Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.
Key Features
- Provides a broad introduction to the methods and techniques in the field of information security
- Offers a strategy-based view of these tools and techniques, facilitating selection of overlapping methods for in-depth defense of information
- Provides very current view of the emerging standards of practice in information security
Acknowledgments
Legal Acknowledgments
Introduction
Approach of this Book
Classroom Use
Support Materials
Chapter 1. Motivation and Security Definitions
Information in this chapter
Introduction
Information Security and its Motivation
Terminology: Vulnerabilities of Software, Exploits, Malware, Intrusions, and Controls
Security Risk Management
How to use this Book
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 2. Strategies and Security
Information in this chapter
Introduction
Security Strategies
Attack Strategies
Defense Strategies
Security Controls
Summary
References
Chapter Review Questions
Chapter Exercises
Part 1: Deception
Chapter 3. Deception Strategies: Networks, Organization, and Structures
Information in this chapter
Introduction
How the Internet Works
Deception and Network Organization
Outsourcing
Application Hosting
Dynamic Addressing
Summary
Chapter Review Questions
Chapter Exercises
References
Chapter 4. Deception Strategies: Defensive Technologies
Information in this chapter
Introduction
Internet Protocols
Proxies and Gateways
Honeypots and Honeynets
Tarpits
Virtual Hosts
Summary
References
Chapter Review Questions
Chapter Exercises
Part 2: Frustration
Chapter 5. Frustration Strategies: Technical Controls
Information in this chapter
Introduction
Minimization Goals and Objectives
Asymmetry in Information Security
Host Hardening
Network Devices and Minimization
Network Architecture and Frustration
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 6. Frustration Strategies: Formal Verification
Information in this chapter
Introduction
Formal Models and Model Verification
Discretionary Models
Confidentiality Models
Integrity Models
Limits of Formal Models
Summary
References
Chapter Review Questions
Chapter Exercises
Part 3: Resistance
Chapter 7. Resistance Strategies: Authentication and Permissions
Information in this chapter
Introduction
Authentication and Permission Goals and Objectives
Authentication Methods
Authentication Systems
Permissions and Access Control
Attacks
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 8. Resistance Strategies: Symmetric Encryption
Information in this chapter
Introduction
Encryption Concepts
Symmetric Encryption
Asymmetric Encryption
Key Management and Distribution
Computer Identification
Steganography
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 9. Resistance Strategies: Partitioning and Need to Know
Information in this chapter
Introduction
Outsider and Insider Threat
Internal Security Partitions
Need to Know
Policy Management
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 10. Change Management
Information in this chapter
Introduction
Change Management Versus Configuration Management
Why Use Change and Configuration Management Systems
Change Management Process
Minor or Insignificant Change Process
Automation of the Change Process
Change Management and Security-Related Issues
Change Management and Software Control Issues
Change Management Documentation
Patch Management
Configuration Management System
Software Configuration Management
Network Configuration Management System
Configuration Management Database
Certification
Summary
References
Chapter Review Questions
Chapter Exercises
Part 4: Recognition/Recovery
Chapter 11. Network Analysis and Forensics
Information in this chapter
Introduction
Introduction to the OSI Model
Analysis for Managers
Flow-Level Analysis
Metadata Analysis
Application-Level Analysis
Signature Analysis
Full-Packet Capture
Network Forensics
Sensor Network Architecture
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 12. Recognition Strategies: Intrusion Detection and Prevention
Information in this chapter
Introduction
Why Intrusion Detection
Network Intrusion Detection Pitfalls
Modes of Intrusion Detection
Network Behavior Analyzers
Wireless IDPS
Network Intrusion Prevention Systems
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 13. Digital Forensics
Information in this chapter
Introduction
Uses of Digital Forensics
Forensic Fundamentals
Hashing
Technology
Onsite Collections
Final Report
Organizational Preparedness
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 14. Recognition Strategies: Integrity Detection
Information in this chapter
Introduction
Checksums
Cryptographic Integrity Detection
Rule-Based Integrity Checking
Content Comparisons
An Example: GPS
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 15. Recovery of Security
Information in this chapter
Introduction
Emergency Management
Recovery Priorities
Building a Response Policy
Recovery from Accidents: Continuity of Operations
Recovery from Malicious Events
Incident Handling
Incorporating Lessons Learned
Summary
References
Chapter Review Questions
Chapter Exercises
Chapter 16. Professional Certifications and Overall Conclusions
Information in this chapter
Introduction
Professional Certifications
Tying the Pieces Together
Where to Go from Here
References
Chapter Review Questions
Chapter Exercises
Index
