Computer and information security handbook
Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The book offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, applications, and best practices, offerin...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Cambridge, England :
Morgan Kaufmann Publishers
2017.
|
| Edición: | Third edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009631490206719 |
Tabla de Contenidos:
- Front Cover
- Computer and Information Security Handbook
- Computer and Information Security Handbook
- Copyright
- Dedication
- Contents
- Contributors
- About the Editor
- Foreword
- Preface
- 1. ORGANIZATION OF THIS BOOK
- Part 1: Overview of System and Network Security: A Comprehensive Introduction
- Part 2: Managing Information Security
- Part 3: Disaster Recovery Security
- Part 4: Security Standards and Policies
- Part 5: Cyber, Network, and Systems Forensics Security and Assurance
- Part 6: Encryption Technology
- Part 7: Privacy and Access Management
- Part 8: Storage Security
- Part 9: Cloud Security
- Part 10: Virtual Security
- Part 11: Cyber Physical Security
- Part 12: Practical Security
- Part 13: Critical Infrastructure Security
- Part 14: Advanced Security
- 2. SUPPLEMENTAL MATERIALS
- Acknowledgments
- I - Overview of System and Network Security: A Comprehensive Introduction
- 1 - Information Security in the Modern Enterprise
- 1. INTRODUCTION
- Management Matters as Much as Technology
- Trade Secrets and ``Reasonable Efforts''
- 2. CHALLENGES FACING INFORMATION SECURITY
- 3. ASSESSMENT AND PLANNING
- Know Where to Begin
- Risk Management
- Public Standards for Information Security
- Creating the Security Plan
- 4. POLICIES AND PROCEDURES
- 5. TRAINING
- 6. SUMMARY
- CHAPTER REVIEW QUESTIONS/EXERCISES
- True/False
- Multiple Choice
- EXERCISE
- Problem
- Hands-On Projects
- Project
- Case Projects
- Problem
- Optional Team Case Project
- Problem
- 2 - Building a Secure Organization
- 1. OBSTACLES TO SECURITY
- Security Is Inconvenient
- 2. COMPUTERS ARE POWERFUL AND COMPLEX
- Computer Users Are Unsophisticated
- Computers Created Without a Thought to Security
- 3. CURRENT TREND IS TO SHARE, NOT PROTECT
- Data Accessible From Anywhere.
- 4. SECURITY IS NOT ABOUT HARDWARE AND SOFTWARE
- The Bad Guys Are Very Sophisticated
- Management Sees Security as a Drain on the Bottom Line
- 5. TEN STEPS TO BUILDING A SECURE ORGANIZATION
- Evaluate the Risks and Threats
- Threats Based on the Infrastructure Model
- Threats Based on the Business Itself
- Threats Based on Industry
- Global Threats
- Beware of Common Misconceptions
- Provide Security Training for Information Technology Staff: Now and Forever
- Think ``Outside the Box''
- DOXing
- Train Employees: Develop a Culture of Security
- Identify and Use Built-in Security Features of the Operating System and Applications
- Monitor Systems
- Hire a Third Party to Audit Security
- Do Not Forget the Basics
- Change Default Account Passwords
- Use Robust Passwords
- Close Unnecessary Ports
- Patch, Patch, Patch
- Use Administrator Accounts for Administrative Tasks
- Restrict Physical Access
- Do Not Forget Paper!
- 6. PREPARING FOR THE BUILDING OF SECURITY CONTROL ASSESSMENTS
- 7. SUMMARY
- CHAPTER REVIEW QUESTIONS/EXERCISES
- True/False
- Multiple Choice
- EXERCISE
- Problem
- Hands-on Projects
- Project
- Case Projects
- Problem
- Optional Team Case Project
- Problem
- 3 - A Cryptography Primer
- 1. WHAT IS CRYPTOGRAPHY? WHAT IS ENCRYPTION?
- How Is Cryptography Done?
- 2. FAMOUS CRYPTOGRAPHIC DEVICES
- The Lorenz Cipher
- Enigma
- 3. CIPHERS
- The Substitution Cipher
- The Shift Cipher
- The Polyalphabetic Cipher
- The Kasiski-Kerckhoff Method
- 4. MODERN CRYPTOGRAPHY
- The Vernam Cipher (Stream Cipher)
- The One-Time Pad
- Cracking Ciphers
- The XOR Cipher and Logical Operands
- Block Ciphers
- 5. THE COMPUTER AGE
- Data Encryption Standard
- Theory of Operation
- Implementation
- Rivest, Shamir, and Adleman
- Advanced Encryption Standard (or Rijndael)
- Overview.
- The Basics of Advanced Encryption Standard
- 6. HOW ADVANCED ENCRYPTION STANDARD WORKS
- Bytes
- Math
- In the Beginning
- Rounds
- 7. SELECTING CRYPTOGRAPHY: THE PROCESS
- 8. SUMMARY
- CHAPTER REVIEW QUESTIONS/EXERCISES
- True/False
- Multiple Choice
- EXERCISE
- Problem
- Hands-On Projects
- Project
- Case Projects
- Problem
- Optional Team Case Project
- Problem
- 4 - Verifying User and Host Identity
- 1. INTRODUCTION: VERIFYING THE USER
- 2. IDENTITY ACCESS MANAGEMENT: AUTHENTICATION AND AUTHORIZATION
- Authentication
- Password Rule Hardening: Practices
- The Importance of Secure Socket Layer/Transport Layer Security
- Authorization
- The Importance of Directory Services
- 3. SYNTHETIC OR REAL USER LOGGING
- Completely Automated Public Turing Test to Tell Computers and Humans Apart
- 4. VERIFYING A USER IN CLOUD ENVIRONMENTS
- 5. VERIFYING HOSTS
- 6. VERIFYING HOST DOMAIN NAME SYSTEM AND INTERNET PROTOCOL INFORMATION
- 7. SUMMARY
- CHAPTER REVIEW QUESTIONS/EXERCISES
- True/False
- Multiple Choice
- EXERCISE
- Problem
- Hands-On Projects
- Project
- Case Projects
- Problem
- Optional Team Case Project
- Problem
- REFERENCES
- 5 - Detecting System Intrusions
- 1. INTRODUCTION
- Why Taps?
- Why the Secrecy?
- 2. DEVELOPING THREAT MODELS
- 3. SECURING COMMUNICATIONS
- The Favored Operating System: Linux
- Step 1: Let Us Get Secure: Encrypting Files and Using Secure Shell
- Gnu Privacy Guard
- Encrypting and Decrypting Using GNU Privacy Guard
- Secure Shell Access to Servers
- Moving Files Securely
- Exercise for the Reader
- 4. NETWORK SECURITY MONITORING AND INTRUSION DETECTION SYSTEMS
- Installing Security Onion in a Distributed Environment
- Setting up a Security Onion Server
- The Tool Set
- Sguil
- Squert
- Netsniff-ng
- Snort
- Bro
- ELS A
- PF_RING.
- Planning Your Sensor Array
- Planning the Sensor Array
- Make a Disk
- Sizing Your Hardware
- Switched Port Analyzer or Tap
- Horizontal Movement
- Virtual Machine Planner Virtual Disks
- Installing the Fiber Cards
- Installing the Operating System
- Configuring Ethernet Adapters
- Security Onion Sensor Setup
- Setting PF_RING min_num_slots
- Setting Intrusion Detection System Engine Processes
- Management of Storage
- Sudo -i
- 5. INSTALLING SECURITY ONION TO A BARE-METAL SERVER
- Networks Are Complex
- The Access Layer
- Distribution Layer
- Exercise
- 6. PUTTING IT ALL TOGETHER
- 7. SECURING YOUR INSTALLATION
- Running Sguil as an Analyst
- Using Sguil via Secure Shell on a Remote PC
- 8. MANAGING AN INTRUSION DETECTION SYSTEM IN A NETWORK SECURITY MONITORING FRAMEWORK
- Configuring the Intrusion Detection System
- Rules and Filters
- Managing Sensors
- Sensor Check
- External Detection
- Internal Detection
- Manual Changes to Rules
- /usr/bin/rule-update
- /etc/nsm/rules/downloaded.rules
- /etc/nsm/rules/local.rules
- /etc/nsm/pulledpork/disablesid.conf
- /etc/nsm/pulledpork/pulledpork.conf
- /var/log/nsm/sid_changes.log
- /etc/nsm/templates/snort/snort.conf
- /etc/nsm/HOSTNAME-INTERFACE/snort.conf
- /etc/nsm/rules/bpf.conf
- /etc/nsm/securityonion.conf
- /etc/nsm/pulledpork/enablesid.conf
- /etc/nsm/pulledpork/dropsid.conf
- /etc/nsm/pulledpork/modifysid.conf
- /etc/nsm/rules/threshold.conf
- Log Files
- After the Changes
- Useful File Manipulation Commands
- How to Add Rules
- How to Disable a Single Rule or Range Rules
- Edit the /etc/nsm/pulledpork/disablesid.conf File
- 9. SETTING THE STAGE
- 10. ALERTS AND EVENTS
- Reconnaissance
- Default Password Breach
- The Basics
- 11. SGUIL: TUNING GRAPHICS PROCESSING UNIT RULES, ALERTS, AND RESPONSES
- Identifying Nuisance Rules.
- Understanding the Enterprise Log Search and Archive Database Structure
- Too Many Alerts!
- Modifying Signatures
- Anatomy of a Snort Rule
- Theory
- 12. DEVELOPING PROCESS
- 13. UNDERSTANDING, EXPLORING, AND MANAGING ALERTS
- Uniform Datagram Protocol Traffic Alerts
- False Alert Analysis
- Case Study
- Kaaza Alert
- Final Incident Report: Kaaza Alert
- Incident Reporting: Sample Incident Report
- Special Consideration
- Final Note About Report Writing
- What a Real Situation Looks Like
- 14. SUMMARY
- CHAPTER REVIEW QUESTIONS/EXERCISES
- True/False
- Multiple Choice
- EXERCISE
- Problem
- Hands-On Projects
- Project
- Case Projects
- Problem
- Optional Team Case Project
- Problem
- 6 - Intrusion Detection in Contemporary Environments
- 1. INTRODUCTION
- 2. MOBILE OPERATING SYSTEMS
- Android Operating System
- Apple iOS
- Symbian Operating System
- Windows Phone Operating System
- 3. MOBILE DEVICE MALWARE RISKS
- 4. CLOUD COMPUTING MODELS
- 5. CLOUD COMPUTING ATTACK RISKS
- 6. SOURCE OF ATTACKS ON MOBILE DEVICES
- 7. SOURCE OR ORIGIN OF INTRUSIONS IN CLOUD COMPUTING
- 8. CLASSES OF MOBILE MALWARE
- 9. TYPES OF CLOUD COMPUTING ATTACKS
- 10. MALWARE TECHNIQUES IN ANDROID
- Repackaging Common Apps
- Drive-by Download
- Dynamic Payload
- Stealth Malware Techniques
- Colluding Apps
- Privilege Escalation
- 11. CLOUD COMPUTING INTRUSIONS TECHNIQUES
- Reconnaissance Techniques
- Denial of Service
- Account Cracking
- Structured Query Language Injection
- Cross-Site Scripting
- Malware Injection
- 12. EXAMPLES OF SMARTPHONE MALWARE
- 13. EXAMPLES OF CLOUD ATTACKS
- 14. TYPES OF INTRUSION DETECTION SYSTEMS FOR MOBILE DEVICES
- Signature-Based Intrusion Detection System
- Anomaly-Based Intrusion Detection System
- Cloud-Based Intrusion Detection System
- Manual Analysis.
- 15. TYPES OF INTRUSION DETECTION SYSTEMS FOR CLOUD COMPUTING.
