The comprehensive A-to-Z guide on network security, fully
revised and updated
Network security is constantly evolving, and this comprehensive
guide has been thoroughly updated to cover the newest developments.
If you are responsible for network security, this is the reference
you need at your side.
Covering new techniques, technology, and methods for approaching
security, it also examines new trends and best practices being used
by many organizations. The revised Network Security Bible
complements the Cisco Academy course instruction in networking
security.
* Covers all core areas of network security and how they
interrelate
* Fully revised to address new techniques, technology, and
methods for securing an enterprise worldwide
* Examines new trends and best practices in use by organizations
to secure their enterprises
* Features additional chapters on areas related to data
protection/correlation and forensics
* Includes cutting-edge topics such as integrated cybersecurity
and sections on Security Landscape, with chapters on validating
security, data protection, forensics, and attacks and threats
If you need to get up to date or stay current on network
security, Network Security Bible, 2nd Edition covers
everything you need to know.
Autorentext
Eric Cole holds a PhD and CISSP and has been a security consultant for international banks and the Fortune 500. He made his mark working for the CIA for more than seven years and as a member of the Honeynet Project. He was also a member of the Commission on Cyber Security for the 44th Presidency. He has appeared as a security expert on CBS News and 60 Minutes and is a regular security expert for CNN Headline News.
Zusammenfassung
The comprehensive A-to-Z guide on network security, fully revised and updated
Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side.
Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security.
- Covers all core areas of network security and how they interrelate
- Fully revised to address new techniques, technology, and methods for securing an enterprise worldwide
- Examines new trends and best practices in use by organizations to secure their enterprises
- Features additional chapters on areas related to data protection/correlation and forensics
- Includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats
If you need to get up to date or stay current on network security, Network Security Bible, 2nd Edition covers everything you need to know.
Inhalt
Introduction xxxv
Part I: Network Security Landscape
Chapter 1: State of Network Security 3
Cyber Security 3
Summary 7
Chapter 2: New Approaches to Cyber Security 9
General Trends 9
The Changing Face of Cyber Security 16
Summary 17
Chapter 3: Interfacing with the Organization 19
An Enterprise Security Methodology 19
Key Questions to Manage Risk 27
Summary 32
Part II: Security Principles and Practices
Chapter 4: Information System Security Principles 35
Key Principles of Network Security 35
Formal Processes 37
Risk Management 60
Calculating and Managing Risk 70
Summary 71
Chapter 5: Information System Security Management 73
Security Policies 73
Security Awareness 77
Managing the Technical Effort 79
Configuration Management 87
Business Continuity and Disaster Recovery Planning 90
Physical Security 98
Legal and Liability Issues 105
Summary 107
Chapter 6: Access Control 109
Control Models 109
Types of Access Control Implementations 112
Identification and Authentication 115
Databases 121
Remote Access 123
Summary 125
Chapter 7: Attacks and Threats 127
Malicious Code 127
Review of Common Attacks 129
External Attack Methodologies Overview 136
Internal Threat Overview 140
Summary 142
Part III: Operating Systems and Applications
Chapter 8: Windows Security 145
Windows Security at the Heart of the Defense 147
Out-of-the-Box Operating System Hardening 151
Installing Applications 171
Putting the Workstation on the Network 175
Operating Windows Safely 177
Upgrades and Patches 191
Maintain and Test the Security 194
Attacks Against the Windows Workstation 198
Summary 205
Chapter 9: UNIX and Linux Security 207
The Focus of UNIX/Linux Security 207
Physical Security 212
Controlling the Configuration 217
Operating UNIX Safely 224
Hardening UNIX 245
Summary 253
Chapter 10: Web Browser and Client Security 255
Web Browser and Client Risk 255
How a Web Browser Works 259
Web Browser Attacks 268
Operating Safely 271
Web Browser Configurations 276
Summary 286
Chapter 11: Web Security 287
What Is HTTP? 287
How Does HTTP Work? 289
Server Content 301
Client Content 303
State 309
Attacking Web Servers 315
Web Services 317
Summary 321
Chapter 12: Electronic mail (E-mail) Security 323
The E-mail Risk 323
The E-mail Protocols 340
E-mail Authentication 345
Operating Safely When Using E-mail 348
Summary 355
Chapter 13: Domain Name System 357
DNS Basics 358
Purpose of DNS 364
Setting Up DNS 375
Security Issues with DNS 377
DNS Attacks 384
Designing DNS 386
Master Slave DNS 388
Detailed DNS Architecture 388
DNS SEC 389
Summary 393
Chapter 14: Server Security 395
General Server Risks 395
Security by Design 396
Operating Servers Safely 413
Server Applications 417
Multi-Level Security and Digital Rights Management 421
Summary 427
Part IV: Network...