- ホーム
- > 洋書
- > 英文書
- > Computer / General
基本説明
New to this edition are chapters on intrusion detection, securing the cloud, securing web apps, ethical hacking, cyber forensics, phyusical security, disaster recovery, cyber attack deterrence, and more.
Full Description
The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise.The book is organized into 10 parts comprised of 70 contributed chapters by leading experts in the areas of networking and systems security, information management, cyber warfare and security, encryption technology, privacy, data storage, physical security, and a host of advanced security topics. New to this edition are chapters on intrusion detection, securing the cloud, securing web apps, ethical hacking, cyber forensics, physical security, disaster recovery, cyber attack deterrence, and more.
Contents
Part I Overview of System and Network SecurityIntroductionChapter 1 Building a Secure OrganizationCONTROL ASSESSMENTS 1.5 SUMMARY 1.6 CHAPTER REVIEW QUESTIONS/EXERCISES 1.7 OPTIONAL TEAM CASE PROJECTChapter 2 A Cryptography PrimerDEVICES 2.3 CIPHERS 2.4 MODERN CRYPTOGRAPHY 2.5 THE COMPUTER AGE 2.6 HOW AES WORKS 2.7 SELECTING CRYPTOGRAPHY: THE PROCESS 2.8 SUMMARY 2.9 CHAPTER REVIEW QUESTIONS/EXERCISES 2.9 OPTIONAL TEAM CASE PROJECTChapter 3 Detecting System IntrusionsOBJECTIVES 3.4 0DAY ATTACKS 3.5 GOOD KNOWN STATE 3.6 ROOTKITS 3.7 LOW HANGING FRUIT 3.8 ANTIVIRUS SOFTWARE 3.9 HOMEGROWN INTRUSION DETECTION 3.10 FULL AWARENESS TRAINING 3.13 DATA CORRELATION 3.14 SIEM 3.15 OTHER WEIRD STUFF ON (DSIS) 3.18 SUMMARY 3.19 CHAPTER REVIEW QUESTIONS/EXERCISES 3.20 OPTIONAL TEAM CASE PROJECTChapter 4 Preventing System IntrusionsINTRUSION PREVENTION CAPABILITIES 4.14 SUMMARY 4.15 CHAPTER REVIEW QUESTIONS/EXERCISES 4.16 OPTIONAL TEAM CASE PROJECTCHAPTER 5 Guarding Against Network Intrusions5.1 TRADITIONAL RECONNAISSANCE AND ATTACKS 5.2 MALICIOUS SOFTWARE 5.3 DETECTION 5.6 REACTIVE MEASURES 5.7 NETWORK-BASED INTRUSION PROTECTION 5.6 SUMMARY 5.7 CHAPTER REVIEW QUESTIONS/EXERCISES 5.8 OPTIONAL TEAM CASE PROJECTCHAPTER 6 Securing Cloud Computing Systems6.1 CLOUD COMPUTING ESSENTIALS: EXAMINING THE CLOUD LAYERS 6.2 SOFTWARE AS A (PAAS): SECURING THE PLATFORM 6.4 INFRASTRUCTURE AS A SERVICE (IAAS) 6.5 LEVERAGING PROVIDER-SPECIFIC SECURITY OPTIONS 6.6 ACHIEVING SECURITY IN A PRIVATE CLOUD 6.7 MEETING COMPLIANCE REQUIREMENTS 6.8 PREPARING FOR DISASTER RECOVERY 6.9 SUMMARY 6.10 CHAPTER REVIEW QUESTIONS/EXERCISES 6.11 OPTIONAL TEAM CASE PROJECTCHAPTER 7 Fault Tolerance and Resilience in Cloud Computing Environments7.1 INTRODUCTION 7.2 CLOUD COMPUTING FAULT MODEL 7.3 BASIC CONCEPTS ON QUESTIONS/EXERCISES 7.10 OPTIONAL TEAM CASE PROJECTCHAPTER 8 Securing Web Applications, Services and Servers8.1 SETTING THE STAGE 8.2 BASIC SECURITY FOR HTTP APPLICATIONS AND SERVICES 8.3 BASIC SECURITY FOR SOAP SERVICES 8.4 IDENTITY MANAGEMENT AND WEB SERVICES 8.5 AUTHORIZATION PATTERNS 8.6 SECURITY CONSIDERATIONS 8.7 CHALLENGES 8.8 SUMMARY 8.9 CHAPTER REVIEW QUESTIONS/EXERCISES 8.10 OPTIONAL TEAM CASE PROJECTCHAPTER 9 Unix and Linux Security9.1 UNIX AND SECURITY 9.2 BASIC UNIX SECURITY OVERVIEW 9.3 ACHIEVING UNIX SECURITY 9.4 PROTECTING USER ACCOUNTS AND STRENGTHENING AUTHENTICATION 9.5 LIMITING SUPERUSER PRIVILEGES 9.6 SECURING LOCAL AND NETWORK FILE SYSTEMS 9.7 NETWORK CONFIGURATION 9.8 ADDITIONAL RESOURCES 9.9 IMPROVING THE SECURITY OF LINUX AND UNIX SYSTEMS 9.10 SUMMARY 9.11 CHAPTER REVIEW QUESTIONS/EXERCISES 9.12 OPTIONAL TEAM CASE PROJECTCHAPTER 10 Eliminating the Security Weakness of Linux and UNIX Operating Systems10.1 INTRODUCTION 10.2 HARDENING LINUX AND UNIX 10.3 PROACTIVE DEFENSE FOR LINUX AND UNIX 10.4 SUMMARY 10.5 CHAPTER REVIEW QUESTIONS/EXERCISES 10.6 OPTIONAL TEAM CASE PROJECTCHAPTER 11 Internet Security11.1 INTERNET PROTOCOL ARCHITECTURE 11.2 AN INTERNET THREAT MODEL 11.3 11.5 SUMMARY 11.6 CHAPTER REVIEW QUESTIONS/EXERCISES 11.7 OPTIONAL TEAM CASE PROJECTCHAPTER 12 The Botnet Problem12.1 INTRODUCTION 12.2 BOTNET OVERVIEW 12.3 TYPICAL BOT LIFE CYCLE 12.4 THE BOTNET BUSINESS MODEL 12.5 BOTNET DEFENSE 12.6 BOTMASTER TRACEBACK 12.7 PREVENTING BOTNETS 12.8 SUMMARY 12.9 CHAPTER REVIEW QUESTIONS/EXERCISES 12.10 OPTIONAL TEAM CASE PROJECTCHAPTER 13 Intranet SecurityPLUGGING THE GAPS: NAC AND ACCESS CONTROL 13.4 MEASURING RISK: AUDITS 13.5 SECURITY 13.7 SHIELDING THE WIRE: NETWORK PROTECTION 13.8 WEAKEST LINK IN SECURITY: USER TRAINING 13.9 DOCUMENTING THE NETWORK: CHANGE MANAGEMENT 13.10 REHEARSE THE INEVITABLE: DISASTER RECOVERY 13.11 CONTROLLING HAZARDS: PHYSICAL AND ENVIRONMENTAL PROTECTION 13.12 KNOW YOUR USERS: PERSONNEL SECURITY 13.13 PROTECTING DATA FLOW: INFORMATION AND SYSTEM INTEGRITY 13.14 SECURITY ASSESSMENTS 13.15 RISK ASSESSMENTS 13.16 INTRANET SECURITY CHECKLIST 13.17 SUMMARY 13.18 CHAPTER REVIEW QUESTIONS/EXERCISES 13.19 OPTIONAL TEAM CASE PROJECTCHAPTER 14 Local Area Network Security14.1 IDENTIFY NETWORK THREATS 14.2 ESTABLISH NETWORK ACCESS CONTROLS 14.3 RISK ASSESSMENT 14.4 LISTING NETWORK RESOURCES 14.5 THREATS 14.6 SECURITY POLICIES 14.7 THE INCIDENT-HANDLING PROCESS 14.8 SECURE DESIGN THROUGH NETWORK ACCESS CONTROLS 14.9 IDS DEFINED 14.10 NIDS: SCOPE AND LIMITATIONS CONFIGURATION 14.14 THE PERIMETER 14.15 ACCESS LIST DETAILS 14.16 TYPES OF FIREWALLS 14.17 PACKET FILTERING: IP FILTERING ROUTERS 14.18 APPLICATION-LAYER FIREWALLS: PROXY SERVERS 14.19 STATEFUL INSPECTIO FIREWALLS 14.20 NIDS COMPLEMENTS FIREWALLS 14.21 MONITOR AND ANALYZE SYSTEM ACTIVITIES 14.22 SIGNATURE ANALYSIS 14.23 STATISTICAL ANALYSIS 14.24 SIGNATURE ALGORITHMS 14.25 SUMMARY 14.26 CHAPTER REVIEW QUESTIONS/EXERCISES 14.27 OPTIONAL TEAM CASE PROJECTCHAPTER 15 Wireless Network SecurityPROTOCOLS 15.4 WEP 15.5 WPA and WPA2 15.6 SPINS: Security Protocols for Sensor Networks 15.7 SECURE ROUTING 15.8 SEAD 15.9 ARAN 15.10 SLSP 15.11 KEY ESTABLISHMENT 15.12 ING 15.13 MANAGEMENT COUNTERMEASURES 15.14 SUMMARY 15.15 CHAPTER REVIEW QUESTIONS/EXERCISES 15.16 OPTIONAL TEAM CASE PROJECTCHAPTER 16 Wireless Sensor Network SecurityREVIEW QUESTIONS/EXERCISES 16.4 OPTIONAL TEAM CASE PROJECTCHAPTER 17 Cellular Network SecurityCELLULAR NETWORK ATTACK TAXONOMY 17.5 CELLULAR NETWORK VULNERABILITY ANALYSIS 17.6 (aCAT) 17.7 (eCAT) 17.8 SUMMARY 17.9 CHAPTER REVIEW QUESTIONS/EXERCISES 17.10 OPTIONAL TEAM CASE PROJECTCHAPTER 18 RFID Security18.1 RFID INTRODUCTION 18.2 RFID CHALLENGES 18.3 RFID PROTECTIONS 18.4 SUMMARY 18.5 CHAPTER REVIEW QUESTIONS/EXERCISES 18.6 OPTIONAL TEAM CASE PROJECTCHAPTER 19 Optical Network Security19.1 OPTICAL NETWORKS 19.2 SECURING OPTICAL NETWORKS 19.3 IDENTIFY VULNERABILITIES 19.4 CORRECTIVE ACTIONS 19.5 SUMMARY 19.6 CHAPTER REVIEW QUESTIONS/EXERCISES 19.7 OPTIONAL TEAM CASE PROJECTCHAPTER 20 Optical Wireless Security20.1 OPTICAL WIRELESS SYSTEMS OVERVIEW 20.2 DEPLOYMENT ARCHITECTURES 20.3 HIGH BANDWIDTH 20.4 LOW COST 20.5 IMPLEMENTATION 20.6 SURFACE AREA 20.7 SUMMARY 20.8 CHAPTER REVIEW QUESTIONS/EXERCISES 20.9 OPTIONAL TEAM CASE PROJECTPart II Managing Information SecurityCHAPTER 21 Information Security Essentials for IT Managers: Protecting Mission-Critical SystemsPROTECTING MISSION-CRITICAL SYSTEMS 21.4 INFORMATION SECURITY FROM THE GROUND UP 21.5 SECURITY MONITORING AND EFFECTIVENESS 21.6 SUMMARY 21.7 CHAPTER REVIEW QUESTIONS/EXERCISES 21.8 OPTIONAL TEAM CASE PROJECTCHAPTER 22 Security Management Systems22.1 SECURITY MANAGEMENT SYSTEM STANDARDS 22.2 TRAINING REQUIREMENTS 22.3 PERSONNEL 22.5 SECURITY POLICIES 22.6 SECURITY CONTROLS 22.7 NETWORK ACCESS 22.8 RISK ASSESSMENT 22.9 INCIDENT RESPONSE 22.10 SUMMARY 22.11 CHAPTER REVIEW QUESTIONS/EXERCISES 22.12 OPTIONAL TEAM CASE PROJECTCHAPTER 23 Policy-driven System Management23.1 INTRODUCTION 23.2 SECURITY AND POLICY-BASED MANAGEMENT 23.3 CLASSIFICAION AND LANGUAGES 23.4 CONTROLS FOR ENFORCING SECURITY POLICIES IN DISTRIBUTED SYSTEMS 23.5 PRODUCTS AND TECHNOLOGIES 23.6 RESEARCH PROJECTS 23.7 SUMMARY 23.8 CHAPTER REVIEW QUESTIONS/EXERCISES 23.9 OPTIONAL TEAM CASE PROJECTCHAPTER 24 Information Technology Security Management24.1 INFORMATION SECURITY MANAGEMENT STANDARDS 24.2 OTHER ORGANIZATIONS SUMMARY 24.5 CHAPTER REVIEW QUESTIONS/EXERCISES 24.6 OPTIONAL TEAM CASE PROJECTCHAPTER 25 Online Identity and User Management ServicesMANAGEMENT 1.0 25.5 SOCIAL LOGIN AND USER MANAGEMENT 25.6 IDENTITY 2.0 FOR MOBILE USERS 25.7 SUMMARY 25.8 CHAPTER REVIEW QUESTIONS/EXERCISES 25.9 OPTIONAL TEAM CASE PROJECTCHAPTER 26 Intrusion Prevention and Detection SystemsAND PREVENTION 26.11 TECHNOLOGIES 26.12 ANTI-MALWARE SOFTWARE 26.13 NETWORK-BASED INTRUSION DETECTION SYSTEMS 26.14 NETWORK-BASED INTRUSION PREVENTION SYSTEMS 26.15 HOST-BASED INTRUSION PREVENTION SYSTEMS 26.16 SECURITY INFORMATION MANAGEMENT SYSTEMS 26.17 NETWORK SESSION ANALYSIS 26.18 DIGITAL FORENSICS 26.19 SYSTEM INTEGRITY VALIDATION 26.20 SUMMARY 26.21 CHAPTER REVIEW QUESTIONS/EXERCISES 26.22 OPTIONAL TEAM CASE PROJECTCHAPTER 27 TCP/IP Packet Analysis27.1 THE INTERNET MODEL 27.2 SUMMARY 27.3 CHAPTER REVIEW QUESTIONS/EXERCISES 27.4 OPTIONAL TEAM CASE PROJECTCHAPTER 28 The Enemy (The Intruder's Genesis)28.1 INTRODUCTION 28.2 ACTIVE RECONNAISSANCE 28.3 ENUMERATION 28.4 PENETRATION & GAIN ACCESS 28.5 MAINTAIN ACCESS 28.6 DEFEND NETWORK AGAINST UNAUTHORIZED ACCESS 28.7 SUMMARY 28.8 CHAPTER REVIEW QUESTIONS/EXERCISES 28.9 OPTIONAL TEAM CASE PROJECTCHAPTER 29 Firewalls29.1 INTRODUCTION 29.2 NETWORK FIREWALLS 29.3 FIREWALL SECURITY POLICIES 29.4 A SIMPLE MATHEMATICAL MODEL FOR POLICIES, RULES, AND PACKETS 29.5 FIRST-MATCH FIREWALL POLICY ANOMALIES 29.6 POLICY OPTIMIZATION 29.7 FIREWALL TYPES 29.8 HOST AND NETWORK FIREWALLS 29.9 SOFTWARE AND HARDWARE FIREWALL IMPLEMENTATIONS 29.10 CHOOSING THE CORRECT FIREWALL 29.11 FIREWALL PLACEMENT AND NETWORK TOPOLOGY 29.12 FIREWALL INSTALLATION AND CONFIGURATION 29.13 SUPPORTING OUTGOING SERVICES THROUGH FIREWALL CONFIGURATION 29.14 SECURE EXTERNAL SERVICES PROVISIONING 29.15 NETWORK FIREWALLS FOR VOICE AND VIDEO APPLICATIONS 29.16 FIREWALLS AND IMPORTANT ADMINISTRATIVE SERVICE CONFIGURATION 29.19 LOAD BALANCING AND FIREWALL ARRAYS 29.20 HIGHLY AVAILABLE FIREWALLS 29.21 FIREWALL MANAGEMENT 29.22 SUMMARY 29.23 CHAPTER REVIEW QUESTIONS/EXERCISES 29.24 OPTIONAL TEAM CASE PROJECTCHAPTER 30 Penetration Testing30.7 THE NEED FOR A METHODOLOGY 30.8 PENETRATION TESTING METHODOLOGIES 30.9 PENETRATION TESTING CONSULTANTS 30.15 REQUIRED SKILL SETS 30.16 ACCOMPLISHMENTS 30.17 HIRING A PENETRATION TESTER 30.18 WHY SHOULD A COMPANY OPTIONAL TEAM CASE PROJECTCHAPTER 31 What Is Vulnerability Assessment?31.4 WHY VULNERABILITY ASSESSMENT? 31.5 PENETRATION TESTING VERSUS VULNERABILITY ASSESSMENT 31.6 VULNERABILITY ASSESSMENT GOAL 31.7 MAPPING THE NETWORK 31.8 SELECTING THE RIGHT SCANNERS 31.9 CENTRAL SCANS VERSUS TOOLS 31.12 SARA 31.13 SAINT 31.14 MBSA 31.15 SCANNER PERFORMANCE 31.16 SCAN VERIFICATION 31.17 SCANNING CORNERSTONES 31.18 NETWORK SCANNING COUNTERMEASURES 31.19 VULNERABILITY DISCLOSURE DATE 31.20 PROACTIVE SECURITY VERSUS REACTIVE SECURITY 31.21 VULNERABILITY CAUSES 31.22 DIY VULNERABILITY ASSESSMENT 31.23 SUMMARY 31.24 CHAPTER REVIEW QUESTIONS/EXERCISES 31.25 OPTIONAL TEAM CASE PROJECTCHAPTER 32 Security Metrics: An Introduction and Literature ReviewMETRICS 32.4 GETTING STARTED WITH SECURITY METRICS 32.5 METRICS IN LITERATURE 32.7 SUMMARY 32.8 CHAPTER REVIEW QUESTIONS/EXERCISES 32.9 OPTIONAL TEAM CASE PROJECTPart III Cyber, Network, and Systems Forensics Security and AssuranceCHAPTER 33 Cyber ForensicsTHE COURT SYSTEM 33.4 UNDERSTANDING INTERNET HISTORY 33.5 TEMPORARY RESTRAINING ORDERS AND LABOR DISPUTES 33.6 NTFS 33.7 FIRST PRINCIPLES 33.8 SUMMARY 33.14 CHAPTER REVIEW QUESTIONS/EXERCISES 33.15 OPTIONAL TEAM CASE PROJECTCHAPTER 34 Cyber Forensics and Incidence ResponseDISK-BASED ANALYSIS 34.5 INVESTIGATING INFORMATION-HIDING TECHNIQUES 34.6 SCRUTINIZING E-MAIL 34.7 VALIDATING E-MAIL HEADER INFORMATION 34.8 TRACING CHAPTER REVIEW QUESTIONS/EXERCISES 34.12 OPTIONAL TEAM CASE PROJECTCHAPTER 35 Securing e-Discovery35.1 INFORMATION MANAGEMENT 35.2 SUMMARY 35.3 CHAPTER REVIEW QUESTIONS/EXERCISES 35.4 OPTIONAL TEAM CASE PROJECTCHAPTER 36 Network ForensicsATTACK TRACEBACK AND ATTRIBUTION 36.4 CRITICAL NEEDS ANALYSIS 36.5 RESEARCH DIRECTIONS 36.6 SUMMARY 36.7 CHAPTER REVIEW QUESTIONS/EXERCISES 36.8 OPTIONAL TEAM CASE PROJECTPart IV Encryption TechnologyCHAPTER 37 Data EncryptionCLASSICAL CRYPTOGRAPHY 37.4 MODERN SYMMETRIC CIPHERS 37.5 ALGEBRAIC OF RSA 37.10 DIFFIE-HELLMAN ALGORITHM 37.11 ELLIPTIC CURVE CRYPTOSYSTEMS 37.12 MESSAGE INTEGRITY AND AUTHENTICATION 37.13 TRIPLE DATA ENCRYPTION ALGORITHM (TDEA) BLOCK CIPHER 37.14 SUMMARY 37.15 CHAPTER REVIEW QUESTIONS/EXERCISES 37.16 OPTIONAL TEAM CASE PROJECTCHAPTER 38 Satellite Encryption38.1 INTRODUCTION 38.2 THE NEED FOR SATELLITE ENCRYPTION 38.3 IMPLEMENTING SUMMARY 38.6 CHAPTER REVIEW QUESTIONS/EXERCISES 38.7 OPTIONAL TEAM CASE PROJECTCHAPTER 39 Public Key Infrastructure39.4 X.509 IMPLEMENTATION ARCHITECTURES 39.5 X.509 CERTIFICATE VALIDATION 39.6 X.509 CERTIFICATE REVOCATION 39.7 SERVER-BASED CERTIFICATE VALIDITY PROTOCOL 39.8 X.509 BRIDGE CERTIFICATION SYSTEMS 39.9 X.509 CERTIFICATE FORMAT 39.10 PKI POLICY DESCRIPTION 39.11 PKI STANDARDS ORGANIZATIONS 39.12 PGP CERTIFICATE FORMATS 39.13 PGP PKI IMPLEMENTATIONS 39.14 W3C 39.15 IS PKI SECURE 39.16 ALTERNATIVE PKI ARCHITECTURES 39.17 MODIFIED X.509 ARCHITECTURES 39.18 ALTERNATIVE KEY MANAGEMENT MODELS 39.19 SUMMARY 39.20 CHAPTER REVIEW QUESTIONS/EXERCISES 39.21 OPTIONAL TEAM CASE PROJECTCHAPTER 40 Password-based Authenticated Key Establishment Protocol[TOC TBD]CHAPTER 41 Instant-Messaging SecurityAPPLICATIONS 41.6 DEFENSIVE STRATEGIES 41.7 INSTANT-MESSAGING SECURITY MATURITY AND SOLUTIONS 41.8 PROCESSES 41.9 SUMMARY 41.10 EXAMPLE ANSWERS TO KEY FACTORS 41.11 CHAPTER REVIEW QUESTIONS/EXERCISES 41.12 OPTIONAL TEAM CASE PROJECTPart V Privacy and Access ManagementCHAPTER 42 Privacy on the InternetPRIVACY-ENHANCING TECHNOLOGIES 42.4 NETWORK ANONYMITY 42.5 SUMMARY 42.6 CHAPTER REVIEW QUESTIONS/EXERCISES 42.7 OPTIONAL TEAM CASE PROJECTCHAPTER 43 Privacy-enhancing Technologies METRICS 43.6 DATA MINIMIZATION TECHNOLOGIES 43.7 TRANSPARENCY-ENHANCING TOOLS 43.8 SUMMARY 43.9 CHAPTER REVIEW QUESTIONS/EXERCISES 43.10 OPTIONAL TEAM CASE PROJECTCHAPTER 44 Personal Privacy PoliciesWELL-FORMED PERSONAL PRIVACY POLICIES 44.5 PREVENTING UNEXPECTED NEGATIVE OUTCOMES 44.6 THE PRIVACY MANAGEMENT MODEL 44.7 DISCUSSION AND RELATED WORK 44.8 SUMMARY 44.9 CHAPTER REVIEW QUESTIONS/EXERCISES 44.10 OPTIONAL TEAM CASE PROJECTCHAPTER 45 Detection Of Conflicts In Security Policies45.5 SEMANTIC WEB TECHNOLOGY FOR CONFLICT DETECTION 45.6 SUMMARY 45.7 CHAPTER REVIEW QUESTIONS/EXERCISES 45.8 OPTIONAL TEAM CASE PROJECTCHAPTER 46 Supporting User Privacy Preferences in Digital Interactions46.1 INTRODUCTION 46.2 BASIC CONCEPTS AND DESIDERATA 46.3 COST-SENSITIVE TRUST NEGOTIATION 46.4 POINT-BASED TRUST MANAGEMENT 46.5 LOGICAL-BASED OPEN ISSUES 46.9 SUMMARY 46.10 CHAPTER REVIEW QUESTIONS/EXERCISES 46.11 OPTIONAL TEAM CASE PROJECTCHAPTER 47 Privacy and Security in Environmental Monitoring Systems: Issues and Solutions47.1 INTRODUCTION 47.2 SYSTEM ARCHITECTURES 47.3 ENVIRONMENTAL DATA 47.4 47.6 SUMMARY 47.7 CHAPTER REVIEW QUESTIONS/EXERCISES 47.8 OPTIONAL TEAM CASE PROJECTCHAPTER 48 Virtual Private NetworksMETHODS 48.5 SYMMETRIC ENCRYPTION 48.6 ASYMMETRIC CRYPTOGRAPHY 48.7 EDGE DEVICES 48.8 PASSWORDS 48.9 HACKERS AND CRACKERS 48.10 MOBILE VPN 48.11 SSL VPN DEPLOYMENTS 48.12 SUMMARY 48.13 CHAPTER REVIEW QUESTIONS/EXERCISES 48.14 OPTIONAL TEAM CASE PROJECTCHAPTER 49 Identity Theft49.1 EXPERIMENTAL DESIGN 49.2 RESULTS AND ANALYSIS 49.3 IMPLICATIONS FOR CRIMEWARE 49.4 SUMMARY 49.5 CHAPTER REVIEW QUESTIONS/EXERCISES 49.6 OPTIONAL TEAM CASE PROJECTCHAPTER 50 VoIP SecurityFUTURE TRENDS 50.5 SUMMARY 50.6 CHAPTER REVIEW QUESTIONS/EXERCISES 50.7 OPTIONAL TEAM CASE PROJECTPart VI Storage SecurityCHAPTER 51 SAN Security51.1 ORGANIZATIONAL STRUCTURE 51.2 ACCESS CONTROL LISTS (ACL) AND POLICIES 51.3 PHYSICAL ACCESS 51.4 CHANGE MANAGEMENT 51.5 PASSWORD POLICIES 51.6 SECURITY MANAGEMENT 51.10 AUDITING 51.11 SECURITY MAINTENANCE 51.12 HOST ACCESS: PARTITIONING 51.13 DATA PROTECTION: REPLICAS 51.14 ENCRYPTION IN QUESTIONS/EXERCISES 51.18 OPTIONAL TEAM CASE PROJECTCHAPTER 52 Storage Area Networking Security Devices52.1 WHAT IS A SAN? 52.2 SAN DEPLOYMENT JUSTIFICATIONS 52.3 THE CRITICAL REASONS FOR SAN SECURITY 52.4 SAN ARCHITECTURE AND COMPONENTS 52.5 SAN GENERAL THREATS AND ISSUES 52.6 OWASP 52.7 OSSTMM 52.8 ISSA 52.9 ISACA 52.10 SUMMARY 52.11 CHAPTER REVIEW QUESTIONS/EXERCISES 52.12 OPTIONAL TEAM CASE PROJECTCHAPTER 53 Risk ManagementMANAGEMENT METHODOLOGY 53.4 RISK MANAGEMENT LAWS AND REGULATIONS 53.5 RISK MANAGEMENT STANDARDS 53.6 SUMMARY 53.7 CHAPTER REVIEW QUESTIONS/EXERCISES 53.8 OPTIONAL TEAM CASE PROJECTPart VII Physical SecurityCHAPTER 54 Physical Security Essentials54.1 OVERVIEW 54.2 PHYSICAL SECURITY THREATS 54.3 PHYSICAL SECURITY PREVENTION AND MITIGATION MEASURES 54.4 RECOVERY FROM PHYSICAL SECURITY BREACHES 54.5 THREAT ASSESSMENT, PLANNING, AND PLAN IMPLEMENTATION 54.6 AND LOGICAL SECURITY 54.8 PHYSICAL SECURITY CHECKLIST 54.9 SUMMARY 54.10 CHAPTER REVIEW QUESTIONS/EXERCISES 54.11 OPTIONAL TEAM CASE PROJECTCHAPTER 55 Disaster Recovery55.1 INTRODUCTION 55.2 MEASURING RISK AND AVOIDING DISASTER 55.3 THE BUSINESS IMPACT ASSESSMENT (BIA) 55.4 SUMMARY 55.5 CHAPTER REVIEW QUESTIONS/EXERCISES 55.6 OPTIONAL TEAM CASE PROJECTCHAPTER 56 Biometrics56.1 RELEVANT STANDARDS 56.2 BIOMETRIC SYSTEM ARCHITECTURE 56.3 USING BIOMETRIC SYSTEMS 56.4 SECURITY CONSIDERATIONS 56.5 SUMMARY 56.6 CHAPTER REVIEW QUESTIONS/EXERCISES 56.7 OPTIONAL TEAM CASE PROJECTCHAPTER 57 Homeland Security57.1 STATUTORY AUTHORITIES 57.2 HOMELAND SECURITY PRESIDENTIAL DIRECTIVES 57.3 ORGANIZATIONAL ACTIONS 57.4 SUMMARY 57.5 CHAPTER REVIEW QUESTIONS/EXERCISES 57.6 OPTIONAL TEAM CASE PROJECTCHAPTER 58 Cyber Warfare58.1 CYBER WARFARE MODEL 58.2 CYBER WARFARE DEFINED 58.3 CW: MYTH OR QUESTIONS/EXERCISES 58.9 OPTIONAL TEAM CASE PROJECTCHAPTER 59 System SecurityCHAPTER REVIEW QUESTIONS/EXERCISES 59.5 OPTIONAL TEAM CASE PROJECTCHAPTER 60 Securing the Infrastructure60.1 COMMUNICATION SECURITY GOALS 60.2 ATTACKS AND COUNTERMEASURES 60.3 SUMMARY 60.4 CHAPTER REVIEW QUESTIONS/EXERCISES 60.5 OPTIONAL TEAM CASE PROJECTCHAPTER 61 Access Controls61.1 INFRASTRUCTURE WEAKNESSES: DAC, MAC, AND RBAC 61.2 STRENGTHENING THE INFRASTRUCTURE: AUTHENTICATION SYSTEMS 61.3 SUMMARY 61.4 CHAPTER REVIEW QUESTIONS/EXERCISES 61.5 OPTIONAL TEAM CASE PROJECTCHAPTER 62 Assessments and Audits62.1 ASSESSING VULNERABILITIES AND RISK: PENETRATION TESTING AND VULNERABILITY ASSESSMENTS 62.2 RISK MANAGEMENT: QUANTITATIVE RISK MEASUREMENTS 62.3 SUMMARY 62.4 CHAPTER REVIEW QUESTIONS/EXERCISES 62.5 OPTIONAL TEAM CASE PROJECTCHAPTER 63 Fundamentals of Cryptography63.1 ASSURING PRIVACY WITH ENCRYPTION 63.2 SUMMARY 63.3 CHAPTER REVIEW QUESTIONS/EXERCISES 63.4 OPTIONAL TEAM CASE PROJECTPart IX Advanced SecurityCHAPTER 64 Security Through Diversity64.1 UBIQUITY 64.2 EXAMPLE ATTACKS AGAINST UNIFORMITY 64.3 ATTACKING DEFENSE 64.6 DIVERSITY AND THE BROWSER 64.7 SANDBOXING AND VIRTUALIZATION SURVIVAL 64.10 SUMMARY 64.11 CHAPTER REVIEW QUESTIONS/EXERCISES 64.12 OPTIONAL TEAM CASE PROJECTCHAPTER 65 Online e-Reputation Management Services65.6 SUMMARY 65.7 CHAPTER REVIEW QUESTIONS/EXERCISES 65.8 OPTIONAL TEAM CASE PROJECTCHAPTER 66 Content FilteringCONTENT CATEGORIZATION TECHNOLOGIES 66.4 PERIMETER HARDWARE AND SOFTWARE SOLUTIONS 66.5 CATEGORIES 66.6 LEGAL ISSUES 66.7 CIRCUMVENTING CONTENT 66.9 RELATED PRODUCTS 66.10 SUMMARY 66.11 CHAPTER REVIEW QUESTIONS/EXERCISES 66.12 OPTIONAL TEAM CASE PROJECTCHAPTER 67 Data Loss ProtectionAPPLICATIONS WORK? 67.7 EAT YOUR VEGETABLES 67.8 IT'S A FAMILY AFFAIR, NOT BELIEVE? 67.10 SUMMARY 67.11 CHAPTER REVIEW QUESTIONS/EXERCISES 67.12 OPTIONAL TEAM CASE PROJECTCHAPTER 68 Satellite Cyber Attack Search and Destroy68.1 HACKS, INTERFERENCE AND JAMMING 68.2 SUMMARY 68.3 CHAPTER REVIEW QUESTIONS/EXERCISES 68.4 OPTIONAL TEAM CASE PROJECTCHAPTER 69 Verifiable Voting Systems69.1 SECURITY REQUIREMENTS 69.2 VERIFIABLE VOTING SCHEMES 69.3 BUILDING VERIFIABLE VOTING SYSTEMS 69.7 SUMMARY 69.8 CHAPTER REVIEW QUESTIONS/EXERCISES 69.9 OPTIONAL TEAM CASE PROJECTCHAPTER 70 Advanced Data Encryption70.1 MATHEMATICAL CONCEPTS REVIEWED 70.2 THE RSA CRYPTOSYSTEM 70.3 SUMMARY 70.4 CHAPTER REVIEW QUESTIONS/EXERCISES 70.5 OPTIONAL TEAM CASE PROJECTPart X AppendicesAppendix A Configuring Authentication Service On Microsoft Windows 7Appendix B Security Management and Resiliency Appendix C List of Top Information and Network Security Implementation and Deployment CompaniesAppendix D List of Security Products Appendix E List of Security Standards Appendix F List of Miscellaneous Security Resources Appendix G Ensuring Built-in Frequency Hopping Spread Spectrum Wireless Network Security Appendix H Configuring Wireless Internet Security Remote Access Appendix I Frequently Asked QuestionsAppendix J Case Studies
