Copyright ©1998-2010 Glenn Fleishman. Send in your comments. Bibliographic information on isbn.nu licensed from Baker & Taylor. Contact them for corrections and licensing, or read more about our data.
Tables of Contents for Security+ in Depth
Chapter/Section Title
Page #
Page Count
PREFACE
xiv
CHAPTER ONE Security Overview
1
16
Understanding Network Security
2
1
Security Threats
3
2
Integrity
4
1
Confidentiality
4
1
Availability
4
1
Security Ramifications: Costs of Intrusion
5
3
Technology Weaknesses
5
1
Configuration Weaknesses
6
1
Policy Weaknesses
6
1
Human Error
7
1
Goals of Network Security
8
1
Eliminating Theft
8
1
Determining Authentication
8
1
Identifying Assumptions
8
1
Controlling Secrets
8
1
Creating a Secure Network Strategy
9
3
Human Factors
9
1
Knowing Your Weaknesses
9
1
Limiting Access
9
1
Achieving Security through Persistence
10
1
Remembering Physical Security
10
1
Perimeter Security
10
1
Firewalls
10
1
Web and File Servers
10
1
Access Control
11
1
Change Management
11
1
Encryption
11
1
Intrusion Detection Systems
12
1
Chapter Summary
12
1
Key Terms
12
1
Review Questions
13
4
CHAPTER TWO Authentication
17
30
Usernames and Passwords
18
2
Strong Password Creation Techniques
19
1
Techniques to Use Multiple Passwords
20
1
Storing Passwords
20
1
Kerberos
20
5
Kerberos Assumptions
21
1
Kerberos Authentication Process
21
3
Using Kerberos in Very Large Network Systems
24
1
Security Weaknesses of Kerberos
25
1
Challenge Handshake Authentication Protocol
25
2
The CHAP Challenge-and-Response Sequence
25
1
CHAP Security Issues
26
1
Mutual Authentication
27
1
Digital Certificates
27
3
Electronic Encryption and Decryption Concepts
27
2
How Much Trust Should One Place in a CA?
29
1
Security Tokens
30
2
Passive Tokens
30
1
Active Tokens
31
1
One-time Passwords
31
1
Biometrics
32
7
How a Biometric Authentication System Works
32
1
False Positives and False Negatives
33
1
Different Kinds of Biometrics
34
4
General Trends in Biometrics
38
1
Multi-Factor Authentication
39
1
Chapter: Summary
39
1
Key Terms
40
2
Review Questions
42
5
CHAPTER THREE Attacks and Malicious Code
47
44
Denial-of-Service Attacks
48
5
SYN Flood
49
3
Smurf
52
1
IP Fragmentation Attacks: Ping of Death
53
2
Distributed Denial-of-Service Attacks
55
5
Setting Up DDOS Attacks
55
1
Conducting DDOS Attacks
56
1
DDOS Countermeasures
57
3
Spoofing
60
4
IP Address Spoofing
60
2
ARP Poisoning
62
1
Web Spoofing
62
2
DNS Spoofing
64
1
Man in the Middle
64
2
Replays
66
1
TCP Session Hijacking
67
2
Social Engineering
69
2
Dumpster Diving
70
1
Online Attacks
70
1
Social Engineering Countermeasures
70
1
Attacks against Encrypted Data
71
3
Weak Keys
71
1
Mathematical Attacks
71
1
Birthday Attack
72
1
Password Guessing
72
1
Brute Force
73
1
Dictionary
74
1
Software Exploitation
74
10
Malicious Software
75
4
Backdoor
79
4
Logic Bombs
83
1
Worms
83
1
Chapter Summary
84
1
Key Terms
85
2
Review Questions
87
4
CHAPTER FOUR Remote Access
91
26
IFFE 802.1x
92
2
Telnet
93
1
Virtual Private Networks
94
2
VPN Options
95
1
VPN Drawbacks
96
1
Remote Authentication Dial-In User Service
96
3
Authenticating with a RADIUS Server
97
2
Terminal Access Controller Access Control System
99
2
Point-to-Point Tunneling Protocol
101
1
Layer 2 Tunneling Protocol
102
1
Secure Shell
102
1
IP Security Protocol
103
3
ESP and Encryption Models
105
1
Telecommuting Vulnerabilities
106
4
Remote Solutions
110
1
Chapter Summary
110
1
Key Terms
111
1
Review Questions
112
5
CHAPTER FIVE E-mail
117
26
Secure E-mail and Encryption
118
5
Encryption
119
1
Hash Functions
120
1
Digital Signatures
120
1
Digital Certificates
121
1
Combining Encryption Methods
122
1
How Secure E-mail Works
123
8
Background on PGP
126
1
PGP Certificates
126
1
S/MIME
127
1
Background on S/MIME
127
1
S/MIME Encryption Algorithms
127
1
X.509 Certificates
128
1
S/MIME Trust Model: Certificate Authorities
129
1
Differences between PGP and S/MIME
129
2
E-mail Vulnerabilities
131
1
Spam
132
1
E-mail Spam
132
1
Hoaxes and Chain Letters
133
2
Countermeasures for Hoaxes
135
1
Chapter Summary
136
1
Key Terms
136
2
Review Questions
138
5
CHAPTER SIX Web Security
143
22
SSL and TLS
144
2
HTTPS
146
1
Instant Messaging
147
2
IM Security Issues
147
2
Vulnerabilities of Web Tools
149
9
JavaScript
149
1
ActiveX
150
1
Buffer Overflows
151
1
Cookies
152
1
Signed Applets
153
1
CGI
154
2
SMTP Relay
156
2
Chapter Summary
158
1
Key Terms
159
1
Review Questions
160
5
CHAPTER SEVEN Directory and File Transfer Services
165
22
Directory Services
166
6
LDAP
166
2
LDAP Operations
168
1
LDAP Framework
169
1
LDAP Security Benefits
170
1
LDAP Security Vulnerabilities
171
1
File Transfer Services
172
6
FTP
172
3
FTP Security Issues
175
3
Secure File Transfers
178
1
File Sharing
179
2
Protecting Your File Shares
181
1
Chapter Summary
181
1
Key Terms
182
1
Review Questions
183
4
CHAPTER EIGHT
Wireless and Instant Messaging
187
1
The Alphabet Soup of 802.11
188
4
802.11a
188
1
802.11b
189
1
802.11c
189
1
802.11d
189
1
802.11e
190
1
802.11f
190
1
802.11g
190
1
802.11h
190
1
802.11i
190
1
802.11j
191
1
WAP 1.x and WAP 2.0
192
8
How WAP 1.x Works
193
3
The WAP 2.0 Stack
196
2
The Wireless Transport Layer Security Protocol
198
2
Wired Equivalent Privacy
200
3
How WEP Works
201
1
WEP's Weaknesses
201
2
Conducting a Wireless Site Survey
203
3
Conducting a Needs Assessment of the Network Users
203
1
Obtaining a Copy of the Site's Blueprints
204
1
Doing a Walk-Through of the Site
204
1
Identifying Possible Access Point Locations
204
1
Verifying Access Point Locations
205
1
Documenting Your Findings
205
1
Instant Messaging
206
2
A Definition of IM
206
1
Lack of Default Encryption Enables Packet Sniffing
206
1
Social Engineering Overcomes Even Encryption
207
1
Technical Issues Surrounding IM
207
1
Legal Issues Surrounding IM
207
1
Blocking IM
208
1
Cellular Phone SMS
208
1
Chapter Summary
208
1
Key Terms
208
3
Review Questions
211
4
CHAPTER NINE Devices
215
30
Firewalls
216
5
Drafting a Security Policy
216
2
Designing the Firewall to Implement the Policy
218
1
What do Firewalls Protect Against?
218
1
How Do Firewalls Work?
218
3
Routers
221
5
How a Router Moves Information
221
1
Beyond the Firewall
222
3
The OSI Stack
225
1
Limitations of Packet-Filtering Routers
226
1
Switches
226
3
Switch Security
227
2
Wireless
229
1
Modems
229
2
DSL Versus Cable Modem Security
230
1
Dynamic Versus Static IP Addressing
230
1
Remote Access Services
231
1
Security Problems with RAS
231
1
Telecom/Private Branch Exchange
231
1
Virtual Private Networks
232
2
Intrusion Detection Systems
234
2
Computer-based IDS
234
1
Network-based IDS
234
1
Anomaly-based Detection
235
1
Signature-based Detection
236
1
Network Monitoring and Diagnostics
236
1
Workstations and Servers
236
2
Personal Firewall Software Packages
237
1
Antivirus Software Packages
237
1
Mobile Devices
238
1
Chapter Summary
238
1
Key Terms
239
2
Review Questions
241
4
CHAPTER TEN Media and Medium
245
18
Transmission Media
246
4
Coaxial Cable
246
1
Twisted Pair Copper Cable
247
1
Fiber-Optic Cable
248
1
Unguided Transmission
249
1
Securing Transmission Media
250
2
Storage Media 2SZ
Magnetic Storage Media
252
2
Optical Storage Media
254
1
Solid-State Storage Media
255
2
Catastrophic Loss
257
1
Encryption
257
1
Storing and Destruction of Media
257
1
Chapter Summary
258
1
Key Terms
258
1
Review Questions
259
4
CHAPTER ELEVEN Network Security Topologies
263
24
Perimeter Security Topologies
264
5
Three-tiered Architecture
264
3
Creating and Developing Your Security Design
267
2
DMZ
269
4
Intranet
271
1
Extranet
272
1
Network Address Translation
273
2
Tunneling
275
1
Virtual Local Area Networks
276
5
Security Features of VLANs
279
1
Vulnerabilities of VLAN Trunks
280
1
Chapter Summary
281
1
Key Terms
282
1
Review Questions
282
5
CHAPTER TWELVE Intrusion Detection
287
28
The Value of Intrusion Detection
288
2
Negatives and Positives
288
2
Network-based and Host-based IDS
290
10
Network-based IDS
291
5
Host-based IDS
296
4
Active Detection and Passive Detection
300
5
Anomaly-based and Signature-based IDS
302
2
Intrusion Detection Products
304
1
Honeypots
305
3
Honeypot Deployment Options
307
1
Honeypot Design
307
1
Honeypots, Ethics, and the Law
308
1
Incident Response
308
2
IDS Monitoring
308
1
Information Security Incident Response Team
309
1
Chapter Summary
310
1
Key Terms
310
2
Review Questions
312
3
CHAPTER THIRTEEN Security Baselines
315
38
OS/NOS Hardening
316
1
File System
317
4
Creating Needed User Groups
319
1
Configuring Access Controls
319
1
Installing and Configuring File Encryption Capabilities
320
1
Updates
320
1
Network Hardening
321
5
Firmware Updates
322
1
Configuration
322
2
Access Control Lists
324
2
Enabling and Disabling of Services and Protocols
326
2
Application Hardening
328
17
Web Servers
328
2
E-mail Servers
330
2
FTP Servers
332
2
DNS Servers
334
3
NNTP Servers
337
1
File and Print Servers
338
1
DHCP Servers
339
2
Data Repositories
341
1
Directory Services
341
4
Chapter Summary
345
1
Key Terms
346
3
Review Questions
349
4
CHAPTER FOURTEEN Cryptography
353
20
Algorithms
354
1
Hashing
354
1
Symmetric versus Asymmetric Algorithms
354
4
Symmetric Algorithms
355
1
Asymmetric Algorithms
356
1
Common Encryption Algorithms
356
2
Concepts of Using Cryptography
358
2
Digital Signatures
359
1
Certificates
360
3
PKT Certificates
360
2
Trust Models
362
1
Key and Certificate Life Cycle Management
363
5
Setup and Initialization
364
2
Certificate Expiration
366
1
Certificate Revocation and Suspension
367
1
Key History
367
1
Key Archive
367
1
Chapter Summary
368
1
Key Terms
369
1
Review Questions
370
3
CHAPTER FIFTEEN Physical Security
373
18
Physical Controls
374
5
Location and Environment
374
1
Construction
374
1
Physical Barriers
375
3
Physical Surveillance
378
1
Technical Controls
379
6
Personnel Access Controls
379
3
Technical Surveillance
382
1
Ventilation
382
1
Power Supply
382
1
Fire Detection and Suppression
383
1
Shielding
384
1
Natural Disasters
385
1
Chapter Summary
385
1
Key Terms
385
1
Review Questions
386
5
CHAPTER SIXTEEN Disaster Recovery and Business Continuity
391
20
Business Continuity
392
1
Disaster Recovery Planning Process
392
5
Data Backups
393
2
Disaster Recovery Plan
395
2
Policies and Procedures
397
7
Security Policy
397
3
Human Resources Policy
400
2
Incident Response Policy
402
2
Privilege Management
404
2
Chapter Summary
406
1
Key Terms
406
1
Review Questions
406
5
CHAPTER SEVENTEEN Computer Forensics and Advanced Topics
411
Computer Forensics
412
5
Digital Evidence
412
1
Principles of Digital Evidence
412
1
The Forensic Process
413
4
Risk Management
417
1
Asset Identification
417
1
Risk Assessment
417
1
Threat Identification
418
1
Vulnerabilities
418
1
Education and Training
418
1
Communication
418
1
User Awareness
419
1
Auditing
419
2
Documentation
421
2
Standards and Guidelines
421
1
Systems Architecture
421
1
Change Documentation
421
1
Logs and Inventories
422
1
Classification and Notification
422
1
Retention and Storage
422
1
Destruction
423
1
Chapter Summary
423
1
Key Terms
423
1
Review Questions
424
APPENDIX A Answers to Chapter Review Questions
391
50
GLOSSARY
441
18
INDEX
459