driving
        5. War Chalking
        6. Cell Phone Security
      10. Wireless LAN Security
        1. Unauthorized Access
        2. Integrity
        3. Denial of Service
        4. Inference and Deception
        5. Vulnerabilities
      11. Security Protocols
        1. IPSec and E­Commerce
      12. E­Commerce System Design Concerns
        1. Security Issues
        2. Server Access
        3. Credit Cards
        4. Maintenance and Upgrades
      13. Distributed Security and Privacy Issues
        1. Wireless Networks
        2. Security and Privacy in Wireless Systems
      14. Implementation Issues
        1. E­Security and E­Thieves
      15. Chapter Summary
      16. Key Terms
      17. Security Review Questions
      18. Research Activities
  11. Part Three: Security and Operations Administration
    1. Chapter 9 Business Continuity and Disaster Recovery Planning
      1. Chapter Contents
      2. Introduction
      3. Security Goals and Objectives
        1. Availability
        2. Confidentiality
      4. Protecting Assets and Resources
      5. Infrastructure Security and Control
      6. Physical Security
      7. Access Security of Computer and Network Resources
        1. Access Control for Internal Personnel
        2. Access Control for Contractors
        3. Access Control for Visitors
      8. Theft Prevention Techniques
        1. Guard Solution
        2. Lock Solution
        3. Electronic Solution
        4. Biometric Access Control
      9. Security Cost Justification
      10. Security Systems Design
      11. Security Evaluation
      12. Administration
      13. Corporate Planning
      14. Security Requirements Assessment
      15. Maintaining Network Integrity
        1. Network Baseline
        2. Security Policies
        3. Hardware and Software Standards
        4. Upgrade Guidelines
        5. Security Threats
        6. Securing Data Systems
      16. Authentication Techniques
        1. Dial­Back Systems
        2. Biometrics
        3. Token Authentication
      17. Data Management
        1. Data Backup and Archiving
        2. Data Migration and Warehousing
        3. Data Resource Security
      18. Protection Against Intruders
        1. Theft Protection
        2. Natural Disaster Protection
        3. Database and DBMS Protection
      19. Documentation
      20. Threat Assessment
        1. Identifying Critical Assets
        2. Identifying Threat Sources
        3. Developing the Risk Analysis
        4. Prototyping the Solution
        5. Documenting the Results
      21. Gap Analysis
      22. Auditing
      23. Security Policy
        1. Site Security Policy
      24. Contingency Planing/Disaster Recovery
        1. Continuity Plan
        2. Disaster Planning
        3. Contingency Planning
        4. Preemptive Precautions
      25. Disaster Recovery
        1. Disaster Recovery Plan
        2. Service Level Agreement
      26. Chapter Summary
      27. Key Terms
      28. Security Review Questions
      29. Research Activities
    2. Chapter 10 Intrusion Detection and Prevention
      1. Chapter Contents
      2. Introduction
      3. Computing Security Issues
      4. Intrusion Detection
        1. False Positives and False Negatives
      5. Intrusion Detection System
        1. Misuse Detection Versus Anomaly Detection
        2. Passive System Versus Reactive System
        3. Honeypot
      6. Intrusion Detection System Configurations
      7. Network­Based Intrusion Detection System
      8. Host­Based Intrusion Detection System
      9. Benefits of an Intrusion Detection System
      10. Intrusion Detection Systems and Vendors
        1. Intrusion Detection Tools
      11. Intrusion Detection Decisions
      12. Intrusion Prevention
      13. Intrusion Prevention Systems
        1. IPS and Application Firewalls
        2. Intrusion Detection and Prevention
      14. System Processes
        1. Stateful Inspection
        2. Deep Packet Inspection
        3. Protocol Analysis
      15. Intrusion Prevention System Types
        1. Host­Based Intrusion Prevention Systems
        2. Network­Based Intrusion Prevention Systems
        3. Rate­Based Intrusion Prevention Systems
        4. Host-Based Versus Network­Based IPS Comparisons
      16. Implementation Challenges
      17. Requirements for Efective Prevention
        1. Unquestionable Detection Accuracy
        2. Reliability and Availability
        3. Resilience
        4. Low Latency
        5. High Performance
        6. Fine­Grained Granularity and Control
        7. Advanced Alert Handling and Forensic Analysis Capabilities
      18. Management and Administration Considerations
      19. Organizations and Standards
        1. Organizations
      20. Chapter Summary
      21. Key Terms
      22. Security Review Questions
      23. Research Activities
    3. Chapter 11 Problem Solving and Security Administration
      1. Chapter Contents
      2. Introduction
      3. The Need for Problem Solving
      4. The Security Audit
        1. Computer Security Audit
      5. Baseline
        1. Network Management and Monitoring
      6. Security Investigations
        1. Incident Response
        2. Computer Investigations
        3. Intrusion Detection
        4. Monitoring
        5. Preemptive Activities
        6. Computer Security Organizations
      7. Network Problem Solving
        1. Collecting Information Methodology
        2. Troubleshooting Documentation
      8. Network Testing Support and Resources
        1. Network Utilities and Software Routines
          1. Traceroute (tracert)
          2. PING
          3. WHOIS
          4. IPCONFIG
          5. Port scan
        2. Security Probes and Network Penetration Testing Tools
      9. Security Tools
        1. Sniffer
        2. Protocol Analyzer
        3. Network Monitoring
        4. Network Analyzers
      10. Managing the Network
        1. Network Management Tools
        2. Network Management System
        3. Network Management System Elements
        4. Database and DBMS Protection
      11. Network Management and Control
        1. Monitoring
        2. Reporting
        3. Controlling
        4. Protect Against Intruders
        5. Theft Protection
        6. Natural Disaster Protection
      12. Common Management Information Protocol
        1. Accounting Management
        2. Configuration Management
        3. Fault Management
        4. Performance Management
        5. Security Management
      13. Network Management Standards Organizations
      14. Chapter Summary
      15. Key Terms
      16. Security Review Questions
      17. Research Activities
  12. Part Four: Security Resources, Education, and Standards
    1. Chapter 12 Security Solutions for Digital Resources
      1. Chapter Contents
      2. Introduction
      3. Understanding the Issues
      4. Security Solution Categories
      5. Companies Providing Security Solutions
      6. Security System Procurement
      7. Procurement Checklist for Security Systems
      8. Security System Project Management
        1. Requirements and Scope
        2. The Technical Plan
        3. Resources
        4. Estimates
        5. Project Management
      9. Software Security Solutions
      10. Security Products and Vendors
      11. Quality Control Issues
      12. System Evaluation Criteria
      13. Develop In-House or Outsource
      14. Chapter Summary
      15. Key Terms
      16. Security Review Questions
      17. Research Activities
    2. Chapter 13 Standards, Specifications, and Protocols
      1. Chapter Contents
      2. Introduction
      3. Standards (1/2)
      4. Standards (2/2)
        1. Open Systems Interconnection
        2. Standards Organizations
        3. ISO 17799
        4. ISO/IEC 27002
        5. Data Encryption Standard
        6. Advanced Encryption Standard
        7. Digital Signature Standard
        8. Payment Card Industry Standard
        9. Request for Comments
      5. Protocols
        1. Transmission Control Protocol/Internet Protocol
        2. Common Management Information Protocol
        3. Simple Network Management Protocol
        4. IP Security
        5. Simple Mail Transfer Protocol
        6. Hypertext Transfer Protocol
        7. Hypertext Transfer Protocol Over Secure Socket Layer
        8. Secure Hypertext Transfer Protocol
        9. Secure Socket Layer
      6. Specifications
        1. International Data Encryption Algorithm
        2. Rivest, Shamir, and Adleman Algorithm
        3. Message Digest Algorithm 5
        4. Secure Hash Algorithm
        5. Cyclic Redundancy Check
        6. Secure Electronic Transaction
        7. SOCKS
        8. Public­Key Infrastructure
        9. Pretty Good Privacy
        10. Rainbow Series
        11. Trusted Computer System Evaluation Criteria/Orange Book
          1. The Orange Book
        12. Trusted Network Interpretation/Red Book
        13. ITU Standards
        14. Physical Interface Standards
      7. Laws and Regulations
        1. Federal Rules of Civil Procedure
        2. Security Reform Act
        3. Server­Gated Cryptography
        4. Sarbanes­Oxley Regulation
        5. HIPAA Privacy Regulation
        6. FFIEC Guideline
      8. Chapter Summary
      9. Key Terms
      10. Security Review Questions
      11. Research Activities
    3. Chapter 14 Training, Certifications, and Careers
      1. Chapter Contents
      2. Introduction
      3. Security Certifications
        1. Certification Programs
      4. Training
        1. Centers of Excellence
        2. NIST 800 Series Publications
        3. NSA National Centers of Academic Excellence
      5. Security Organizations
        1. SANS
          1. SANS Computer and Information Security Training
        2. Computer Security Institute
        3. InfoSec Institute
      6. Certificates
        1. Trustwave Certificate
        2. CAP
        3. ISC
        4. CompTIA Security+™ Certifications
          1. CompTIA Security
        5. SANS
        6. Cisco
        7. New Horizons Information Security
        8. ITT Technical Institute
        9. Security University
      7. Computer Security Careers
        1. Occupational Outlook
        2. Security­Related Career Titles
      8. Career and Certification Tips
        1. American Society for Industrial Security
          1. Certified Protection Professional (CPP)
        2. ASIS International
          1. Professional Certified Investigator (PCI)
          2. Physical Security Professional (PSP)
        3. Association of Certified Fraud Examiners
          1. Certified Fraud Examiner (CFE)
        4. Brainbench
          1. Brainbench HIPAA (Security)
          2. Brainbench Information Technology Security Fundamentals
          3. Brainbench Internet Security (BIS)
          4. Brainbench Network Security (BNS)
        5. CERT®
        6. CompTIA
          1. Security+
        7. Cyber Enforcement Resources, Inc.
          1. CERI Advanced Computer Forensic Examination (CERI-ACFE)
          2. CERI Advanced Computer System Security (ACSS)
          3. CERI Computer Forensic Examination (CFE)
        8. CyberSecurity Institute
          1. CyberSecurity Forensic Analyst (CSFA)
        9. eBusiness Process Solutions
          1. Certified Cyber-Crime(C3C) Expert
        10. EC­Council
          1. Certified Ethical Hacker (CEH)
          2. Computer Hacking Forensic Investigator (CHFI)
        11. Espionage Research Institute
          1. Certified Counterespionage and Information Security Manager (CCISM)
        12. Field Certified Professional Association
          1. Field Certified Security Specialist (FCSS)
        13. Global Information Assurance Certification
          1. Global Information Assurance Certification (GIAC)
        14. High-Tech Crime Network Certifications
          1. Certified Computer Crime Investigator—Basicand Advanced (CCCI)
          2. Certified Computer Forensic Technician—Basicand Advanced (CCFT)
        15. Information Systems Audit and Control Association
          1. Certified Information Systems Auditor (CISA)
          2. Certified Information Security Manager (CISM)
        16. Institute of Internal Auditors
          1. Certification in Control Self-Assessment(CCSA)
          2. Certified Internal Auditor (CIA)
        17. International Association of Computer Investigative Specialists
          1. Certified Electronic Evidence Collection Specialist (CEECS)
          2. Certified Forensic Computer Examiner (CFCE)
        18. International Information Systems Forensics Association
          1. Certified Information Forensics Investigator (CIFI)
        19. International Webmasters’ Association (IWA)
          1. Certified Web Professional (CWP) Security Specialist
        20. ISC
          1. Information Systems Security Architecture Professional (ISSAP)
          2. Information Systems Security Engineering Professional (ISSEP)
          3. Information Systems Security Management Professional (ISSMP)
          4. Systems Security Certified Practitioner (SSCP)
          5. Certified Information Systems Security Professional (CISSP)
        21. Key Computer Service
          1. Certified Computer Examiner (CCE)
        22. Learning Tree International
          1. Network Security Certified Professional (NSCP)
        23. Prosoft Training, Inc.
          1. CIW Security Analyst
          2. Certified Internet Webmaster Security Professional (CIW-SP)
        24. SANS
          1. SANS GIAC Security Essentials Certification (GSEC)
          2. SANS GIAC Security Specialist Certifications
        25. Security Certified Program
          1. Security Certified Network Architect (SCNA)
          2. Security Certified Network Professional (SCNP)
        26. Security University
          1. Advanced Information Security (AIS)
        27. TruSecure ICSA Practitioner Certification
          1. TruSecure ICSA Certified Security Associate (TICSA)
      9. Top 10 Benefits of a Security Certification
        1. TruSecure ICSA Certified Security Associate (TICSA)
      10. Chapter Summary
      11. Key Terms
      12. Security Review Questions
      13. Research Activities
  13. Appendices
    1. Appendix A: Computer and Information Systems Security Review
      1. Computer System Security Review (1/2)
      2. Computer System Security Review (2/2)
        1. Policies and Procedures
        2. Training
        3. Personnel
        4. Data Integrity and Security
        5. Computer and Network Access
        6. Building Equipment Rooms, Raised Floors, and Closets
        7. Computer and Networking Equipment
        8. Wiring and Cable Plant
        9. Trouble Reporting and Maintenance
        10. System Administration
        11. Operational Performance
        12. Contingency Planning and Disaster Recovery
        13. Intrusion Detection and Prevention
        14. Identity Theft and Fraud Prevention
        15. Voice Systems
        16. Miscellaneous
    2. Appendix B: Information Security (InfoSec) Acceptable Use Policy
      1. 1.0 Overview
      2. 2.0 Pur pose
      3. 3.0 Scope
      4. 4.0 Policy
        1. 4.1 General Use and Ownership
        2. 4.2 Security and Proprietary Information
        3. 4.3 Unacceptable Use
          1. System and Network Activities
          2. E-Mail and Communications Activities
        4. 4.4 Blogging
      5. 5.0 Enforc ement
      6. 6.0 Definitions
        1. 6.1 Term Definition
      7. 7.0 Revision History
    3. Appendix C: Answers to Chapter Security Review Questions
      1. Chapter 1
      2. Chapter 2
      3. Chapter 3
      4. Chapter 4
      5. Chapter 5
      6. Chapter 6
      7. Chapter 7
      8. Chapter 8
      9. Chapter 9
      10. Chapter 10
      11. Chapter 11
      12. Chapter 12
      13. Chapter 13
      14. Chapter 14
    4. Appendix D: Computer Security Acronyms
    5. Appendix E: Internet Protocol Addresses
      1. IPv4 Addressing Notation
      2. IPv6 Addressing Notation
    6. Appendix F: Security Applications and Solutions
      1. Snort
      2. Nessus
      3. Honeyd
      4. Samhain
      5. Network Attacks Protection
        1. Symantec
        2. Internet Security Suite
      6. Comprehensive Security Systems
        1. StealthWatch
        2. NetIQ
        3. Novell
      7. Configuration Audit and Control Systems
        1. Tripwire Enterprise
        2. Intrusion
        3. LogLogic
        4. Check Point Software Technologies
      8. Data Leak Prevention or Content Monitoring and Filtering
        1. Sentry
      9. E­Mail Encryption
        1. Encrypted E­Mail Server
      10. Database Activity Detection and Monitoring
        1. Database Defender
        2. Guardium
      11. Intrusion Detection and Prevention Systems (IDS/IPS) Systems
        1. Juniper Networks
        2. OSSEC
        3. Prelude
        4. NetworkICE
        5. Internet Security Systems
        6. Trustwave
        7. Cisco
        8. SecureNet
        9. Bro
        10. Internet Security Systems (ISS)
      12. Unified Network Management
        1. Provider
      13. Network Taps
        1. Secure Tap
  14. Glossary (1/3)
  15. Glossary (2/3)
  16. Glossary (3/3)
  17. Selected Bibliography
  18. Index (1/2)
  19. Index (2/2)

Product information

  • Title: Computer Security: Protecting Digital Resources
  • Author(s): Robert C Newman
  • Release date: February 2009
  • Publisher(s): Jones & Bartlett Learning
  • ISBN: 9780763783051