ONE-VOLUME INTRODUCTION TO COMPUTER SECURITY
Clearly explains core concepts, terminology, challenges, technologies, and skills
Covers today’s latest attacks and countermeasures
The perfect beginner’s guide for anyone interested in a computer security career
Chuck Easttom brings together complete coverage of all basic concepts, terminology, and issues, along with all the skills you need to get started.
Drawing on 20+ years of experience as a security instructor, consultant, and researcher, Easttom helps you take a proactive, realistic approach to assessing threats and implementing countermeasures. Writing clearly and simply, he addresses crucial issues that many introductory security books ignore, while addressing the realities of a world where billions of new devices are Internet-connected.
This guide covers web attacks, hacking, spyware, network defense, security appliances, VPNs, password use, and much more. Its many tips and examples reflect new industry trends and the state-of-the-art in both attacks and defense. Exercises, projects, and review questions in every chapter help you deepen your understanding and apply all you’ve learned.
Whether you’re a student, a professional, or a manager, this guide will help you protect your assets—and expand your career options.
Learn how to
· Identify and prioritize potential threats to your network
· Use basic networking knowledge to improve security
· Get inside the minds of hackers, so you can deter their attacks
· Implement a proven layered approach to network security
· Resist modern social engineering attacks
· Defend against today’s most common Denial of Service (DoS) attacks
· Halt viruses, spyware, worms, Trojans, and other malware
· Prevent problems arising from malfeasance or ignorance
· Choose the best encryption methods for your organization
· Compare security technologies, including the latest security appliances
· Implement security policies that will work in your environment
· Scan your network for vulnerabilities
· Evaluate potential security consultants
· Master basic computer forensics and know what to do if you’re attacked
· Learn how cyberterrorism and information warfare are evolving
Table of Contents:
Introduction
Chapter 1: Introduction to Computer Security
Introduction
How Seriously Should You Take Threats to Network Security?
Identifying Types of Threats
Malware
Compromising System Security
DoS Attacks
Web Attacks
Session Hijacking
Insider Threats
DNS Poisoning
New Attacks
Assessing the Likelihood of an Attack on Your Network
Basic Security Terminology
Hacker Slang
Professional Terms
Concepts and Approaches
How Do Legal Issues Impact Network Security?
Online Security Resources
CERT
Microsoft Security Advisor
F-Secure
SANS Institute
Summary
Test Your Skills
Chapter 2: Networks and the Internet
Introduction
Network Basics
The Physical Connection: Local Networks
Faster Connection Speeds
Data Transmission
How the Internet Works
IP Addresses
CIDR
Uniform Resource Locators
What Is a Packet?
Basic Communications
History of the Internet
Basic Network Utilities
IPConfig
Ping
Tracert
Netstat
NSLookup
Other Network Devices
Advanced Network Communications Topics
The OSI Model
Media Access Control (MAC) Addresses
Summary
Test Your Skills
Chapter 3: Cyber Stalking, Fraud, and Abuse
Introduction
How Internet Fraud Works
Investment Offers
Auction Frauds
Identity Theft
Phishing
Cyber Stalking
Real Cyber Stalking Cases
How to Evaluate Cyber Stalking
Crimes Against Children
Laws About Internet Fraud
Protecting Yourself Against Cyber Crime
Protecting Against Investment Fraud
Protecting Against Identity Theft
Secure Browser Settings
Summary
Test Your Skills
Chapter 4: Denial of Service Attacks
Introduction
DoS
Illustrating an Attack
Common Tools Used for DoS
DoS Weaknesses
Specific DoS Attacks
Land Attack
DDoS
Summary
Test Your Skills
Chapter 5: Malware
Introduction
Viruses
How a Virus Spreads
Types of Viruses
Virus Examples
Rombertik
Gameover ZeuS
CryptoLocker and CryptoWall
FakeAV
MacDefender
Troj/Invo-Zip
W32/Netsky-P
The Sobig Virus
The Mimail Virus
The Bagle Virus
A Nonvirus Virus
Flame
Rules for Avoiding Viruses
Trojan Horses
The Buffer-Overflow Attack
The Sasser Virus/Buffer Overflow
Spyware
Legal Uses of Spyware
How Is Spyware Delivered to a Target System?
Obtaining Spyware Software
Other Forms of Malware
Rootkit
Malicious Web-Based Code
Logic Bombs
Spam
Advanced Persistent Threats
Detecting and Eliminating Viruses and Spyware
Antivirus Software
Antispyware Software
Remediation Steps
Summary
Test Your Skills
Chapter 6: Techniques Used by Hackers
Introduction
Basic Terminology
The Reconnaissance Phase
Passive Scanning Techniques
Active Scanning Techniques
Actual Attacks
SQL Script Injection
Cross-Site Scripting
Password Cracking
Malware Creation
Windows Hacking Techniques
Penetration Testing
NIST 800-115
National Security Agency Information Assessment Methodology
PCI Penetration Testing Standard
Summary
Test Your Skills
Chapter 7: Industrial Espionage in Cyberspace
Introduction
What Is Industrial Espionage?
Information as an Asset
Real-World Examples of Industrial Espionage
Example 1: Houston Astros
Example 2: University Trade Secrets
Example 3: VIA Technology
Example 4: General Motors
Example 5: Bloomberg, Inc.
Example 6: Interactive Television Technologies, Inc.
Trends in Industrial Espionage
Industrial Espionage and You
How Does Espionage Occur?
Low-Tech Industrial Espionage
Spyware Used in Industrial Espionage
Steganography Used in Industrial Espionage
Phone Taps and Bugs
Protecting Against Industrial Espionage
Industrial Espionage Act
Spear Phishing
Summary
Test Your Skills
Chapter 8: Encryption
Introduction
Cryptography Basics
History of Encryption
The Caesar Cipher
Atbash
Multi-Alphabet Substitution
Rail Fence
Enigma
Binary Operations
Modern Methods
Single-Key (Symmetric) Encryption
Modification of Symmetric Methods
Public Key (Asymmetric) Encryption
PGP
Legitimate Versus Fraudulent Encryption Methods
Digital Signatures
Hashing
MD5
SHA
RipeMD
MAC and HMAC
Rainbow Tables
Steganography
Historical Steganography
Methods and Tools
Cryptanalysis
Frequency Analysis
Modern Methods
Cryptography Used on the Internet
Summary
Test Your Skills
Chapter 9: Computer Security Technology
Introduction
Virus Scanners
How Does a Virus Scanner Work?
Virus-Scanning Techniques
Commercial Antivirus Software
Firewalls
Benefits and Limitation of Firewalls
Firewall Types and Components
Firewall Configurations
Commercial and Free Firewall Products
Firewall Logs
Antispyware
IDS
IDS Categorization
Identifying an Intrusion
IDS Elements
Snort
Honey Pots
Database Activity Monitoring
Other Preemptive Techniques
Authentication
Digital Certificates
SSL/TLS
Virtual Private Networks
Point-to-Point Tunneling Protocol
Layer 2 Tunneling Protocol
IPsec
Wi-Fi Security
Wired Equivalent Privacy
Wi-Fi Protected Access
WPA2
Summary
Test Your Skills
Chapter 10: Security Policies
Introduction
What Is a Policy?
Defining User Policies
Passwords
Internet Use
Email Usage
Installing/Uninstalling Software
Instant Messaging
Desktop Configuration
Bring Your Own Device
Final Thoughts on User Policies
Defining System Administration Policies
New Employees
Departing Employees
Change Requests
Security Breaches
Virus Infection
DoS Attacks
Intrusion by a Hacker
Defining Access Control
Developmental Policies
Standards, Guidelines, and Procedures
Data Classification
DoD Clearances
Disaster Recovery
Disaster Recovery Plan
Business Continuity Plan
Impact Analysis?
Fault Tolerance
Important Laws
HIPAA
Sarbanes-Oxley
Payment Card Industry Data Security Standards
Summary
Test Your Skills
Chapter 11: Network Scanning and Vulnerability Scanning
Introduction
Basics of Assessing a System
Patch
Ports
Protect
Policies
Probe
Physical
Securing Computer Systems
Securing an Individual Workstation
Securing a Server
Securing a Network
Scanning Your Network
MBSA
NESSUS
Getting Professional Help
Summary
Test Your Skills
Chapter 12: Cyber Terrorism and Information Warfare
Introduction
Actual Cases of Cyber Terrorism
The Chinese Eagle Union
China’s Advanced Persistent Threat
India and Pakistan
Russian Hackers
Weapons of Cyber Warfare
Stuxnet
Flame
StopGeorgia.ru Malware
FinFisher
BlackEnergy
NSA ANT Catalog
Economic Attacks
Military Operations Attacks
General Attacks
Supervisory Control and Data Acquisitions (SCADA)
Information Warfare
Propaganda
Information Control
Disinformation
Actual Cases
Future Trends
Positive Trends
Negative Trends
Defense Against Cyber Terrorism
Terrorist Recruiting and Communication
TOR and the Dark Web
Summary
Test Your Skills
Chapter 13: Cyber Detective
Introduction
General Searches
Court Records and Criminal Checks
Sex Offender Registries
Civil Court Records
Other Resources
Usenet
Summary
Test Your Skills
Chapter 14: Introduction to Forensics
Introduction
General Guidelines
Don’t Touch the Suspect Drive
Image a Drive with Forensic Toolkit
Can You Ever Conduct Forensics on a Live Machine?
Document Trail
Secure the Evidence
Chain of Custody
FBI Forensics Guidelines
U.S. Secret Service Forensics Guidelines
EU Evidence Gathering
Scientific Working Group on Digital Evidence
Locard’s Principle of Transference
Tools
Finding Evidence on the PC
Finding Evidence in the Browser
Finding Evidence in System Logs
Windows Logs
Linux Logs
Getting Back Deleted Files
Operating System Utilities
Net Sessions
Openfiles
Fc
Netstat
The Windows Registry
Specific Entries
Mobile Forensics: Cell Phone Concepts
Cell Concepts Module
Cellular Networks
iOS
Android
Windows
What You Should Look For
The Need for Forensic Certification
Expert Witnesses
Federal Rule 702
Daubert
Additional Types of Forensics
Network Forensics
Virtual Forensics
Summary
Test Your Skills
Appendix A: Glossary
Appendix B: Resources
Appendix C: Answers to the Multiple Choice Questions
9780789757463 TOC 5/10/2016
About the Author :
Chuck Easttom is a computer security and forensics expert. He has authored 20 books, including several on computer security, forensics, and cryptography. He holds 6 patents and 40 computer certifications, including many security and forensics certifications. He has conducted training for law enforcement, federal agencies, and friendly foreign governments. He frequently works as an expert witness in computer-related cases. He is also a frequent speaker on computer security topics at a variety of security-related conferences. You can visit his website at www.chuckeasttom.com.
