| |
| |
Online Resources | |
| |
| |
Preface | |
| |
| |
About the Author | |
| |
| |
| |
Introduction | |
| |
| |
| |
Computer Security Concepts | |
| |
| |
| |
The OSI Security Architecture | |
| |
| |
| |
Security Attacks | |
| |
| |
| |
Security Services | |
| |
| |
| |
Security Mechanisms | |
| |
| |
| |
A Model for Network Security | |
| |
| |
| |
Standards | |
| |
| |
| |
Outline of This Book | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Internet and Web Resources | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Cryptography | |
| |
| |
| |
Symmetric Encryption and Message Confidentiality | |
| |
| |
| |
Symmetric Encryption Principles | |
| |
| |
| |
Symmetric Block Encryption Algorithms | |
| |
| |
| |
Random and Pseudorandom Numbers | |
| |
| |
| |
Stream Ciphers and RC4 | |
| |
| |
| |
Cipher Block Modes of Operation | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Public-Key Cryptography and Message Authentication | |
| |
| |
| |
Approaches to Message Authentication | |
| |
| |
| |
Secure Hash Functions | |
| |
| |
| |
Message Authentication Codes | |
| |
| |
| |
Public-Key Cryptography Principles | |
| |
| |
| |
Public-Key Cryptography Algorithms | |
| |
| |
| |
Digital Signatures | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Network Security Applications | |
| |
| |
| |
Key Distribution and User Authentication | |
| |
| |
| |
Symmetric Key Distribution Using Symmetric Encryption | |
| |
| |
| |
Kerberos | |
| |
| |
| |
Key Distribution Using Asymmetric Encryption | |
| |
| |
| |
X.509 Certificates | |
| |
| |
| |
Public-Key Infrastructure | |
| |
| |
| |
Federated Identity Management | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Network Access Control and Cloud Security | |
| |
| |
| |
Network Access Control | |
| |
| |
| |
Extensible Authentication Protocol | |
| |
| |
| |
IEEE 802.1X Port-Based Network Access Control | |
| |
| |
| |
Cloud Computing | |
| |
| |
| |
Cloud Security Risks and Countermeasures | |
| |
| |
| |
Data Protection in the Cloud | |
| |
| |
| |
Cloud Security as a Service | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Transport-Level Security | |
| |
| |
| |
Web Security Considerations | |
| |
| |
| |
Secure Sockets Layer (SSL) | |
| |
| |
| |
Transport Layer Security (TLS) | |
| |
| |
| |
HTTPS | |
| |
| |
| |
Secure Shell (SSH) | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Wireless Network Security | |
| |
| |
| |
Wireless Security | |
| |
| |
| |
Mobile Device Security | |
| |
| |
| |
IEEE 802.11 Wireless LAN Overview | |
| |
| |
| |
IEEE 802.11i Wireless LAN Security | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Electronic Mail Security | |
| |
| |
| |
Pretty Good Privacy (PGP) | |
| |
| |
| |
S/MIME | |
| |
| |
| |
DomainKeys Identified Mail (DKIM) | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
EP Security | |
| |
| |
| |
IP Security Overview | |
| |
| |
| |
IP Security Policy | |
| |
| |
| |
Encapsulating Security Payload | |
| |
| |
| |
Combining Security Associations | |
| |
| |
| |
Internet Key Exchange | |
| |
| |
| |
Cryptographic Suites | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
System Security | |
| |
| |
| |
Malicious Software | |
| |
| |
| |
Types of Malicious Software (Malware) | |
| |
| |
| |
Propagation-Infected Content-Viruses | |
| |
| |
| |
Propagation-Vulnerability-Exploit-Worms | |
| |
| |
| |
Propagation-Social Engineering-SPAM E-mail, Trojans | |
| |
| |
| |
Payload-System Corruption | |
| |
| |
| |
Payload-Attack Agent-Zombie, Bots | |
| |
| |
| |
Payload-Information Theft-Keyloggers, Phishing, Spyware | |
| |
| |
| |
Payload-Stealthing-Backdoors, Rootkits | |
| |
| |
| |
Countermeasures | |
| |
| |
| |
Distributed Denial of Service Attacks | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Intruders | |
| |
| |
| |
Intruders | |
| |
| |
| |
Intrusion Detection | |
| |
| |
| |
Password Management | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review-Questions, and Problems | |
| |
| |
| |
Firewalls | |
| |
| |
| |
The Need for Firewalls | |
| |
| |
| |
Firewall Characteristics | |
| |
| |
| |
Types of Firewalls | |
| |
| |
| |
Firewall Basing | |
| |
| |
| |
Firewall Location and Configurations | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
Appendices | |
| |
| |
| |
Some Aspects of Number Theory | |
| |
| |
| |
Prime and Relatively Prime Numbers | |
| |
| |
| |
Modular Arithmetic | |
| |
| |
| |
Projects for Teaching Network Security | |
| |
| |
| |
Research Projects | |
| |
| |
| |
Hacking Project | |
| |
| |
| |
Programming Projects | |
| |
| |
| |
Laboratory Exercises | |
| |
| |
| |
Practical Security Assessments | |
| |
| |
| |
Firewall Projects | |
| |
| |
| |
Case Studies | |
| |
| |
| |
Writing Assignments | |
| |
| |
| |
Reading/Report Assignments | |
| |
| |
References | |
| |
| |
Credits | |
| |
| |
Index | |