Introduction xixPART I SECURING THE INFRASTRUCTURE 1Chapter 1 Infrastructure Security in the Real World 3Security Challenges 3Infrastructure Security Scenario 1 4Infrastructure Security Scenario 2 6Summary 8Chapter 2 Understanding Access-Control and Monitoring Systems 9A Quick Primer on Infrastructure Security 9Access Control 12Security Policies 14Physical Security Controls 15Locks and Keys 16Standard Key-Locking Deadbolts 17Solenoid-Operated Deadbolt Locks 18Cipher Locks 19Access-Control Gates 20Sliding Gates 20Swinging Gates 21Control Relays 21Authentication Systems 23Magnetic Stripe Readers 24Smart Cards 25RFID Badges 26Biometric Scanners 27Remote-Access Monitoring 29Opened- and Closed-Condition Monitoring 30Automated Access-Control Systems 32Hands-On Exercises 33Discussion 34Procedure 35Review Questions 43Chapter 3 Understanding Video Surveillance Systems 45Video Surveillance Systems 45Cameras 46Hands-On Exercises 60Discussion 61Procedure 61Review Questions 69Chapter 4 Understanding Intrusion-Detection and Reporting Systems 71Intrusion-Detection and Reporting Systems 71Security Controllers 74Sensors 77Vehicle-Detection Sensors 82Fire-Detection Sensors 85Output Devices 87Hands-On Exercises 90Discussion 90Procedure 92Review Questions 94Chapter 5 Infrastructure Security: Review Questions and Hands-On Exercises 97Summary Points 97Security Challenge Scenarios 101Infrastructure Security Scenario 1 101Infrastructure Security Scenario 2 102Professional Feedback 102Review Questions 107Exam Questions 109PART II SECURING LOCAL HOSTS 113Chapter 6 Local Host Security in the Real World 115Security Challenges 115Computing Device Security Scenario 1 116Computing Device Security Scenario 2 117Summary 120Chapter 7 Securing Devices 121The Three Layers of Security 121Securing Host Devices 123Securing Outer-Perimeter Portals 124Additional Inner-Perimeter Access Options 127Hands-On Exercises 137Objectives 137Procedure 137Review Questions 148Chapter 8 Protecting the Inner Perimeter 149The Inner Perimeter 149Operating Systems 151Operating System Security Choices 168Common Operating System Security Tools 169Using Local Administrative Tools 177Implementing Data Encryption 182Hands-On Exercises 188Objectives 188Resources 188Discussion 189Procedures 190Tables 200Lab Questions 201Chapter 9 Protecting Remote Access 203Protecting Local Computing Devices 203Using a Secure Connection 204Establishing and Using a Firewall 204Installing and Using Anti-Malware Software 205Removing Unnecessary Software 205Disabling Nonessential Services 205Disabling Unnecessary OS Default Features 205Securing the Web Browser 205Applying Updates and Patches 206Requiring Strong Passwords 206Implementing Local Protection Tools 206Software-Based Local Firewalls 207Using Local Intrusion-Detection Tools 209Profile-Based Anomaly-Detection Systems 210Threshold-Based Anomaly-Detection Systems 211Configuring Browser Security Options 211Configuring Security Levels 213Configuring Script Support 214Defending Against Malicious Software 218Using Antivirus Programs 220Using Antispyware 221Hardening Operating Systems 222Service Packs 222Patches 222Updates 223Overseeing Application Software Security 223Software Exploitation 223Applying Software Updates and Patches 224Hands-On Exercises 225Objectives 225Resources 225Discussion 225Procedures 226Tables 241Lab Questions 242Chapter 10 Local Host Security: Review Questions and Hands-On Exercises 243Summary Points 243Security Challenge Scenarios 248Computing Device Security Scenario 1 248Computing Device Security Scenario 2 248Professional Feedback 248Review Questions 257Exam Questions 259PART III SECURING LOCAL NETWORKS 263Chapter 11 Local Network Security in the Real World 265Security Challenges 266Local Network Security Scenario 1 266Local Network Security Scenario 2 270Summary 272Chapter 12 Networking Basics 273Understanding the Basics of Networking 273Campus Area Networks or Corporate Area Networks (CANs) 274Metropolitan Area Networks (MANs) 274Wireless Local Area Networks (WLANs) 274Storage Area Networks (SANs) 274The OSI Networking Model 275Layer 1: Physical 276Layer 2: Data Link 276Layer 3: Network 276Layer 4: Transport 276Layer 5: Session 276Layer 6: Presentation 277Layer 7: Application 277Data Transmission Packets 277OSI Layer Security 278Network Topologies 280Bus Topology 280Ring Topology 280Star Topology 281Mesh Topology 282Logical Topologies 282Hands-On Exercises 283Objectives 283Resources 283Discussion 283Procedure 284Lab Questions 295Lab Answers 295Chapter 13 Understanding Networking Protocols 297The Basics of Networking Protocols 297MAC Addresses 298TCP/IP 299Ethernet 309Network Control Strategies 311Hands-On Exercises 313Objectives 313Discussion 313Procedures 314Lab Questions 325Lab Answers 326Chapter 14 Understanding Network Servers 327The Basics of Network Servers 327Server Security 330Network Administrators 331Server Software Security 335User Accounts 341Network Authentication Options 347Establishing Resource Controls 348Maintaining Server Security 352Vulnerability Scanning 358Hands-On Exercises 361Objectives 361Resources 361Discussion 362Procedures 362Lab Questions 382Lab Answers 382Chapter 15 Understanding Network Connectivity Devices 385Network Switches 386Routers 388Gateways 390Network Bridges 391Wireless Network Connectivity 392Network Connectivity Device Vulnerabilities 392Network Connectivity Device Attacks 393Network Connectivity Defense 397Network Hardening 398Hands-On Exercises 399Objectives 399Resources 399Procedures 399Lab Questions 404Lab Answers 404Chapter 16 Understanding Network Transmission Media Security 407The Basics of Network Transmission Media 407Copper Wire 408Light Waves 410Wireless Signals 412Transmission Media Vulnerabilities 415Securing Wireless Networks 415Hands-On Exercises 417Objectives 417Resources 417Procedure 417Lab Questions 421Lab Answers 421Chapter 17 Local Network Security: Review Questions 423Summary Points 423Security Challenge Scenarios 432Local Network Security Scenario 1 432Local Network Security Scenario 2 432Professional Feedback 432Review Questions 443PART IV SECURING THE PERIMETER 449Chapter 18 Perimeter Security in the Real World 451Security Challenges 451Internet Security Scenario 1 451Internet Security Scenario 2 454Summary 455Chapter 19 Understanding the Environment 457The Basics of Internet Security 457Understanding the Environment 460Basic Internet Concepts 461Internet Services 468Standards and RFCs 470Hands-On Exercises 471Objectives 471Resources 472Discussion 472Procedures 472Lab Questions 486Lab Answers 486Chapter 20 Hiding the Private Network 487Understanding Private Networks 487Network Address Translation 488Port Address Translation 489Port Forwarding or Mapping 490Network Segmentation 492Software-Defined Networking 494Hands-On Exercises 496Objectives 496Resources 496Discussion 496Procedure 497Lab Questions 508Lab Answers 509Chapter 21 Protecting the Perimeter 511Understanding the Perimeter 511Firewalls 515Firewall Considerations 517Network Appliances 519Proxy Servers 520Demilitarized Zones (DMZs) 522Single-Firewall DMZs 523Dual-Firewall DMZs 524Honeypots 525Extranets 526Hands-On Exercises 528Objectives 528Resources 528Procedures 528Lab Questions 534Lab Answers 534Chapter 22 Protecting Data Moving Through the Internet 535Securing Data in Motion 535Authentication 536Encryption 542Cryptography 543Digital Certificates 545Hash Tables 548Cookies 548CAPTCHAs 549Virtual Private Networks 550Hands-On Exercises 552Objectives 552Resources 552Discussion 552Procedures 552Lab Questions 563Lab Answers 563Chapter 23 Tools and Utilities 565Using Basic Tools 565IFconfig/IPconfig 565Whois 566Nslookup 567PING 567Traceroute 568Telnet 569Secure Shell 570Monitoring Tools and Software 570Nagios 572SolarWinds 572Microsoft Network Monitor 572Wireshark 572Snort 573Nmap 575Nikto 575OpenVAS 575Metasploit 575The Browser Exploitation Framework (BeEF) 576Other Products 576Hands-On Exercises 578Objectives 578Resources 578Discussion 578Procedures 579Capturing a PING 583Lab Questions 589Lab Answers 589Chapter 24 Identifying and Defending Against Vulnerabilities 591Zero Day Vulnerabilities 591Software Exploits 592SQL Injection 594Java 597Other Software Exploits 599Social Engineering Exploits 600Phishing Attacks 600Network Threats and Attacks 603Broadcast Storms 603Session-Hijacking Attacks 604Dictionary Attacks 606Denial of Service (DoS) Attacks 606Tarpitting 611Spam 612Protecting Against Spam Exploits 613Other Exploits 614Transport Layer Security (TLS) Exploits 614FREAK Exploits 615Logjam Exploits 615Hands-On Exercises 616Objectives 616Resources 616Discussion 616Procedures 616Chapter 25 Perimeter Security: Review Questions and Hands-On Exercises 627Summary Points 627Security Scenario Review 637Network Security Scenario 1 637Network Security Scenario 2 637Professional Feedback 637Review Questions 644Exam Questions 647Appendix A 651Appendix B 703Appendix C 715Index 727... Mehr
CHF 46.90
Wir senden Dir eine Email, sobald das Produkt zum gewünschten Preis erhältlich ist.