Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Buy Now $35.99
Standard view
Full view
of .
Look up keyword or section
Like this
12Activity

Table Of Contents

Preface1
PART I
I.Security for Today
Chapter 1
CHAPTER 1
Introduction1
The New Insecurity
• CanCERT is Canada’s first national Computer Emergency Response Team
Computer crime
What Is Computer Security?
Threats to Security
Physical vulnerabilities
Natural vulnerabilities
Media vulnerabilities
Communications vulnerabilities
Human vulnerabilities
Exploiting vulnerabilities
Foreign intelligence agents
Corporate raiders
Computer security
Communications security
Physical security
Why Buy Security?
Research and Modeling
Building Toward Standardization
Computer Security Mandates and Legislation
The Balancing Act
Computer Fraud and Abuse Act
Computer Security Act
Privacy Considerations
PART II
II.Computer Security
Chapter 3
CHAPTER 3
Computer System Security and Access Controls3
What Makes a System Secure?
System access controls
Data access controls
System Access: Logging into Your System
Multifactor authentication
Challenge and response
Password Authentication Protocol
Challenge Handshake Authentication Protocol (CHAP)
Mutual authentication
Per-session authentication
Remote access (TACACS and RADIUS)
• Remote Authentication Dial-In User Service (RADIUS)
• Terminal Access Controller Access Control System (TACACS)
Hints for Picking Passwords
Sensitivity labels
Sensitivity Label
Compartmentalized Information
Access Control in Practice
• Mandatory access control (MAC)
• Role-based access control (RBAC)
Discretionary access control
Lightweight Directory Access Protocol
Identity Management
Viruses and Other Wildlife4
Financial Effects of Malicious Programs
Viruses and Public Health
Viruses, Worms, and Trojans (Oh, My!)
The Virus Hype
An Ounce of Prevention
Chapter 5
CHAPTER 5
Establishing and Maintaining a Security Policy 5
Administrative Security
Day-to-day system administration
Overall Planning and Administration
Planning for Disaster
Day-to-Day Administration
Hints for Employee Security Management
Performing Backups
Hints for Safe Computing
Hints for Backups
Hardware and Software Security Tools
Performing a Security Audit
Suspicious user activity
Separation of Duties
Chapter 6
CHAPTER 6
Web Attacks and Internet Vulnerabilities6
About the Internet
File Transfer Protocol (FTP)
Hypertext Transport Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP)
Domain Name Service (DNS)
Dynamic Host Configuration Protocol (DHCP)
What Are the Network Protocols?
Data Navigation Protocols
The Fragile Web
Some History
What Is Encryption?
Cryptographic Keys: Private and Public
Key Management and Distribution
End-to-End and Link Encryption
The Data Encryption Standard
The Advanced Encryption Standard
Other Cryptographic Algorithms
• HPC (The Hasty Pudding Cipher)
Public Key Algorithms
Government Algorithms
Message Authentication
Government Cryptographic Programs
Cryptographic Export Restrictions
Chapter 8
CHAPTER 8
Communications and Network Security8
What Makes Communication Secure?
Appropriate Technology
Distributed denial of service
Modems
Networks
Hints for Network Security
Network Security
Through the Tunnel
VPN tunneling protocols
Point-to-Point Tunneling Protocol (PPTP)
Layer Two Tunneling Protocol (L2TP)
Communications integrity
PART IV
IV.Other Types of Security
Chapter 9
CHAPTER 9
Physical Security and Biometrics9
Physical Security
Risk Analysis and Disaster Planning
Locks and Keys: Old and New
Hints for Keeping Intruders Out
Challenge-Response Systems
Biometrics
Electric circuit card
Magnetic stripe card
Passive electronic card
Active electronic card
Memory and microprocessor tokens
Gentle Reminder
Wireless Network Security 10
How We Got Here
Today’s Wireless Infrastructure
Multi-Channel Multipoint Distribution Service (MMDS) or “wireless cable”
Local Multipoint Distribution Service (LMDS)
IEEE 802.15 (Bluetooth) wireless personal area network (WPAN)
IEEE 802.16 wireless metropolitan area network (wireless MAN or WiMAX)
How Wireless Works
Playing the Fields
What Is This dB Stuff?
Why Does All This Matter?
Encouraging Diversity
Physical Layer Wireless Attacks
Forced Degradation Attacks
Eavesdropping Attacks
Advanced Eavesdropping Attacks
PART V
V.Appendixes
APPENDIX A
OSI Model1
Appendix B
APPENDIX B
TEMPEST 2
•Security Features User’s Guide (SFUG)
Exportation of labeled information
Labeling human-readable output
Subject sensitivity labels
Common Criteria Evaluation Assurance Levels (EALs)
Index
P. 1
Computer Security Basics

Computer Security Basics

Ratings:

4.0

(4)
|Views: 750|Likes:

This is the must-have book for a must-know field. Today, general security knowledge is mandatory, and, if you who need to understand the fundamentals, Computer Security Basics 2nd Edition is the book to consult.



The new edition builds on the well-established principles developed in the original edition and thoroughly updates that core knowledge. For anyone involved with computer security, including security administrators, system administrators, developers, and IT managers, Computer Security Basics 2nd Edition offers a clear overview of the security concepts you need to know, including access controls, malicious software, security policy, cryptography, biometrics, as well as government regulations and standards.



This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.



Topics include: Computer security concepts Security breaches, such as viruses and other malicious programs Access controls Security policy Web attacks Communications and network security Encryption Physical security and biometrics Wireless network security Computer security and requirements of the Orange Book OSI Model and TEMPEST

This is the must-have book for a must-know field. Today, general security knowledge is mandatory, and, if you who need to understand the fundamentals, Computer Security Basics 2nd Edition is the book to consult.



The new edition builds on the well-established principles developed in the original edition and thoroughly updates that core knowledge. For anyone involved with computer security, including security administrators, system administrators, developers, and IT managers, Computer Security Basics 2nd Edition offers a clear overview of the security concepts you need to know, including access controls, malicious software, security policy, cryptography, biometrics, as well as government regulations and standards.



This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.



Topics include: Computer security concepts Security breaches, such as viruses and other malicious programs Access controls Security policy Web attacks Communications and network security Encryption Physical security and biometrics Wireless network security Computer security and requirements of the Orange Book OSI Model and TEMPEST

More info:

Publish date: Jun 13, 2006
Added to Scribd: Dec 15, 2012
Copyright:Traditional Copyright: All rights reservedISBN:9781449317423
List Price: $35.99 Buy Now

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
See more
See less

04/07/2015

312

9781449317423

$35.99

USD

You're Reading a Free Preview
Pages 13 to 32 are not shown in this preview.
You're Reading a Free Preview
Pages 45 to 95 are not shown in this preview.
You're Reading a Free Preview
Pages 108 to 142 are not shown in this preview.
You're Reading a Free Preview
Pages 155 to 268 are not shown in this preview.
You're Reading a Free Preview
Pages 281 to 312 are not shown in this preview.

Activity (12)

You've already reviewed this. Edit your review.
supernino_75 liked this
1 hundred reads
1 thousand reads
chavansujay liked this
aklile liked this
Raja Hira liked this
Ashirbad Ratha liked this
Moises Clemente liked this
great602 liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->