Table of contents for Information security illuminated / Mike Chapple and Michael Solomon.


Bibliographic record and links to related information available from the Library of Congress catalog. Note: Contents data are machine generated based on pre-publication provided by the publisher. Contents may have variations from the printed book or be incomplete or contain other coding.


Counter
Introduction to Information Security
Table of Contents
Chapter 1: Introducing Computer and Network Security
1.1	Computer Security Basics	
1.1.1	CIA Triad	
1.1.1.1	Confidentiality	
1.1.1.2	Integrity	
1.1.1.3	Availability	
1.1.2	DAD Triad	
1.1.2.1	Disclosure	
1.1.2.2	Alteration	
1.1.2.3	Denial	
1.2	Introducing Networks	
1.3	Threats to Security	
1.3.1	Hackers	
1.3.2	Malicious Code Objects	
1.3.3	The Malicious Insider	
1.4	Risk Analysis	
1.4.1	Identifying and Valuing Assets	
1.4.2	Identifying and Assessing Risks	
1.4.2.1	Qualitative Risk Assessment	
1.4.2.2	Quantitative Risk Assessment	
1.4.3	Managing Risks	
1.4.3.1	Risk Avoidance	
1.4.3.2	Risk Mitigation	
1.4.3.3	Risk Acceptance	
1.4.3.4	Risk Transference	
1.4.3.5	Combination Approaches	
1.5	Considering Security Tradeoffs	
1.6	Policy and Education	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 2: Access Control Methodologies
2.1	Basics of Access Control	
2.1.1	Subjects and Objects	
2.1.2	Least Privilege	
2.1.3	Controls	
2.2	Access Control Techniques	
2.2.1	Access Control Designs	
2.2.1.1	Mandatory Access Control	
2.2.1.2	Discretionary Access Control	
2.2.1.3	Non-discretionary Access Control	
2.3	Access Control Administration	
2.3.1	Centralized Access Control	
2.3.2	Decentralized Access Control	
2.4	Accountability	
2.5	Access Control Models	
2.5.1	State Machine Model	
2.5.1.1	Bell-LaPadula Model	
2.5.1.2	 Biba Model	
2.5.1.3	Clark-Wilson Model	
2.5.1.4	Non-Interference Model	
2.6	Identification and Authentication Methods	
2.6.1	Kerberos	
2.7	File and Data Ownership	
2.7.1	Data Owner	
2.7.1	Data Custodian	
2.7.2	Data User	
2.8	Related Methods of Attacks	
2.8.1	Brute Force Attack	
2.8.2	Dictionary Attack	
2.8.3	Spoofing Attack	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 3: General Security Principles and Practices
3.1	Common Security Principles	
3.1.1	Separation of Privileges	
3.1.2	Least Privilege	
3.1.3	Defense in Depth	
3.1.4	Security through Obscurity	
3.2	Security Policies	
3.2.1	Types of Security Policies	
3.2.1.1	Acceptable Use Policy	
3.2.1.2	Backup Policy	
3.2.1.3	Confidentiality Policy	
3.2.1.4	Data Retention Policy	
3.2.1.5	Wireless Device Policy	
3.2.2	Implementing Policy	
3.2.2.1	Developing Policies	
3.2.2.2	Building Consensus	
3.2.2.3	Education	
3.2.2.4	Enforcement	
3.2.2.5	Maintenance	
3.3	Security Administration Tools	
3.3.1	Security Checklists	
3.3.2	Security Matrices	
3.4	Physical Security	
3.4.1	Perimeter Protection/Access Controls	
3.4.2	Electronic Emanations	
3.4.3	Fire Protection	
3.5	Personnel Security	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 4: The Business of Security
4.1	Building a Business Case	
4.2	Business Continuity Planning	
4.2.1	Vulnerability Assessment	
4.2.2	Implementing Controls	
4.2.3	Maintaining the Plan	
4.3	Disaster Recovery Planning	
4.3.1	Selecting the Team	
4.3.2	Building the Plan	
4.3.2.1	Disaster Recovery Facilities	
4.3.3	Training and Testing	
4.3.3.1	Checklist Review	
4.3.3.2	Tabletop Exercise	
4.3.3.3	Soft Test	
4.3.3.4	Hard Test	
4.3.4	Implementing the Plan	
4.3.5	Maintaining the Plan	
4.4	Data Classification	
4.4.1	Security Clearances	
4.4.2	Need to Know	
4.4.3	Classification Systems	
4.4.3.1	Government Classification System	
4.4.3.2	Industry Classification Systems	
4.5	Security Ethics	
4.5.1	Monitoring	
4.6	Computer Security Law	
4.6.1	Electronic Communications Privacy Act (ECPA)	
4.6.2	USA Patriot Act	
4.6.3	Children's Online Privacy Protection Act (COPPA)	
4.6.4	European Union Directive on Data Privacy	
4.6.5	Health Insurance Portability and Accountability Act (HIPAA)	
4.6.6	Gramm-Leach-Bliley Act	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 5: Cryptographic Technologies
5.1	Goals of Cryptography	
5.1.1	Confidentiality	
5.1.2	Integrity	
5.1.3	Nonrepudiation	
5.1.4	Authentication	
5.2	Cryptographic Algorithms	
5.2.1	Symmetric Algorithms	
Data Encryption Standard (DES)	
5.2.2.1	Advanced Encryption Standard (AES)	
5.2.2	Asymmetric Algorithms	
5.2.2.1	Rivest, Shamir, Adelman (RSA)	
5.2.2.2	Pretty Good Privacy (PGP)	
5.2.3	Symmetric Versus Asymmetric Cryptosystems	
5.3	Digital Signatures	
5.3.1	Signature Creation	
5.3.2	Signature Verification	
5.4	Digital Certificates	
5.4.1	Certification Authorities	
5.4.2	Certificate Generation	
5.4.3	Certificate Verification	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 6: Securing TCP/IP
6.1	Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP)	
6.1.1	TCP/IP Protocols	
6.1.1.1	Internet Protocol	
6.1.1.2	Transmission Control Protocol	
6.1.1.3	User Datagram Protocol	
6.1.1.4	Internet Control Message Protocol	
6.1.2	Open Systems Interconnection Model	
6.1.2.1	Application Layer	
6.1.2.2	Presentation Layer	
6.1.2.3	Session Layer	
6.1.2.4	Transport Layer	
6.1.2.5	Network Layer	
6.1.2.6	Data Link Layer	
6.1.2.7	Physical Layer	
6.2	Anatomy of a Packet	
6.2.1	Packet Header	
6.2.1.1	IP Header	
6.2.1.2	TCP Header	
6.2.1.3	UDP Header	
6.2.2	Packet Payload	
6.2	Internet Protocol Security (IPSec)	
Protocols	
6.2.1	Encryption Modes	
6.3	Web Security	
6.3.1	Secure Sockets Layer (SSL)	
6.3.2	Secure-HTTP (HTTP-S)	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 7: Handling Security Incidents
7.1	Attack Terms and Concepts	
7.1.1	Types of Attacks	
7.1.1.1	Military and Intelligence Attacks	
7.1.1.2	Business and Financial Attacks	
7.1.1.3	Terrorist Attacks	
7.1.1.4	Grudge Attacks	
7.1.1.5	Fun Attacks	
7.2	Understanding Security Incidents	
7.3	Handling Security Incidents	
7.3.1	Types of Incidents	
7.3.1.1	Scanning	
7.3.1.2	Compromise	
7.3.1.3	Malicious Code	
7.3.1.4	Denial of Service (DoS)	
7.4	Incident Management Methods and Tools	
7.5	Maintaining Incident Preparedness	
7.6	Using Standard Incident Handling Procedures	
7.7	Post-Mortem: Learn from Experience	
7.8	About Malicious Code	
7.8.1	Viruses	
7.8.2	Worms	
7.8.3	Logic Bombs	
7.8.4	Trojan Horses	
7.8.5	Active Content Issues	
7.9	Common Types of Attacks	
7.9.1	Back Doors	
7.9.2	Brute Force	
7.9.3	Buffer Overflows	
7.9.4	Denial of Service	
7.9.5	Man-in-the-Middle	
7.9.6	Social Engineering	
7.9.7	System Bugs	
7.10	Unauthorized Access to Sensitive Information	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 8: Firewall Security
8.1	Perimeter Security Devices	
8.1.1	Routers	
8.1.2	Proxies	
8.1.3	Firewalls	
8.2	Types of Firewalls	
8.2.1	Hardware Versus Software Firewalls	
8.2.2	Packet Filtering	
8.2.3	Stateful Inspection	
8.3	Firewall Topologies	
8.3.1	Bastion Host	
8.3.2	Screened Subnet	
8.3.3	Dual Firewalls	
8.4	Firewall Rulebases	
8.4.1	Special Rules	
8.4.1.1	Cleanup Rule	
8.4.1.2	Stealth Rule	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 9: Operating System Security
9.1	Operating System Security Terms and Concepts	
9.2	Organizing System Security	
9.3	Built-in Security Subsystems and Mechanisms	
9.4	System Security Principles and Practices	
9.5	Windows Security Design	
9.6	UNIX and Linux Security Design	
9.7	System Backups	
9.8	Typical System Security Threats	
9.8.1	Bugs	
9.8.2	Back Doors	
9.8.3	Impersonation or Identity Threat	
9.9	Keystroke Logging	
9.10	Well-Known Windows Risks	
9.11	Well-Known UNIX Risks	
9.12	System Forensics: Scanning and Footprinting	
9.13	The Security Auditor's Role	
9.14	Assessing Security Risks	
9.15	Risk Assessment Techniques	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 10: Securing Operating Systems
10.1	Security Maintenance Practices and Principles	
10.2	Maintaining the OS: Patches, Fixes, and Revisions	
10.3	Antivirus Software	
10.4	Applying a Post-Install Security Checklist	
10.4.1	Windows Checklist Elements	
10.4.1.1	
Windows Registry	
10.4.1.2	Removing Unneeded Services	
10.4.1.3	
Securing Networking Protocols and Services	
10.4.1.4	Windows Security Miscellany	
10.4.2	UNIX Checklist Elements	
10.4.2.1	
Removing Unneeded UNIX Protocols and Services	
10.4.2.2	
Working with TCPWrapper	
10.4.2.3	UNIX Security Miscellany	
10.5	Understanding File System Security Issues	
10.5.1	Securing NT File System (NTFS)	
10.5.2	Windows Share Security	
10.5.3	Securing UNIX File Systems	
10.6	Understanding User Accounts and Passwords	
10.6.1	Windows Account Security Mechanisms	
10.6.2	UNIX Account Security Mechanisms	
10.7	Checksums Catch Unauthorized Changes	
10.8	Using System Logging Utilities	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 11: Network and Server Attacks and Penetration
11.1	Security Control	
11.1.1	Phases of Control	
11.1.1.1	Phase 1: No Access	
11.1.1.2	Phase 2: Application Access	
11.1.1.3	Phase 3: User Access	
11.1.1.4	Phase 4: Superuser Access	
11.1.1.5	Phase 5: Total Control	
11.1.2	Methods of Taking Control	
11.2	Recognizing Attacks	
11.2.1	Common Points of Attack	
11.2.1.1	Web Server	
11.2.1.2	DNS Server	
11.2.1.3	Mail Server	
11.2.1.4	Firewall	
11.2.1.5	Test/Development Systems	
11.2.2	Multifront Attacks	
11.3	Auditing to Recognize Attacks	
11.3.1	Malicious Code	
11.3.2	System Bugs and Vulnerabilities	
11.3.3	Denial of Service (DoS) Attacks	
11.3.4	Illicit Nodes	
11.3.5	
Unwanted Control	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 12: Security Audit Principles and Practices
12.1	Configuring Logging	
12.1.1	Determining What Should Be Logged	
12.1.2	Determining How Long Logs Must Be Maintained	
12.1.3	Configuring Alerts	
12.1.4	Windows Logging	
12.1.5	UNIX Logging	
12.2	Analyzing Log Data	
12.2.1	Profiling Normal Behavior	
12.2.2	Detecting Anomalies	
12.2.3	Data Reduction	
12.3	Maintaining Secure Logs	
12.4	Conducting a Security Audit	
12.4.1	Audit Team	
12.4.2	Audit Tools	
12.4.2.1	Checklists	
12.4.2.2	IP/Port Scanners	
12.4.2.3	Vulnerability Scanners	
12.4.2.4	Integrity Checking	
12.4.2.5	Penetration Testing	
12.4.3	Audit Results	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 13: Intrusion Detection Systems and Practices
13.1	Intrusion Detection Terms and Concepts	
13.2	Dealing with Intruders	
13.3	Detecting Intruders	
13.4	Principles of Intrusion Detection Systems	
13.4.1	The IDS Taxonomy	
13.4.2	Using Rules and Setting Thresholds for Detection	
13.4.3	Exploring a Typical IDS	
13.5	Network- Versus Host-Based IDS	
13.6	Choosing an Appropriate IDS	
13.7	Security Auditing with an IDS	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Chapter 14: System Security Scanning and Discovery
14.1	Understanding Security Scanning	
14.1.1	Creating a List of Vulnerabilities	
14.1.2	Selecting a Security Scanner Tool	
14.2	Fingerprinting Utilities	
14.3	Network- and Server-Discovery Tools	
14.4	Fingerprinting IP Stacks	
14.4.1	
Share Scans	
14.5	Telnet Inquiries	
14.6	SNMP Vulnerabilities	
14.7	TCP/IP Service Vulnerabilities	
14.8	
Simple TCP/IP Services	
14.9	Understanding Social Engineering	
14.10	Obtaining Security-Related Information Fraudulently	
14.11	The Footprinting and Fingerprinting Drill (System Profiling)	
Chapter Summary	
Key Terms	
Challenge Questions	
Challenge Exercises	
Challenge Scenarios	
Appendix A: Online Resources and Information
Appendix B: Security Tools and Utilities
Appendix C: Locking Down Windows Step-by-Step
Appendix D: Glossary




Library of Congress Subject Headings for this publication: Computer security, Computer networks Security measures