did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781580531764

Fundamentals of Network Security

by
  • ISBN13:

    9781580531764

  • ISBN10:

    1580531768

  • Format: Hardcover
  • Copyright: 2001-02-01
  • Publisher: Artech House
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $92.00

Summary

Here's easy-to-understand book that introduces you to fundamental network security concepts, principles, and terms, while providing you with practical techniques that you can apply on the job. It helps you identify the best type of intrusion detection system for your environment, develop organizational guidelines for passwords, set general computer security policies, and perform a security review and risk assessment .

Table of Contents

Preface xvii
Regarding This Book xvii
Intended Audience xviii
Contents xviii
Basic Security Concepts
1(20)
Why is Computer and Network Security Important?
2(2)
Background
4(1)
History
5(3)
The Security Trinity
8(1)
Prevention
8(1)
Detection
8(1)
Response
8(1)
Information Security
9(2)
Risk Assessment
11(1)
Security Models
12(1)
Security by Obscurity
12(1)
The Perimeter Defense
13(1)
The Defense in Depth
13(1)
Basic Terminology
13(1)
Threats
13(1)
Vulnerabilities
14(2)
Countermeasures
16(1)
More Basic Terminology
16(1)
Identification
16(1)
Authentication
16(1)
Access Control (Authorization)
17(1)
Availability
17(1)
Confidentiality
18(1)
Integrity
18(1)
Accountability
18(1)
Nonrepudiation
19(2)
Threats, Vulnerabilities, and Attacks
21(28)
Protocols
21(1)
The OSI Reference Model
22(1)
TCP/IP Protocol Suite
23(1)
TCP/IP Protocol Suite
24(1)
Threats, Vulnerabilities, and Attacks
25(1)
Intro
25(1)
Threats
25(1)
Vulnerabilities
25(1)
Attacks
25(18)
Useful Web Sites
43(2)
Search Engines
45(1)
Mailing Lists
46(3)
Encryption, Digital Signatures, and Certification Authorities
49(24)
Stream Ciphers
51(1)
Block Ciphers
52(1)
Breaking Ciphers
53(1)
Known Plaintext Attack
53(1)
Chosen Plaintext Attack
53(1)
Cryptanalysis
54(1)
Brute Force
54(1)
Social Engineering
55(1)
Other Types of Attacks
55(1)
Encryption
55(1)
Symmetric Key Encryption
55(2)
Data Encryption Standard (DES)
57(1)
International Data Encryption Algorithm (IDEA)
57(1)
CAST
57(1)
Rivest Cipher #4 (RC4)
57(1)
Asymmetric Key Encryption
58(1)
Public Key Cryptosystems
59(1)
Diffie-Hellman
59(1)
Rivest, Shamir, Adelman (RSA)
60(1)
Digital Signature Algorithm
60(1)
A Slight Digression
60(1)
Message Integrity
60(1)
MD4
61(1)
MD5
61(1)
Secure Hash Algorithm-1 (SHA-1)
62(1)
RIPEMD
62(1)
Authentication
62(1)
Digital Signatures
63(1)
Completing Standards
64(1)
Digital Certificate
65(2)
Limitations of Digital Certificates
67(1)
Certificate Authorities
67(2)
Public Key Infrastructure
69(1)
The Future
69(1)
Introduction
69(1)
Advanced Encryption Standard (AES)
70(1)
Elliptic-Curve Cryptography (ECC)
71(1)
The Limitations of Encryption
71(2)
Kerberos Key Exchange
73(6)
Kerberos
73(4)
Kerberos' Limitations
77(2)
Encryption on the World Wide Web
79(20)
The World Wide Web (WWW)
79(1)
Secure Sockets Layer
80(2)
Secure HTTP (SHTTP)
82(2)
Microsoft's Internet Explorer
84(7)
Netscape Navigator
91(3)
Authenticode Certificates
94(3)
Downloading a Program With an Invalid Certificate
97(2)
E-Mail
99(30)
E-Mail Issues
100(1)
E-Mail Security
100(2)
Secure E-Mail Protocols
102(13)
Web-Based E-Mail Services
115(2)
Security of Stored Messages
117(1)
Identity: Spoofing and Hiding
118(2)
E-Mail as a Weapon
120(3)
Policies
123(2)
E-Mail Privacy
125(2)
Auto-Responses
127(2)
Operating System Security
129(28)
Operating System Guidelines
129(4)
Passwords
133(6)
Password Guidelines
139(2)
Access Control
141(1)
Permissions
141(5)
General Recommendations
146(3)
Modems
149(2)
Information Availability
151(2)
Useful Tools
153(4)
LAN Security
157(16)
LAN Guidelines
157(1)
Controlling End User Access
157(1)
Concurrent Logins
158(1)
Available Disk Space
159(1)
Restrictions to Location or Workstation
159(1)
Time/Day Restrictions
159(1)
Access to Directories and Trustee Rights
159(1)
File Attributes
160(1)
Other Privileges
160(3)
Remove Inactive Accounts
163(1)
Single Sign-On
164(1)
Policy-Based Network Management
165(5)
Segmenting LAN Traffic
170(1)
Honeypot Systems
170(1)
Static IP Addresses Versus Dynamic Host Configuration Protocol (DHCP)
171(2)
Media and Protocols
173(18)
Network Media
173(4)
Wireless
177(1)
Wireless (LAN)
177(1)
Wireless (WAN)
178(1)
Plenum Cabling and Risers
179(3)
WANs
182(1)
Dedicated Lease Lines
183(1)
Packet-Switched Networks
183(4)
Cable Television
187(1)
x Digital Subscriber Line (xDSL)
188(1)
The Internet
189(1)
Redundancy and Alternative Connections
190(1)
Routers and SNMP
191(10)
Router Issues
191(1)
Risks
192(1)
Cisco IOS
192(2)
Cisco Secure Integrated Software (SIS)
194(1)
Simple Network Management Protocol (SNMP)
195(6)
Virtual Private Networks
201(10)
Encryption on the Network
201(1)
Node-to-Node Encryption
201(1)
End-to-End Encryption
202(1)
Where to Encrypt
203(2)
Virtual Private Networks (VPNs)
205(1)
PPTP
205(1)
L2TP
206(1)
IPSec
206(1)
SOCKS
207(1)
Implementation
208(3)
Firewalls
211(20)
Firewalls
211(1)
Firewalls Pros
212(1)
Firewalls Cons
212(2)
Types of Firewalls
214(2)
Firewall Configurations
216(6)
Restricting User's Access to the Internet
222(1)
Firewall Products
223(1)
Firewall Alternatives
224(2)
Personal Firewalls
226(5)
Biometrics
231(8)
Identification and Authentication
231(1)
Biometric Identification and Authentication
232(7)
Policies and Procedures
239(22)
Policies and Procedures
239(1)
Policies Versus Procedures
239(6)
Policy and Procedure Manuals
245(2)
Security Policy Suggestions
247(2)
Use of Company-Owned Electronic Media and Services
249(4)
Information Privacy
253(1)
Information and Data Management
254(1)
Systems Administration
255(1)
Remote Network Access
256(1)
Security of Telecommunications
256(1)
Physical Security
256(1)
Use of Standards
257(1)
Reporting Noncompliance
257(1)
Personnel-Related Policies
257(2)
Information Protection Team
259(1)
Crisis Management Planning
259(2)
Auditing, Monitoring, and Intrusion Detection
261(18)
What Is an Audit?
262(4)
Audit Mistakes
266(2)
Deficiencies of Traditional Audit Techniques
268(1)
Intrusion Detection
269(9)
Future Directions
278(1)
Crisis Management
279(14)
Disaster Recovery Planning
279(2)
What Level of Preparation?
281(1)
What to Restore First?
282(1)
Review and Test
282(1)
Disaster Recovery Planning Case Study
283(4)
Outsourcing Plan Development and Maintenance
287(1)
Computer Security Incident Response Plan
288(1)
General Recommendations
288(5)
Cookies, Cache, and AutoComplete
293(12)
Cookies
294(4)
Cache Files
298(5)
AutoComplete
303(2)
About the Author 305(2)
Index 307

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program