Computer and Information Security Handbook.

Format:

Book

Author/Creator:

Vacca, John R.

Language:

English

Subjects (All):

Penetration testing (Computer security).

Physical Description:

1 online resource (1200 pages)

Edition:

2nd ed.

Place of Publication:

San Diego : Elsevier Science & Technology, 2013.

Contents:

Front Cover

Computer and Information Security Handbook

Copyright Page

Dedication

Contents

Foreword

Preface

Organization of this Book

Part 1: Overview of System and Network Security: A Comprehensive Introduction

Part 2: Managing Information Security

Part 3: Cyber, Network, and Systems Forensics Security and Assurance

Part 4: Encryption Technology

Part 5: Privacy and Access Management

Part 6: Storage Security

Part 7: Physical Security

Part 8: Practical Security

Part 9: Advanced Security

Supplemental Materials

Acknowledgments

About the Editor

Contributors

I. Overview of System and Network Security: A Comprehensive Introduction

1 Building a Secure Organization

1. Obstacles to Security

Security Is Inconvenient

2. Computers are Powerful and Complex

Computer Users Are Unsophisticated

Computers Created Without a Thought to Security

3. Current Trend is to Share, Not Protect

Data Accessible from Anywhere

4. Security isn't about Hardware and Software

The Bad Guys Are Very Sophisticated

Management Sees Security as a Drain on the Bottom Line

5. Ten Steps to Building a Secure Organization

Evaluate the Risks and Threats

Threats Based on the Infrastructure Model

Threats Based on the Business Itself

Threats Based on Industry

Global Threats

Beware of Common Misconceptions

Provide Security Training for IT Staff-Now and Forever

Think "Outside the Box"

DOXing

Train Employees: Develop a Culture of Security

Identify and Utilize Built-in Security Features of the Operating System and Applications

Monitor Systems

Hire a Third Party to Audit Security

Don't Forget the Basics

Change Default Account Passwords

Use Robust Passwords

Close Unnecessary Ports

Patch, Patch, Patch.

Use Administrator Accounts for Administrative Tasks

Restrict Physical Access

Don't Forget Paper!

6. Preparing for the Building of Security Control Assessments

7. Summary

Chapter Review Questions/Exercises

True/False

Multiple Choice

Exercise

Problem

Hands-On Projects

Project

Case Projects

Optional Team Case Project

2 A Cryptography Primer

1 What is Cryptography? What is Encryption?

How Is Cryptography Done?

2 Famous Cryptographic Devices

The Lorenz Cipher

Enigma

3 Ciphers

The Substitution Cipher

The Shift Cipher

The Polyalphabetic Cipher

The Kasiski/Kerckhoff Method

4 Modern Cryptography

The Vernam Cipher (Stream Cipher)

The One-Time Pad

Cracking Ciphers

The XOR Cipher and Logical Operands

Block Ciphers

5 The Computer Age

Data Encryption Standard

Theory of Operation

Implementation

Rivest, Shamir, and Adleman (RSA)

Advanced Encryption Standard (AES or Rijndael)

Overview

The Basics of AES

6 How AES Works

Bytes

Math

In the Beginning

Rounds

7 Selecting Cryptography: the Process

8 Summary

3 Detecting System Intrusions

1. Introduction

2. Monitoring Key Files in the System

Files Integrity

3. Security Objectives

There Is Something Very Wrong Here

Additional Accounts on the System

Timestamps

Hidden Files and Directories

4. 0day Attacks

Attack Vectors

Vulnerability Window

Discovery

Protection

Ethics

5. Good Known State

Monitoring Running Processes in the System

Files with Weird Names

6. Rootkits

Kernel-Level Rootkits

Userland Rootkits.

Rootkit Detection

7. Low Hanging Fruit

8. Antivirus Software

9. Homegrown Intrusion Detection

10. Full-Packet Capture Devices

Deployment

Centralized

Decentralized

Capacity

Features: Filtered versus Full-Packet Capture

Encrypted versus Unencrypted Storage

Sustained Capture Speed versus Peak Capture Speed

Permanent versus Overwritable Storage

Data Security

11. Out-of-Band Attack Vectors

12. Security Awareness Training

13. Data Correlation

14. SIEM

15. Other Weird Stuff on the System

16. Detection

17. Network-Based Detection of System Intrusions (DSIs)

18. Summary

References

4 Preventing System Intrusions

1. So, What is an Intrusion?

2. Sobering Numbers

3. Know Your Enemy: Hackers versus Crackers

4. Motives

5. The Crackers' Tools of the Trade

Our "Unsecured" Wireless World

6. Bots

7. Symptoms of Intrusions

8. What Can You Do?

Know Today's Network Needs

Network Security Best Practices

9. Security Policies

10. Risk Analysis

Vulnerability Testing

Audits

Recovery

11. Tools of Your Trade

Intrusion Detection Systems (IDSs)

Firewalls

Intrusion Prevention Systems

Application Firewalls

Access Control Systems

Unified Threat Management

12. Controlling User Access

Authentication, Authorization, and Accounting

What the User Knows

What the User Has

Tokens

Time Synchronous

Event Synchronous

Challenge-Response

The User is Authenticated, but is She/He Authorized?

Accounting

Keeping Current

13. Intrusion Prevention Capabilities

14. Summary

True/False.

Multiple Choice

5 Guarding Against Network Intrusions

1 Traditional Reconnaissance and Attacks

2 Malicious Software

Lures and "Pull" Attacks

3 Defense in Depth

4 Preventive Measures

Access Control

Vulnerability Testing and Patching

Closing Ports

Antivirus and Antispyware Tools

Spam Filtering

Honeypots

Network Access Control

5 Intrusion Monitoring and Detection

Host-Based Monitoring

Traffic Monitoring

Signature-Based Detection

Behavior Anomalies

6 Reactive Measures

Quarantine

Traceback

7 Network-Based Intrusion Protection

6 Securing Cloud Computing Systems

1 Cloud Computing Essentials: Examining the Cloud Layers

Analyzing Cloud Options in Depth

Public

Private

Virtual Private

Hybrid

Establishing Cloud Security Fundamentals

Policy and Organizational Risks

Lock-in

Loss of Governance

Compliance Challenges

Loss of Business Reputation Due to Co-tenant Activities

Cloud Service Termination or Failure

Cloud Provider Acquisition

Supply Chain Failure

Technical Risks

Resource Exhaustion

Resource Segregation Failure

Abuse of High Privilege Roles

Management Interface Compromise

Intercepting Data in Transit, Data Leakage

Insecure Deletion of Data

Distributed Denial of Dervice (DDoS)

Economic Denial of Service (EDoS)

Encryption and Key Management (Loss of Encryption Keys)

Undertaking Malicious Probes or Scans

Compromise of the Service Engine.

Customer Requirements and Cloud Environment Conflicts

Legal Risks

Subpoena and e-discovery

Varying Jurisdiction

Data Protection

Licensing

General Risks

Network Failures

Privilege Escalation

Social Engineering

Loss or Compromise of Operational and Security Logs or Audit Trails

Backup Loss

Unauthorized Physical Access and Theft of Equipment

Natural Disasters

Other Cloud Security Concepts

Incident Response (IR), Notification and Remediation

Virtualization

External Accreditations

Determining When Security Goals Require a Private Cloud

2 Software as a Service (SaaS): Managing Risks in the Cloud

Centralizing Information with SaaS to Increase Data Security

Implementing and Managing User Authentication and Authorization

Permission and Password Protection

Negotiating Security Requirements with Vendors

Identifying Needed Security Measures

Establishing a Service Level Agreement

Ensuring SLAs Meet Organizational Security Requirements

3 Platform as a Service (PaaS): Securing the Platform

Restricting Network Access Through Security Groups

Configuring Platform-Specific User Access Control

Integrating with Cloud Authentication and Authorization Systems

Compartmentalizing Access to Protect Data Confidentiality

Securing Data in Motion and Data at Rest

Identifying Your Security Perimeter

Techniques for Recovering Critical Data

Basic Backup and Restore

Pilot Light

Warm Standby

Multisite

4 Infrastructure as a Service (IaaS)

Locking Down Cloud Servers

Virtualization Software Security

Customer Guest Operating System (OS) or Virtual Instance Security

Ensuring the Cloud is Configured According to Best Practices

Policy

Risk Management

Configuration Management and Change Control

Auditing

Vulnerability Scanning

Segregation of Duties.

Security Monitoring.

Notes:

Description based on publisher supplied metadata and other sources.

Other Format:

Print version: Vacca, John R. Computer and Information Security Handbook

ISBN:

9780123946126

OCLC:

846496151