English

Network Defense and Countermeasures: Principles and Practices ,4th edition::9780138200749

Access educator resources

Published by Pearson IT Certification (September 22, 2023) © 2024

William Easttom
    VitalSource eTextbook (Lifetime access)
    €65,99
    Adding to cart… The item has been added
    ISBN-13: 9780138200749

    Network Defense and Countermeasures: Principles and Practices ,4th edition

    Published 2024

    Language: English

    All you need to know about defending networks, in one book

    • Clearly explains concepts, terminology, challenges, tools, and skills
    • Covers key security standards and models for business and government
    • The perfect introduction for all network/computer security professionals and students

    Welcome to today's most useful and practical introduction to defending modern networks. Drawing on decades of experience, Chuck Easttom brings together updated coverage of all the concepts, terminology, techniques, and solutions you'll need to be effective.

    Easttom thoroughly introduces the core technologies of modern network security, including firewalls, intrusion-detection systems, and VPNs. Next, he shows how encryption can be used to safeguard data as it moves across networks.

    You'll learn how to harden operating systems, defend against malware and network attacks, establish robust security policies, and assess network security using industry-leading standards and models. You'll also find thorough coverage of key issues such as physical security, forensics, and cyberterrorism.

    Throughout, Easttom blends theory and application, helping you understand both what to do and why. In every chapter, quizzes, exercises, projects, and web resources deepen your understanding and help you use what you've learned—in the classroom and in your career.

    LEARN HOW TO

    • Evaluate key network risks and dangers
    • Choose the right network security approach for your organization
    • Anticipate and counter widespread network attacks, including those based on "social engineering"
    • Successfully deploy and apply firewalls and intrusion detection systems
    • Secure network communication with virtual private networks
    • Protect data with cryptographic public/private key systems, digital signatures, and certificates
    • Defend against malware, including ransomware, Trojan horses, and spyware
    • Harden operating systems and keep their security up to date
    • Define and implement security policies that reduce risk
    • Explore leading security standards and models, including ISO and NIST standards
    • Prepare for an investigation if your network has been attacked
    • Understand the growing risks of espionage and cyberterrorism

        Preface xxiii

    Chapter 1: Introduction to Network Security 2

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

        The Basics of a Network.. . . . . . . . . . . . . . . . . . . . . . . . . 3

        Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 11

        The OSI Model.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

        What Does This Mean for Security?. . . . . . . . . . . . . . . . . . . . 16

        Assessing Likely Threats to the Network. . . . . . . . . . . . . . . . . . 16

        Classifications of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 20

        Likely Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

        Threat Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . 25

        Understanding Security Terminology.. . . . . . . . . . . . . . . . . . . . 26

        Choosing a Network Security Approach.. . . . . . . . . . . . . . . . . . 30

        Network Security and the Law.. . . . . . . . . . . . . . . . . . . . . . 32

        Using Security Resources. . . . . . . . . . . . . . . . . . . . . . . . 34

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

    Chapter 2: Types of Attacks 42

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

        Understanding Denial of Service Attacks.. . . . . . . . . . . . . . . . . . 43

        Defending Against Buffer Overflow Attacks.. . . . . . . . . . . . . . . . . 63

        Defending Against IP Spoofing. . . . . . . . . . . . . . . . . . . . . . 64

        Defending Against Session Hijacking.. . . . . . . . . . . . . . . . . . . 66

        Blocking Virus and Trojan Horse Attacks. . . . . . . . . . . . . . . . . . 66

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

    Chapter 3: Fundamentals of Firewalls 82

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

        What Is a Firewall?. . . . . . . . . . . . . . . . . . . . . . . . . . . 83

        Implementing Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . 90

        Firewall Deployment.. . . . . . . . . . . . . . . . . . . . . . . . . . 95

        Selecting and Using a Firewall.. . . . . . . . . . . . . . . . . . . . . . 96

        Using Proxy Servers.. . . . . . . . . . . . . . . . . . . . . . . . . . 97

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

    Chapter 4: Firewall Practical Applications 106

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

        Using Single Machine Firewalls.. . . . . . . . . . . . . . . . . . . . . 107

        Windows 10 Firewall.. . . . . . . . . . . . . . . . . . . . . . . . . . 108

        User Account Control.. . . . . . . . . . . . . . . . . . . . . . . . . 110

        Linux Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

        Using Small Office/Home Office Firewalls.. . . . . . . . . . . . . . . . . 118

        Using Medium-Sized Network Firewalls.. . . . . . . . . . . . . . . . . . 121

        Using Enterprise Firewalls. . . . . . . . . . . . . . . . . . . . . . . . 124

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

    Chapter 5: Intrusion-Detection Systems 132

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

        Understanding IDS Concepts.. . . . . . . . . . . . . . . . . . . . . . 133

        IDS Components and Processes.. . . . . . . . . . . . . . . . . . . . . 135

        SIEM.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

        Evasion Techniques.. . . . . . . . . . . . . . . . . . . . . . . . . . 137

        Understanding and Implementing IDSs.. . . . . . . . . . . . . . . . . . 138

        Understanding and Implementing Honeypots. . . . . . . . . . . . . . . . 141

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

    Chapter 6: Encryption Fundamentals 152

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

        The History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . 153

        Learning About Modern Encryption Methods.. . . . . . . . . . . . . . . . 160

        Identifying Good Encryption.. . . . . . . . . . . . . . . . . . . . . . . 173

        Understanding Digital Signatures and Certificates.. . . . . . . . . . . . . . 174

        MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . 179

        Understanding and Using Decryption.. . . . . . . . . . . . . . . . . . . 179

        Cracking Passwords.. . . . . . . . . . . . . . . . . . . . . . . . . . 180

        Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

        Steganalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

        Quantum Computing and Quantum Cryptography. . . . . . . . . . . . . . 186

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

        Endnote.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

    Chapter 7: Virtual Private Networks 194

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

        Basic VPN Technology.. . . . . . . . . . . . . . . . . . . . . . . . . 195

        Using VPN Protocols for VPN Encryption.. . . . . . . . . . . . . . . . . 197

        IPsec.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

        SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

        Other VPN Protocols.. . . . . . . . . . . . . . . . . . . . . . . . . . 209

        Implementing VPN Solutions.. . . . . . . . . . . . . . . . . . . . . . 210

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

    Chapter 8: Operating System Hardening 222

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

        Configuring Windows Properly.. . . . . . . . . . . . . . . . . . . . . . 223

        Configuring Linux Properly.. . . . . . . . . . . . . . . . . . . . . . . 244

        Patching the Operating System.. . . . . . . . . . . . . . . . . . . . . 245

        Configuring Browsers.. . . . . . . . . . . . . . . . . . . . . . . . . 246

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

    Chapter 9: Defending Against Virus Attacks 260

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260

        Understanding Virus Attacks.. . . . . . . . . . . . . . . . . . . . . . 261

        Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 270

        Virus Scanning Techniques. . . . . . . . . . . . . . . . . . 272

        When Antivirus Causes a Problem. . . . . . . . . . . . . . . 274

        Commercial Antivirus Software.. . . . . . . . . . . . . . . . 274

        Antivirus Policies and Procedures.. . . . . . . . . . . . . . . . . . . . 283

        Additional Methods for Defending Your System.. . . . . . . . . . . . . . . 284

        What to Do If Your System Is Infected by a Virus.. . . . . . . . . . . . . . 285

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

    Chapter 10: Defending Against Trojan Horses and Phishing 296

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

        Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

        Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

    Chapter 11: Security Policies 318

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318

        ISO 27002. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319

        Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 322

        Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 324

        Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 331

        Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 336

        Defining Developmental Policies.. . . . . . . . . . . . . . . . . . . . . 337

        Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 338

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

    Chapter 12: Assessing System Security 346

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

        Risk Assessment Concepts.. . . . . . . . . . . . . . . . . . . . . . . 347

        Evaluating the Security Risk.. . . . . . . . . . . . . . . . . . . . . . . 348

        Conducting the Initial Assessment. . . . . . . . . . . . . . . . . . . . 351

        Probing the Network.. . . . . . . . . . . . . . . . . . . . . . . . . . 357

        Vulnerabilities.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381

        McCumber Cube.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384

        Security Documentation.. . . . . . . . . . . . . . . . . . . . . . . . 385

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388

    Chapter 13: Security Standards 394

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394

        COBIT.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394

        ISO Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 396

        NIST Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 397

        U.S. DoD Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 403

        Using the Common Criteria.. . . . . . . . . . . . . . . . . . . . . . . 405

        Using Security Models.. . . . . . . . . . . . . . . . . . . . . . . . . 407

        U.S. Federal Regulations, Guidelines, and Standards.. . . . . . . . . . . . 410

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414

    Chapter 14: Physical Security and Disaster Recovery 422

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422

        Physical Security.. . . . . . . . . . . . . . . . . . . . . . . . . . . 422

        Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 428

        Ensuring Fault Tolerance.. . . . . . . . . . . . . . . . . . . . . . . . 432

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435

    Chapter 15: Techniques Used by Attackers 438

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438

        Preparing to Hack.. . . . . . . . . . . . . . . . . . . . . . . . . . . 439

        The Attack Phase. . . . . . . . . . . . . . . . . . . . . . . . . . . 453

        Session Hijacking. . . . . . . . . . . . . . . . . . . . . . . . . . . 457

        Wi-Fi Hacking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459

        Bluetooth Hacking.. . . . . . . . . . . . . . . . . . . . . . . . . . . 459

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462

    Chapter 16: Introduction to Forensics 466

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466

        General Forensics Guidelines.. . . . . . . . . . . . . . . . . . . . . . 467

        FBI Forensics Guidelines. . . . . . . . . . . . . . . . . . . . . . . . 470

        Imaging a Drive.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 471

        Finding Evidence on the PC.. . . . . . . . . . . . . . . . . . . . . . . 474

        Gathering Evidence from a Cell Phone.. . . . . . . . . . . . . . . . . . 485

        Forensic Tools to Use.. . . . . . . . . . . . . . . . . . . . . . . . . 491

        AccessData Forensic Toolkit.. . . . . . . . . . . . . . . . . 491

        EnCase.. . . . . . . . . . . . . . . . . . . . . . . . . . 492

        The Sleuth Kit. . . . . . . . . . . . . . . . . . . . . . . 492

        OSForensics. . . . . . . . . . . . . . . . . . . . . . . . 492

        Forensic Science.. . . . . . . . . . . . . . . . . . . . . . . . . . . 493

        To Certify or Not to Certify?.. . . . . . . . . . . . . . . . . . . . . . . 493

        Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 494

        Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 495

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499

        Endnote.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499

    Chapter 17: Cyber Warfare and Terrorism 504

        Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504

        Defending Against Computer-Based Espionage. . . . . . . . . . . . . . . 505

        Defending Against Computer-Based Terrorism. . . . . . . . . . . . . . . 508

        Choosing Defense Strategies.. . . . . . . . . . . . . . . . . . . . . . 514

        Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524

        Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524

    Appendix A: Answers 530

    Glossary 542

     

    9780138200589, 9/1/2023

    !