Corporate Computer Security, Global Edition

BRIEF CONTENTS<br><br>Preface xviii <br>About the Authors xxiv <br> Chapter 1 The Threat Environment 1 <br>1.1 Introduction 1 <br>1.2 Employee and Ex-employee Threats 9 <br>1.3 Malware 17 <br>1.4 Hackers and Attacks 30 <br>1.5 The Criminal Era 40 <br>1.6 Competitor Threats 50 <br>1.7 Cyberwar and Cyberterror 53 <br>1.8 Conclusion 55 <br> Chapter 2 Planning and Policy 59 <br>2.1 Introduction 60 <br>2.2 Compliance Laws and Regulations 69 <br>2.3 Organization 76 <br>2.4 Risk Analysis 85 <br>2.5 Technical Security Architecture 94 <br>2.6 Policy-Driven Implementation 99 <br>2.7 Governance Frameworks 117 <br>2.8 Conclusion 123 <br> Chapter 3 Cryptography 127 <br>3.1 What is Cryptography? 128 <br>3.2 Symmetric Key Encryption Ciphers 139 <br>3.3 Cryptographic System Standards 145 <br>3.4 The Negotiation Stage 147 <br>3.5 Initial Authentication Stage 149 <br>3.6 The Keying Stage 152 <br>3.7 Message-By-Message Authentication 157 <br>3.8 Quantum Security 169 <br>3.9 Cryptographic Systems 170 <br>3.10 SSL/TLS 173 <br>3.11 IPsec 179 <br>3.12 Conclusion 185 <br> Chapter 4 Secure Networks 191 <br>4.1 Introduction 191 <br>4.2 DoS Attacks 195 <br>4.3 ARP Poisoning 207 <br>4.4 Access Control for Networks 214 <br>4.5 Ethernet Security 216 <br>4.6 Wireless Security 220 <br>4.7 Conclusion 240 <br> Chapter 5 Access Control 245 <br>5.1 Introduction 246 <br>5.2 Physical Access and Security 250 <br>5.3 Passwords 260 <br>5.4 Access Cards and Tokens 268 <br>5.5 Biometric Authentication 273 <br>5.6 Cryptographic Authentication 287 <br>5.7 Authorization 290 <br>5.8 Auditing 292 <br>5.9 Central Authentication Servers 294 <br>5.10 Directory Servers 296 <br>5.11 Full Identity Management 301 <br>5.12 Conclusion 307 <br> Chapter 6 Firewalls 313 <br>6.1 Introduction 314 <br>6.2 Static Packet Filtering 321 <br>6.3 Stateful Packet Inspection 323 <br>6.4 Network Address Translation 335 <br>6.5 Application Proxy Firewalls and Content Filtering 337 <br>6.6 Intrusion Detection Systems and Intrusion Prevention Systems 345 <br>6.7 Antivirus Filtering and Unified Threat Management 349 <br>6.8 Firewall Architectures 354 <br>6.9 Firewall Management 357 <br>6.10 Firewall Filtering Problems 367 <br>6.11 Conclusion 369 <br>Chapter 7 Host Hardening 375 <br>7.1 Introduction 375 <br>7.2 Important Server Operating Systems 385 <br>7.3 Vulnerabilities and Patches 392 <br>7.4 Managing Users and Groups 401 <br>7.5 Managing Permissions 404 <br>7.6 Creating Strong Passwords 408 <br>7.7 Testing for Vulnerabilities 416 <br>7.8 Conclusion 429 <br> Chapter 8 Application Security 433 <br>8.1 Application Security And Hardening 433 <br>8.2 WWW and E-Commerce Security 446 <br>8.3 Web Browser Attacks 454 <br>8.4 E-Mail Security 463 <br>8.5 Voice over IP Security 468 <br>8.6 Other User Applications 477 <br>8.7 Conclusion 480 <br> Chapter 9 Data Protection 485 <br>9.1 Introduction 485 <br>9.2 Data Protection: Backup 487 <br>9.3 Backup Media and Raid 495 <br>9.4 Data Storage Policies 503 <br>9.5 Database Security 511 <br>9.6 Data Loss Prevention 523 <br>9.7 Conclusion 537 <br> Chapter 10 Incident and Disaster Response 541 <br>10.1 Introduction 541 <br>10.2 The Intrusion Response Process For Major Incidents 548 <br>10.3 Intrusion Detection Systems 566 <br>10.4 Business Continuity Planning 581 <br>10.5 It Disaster Recovery 585 <br>10.6 Conclusion 591 <br>A.1 Introduction 595 <br>A.2 A Sampling of Networks 596 <br>A.3 Network Protocols and Vulnerabilities 604 <br>A.4 Core Layers in Layered Standards Architectures 605 <br>A.5 Standards Architectures 606 <br>A.6 Single-Network Standards 608 <br>A.7 Internetworking Standards 610 <br>A.8 The Internet Protocol 611 <br>A.9 The Transmission Control Protocol 616 <br>A.10 The User Datagram Protocol 625 <br>A.11 TCP/IP Supervisory Standards 626 <br>A.12 Application Standards 632 <br>A.13 Conclusion 634 <br> <br>Glossary 637 <br>index 655 <br>