Acknowledgments
 
Legal Acknowledgments
 
Introduction
 
Approach of this Book
 
Classroom Use
 
Support Materials
 
Chapter 1. Motivation and Security Definitions
 
Information in this chapter
 
Introduction
 
Information Security and its Motivation
 
Terminology: Vulnerabilities of Software, Exploits, Malware, Intrusions, and Controls
 
Security Risk Management
 
How to use this Book
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 2. Strategies and Security
 
Information in this chapter
 
Introduction
 
Security Strategies
 
Attack Strategies
 
Defense Strategies
 
Security Controls
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Part 1: Deception
 
Chapter 3. Deception Strategies: Networks, Organization, and Structures
 
Information in this chapter
 
Introduction
 
How the Internet Works
 
Deception and Network Organization
 
Outsourcing
 
Application Hosting
 
Dynamic Addressing
 
Summary
 
Chapter Review Questions
 
Chapter Exercises
 
References
 
Chapter 4. Deception Strategies: Defensive Technologies
 
Information in this chapter
 
Introduction
 
Internet Protocols
 
Proxies and Gateways
 
Honeypots and Honeynets
 
Tarpits
 
Virtual Hosts
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Part 2: Frustration
 
Chapter 5. Frustration Strategies: Technical Controls
 
Information in this chapter
 
Introduction
 
Minimization Goals and Objectives
 
Asymmetry in Information Security
 
Host Hardening
 
Network Devices and Minimization
 
Network Architecture and Frustration
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 6. Frustration Strategies: Formal Verification
 
Information in this chapter
 
Introduction
 
Formal Models and Model Verification
 
Discretionary Models
 
Confidentiality Models
 
Integrity Models
 
Limits of Formal Models
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Part 3: Resistance
 
Chapter 7. Resistance Strategies: Authentication and Permissions
 
Information in this chapter
 
Introduction
 
Authentication and Permission Goals and Objectives
 
Authentication Methods
 
Authentication Systems
 
Permissions and Access Control
 
Attacks
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 8. Resistance Strategies: Symmetric Encryption
 
Information in this chapter
 
Introduction
 
Encryption Concepts
 
Symmetric Encryption
 
Asymmetric Encryption
 
Key Management and Distribution
 
Computer Identification
 
Steganography
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 9. Resistance Strategies: Partitioning and Need to Know
 
Information in this chapter
 
Introduction
 
Outsider and Insider Threat
 
Internal Security Partitions
 
Need to Know
 
Policy Management
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 10. Change Management
 
Information in this chapter
 
Introduction
 
Change Management Versus Configuration Management
 
Why Use Change and Configuration Management Systems
 
Change Management Process
 
Minor or Insignificant Change Process
 
Automation of the Change Process
 
Change Management and Security-Related Issues
 
Change Management and Software Control Issues
 
Change Management Documentation
 
Patch Management
 
Configuration Management System
 
Software Configuration Management
 
Network Configuration Management System
 
Configuration Management Database
 
Certification
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Part 4: Recognition/Recovery
 
Chapter 11. Network Analysis and Forensics
 
Information in this chapter
 
Introduction
 
Introduction to the OSI Model
 
Analysis for Managers
 
Flow-Level Analysis
 
Metadata Analysis
 
Application-Level Analysis
 
Signature Analysis
 
Full-Packet Capture
 
Network Forensics
 
Sensor Network Architecture
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 12. Recognition Strategies: Intrusion Detection and Prevention
 
Information in this chapter
 
Introduction
 
Why Intrusion Detection
 
Network Intrusion Detection Pitfalls
 
Modes of Intrusion Detection
 
Network Behavior Analyzers
 
Wireless IDPS
 
Network Intrusion Prevention Systems
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 13. Digital Forensics
 
Information in this chapter
 
Introduction
 
Uses of Digital Forensics
 
Forensic Fundamentals
 
Hashing
 
Technology
 
Onsite Collections
 
Final Report
 
Organizational Preparedness
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 14. Recognition Strategies: Integrity Detection
 
Information in this chapter
 
Introduction
 
Checksums
 
Cryptographic Integrity Detection
 
Rule-Based Integrity Checking
 
Content Comparisons
 
An Example: GPS
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 15. Recovery of Security
 
Information in this chapter
 
Introduction
 
Emergency Management
 
Recovery Priorities
 
Building a Response Policy
 
Recovery from Accidents: Continuity of Operations
 
Recovery from Malicious Events
 
Incident Handling
 
Incorporating Lessons Learned
 
Summary
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Chapter 16. Professional Certifications and Overall Conclusions
 
Information in this chapter
 
Introduction
 
Professional Certifications
 
Tying the Pieces Together
 
Where to Go from Here
 
References
 
Chapter Review Questions
 
Chapter Exercises
 
Index