Bibliographic record and links to related information available from the Library of Congress catalog.
Note: Contents data are machine generated based on pre-publication provided by the publisher. Contents may have variations from the printed book or be incomplete or contain other coding.
Introduction to Information Security Table of Contents Chapter 1: Introducing Computer and Network Security 1.1 Computer Security Basics 1.1.1 CIA Triad 1.1.1.1 Confidentiality 1.1.1.2 Integrity 1.1.1.3 Availability 1.1.2 DAD Triad 1.1.2.1 Disclosure 1.1.2.2 Alteration 1.1.2.3 Denial 1.2 Introducing Networks 1.3 Threats to Security 1.3.1 Hackers 1.3.2 Malicious Code Objects 1.3.3 The Malicious Insider 1.4 Risk Analysis 1.4.1 Identifying and Valuing Assets 1.4.2 Identifying and Assessing Risks 1.4.2.1 Qualitative Risk Assessment 1.4.2.2 Quantitative Risk Assessment 1.4.3 Managing Risks 1.4.3.1 Risk Avoidance 1.4.3.2 Risk Mitigation 1.4.3.3 Risk Acceptance 1.4.3.4 Risk Transference 1.4.3.5 Combination Approaches 1.5 Considering Security Tradeoffs 1.6 Policy and Education Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 2: Access Control Methodologies 2.1 Basics of Access Control 2.1.1 Subjects and Objects 2.1.2 Least Privilege 2.1.3 Controls 2.2 Access Control Techniques 2.2.1 Access Control Designs 2.2.1.1 Mandatory Access Control 2.2.1.2 Discretionary Access Control 2.2.1.3 Non-discretionary Access Control 2.3 Access Control Administration 2.3.1 Centralized Access Control 2.3.2 Decentralized Access Control 2.4 Accountability 2.5 Access Control Models 2.5.1 State Machine Model 2.5.1.1 Bell-LaPadula Model 2.5.1.2 Biba Model 2.5.1.3 Clark-Wilson Model 2.5.1.4 Non-Interference Model 2.6 Identification and Authentication Methods 2.6.1 Kerberos 2.7 File and Data Ownership 2.7.1 Data Owner 2.7.1 Data Custodian 2.7.2 Data User 2.8 Related Methods of Attacks 2.8.1 Brute Force Attack 2.8.2 Dictionary Attack 2.8.3 Spoofing Attack Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 3: General Security Principles and Practices 3.1 Common Security Principles 3.1.1 Separation of Privileges 3.1.2 Least Privilege 3.1.3 Defense in Depth 3.1.4 Security through Obscurity 3.2 Security Policies 3.2.1 Types of Security Policies 3.2.1.1 Acceptable Use Policy 3.2.1.2 Backup Policy 3.2.1.3 Confidentiality Policy 3.2.1.4 Data Retention Policy 3.2.1.5 Wireless Device Policy 3.2.2 Implementing Policy 3.2.2.1 Developing Policies 3.2.2.2 Building Consensus 3.2.2.3 Education 3.2.2.4 Enforcement 3.2.2.5 Maintenance 3.3 Security Administration Tools 3.3.1 Security Checklists 3.3.2 Security Matrices 3.4 Physical Security 3.4.1 Perimeter Protection/Access Controls 3.4.2 Electronic Emanations 3.4.3 Fire Protection 3.5 Personnel Security Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 4: The Business of Security 4.1 Building a Business Case 4.2 Business Continuity Planning 4.2.1 Vulnerability Assessment 4.2.2 Implementing Controls 4.2.3 Maintaining the Plan 4.3 Disaster Recovery Planning 4.3.1 Selecting the Team 4.3.2 Building the Plan 4.3.2.1 Disaster Recovery Facilities 4.3.3 Training and Testing 4.3.3.1 Checklist Review 4.3.3.2 Tabletop Exercise 4.3.3.3 Soft Test 4.3.3.4 Hard Test 4.3.4 Implementing the Plan 4.3.5 Maintaining the Plan 4.4 Data Classification 4.4.1 Security Clearances 4.4.2 Need to Know 4.4.3 Classification Systems 4.4.3.1 Government Classification System 4.4.3.2 Industry Classification Systems 4.5 Security Ethics 4.5.1 Monitoring 4.6 Computer Security Law 4.6.1 Electronic Communications Privacy Act (ECPA) 4.6.2 USA Patriot Act 4.6.3 Children's Online Privacy Protection Act (COPPA) 4.6.4 European Union Directive on Data Privacy 4.6.5 Health Insurance Portability and Accountability Act (HIPAA) 4.6.6 Gramm-Leach-Bliley Act Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 5: Cryptographic Technologies 5.1 Goals of Cryptography 5.1.1 Confidentiality 5.1.2 Integrity 5.1.3 Nonrepudiation 5.1.4 Authentication 5.2 Cryptographic Algorithms 5.2.1 Symmetric Algorithms Data Encryption Standard (DES) 5.2.2.1 Advanced Encryption Standard (AES) 5.2.2 Asymmetric Algorithms 5.2.2.1 Rivest, Shamir, Adelman (RSA) 5.2.2.2 Pretty Good Privacy (PGP) 5.2.3 Symmetric Versus Asymmetric Cryptosystems 5.3 Digital Signatures 5.3.1 Signature Creation 5.3.2 Signature Verification 5.4 Digital Certificates 5.4.1 Certification Authorities 5.4.2 Certificate Generation 5.4.3 Certificate Verification Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 6: Securing TCP/IP 6.1 Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) 6.1.1 TCP/IP Protocols 6.1.1.1 Internet Protocol 6.1.1.2 Transmission Control Protocol 6.1.1.3 User Datagram Protocol 6.1.1.4 Internet Control Message Protocol 6.1.2 Open Systems Interconnection Model 6.1.2.1 Application Layer 6.1.2.2 Presentation Layer 6.1.2.3 Session Layer 6.1.2.4 Transport Layer 6.1.2.5 Network Layer 6.1.2.6 Data Link Layer 6.1.2.7 Physical Layer 6.2 Anatomy of a Packet 6.2.1 Packet Header 6.2.1.1 IP Header 6.2.1.2 TCP Header 6.2.1.3 UDP Header 6.2.2 Packet Payload 6.2 Internet Protocol Security (IPSec) Protocols 6.2.1 Encryption Modes 6.3 Web Security 6.3.1 Secure Sockets Layer (SSL) 6.3.2 Secure-HTTP (HTTP-S) Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 7: Handling Security Incidents 7.1 Attack Terms and Concepts 7.1.1 Types of Attacks 7.1.1.1 Military and Intelligence Attacks 7.1.1.2 Business and Financial Attacks 7.1.1.3 Terrorist Attacks 7.1.1.4 Grudge Attacks 7.1.1.5 Fun Attacks 7.2 Understanding Security Incidents 7.3 Handling Security Incidents 7.3.1 Types of Incidents 7.3.1.1 Scanning 7.3.1.2 Compromise 7.3.1.3 Malicious Code 7.3.1.4 Denial of Service (DoS) 7.4 Incident Management Methods and Tools 7.5 Maintaining Incident Preparedness 7.6 Using Standard Incident Handling Procedures 7.7 Post-Mortem: Learn from Experience 7.8 About Malicious Code 7.8.1 Viruses 7.8.2 Worms 7.8.3 Logic Bombs 7.8.4 Trojan Horses 7.8.5 Active Content Issues 7.9 Common Types of Attacks 7.9.1 Back Doors 7.9.2 Brute Force 7.9.3 Buffer Overflows 7.9.4 Denial of Service 7.9.5 Man-in-the-Middle 7.9.6 Social Engineering 7.9.7 System Bugs 7.10 Unauthorized Access to Sensitive Information Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 8: Firewall Security 8.1 Perimeter Security Devices 8.1.1 Routers 8.1.2 Proxies 8.1.3 Firewalls 8.2 Types of Firewalls 8.2.1 Hardware Versus Software Firewalls 8.2.2 Packet Filtering 8.2.3 Stateful Inspection 8.3 Firewall Topologies 8.3.1 Bastion Host 8.3.2 Screened Subnet 8.3.3 Dual Firewalls 8.4 Firewall Rulebases 8.4.1 Special Rules 8.4.1.1 Cleanup Rule 8.4.1.2 Stealth Rule Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 9: Operating System Security 9.1 Operating System Security Terms and Concepts 9.2 Organizing System Security 9.3 Built-in Security Subsystems and Mechanisms 9.4 System Security Principles and Practices 9.5 Windows Security Design 9.6 UNIX and Linux Security Design 9.7 System Backups 9.8 Typical System Security Threats 9.8.1 Bugs 9.8.2 Back Doors 9.8.3 Impersonation or Identity Threat 9.9 Keystroke Logging 9.10 Well-Known Windows Risks 9.11 Well-Known UNIX Risks 9.12 System Forensics: Scanning and Footprinting 9.13 The Security Auditor's Role 9.14 Assessing Security Risks 9.15 Risk Assessment Techniques Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 10: Securing Operating Systems 10.1 Security Maintenance Practices and Principles 10.2 Maintaining the OS: Patches, Fixes, and Revisions 10.3 Antivirus Software 10.4 Applying a Post-Install Security Checklist 10.4.1 Windows Checklist Elements 10.4.1.1 Windows Registry 10.4.1.2 Removing Unneeded Services 10.4.1.3 Securing Networking Protocols and Services 10.4.1.4 Windows Security Miscellany 10.4.2 UNIX Checklist Elements 10.4.2.1 Removing Unneeded UNIX Protocols and Services 10.4.2.2 Working with TCPWrapper 10.4.2.3 UNIX Security Miscellany 10.5 Understanding File System Security Issues 10.5.1 Securing NT File System (NTFS) 10.5.2 Windows Share Security 10.5.3 Securing UNIX File Systems 10.6 Understanding User Accounts and Passwords 10.6.1 Windows Account Security Mechanisms 10.6.2 UNIX Account Security Mechanisms 10.7 Checksums Catch Unauthorized Changes 10.8 Using System Logging Utilities Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 11: Network and Server Attacks and Penetration 11.1 Security Control 11.1.1 Phases of Control 11.1.1.1 Phase 1: No Access 11.1.1.2 Phase 2: Application Access 11.1.1.3 Phase 3: User Access 11.1.1.4 Phase 4: Superuser Access 11.1.1.5 Phase 5: Total Control 11.1.2 Methods of Taking Control 11.2 Recognizing Attacks 11.2.1 Common Points of Attack 11.2.1.1 Web Server 11.2.1.2 DNS Server 11.2.1.3 Mail Server 11.2.1.4 Firewall 11.2.1.5 Test/Development Systems 11.2.2 Multifront Attacks 11.3 Auditing to Recognize Attacks 11.3.1 Malicious Code 11.3.2 System Bugs and Vulnerabilities 11.3.3 Denial of Service (DoS) Attacks 11.3.4 Illicit Nodes 11.3.5 Unwanted Control Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 12: Security Audit Principles and Practices 12.1 Configuring Logging 12.1.1 Determining What Should Be Logged 12.1.2 Determining How Long Logs Must Be Maintained 12.1.3 Configuring Alerts 12.1.4 Windows Logging 12.1.5 UNIX Logging 12.2 Analyzing Log Data 12.2.1 Profiling Normal Behavior 12.2.2 Detecting Anomalies 12.2.3 Data Reduction 12.3 Maintaining Secure Logs 12.4 Conducting a Security Audit 12.4.1 Audit Team 12.4.2 Audit Tools 12.4.2.1 Checklists 12.4.2.2 IP/Port Scanners 12.4.2.3 Vulnerability Scanners 12.4.2.4 Integrity Checking 12.4.2.5 Penetration Testing 12.4.3 Audit Results Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 13: Intrusion Detection Systems and Practices 13.1 Intrusion Detection Terms and Concepts 13.2 Dealing with Intruders 13.3 Detecting Intruders 13.4 Principles of Intrusion Detection Systems 13.4.1 The IDS Taxonomy 13.4.2 Using Rules and Setting Thresholds for Detection 13.4.3 Exploring a Typical IDS 13.5 Network- Versus Host-Based IDS 13.6 Choosing an Appropriate IDS 13.7 Security Auditing with an IDS Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Chapter 14: System Security Scanning and Discovery 14.1 Understanding Security Scanning 14.1.1 Creating a List of Vulnerabilities 14.1.2 Selecting a Security Scanner Tool 14.2 Fingerprinting Utilities 14.3 Network- and Server-Discovery Tools 14.4 Fingerprinting IP Stacks 14.4.1 Share Scans 14.5 Telnet Inquiries 14.6 SNMP Vulnerabilities 14.7 TCP/IP Service Vulnerabilities 14.8 Simple TCP/IP Services 14.9 Understanding Social Engineering 14.10 Obtaining Security-Related Information Fraudulently 14.11 The Footprinting and Fingerprinting Drill (System Profiling) Chapter Summary Key Terms Challenge Questions Challenge Exercises Challenge Scenarios Appendix A: Online Resources and Information Appendix B: Security Tools and Utilities Appendix C: Locking Down Windows Step-by-Step Appendix D: Glossary
Library of Congress Subject Headings for this publication: Computer security, Computer networks Security measures