Network Security Bible: (Bible)

The comprehensive A-to-Z guide on network security, fully revised and updated Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side. Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security. Covers all core areas of network security and how they interrelate Fully revised to address new techniques, technology, and methods for securing an enterprise worldwide Examines new trends and best practices in use by organizations to secure their enterprises Features additional chapters on areas related to data protection/correlation and forensics Includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats If you need to get up to date or stay current on network security, Network Security Bible, 2nd Edition covers everything you need to know.

Table of Contents:
Introduction xxxv Part I: Network Security Landscape Chapter 1: State of Network Security 3 Cyber Security 3 Summary 7 Chapter 2: New Approaches to Cyber Security 9 General Trends 9 The Changing Face of Cyber Security 16 Summary 17 Chapter 3: Interfacing with the Organization 19 An Enterprise Security Methodology 19 Key Questions to Manage Risk 27 Summary 32 Part II: Security Principles and Practices Chapter 4: Information System Security Principles 35 Key Principles of Network Security 35 Formal Processes 37 Risk Management 60 Calculating and Managing Risk 70 Summary 71 Chapter 5: Information System Security Management 73 Security Policies 73 Security Awareness 77 Managing the Technical Effort 79 Configuration Management 87 Business Continuity and Disaster Recovery Planning 90 Physical Security 98 Legal and Liability Issues 105 Summary 107 Chapter 6: Access Control 109 Control Models 109 Types of Access Control Implementations 112 Identification and Authentication 115 Databases 121 Remote Access 123 Summary 125 Chapter 7: Attacks and Threats 127 Malicious Code 127 Review of Common Attacks 129 External Attack Methodologies Overview 136 Internal Threat Overview 140 Summary 142 Part III: Operating Systems and Applications Chapter 8: Windows Security 145 Windows Security at the Heart of the Defense 147 Out-of-the-Box Operating System Hardening 151 Installing Applications 171 Putting the Workstation on the Network 175 Operating Windows Safely 177 Upgrades and Patches 191 Maintain and Test the Security 194 Attacks Against the Windows Workstation 198 Summary 205 Chapter 9: UNIX and Linux Security 207 The Focus of UNIX/Linux Security 207 Physical Security 212 Controlling the Configuration 217 Operating UNIX Safely 224 Hardening UNIX 245 Summary 253 Chapter 10: Web Browser and Client Security 255 Web Browser and Client Risk 255 How a Web Browser Works 259 Web Browser Attacks 268 Operating Safely 271 Web Browser Configurations 276 Summary 286 Chapter 11: Web Security 287 What Is HTTP? 287 How Does HTTP Work? 289 Server Content 301 Client Content 303 State 309 Attacking Web Servers 315 Web Services 317 Summary 321 Chapter 12: Electronic mail (E-mail) Security 323 The E-mail Risk 323 The E-mail Protocols 340 E-mail Authentication 345 Operating Safely When Using E-mail 348 Summary 355 Chapter 13: Domain Name System 357 DNS Basics 358 Purpose of DNS 364 Setting Up DNS 375 Security Issues with DNS 377 DNS Attacks 384 Designing DNS 386 Master Slave DNS 388 Detailed DNS Architecture 388 DNS SEC 389 Summary 393 Chapter 14: Server Security 395 General Server Risks 395 Security by Design 396 Operating Servers Safely 413 Server Applications 417 Multi-Level Security and Digital Rights Management 421 Summary 427 Part IV: Network Security Fundamentals Chapter 15: Network Protocols 431 Protocols 431 The Open Systems Interconnect Model 432 The OSI Layers 433 The TCP/IP Model 439 TCP/IP Model Layers 441 Internet Protocol 442 VoIP 450 Summary 457 Chapter 16: Wireless Security 459 Electromagnetic Spectrum 459 The Cellular Phone Network 462 Placing a Cellular Telephone Call 464 Wireless Transmission Systems 469 Pervasive Wireless Data Network Technologies 473 IEEE Wireless LAN Specifications 478 IEEE 802.11 480 IEEE 802.11 Wireless Security 485 Bluetooth 503 Wireless Application Protocol 504 Future of Wireless 506 Summary 508 Chapter 17: Network Architecture Fundamentals 509 Network Segments 510 Perimeter Defense 511 Network Address Translation 511 Basic Architecture Issues 513 Subnetting, Switching, and VLANs 516 Address Resolution Protocol and Media Access Control 517 Dynamic Host Configuration Protocol and Addressing Control 518 Zero Configuration Networks 519 System Design and Architecture Against Insider Threats 525 Common Attacks 528 Summary 529 Chapter 18: Firewalls 531 Firewalls 531 Firewall Rules 537 The Use of Personal Firewalls 542 Summary 548 Chapter 19: Intrusion Detection/Prevention 549 Intrusion Detection Systems 549 Responses to Intrusion Detection 556 Emerging Technologies in Intrusion Detection Systems 556 Summary 567 Part V: Communication Chapter 20: Secret Communication 571 What is Cryptography? 572 General Terms 576 Principles of Cryptography 577 The Four Cryptographic Primitives 587 Putting These Primitives Together to Achieve CIA 602 The Difference Between Algorithm and Implementation 603 Proprietary Versus Open Source Algorithms 606 Attacks on Hash Functions 607 Quantum Cryptography 617 Summary 628 Chapter 21: Covert Communication 631 Where Hidden Data Hides 631 Where Did It Come From? 633 Where Is It Going? 633 Overview of Steganography 634 History of Steganography 639 Core Areas of Network Security and Their Relation to Steganography 641 Principles of Steganography 643 Steganography Compared to Cryptography 644 Types of Steganography 646 Products That Implement Steganography 654 Steganography Versus Digital Watermarking 673 Types of Digital Watermarking 675 Goals of Digital Watermarking 676 Digital Watermarking and Stego 676 Summary 679 Chapter 22: Applications of Secure/Covert Communication 681 E-mail 682 Authentication Servers 685 Working Model 686 Public Key Infrastructure 688 Virtual Private Networks 692 Secure Sockets Layer/Transport Layer Security 699 SSL Handshake 700 Summary 704 Part VI: The Security Threat and Response Chapter 23: Intrusion Detection and Response 707 Intrusion Detection Mechanisms 707 Honeypots 712 Incident Handling 716 Summary 727 Chapter 24: Digital Forensics 729 Computer Forensics Defined 730 Traditional Computer Forensics 730 Proactive Forensics 746 Future Research Areas 748 The Forensic Life Cycle 750 Summary 750 Chapter 25: Security Assessments, Testing, and Evaluation 751 Information Assurance Approaches and Methodologies 751 Certification and Accreditation 756 Diacap 760 Federal Information Processing Standard 102 763 OMB Circular A-130 764 The National Institute of Standards and Technology Assessment Guidelines 765 Penetration Testing 770 Auditing and Monitoring 772 Summary 774 Part VII: Integrated Cyber Security Chapter 26: Validating Your Security 777 Overview 777 Current State of Penetration Testing 780 Formal Penetration Testing Methodology 783 Steps to Exploiting a System 787 Summary 795 Chapter 27: Data Protection 797 Endpoint Security 799 Insider Threats and Data Protection 805 Summary 806 Chapter 28: Putting Everything Together 809 Critical Problems Facing Organizations 809 General Tips for Protecting a Site 815 Security Best Practices 819 Summary 834 Chapter 29: The Future 835 Approaching the Problem 835 Mission Resilience 837 Limiting Failure Points 844 Summary 847 Index 849

About the Author :
Eric Cole holds a PhD and CISSP and has been a security consultant for international banks and the Fortune 500. He made his mark working for the CIA for more than seven years and as a member of the Honeynet Project. He was also a member of the Commission on Cyber Security for the 44th Presidency. He has appeared as a security expert on CBS News and 60 Minutes and is a regular security expert for CNN Headline News.