Introduction to Security and Network Forensics

Introduction to Security and Network Forensics

Published:
Content:
Author(s):
Free Standard Shipping

Purchasing Options

Hardback
$75.95
ISBN 9780849335686
Cat# AU3568
Add to cart
eBook
ISBN 9781420013108
Cat# AUE3568
 

Features

    • Explains the basics of cyber security and digital forensics
    • Covers general concepts in security as well as intrusion detection systems, encryption, and authentication
    • Addresses specific issues such as hashing and digital certificates, enhanced software security, and network security
    • Discusses data hiding, obfuscation, web infrastructures, and cloud and grid computing
    • Provides online access to thousands of test questions, hundreds of labs, hours of web-based video, and a set of simulators

    Summary

    Keeping up with the latest developments in cyber security requires ongoing commitment, but without a firm foundation in the principles of computer security and digital forensics, those tasked with safeguarding private information can get lost in a turbulent and shifting sea. Providing such a foundation, Introduction to Security and Network Forensics covers the basic principles of intrusion detection systems, encryption, and authentication, as well as the key academic principles related to digital forensics.

    Starting with an overview of general security concepts, it addresses hashing, digital certificates, enhanced software security, and network security. The text introduces the concepts of risk, threat analysis, and network forensics, and includes online access to an abundance of ancillary materials, including labs, Cisco challenges, test questions, and web-based videos. The author provides readers with access to a complete set of simulators for routers, switches, wireless access points (Cisco Aironet 1200), PIX/ASA firewalls (Version 6.x, 7.x and 8.x), Wireless LAN Controllers (WLC), Wireless ADUs, ASDMs, SDMs, Juniper, and much more, including:

    • More than 3,700 unique Cisco challenges and 48,000 Cisco Configuration Challenge Elements
    • 60,000 test questions, including for Certified Ethical Hacking and CISSP®
    • 350 router labs, 180 switch labs, 160 PIX/ASA labs, and 80 Wireless labs

    Rounding out coverage with a look into more advanced topics, including data hiding, obfuscation, web infrastructures, and cloud and grid computing, this book provides the fundamental understanding in computer security and digital forensics required to develop and implement effective safeguards against ever-evolving cyber security threats.
    Along with this, the text includes a range of online lectures and related material, available at: http://asecuritybook.com.

    Table of Contents

    Introduction to Security
    Objectives
    The Industrial and the Information Age
    CIA and AAA
    Protecting against Intruders
    Users, Systems, and Data
    Services, Role-Based Security, and Cloud Computing
    Security and Forensic Computing
    ISO 27002
    Risks
    Risk Management/Avoidance
    Security Policies
    Defi ning the Policy
    Example Risks
    Defense-in-Depth
    Gateways and DMZ (Demilitarized Zones)
    Layered Model and Security
    Encryption and a Layered Approach to Defense
    Software Tutorial—Data Packet Capture
    Online Exercises
    NetworkSims Exercises
    Chapter Lecture
    References

    Intrusion Detection Systems
    Objectives
    Introduction
    Types of Intrusion
    Attack Patterns
    Host/Network-Based Intrusion Detection
    Placement of the IDS
    SNORT
    Example Rules
    Running Snort
    User, Machine, and Network Profiling
    Honey Pots
    In-Line and Out-of-Line IDSs
    False and True
    Customized Agent-Based IDS
    Tutorial
    Software Tutorial
    Snort Tutorial
    Online Exercises
    NetworkSims Exercises
    Chapter Lecture
    References

    Encryption
    Objectives
    Introduction
    Simple Cipher Methods
    Brute-Force Analysis
    Public Key, Private Key, and Session Keys
    Adding Salt
    Private-Key Encryption
    Encryption Classes
    Public-Key Encryption
    One-Way Hashing
    Key Entropy
    File Encryption
    Tutorial
    Software Tutorial
    Web Page Exercises
    Network Simulation Tutorial
    Challenges
    Online Exercises
    NetworkSims Exercises
    Chapter Lecture

    Authentication, Hashing, and Digital Certificates
    Objectives
    Introduction
    Methods of Authentication
    Biometrics
    Message Hash
    Authenticating the Sender
    Digital Certifi cates and PKI
    HMAC (Hash Message Authentication Code)
    Future of Authentication Systems—Kerberos
    Email Encryption
    Tutorial
    Software Tutorial
    Online Exercises
    Web Page Exercises
    NetworkSims Exercises
    Chapter Lecture
    Reference

    Enhanced Software Security
    Objectives
    Introduction
    Integrating Security into Applications
    Good Practice
    The Future of Software
    .NET Environment—The Future of Security
    Strengths of .NET
    Global Assembly Cache (GAC)
    Strong Names
    NET Security Model
    Integrating Security into Applications
    Web Service Security
    NET Framework 3.0 (WinFX)
    Tutorial
    Software Tutorial
    Web Page Exercises
    On-Line Exercises
    NetworkSims Exercises
    Chapter Lecture
    References

    Network Security Elements
    Objectives
    Introduction
    Router (Packet Filtering) Firewalls
    Network Address Translation
    PIX/ASA Firewall
    Proxy Servers
    Tutorial
    Web Page Exercises
    Online Exercises
    NetworkSims Exercises
    Chapter Lecture

    Introduction to Risk
    Objectives
    Introduction
    Security Taxonomy
    Threats
    Service-Oriented Infrastructures
    Security Policies
    Defining the Policy
    Tutorial
    Windows Service Tutorial
    Linux Service Tutorial

    Threat Analysis
    Objectives
    Introduction
    Intruder Detection
    Vulnerably Analysis
    Hping
    Botnets
    Phishing
    Active Attacks
    Inference
    Affiliate Scams
    Password Cracking Programs
    Tutorial
    Vulnerability Tutorial
    SQL Injection Tutorial
    Appendix

    Network Forensics
    Objectives
    Introduction
    The Key Protocols
    Ethernet, IP, and TCP Headers
    TCP Connection
    ARP
    SYN
    Application Layer Analysis—FTP
    ICMP
    DNS
    Port Scan
    SYN Flood
    Spoofed Addresses
    Application Layer Analysis—HTTP
    Network Logs on Hosts
    Tripwire
    Tutorial
    Network Forensics Tutorial
    Tripwire Tutorial

    Data Hiding and Obfuscation
    Objectives
    Introduction
    Obfuscation Using Encryption
    Obfuscation through Tunneling
    Covert Channels
    Watermarking and Stenography
    Hiding File Contents
    References
    Tutorial
    Exercises

    Web Infrastructures
    Objectives
    Introduction
    Identity 2.0
    SOAP over HTTP
    LDAP
    Authentication Infrastructures
    802.1x Authentication Infrastructure
    OpenID
    Kerberos
    WS-*
    Access Control
    Tutorial
    Practical Work
    Exercises
    Activities
    Secure Server Setup

    Cloud/Grid Computing
    Objectives
    Introduction
    Grid Computing
    Cloud Computing
    Amazon Web Services
    Installing EC2 and S3 Command Tools
    Activities

    Index

    Author Bio(s)

    Textbooks
    Other CRC Press Sites
    Featured Authors
    STAY CONNECTED
    Facebook Page for CRC Press Twitter Page for CRC Press You Tube Channel for CRC Press LinkedIn Page for CRC Press Google Plus Page for CRC Press
    Sign Up for Email Alerts
    © 2014 Taylor & Francis Group, LLC. All Rights Reserved. Privacy Policy | Cookie Use | Shipping Policy | Contact Us