did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781418836795

Guide to Network Defense And Countermeasures

by
  • ISBN13:

    9781418836795

  • ISBN10:

    1418836796

  • Edition: 2nd
  • Format: Paperback
  • Copyright: 2006-01-09
  • Publisher: Course Technology
  • View Upgraded Edition

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $252.99 Save up to $248.19
  • Rent Book $75.90
    Add to Cart Free Shipping Icon Free Shipping

    TERM
    PRICE
    DUE
    IN STOCK USUALLY SHIPS IN 24 HOURS.
    HURRY! ONLY 1 COPY IN STOCK AT THIS PRICE
    *This item is part of an exclusive publisher rental program and requires an additional convenience fee. This fee will be reflected in the shopping cart.

Supplemental Materials

What is included with this book?

Summary

This edition has been revised to update content and map more clearly to the exam objectives for the current Security Certified Network Professional (SCNP) exam.

Table of Contents

Introduction xi
Network Defense Fundamentals
1(46)
TCP/IP Networking Review
2(14)
The Open Systems Interconnect (OSI) Model
2(1)
IP Addressing
3(3)
Exploring IP Packet Structure
6(3)
ICMP Messages
9(1)
TCP Headers
10(1)
UDP Headers
11(3)
Domain Name Service (DNS)
14(1)
Encryption
14(2)
Overview of Threats to Network Security
16(8)
Types of Attackers
16(3)
Malicious Code
19(1)
Other Threats to Network Security
20(1)
Social Engineering: The People Factor
20(1)
Common Attacks and Defenses
21(1)
Internet Security Concerns
22(2)
Goals of Network Security
24(3)
Providing Secure Connectivity
25(1)
Secure Remote Access
25(1)
Ensuring Privacy
25(1)
Providing Nonrepudiation
26(1)
Confidentiality, Integrity, and Availability: The CIA Triad
26(1)
Using Network Defense Technologies in Layers
27(8)
Physical Security
28(1)
Authentication and Password Security
28(1)
Operating System Security
29(1)
Antivirus Protection
29(1)
Packet Filtering
30(1)
Firewalls
30(1)
Demilitarized Zone (DMZ)
31(1)
Intrusion Detection System (IDS)
32(1)
Virtual Private Networks (VPNs)
32(1)
Network Auditing and Log Files
32(2)
Routing and Access Control Methods
34(1)
The Impact of Defense
35(1)
Chapter Summary
36(1)
Key Terms
37(3)
Review Questions
40(3)
Hands-On Projects
43(1)
Case Projects
44(3)
Security Policy Design: Risk Analysis
47(36)
Fundamental Concepts of Risk Analysis
48(8)
Risk Analysis Factors
49(7)
Approaches to Risk Analysis
56(3)
Survivable Network Analysis
56(2)
Threat and Risk Assessment
58(1)
Risk Analysis: An Ongoing Process
59(5)
Risk Analysis: General Activities to Follow
60(1)
Analyzing Economic Impacts
60(4)
Deciding How to Minimize Risk
64(8)
Securing Hardware
64(1)
Ranking Resources To Be Protected
65(1)
Securing Information
66(2)
Conducting Routine Analysis
68(1)
Handling Security Incidents
68(4)
Chapter Summary
72(1)
Key Terms
72(2)
Review Questions
74(3)
Hands-On Projects
77(2)
Case Projects
79(4)
Security Policy Implementation
83(34)
What Makes a Good Security Policy?
84(11)
General Security Policy Best Practices
85(10)
Formulating a Security Policy
95(8)
Seven Steps to Creating a Security Policy
95(2)
Components of Security Policies
97(6)
Conducting Ongoing Risk Analysis
103(4)
Conducting Routine Security Reviews
103(1)
Working with Management
104(1)
Responding to Security Incidents
105(2)
Updating the Security Policy
107(1)
Chapter Summary
107(1)
Key Terms
108(2)
Review Questions
110(3)
Hands-On Projects
113(1)
Case Projects
114(3)
Network Traffic Signatures
117(44)
Understanding Signature Analysis
118(9)
Understanding Signature Analysis
118(3)
Capturing Packets
121(6)
Detecting Traffic Signatures
127(14)
Normal Traffic Signatures
128(7)
Suspicious Traffic Signatures
135(6)
Identifying Suspicious Events
141(6)
Packet Header Discrepancies
142(3)
Advanced Attacks
145(1)
Remote Procedure Call
146(1)
Using the Common Vulnerabilities and Exposures (CVE) Standard
147(3)
How the CVE Works
147(2)
Scanning CVE Vulnerability Descriptions
149(1)
Chapter Summary
150(1)
Key Terms
151(2)
Review Questions
153(2)
Hands-On Projects
155(2)
Case Projects
157(4)
Virtual Private Network (VPN) Concepts
161(42)
Understanding VPN Concepts
162(7)
What VPNs Are
162(2)
Why Establish a VPN?
164(5)
VPN Core Activity 1: Encapsulation
169(14)
Understanding Tunneling Protocols
170(5)
IPSec/IKE
175(8)
VPN Core Activity 2: Encryption
183(4)
Encryption Schemes Used by VPNs
184(3)
VPN Core Activity 3: Authentication
187(3)
Kerberos
188(2)
Advantages and Disadvantages of VPNs
190(1)
Chapter Summary
191(1)
Key Terms
192(3)
Review Questions
195(3)
Hands-On Projects
198(1)
Case Projects
199(4)
VPN Implementation
203(28)
Designing a VPN
204(4)
Business Needs
204(1)
Client Security
205(3)
Configuring VPNs
208(7)
Single and Multiple Entry Point Configurations
209(1)
VPN Topology Configurations
210(5)
Using VPNs with Firewalls
215(5)
Adjusting Packet-Filtering Rules for VPNs
220(2)
PPTP Filters
220(1)
L2TP and IPSec Filters
221(1)
Auditing VPNs and VPN Policies
222(1)
Chapter Summary
223(1)
Key Terms
224(1)
Review Questions
224(3)
Hands-On Projects
227(1)
Case Projects
228(3)
Intrusion Detection System Concepts
231(40)
Examining Intrusion Detection System Components
232(9)
Network Sensors
232(2)
Alert Systems
234(4)
Command Console
238(1)
Response System
239(1)
Database of Attack Signatures or Behaviors
239(2)
Examining Intrusion Detection Step by Step
241(5)
Step 1: Installing the IDS Database
241(1)
Step 2: Gathering Data
241(1)
Step 3: Sending Alert Messages
242(1)
Step 4: The IDS Responds
242(1)
Step 5: The Administrator Assesses Damage
243(1)
Step 6: Following Escalation Procedures
244(1)
Step 7: Logging and Reviewing the Event
244(2)
Options for Implementing Intrusion Detection Systems
246(7)
Network-Based Intrusion Detection Systems
246(1)
Host-Based Intrusion Detection Systems
247(4)
Hybrid IDS Implementations
251(2)
Evaluating Intrusion Detection Systems
253(4)
Freeware NIDS: Snort
254(1)
Commercial HIDS: Norton Internet Security
255(1)
IDS Hardware Appliances
256(1)
Chapter Summary
257(1)
Key Terms
258(1)
Review Questions
259(3)
Hands-On Projects
262(5)
Case Projects
267(4)
Intrusion Detection: Incident Response
271(46)
Developing IDS Filter Rules
272(11)
Rule Actions
272(1)
Rule Data
273(1)
Rule Options
273(10)
Developing a Security Incident Response Team (SIRT)
283(5)
Goals of a Security Incident Response Team (SIRT)
283(1)
Responsibilities of Team Members
284(3)
Public Resource Teams
287(1)
Outsourcing Incident Response
287(1)
How to Respond: The Incident Response Process
288(11)
Step 1: Preparation
288(2)
Step 2: Notification
290(1)
Step 3: Response
291(4)
Step 4: Countermeasures
295(1)
Step 5: Recovery
296(1)
Step 6: Follow-Up
297(2)
Dealing with False Alarms
299(1)
Filtering Alerts
299(1)
Disabling Signatures
299(1)
Dealing with Legitimate Security Alerts
300(7)
Assessing the Impact
301(1)
Developing an Action Plan
301(1)
Handling Internal Versus External Incidents
302(1)
Taking Corrective Measures to Prevent Reoccurrence
303(1)
Working Under Pressure
303(1)
Gathering Data for Prosecution
304(3)
Chapter Summary
307(1)
Key Terms
308(1)
Review Questions
309(3)
Hands-On Projects
312(1)
Case Projects
313(4)
Choosing and Designing Firewalls
317(54)
An Overview of Firewalls
318(3)
What Firewalls Are
318(2)
What Firewalls Are Not
320(1)
Approaches to Packet Filtering
321(8)
Stateless Packet Filtering
321(2)
Stateful Packet Filtering
323(3)
Packet Filtering Depends on Position
326(3)
Creating Rules and Establishing Restrictions
329(18)
Base the Rule Base on Your Security Policy
330(1)
Create a Firewall Policy That Covers Application Traffic
331(2)
Keep the Rule Base Simple
333(1)
Restrict Subnets, Ports, and Protocols
334(2)
Control Internet Services
336(11)
Designing Firewall Configurations
347(11)
Screening Router
347(1)
Dual-Homed Host
347(2)
Screened Host
349(1)
Screened Subnet DMZ
349(1)
Multiple DMZ/Firewall Configurations
350(3)
Multiple Firewall Configurations
353(2)
Reverse Firewall
355(3)
Comparing Software and Hardware Firewalls
358(4)
Software-Based Firewalls
358(2)
Hardware Firewalls
360(1)
Hybrid Firewalls
361(1)
Chapter Summary
362(1)
Key Terms
362(1)
Review Questions
363(4)
Hands-On Projects
367(1)
Case Projects
367(4)
Firewall Topology
371(38)
Securing Network Perimeters
372(1)
Choosing a Bastion Host
372(8)
General Requirements
373(1)
Selecting the Bastion Host Machine
373(2)
Hardening the Bastion Host
375(4)
Handling Backups and Auditing
379(1)
Working with Proxy Servers
380(6)
Goals of Proxy Servers
380(2)
How Proxy Servers Work
382(2)
Choosing a Proxy Server
384(1)
Filtering Content
385(1)
Using Network Address Translation (NAT)
386(3)
Hide-Mode Mapping
386(1)
Static Mapping
387(2)
Authenticating Users
389(11)
Step 1: Deciding What to Authenticate
389(4)
Step 2: Deciding How to Authenticate
393(4)
Step 3: Putting It All Together
397(3)
Chapter Summary
400(1)
Key Terms
401(1)
Review Questions
402(3)
Hands-On Projects
405(1)
Case Projects
406(3)
Strengthening and Managing Firewalls
409(44)
Managing Firewalls to Improve Security
410(14)
Editing the Rule Base
410(5)
Managing Log Files
415(6)
Improving Firewall Performance
421(2)
Configuring Advanced Firewall Functions
423(1)
Installing and Configuring Check Point NG
424(6)
Installing Check Point Modules
425(5)
What's New in Check Point NGX
430(1)
Installing and Configuring Microsoft ISA Server 2000
430(9)
Licensing ISA Server 2000
431(1)
Installing ISA Server 2000
431(2)
Configuring ISA Server 2000
433(3)
Monitoring the Server
436(2)
What's New in ISA Server 2004
438(1)
Managing and Configuring Iptables
439(6)
Built-in Chains
439(3)
User-Defined Chains
442(3)
Chapter Summary
445(1)
Key Terms
446(1)
Review Questions
446(4)
Hands-On Projects
450(1)
Case Projects
451(2)
Strengthening Defense Through Ongoing Management
453(28)
Strengthening Control: Security Event Management
454(8)
Monitoring Events
455(1)
Managing Data from Multiple Sensors
456(3)
Evaluating IDS Signatures
459(1)
Managing Change
460(2)
Strengthening Analysis: Security Auditing
462(2)
Operational Auditing
463(1)
Independent Auditing
464(1)
Strengthening Detection: Managing an IDS
464(2)
Maintaining Your Current System
464(2)
Changing or Adding Software
466(1)
Changing or Adding Hardware
466(1)
Strengthening Defense: Improving Defense in Depth
466(3)
Active Defense in Depth
467(1)
Adding Security Layers
468(1)
Strengthening Performance: Keeping Pace with Network Needs
469(3)
Managing Memory
469(1)
Managing Bandwidth
469(1)
Managing Storage
470(2)
Maintaining Your Own Knowledge Base
472(2)
Web Sites
472(1)
Mailing Lists and Newsgroups
473(1)
Trade Publications
473(1)
Certifications
474(1)
Chapter Summary
474(1)
Key Terms
475(1)
Review Questions
476(3)
Hands-On Projects
479(1)
Case Projects
480(1)
APPENDIX A SCO-402 Objectives
481(4)
APPENDIX B Security Resources
485(6)
Security Resources
486(2)
Other Resources
488(1)
Security Certification Sites
488(3)
Global Information Assurance Certification (GIAC)
488(1)
The International Information Systems Security CertificationConsortium (ISC2)
488(1)
Comp TIA Certification
489(1)
The Security Certified Program
489(2)
Glossary 491(12)
Index 503

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program