Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
18Activity

Table Of Contents

COMPUTER AND NETWORK SECURITY PRINCIPLES
1.1 Importance of Computer and Network Security
1.1.1 Exposing Secrets
1.1.2 Causing System Failures
1.1.3 Profile of an Attacker
1.1.4 Social Engineering
1.1.5 Security Defined
1.2 Underlying Computer and Network Security Concepts
1.2.1 Confidentiality
1.2.2 Integrity
1.2.3 Availability
1.2.4 Accountability
1.2.5 Nonrepudiation
1.3 Threats and Countermeasures
1.3.2 Calculating Risk
1.3.3 Countermeasures—Risk Mitigation
1.4 Policies and Standards
1.4.1 Security Policy
1.4.2 Standards
1.4.3 Informing Users of the Importance of Security
Applying This Chapter
YOU TRY IT
NETWORK AND SERVER SECURITY
INTRODUCTION
2.1 Network Protocols Review
2.1.1 Understanding Protocols
2.1.2 The Open Systems Interconnect Model
2.1.3 The TCP/IP Model
2.1.4 TCP/IP Ports
2.2 Best Practices for Network Security
2.2.1 Security by Design
2.2.2 Maintaining a Security Mindset
2.2.3 Defense-in-Depth
SELF-CHECK
2.3 Securing Servers
2.3.1 Controlling the Server Configuration
2.4 Border Security
2.4.1 Segmenting a Network
2.4.2 Perimeter Defense
2.4.2 Firewalls
2.4.3 Network Address Translation
SUMMARY
KEY TERMS
CRYPTOGRAPHY
3.1.1 A Brief History of Cryptography
3.1.2 Cryptographic Primitives
3.1.3 XOR
3.1.4 Cast of Characters
3.2 SymmetricEncryption
3.2.1 Understanding Symmetric Encryption
3.2.2 Encryption Strength
3.2.3 Stream Ciphers
3.2.4 Block Ciphers
3.2.5 Sharing Keys
3.3 AsymmetricEncryption
3.3.2 Digital Signatures
Using Digital Signatures
3.4.1 Hash Functions
3.4.2 Using Hash Functions to Ensure Integrity
3.4.3 A Vulnerability When Protecting Passwords
3.4.5 Keyed Hash Functions
3.5 Achieving CIA
3.5.1 Confidentiality
3.5.2 Integrity
3.5.3 Authentication
3.5.4 CIA
3.6.1 Digital Certificates
3.6.2 Public Key Infrastructure
3.6.3 Designing a CA Hierarchy
3.6.4 Security Policy and PKI Implementation
3.6.5 Trusting Certificates from Other Organizations
3.6.7 Renewing Certificates
3.6.8 Revoking a Certificate
ASSESS YOUR UNDERSTANDING
Summary Questions
AUTHENTICATION
4.1 AuthenticationOverview
4.1.1 Interactive Logon
4.1.2 Peer-to-Peer Network Logon
4.1.3 Computer Authentication
4.1.4 Mutual Authentication
4.1.5 Application Authentication
4.2 Authentication Credentials
4.2.1 Password Authentication
4.2.2 One-Time Passwords
4.2.3 Smart Cards
4.2.4 Biometrics
4.3 Authentication Protocols
4.3.1 LAN Manager-Based Protocols
4.3.2 Kerberos
4.4 Best Practices for Secure Authentication
4.4.1 Password Policies
4.4.2 Account Lockout Policy
4.4.3 Account Logon Hours
4.4.4 Account Logon Workstation
4.4.5 Auditing Logons
AUTHORIZATION AND ACCESS CONTROL
5.1 Access Control Models
5.1.1 Discretionary Access Control (DAC)
5.1.2 Mandatory Access Control (MAC)
5.1.3 Role-Based Access Control (RBAC)
5.1.4 Principle of Least Permission
5.2.1 Principals
5.2.2 Windows Access Control Model
5.2.5 User Rights Assignment
5.3 Implementing Access Control on Unix Computers
5.3.1 Principals
5.3.2 Objects
SECURING NETWORK TRANSMISSION
6.1 Analyzing Security Requirements for Network Traffic
6.1.1 Types of Attacks
6.1.3 Securely Transmitting Data
6.2 Defining Network Perimeters
6.2.1 Isolating Insecure Networks Using Subnets
6.2.2 Switches and VLANs
6.2.3 Using IP Address and IP Packet Filtering
6.3 Data Transmission Protection Protocols
6.3.1 SSL and TLS
6.3.2 IP Security (IPsec)
6.3.3 Server Message Block Signing
6.3.4 Secure Shell
REMOTE ACCESS AND WIRELESS SECURITY
7.2.1 Point-to-Point Tunneling Protocol
7.2.2 L2TP and IPsec
7.2.3 Hardware VPN Solutions
7.3 RADIUS and TACACS
7.3.1 Using RADIUS Authentication
7.3.2 Using TACACS and TACACS
7.4 Wireless Networks
7.4.1 Wireless Networking Standards
7.4.2 Wireless Modes
7.4.4 Wired Equivalent Privacy
7.4.8 Designing for an Open Access Point
7.4.9 Identifying Wireless Network Vulnerabilities
SERVER ROLES AND SECURITY
8.1 Server Roles and Baselines
8.1.1 Trusted Computing Base
8.1.2 Secure Baseline
8.1.3 Preparing to Implement the Baseline
8.1.4 Security Templates
8.1.5 Security Configuration Wizard
8.1.6 Secure Baseline Configuration for Linux Servers
8.1.7 Virtualization
8.2 Securing Network Infrastructure Servers
8.2.1 Securing DNS Servers
8.2.2 Securing DHCP Servers
8.2.3 Securing WINS Servers
8.2.5 Securing NAT Servers
8.3 Securing Domain Controllers
8.4 Securing File and Print Servers
8.4.1 Securing File Servers
8.4.2 Securing Print Servers
8.4.3 Securing FTP Servers
8.5 Securing Application Servers
8.5.1 Securing Web Servers
8.5.2 Securing Database Servers
PROTECTING AGAINST MALWARE
9.1 Viruses and Other Malware
9.1.1 Viruses
9.1.2 Worms
9.1.3 Trojan Horses
9.2 Protecting the Workstation
9.2.1 Antivirus Software
9.2.2 Anti-spyware
9.2.3 Computer Configuration Guidelines
9.2.4 User Training
9.3 Web Browser Security
9.3.1 Web Browser Risks
9.3.2 Web Browser Technologies
9.3.3 Specific Threats to a Browser Session
9.3.4 Browser Configuration
9.3.5 Internet Explorer Security Zones
9.4.1 Attacks that Disclose Data
9.4.2 Spam
9.4.4 Mail Client Configurations
9.4.5 Architectural Considerations
ONGOING SECURITY MANAGEMENT
10.1 Managing Updates
10.1.1 Configuration Management
10.1.3 Importance of Automating Updates
10.1.4 Creating a Security Update Infrastructure
10.1.5 A WSUS Solution
10.1.6 Configuring SUS Clients
10.2.2 Monitoring
10.2.3 Auditing on Unix®
10.2.4 Auditing in Windows
10.3 Secure Remote Administration
10.3.1 Creating a Remote Management Plan
10.3.2 Remote Management Security Considerations
10.3.3 Planning Remote Management Deployment
10.3.4 Securing Windows Inbound Management Tools
10.3.5 Securing TCP/IP Remote Management Tools
DISASTER RECOVERY AND FAULT TOLERANCE
11.1 Planning for the Worst
11.1.1 Business Continuity Planning
11.1.2 Disaster Recovery Planning
11.2.6 Determining Backup Frequency
11.2.7 Assigning Responsibility for Backups
11.2.8 Testing Recovery
11.3 Designing for Fault Tolerance
11.3.1 Eliminating Single Points of Failure
11.3.2 Selecting Fault Tolerant Storage
11.3.3 RAID Levels
11.3.5 Storage Area Networks (SANs)
11.3.6 Designing a Failover Solution
12.1.4 Intrusion Prevention Systems (IPS)
12.2.2 Honeypot Categories
12.2.3 When to Use a Honeypot
12.2.4 Legal Considerations
12.3 Forensics
12.3.1 Understanding Evidence
12.3.2 Gathering Evidence on a Live System
12.3.3 Preparing a Hard Drive Image
12.3.4 Searching for Data on a Hard Drive
GLOSSARY
INDEX
0 of .
Results for:
No results containing your search query
P. 1
Network Security Fundamentals

Network Security Fundamentals

Ratings: (0)|Views: 385|Likes:
Published by Refaey Abo Helal

More info:

Published by: Refaey Abo Helal on Nov 18, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

08/21/2013

pdf

text

original

You're Reading a Free Preview
Pages 12 to 14 are not shown in this preview.
You're Reading a Free Preview
Pages 26 to 251 are not shown in this preview.
You're Reading a Free Preview
Pages 263 to 431 are not shown in this preview.
You're Reading a Free Preview
Pages 443 to 458 are not shown in this preview.
You're Reading a Free Preview
Pages 470 to 554 are not shown in this preview.

Activity (18)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
sridhar liked this
Nam Sanchun liked this
Rolando Daclan liked this
damjan_marinič liked this
mfwm liked this
DirkVoss liked this
myehia1976 liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->