CourseSmart Reader

Wiley Pathways Network Security Fundamentals

by Cole, Eric; Krutz, Ronald L., Carnegie-Mellon Univ., Huntingdon, Pennsylvania; Conley, James; Reisman, Brian; Ruebush, Mitch; Gollmann, Dieter, Microsoft Research, Cambridge, UK; Reese, Rachelle

Publisher: John Wiley & Sons

Publishing Date: 2007/08/24

eText ISBN-10

0-470-28256-8

eText ISBN-13

978-0-470-28256-4

Print ISBN-10

0-470-10192-X

Print ISBN-13

978-0-470-10192-6

« Back to My CourseSmart

Wiley Pathways Network Security Fundamentals

by Cole, Eric; Krutz, Ronald L., Carnegie-Mellon Univ., Huntingdon, Pennsylvania; Conley, James; Reisman, Brian; Ruebush, Mitch; Gollmann, Dieter, Microsoft Research, Cambridge, UK; Reese, Rachelle

eTextbook $30.50

(180 day subscription)

Buy Online Version

Buy Downloadable Version

Compare Online & Downloadable

View Student Resources

Table of Contents

ABOUT THE AUTHOR, v

ACKNOWLEDGMENTS, xv

1. Network Security Principles, 1

Introduction, 2

1.1. Importance of Computer and Network Security, 2

1.1.1. Exposing Secrets, 2

1.1.2. Causing System Failures, 3

1.1.3. Profile of an Attacker, 4

1.1.4. Social Engineering, 4

1.1.5. Security Defined, 5

1.2. Underlying Computer and Network Security Concepts, 6

1.2.1. Confidentiality, 7

1.2.2. Integrity, 7

1.2.3. Availability, 8

1.2.4. Accountability, 9

1.2.5. Nonrepudiation, 10

1.3. Threats and Countermeasures, 11

1.3.1. Assessing Assets, Vulnerabilities and Threats to Calculate Risk, 12

1.3.2. Calculating Risk, 15

1.3.3. Countermeasures—Risk Mitigation, 16

1.4. Policies and Standards, 20

1.4.1. Security Policy, 20

1.4.2. Standards, 21

1.4.3. Informing Users of the Importance of Security, 23

Assess Your Understanding, 26

Summary Questions, 26

Applying This Chapter, 27

2. Network and Server Security, 30

Introduction, 31

2.1. Network Protocols Review, 31

2.1.1. Understanding Protocols, 31

2.1.2. The Open Systems Interconnect Model, 32

2.1.3. The TCP/IP Model, 39

2.1.4. TCP/IP Ports, 43

2.2. Best Practices for Network Security, 45

2.2.1. Security by Design, 46

2.2.2. Maintaining a Security Mindset, 47

2.2.3. Defense-in-Depth, 47

2.3. Securing Servers, 49

2.3.1. Controlling the Server Configuration, 49

2.4. Border Security, 57

2.4.1. Segmenting a Network, 57

2.4.2. Perimeter Defense, 58

2.4.3. Firewalls, 58

2.4.4. Network Address Translation, 65

Assess Your Understanding, 70

Summary Questions, 70

Applying This Chapter, 71

3. Cryptography, 74

Introduction, 75

3.1. Cryptography Overview, 75

3.1.1. A Brief History of Cryptography, 75

3.1.2. Cryptographic Primitives, 79

3.1.4. Cast of Characters, 82

3.2. Symmetric Encryption, 83

3.2.1. Understanding Symmetric Encryption, 83

3.2.2. Encryption Strength, 84

3.2.3. Stream Ciphers, 84

3.2.4. Block Ciphers, 85

3.2.5. Sharing Keys, 88

3.3. Asymmetric Encryption, 90

3.3.1. Ensuring Confidentiality with Asymmetric Encryption, 91

3.3.2. Digital Signatures, 92

3.4. Hashes, 93

3.4.1. Hash Functions, 93

3.4.2. Using Hash Functions to Ensure Integrity, 94

3.4.3. A Vulnerability When Protecting Passwords, 94

3.4.4. Creating Pseudorandom Data with Hash Functions, 95

3.4.5. Keyed Hash Functions, 96

3.5. Achieving CIA, 97

3.5.1. Confidentiality, 97

3.5.2. Integrity, 97

3.5.3. Authentication, 98

3.6. Public Key Infrastructure (PKI), 99

3.6.1. Digital Certificates, 99

3.6.2. Public Key Infrastructure, 100

3.6.3. Designing a CA Hierarchy, 103

3.6.4. Security Policy and PKI Implementation, 107

3.6.5. Trusting Certificates from Other Organizations, 108

3.6.6. Creating an Enrollment and Distribution Strategy, 110

3.6.7. Renewing Certificates, 110

3.6.8. Revoking a Certificate, 111

Self-Check, 112

Assess Your Understanding, 115

Summary Questions, 115

Applying This Chapter, 116

You Try It, 117

4. Authentication, 118

Introduction, 119

4.1. Authentication Overview, 119

4.1.1. Interactive Logon, 119

4.1.2. Peer-to-Peer Network Logon, 120

4.1.3. Computer Authentication, 120

4.1.4. Mutual Authentication, 121

4.1.5. Application Authentication, 123

Self-Check, 124

4.2. Authentication Credentials, 125

4.2.1. Password Authentication, 125

4.2.2. One-Time Passwords, 128

4.2.3. Smart Cards, 128

4.2.4. Biometrics, 129

Self-Check, 131

4.3. Authentication Protocols, 131

4.3.1. LAN Manager-Based Protocols, 131

4.3.2. Kerberos, 134

Self-Check, 136

4.4. Best Practices for Secure Authentication, 136

4.4.1. Password Policies, 137

4.4.2. Account Lockout Policy, 139

4.4.3. Account Logon Hours, 140

4.4.4. Account Logon Workstation, 140

4.4.5. Auditing Logons, 141

Self-Check, 143

Assess Your Understanding, 145

Summary Questions, 145

Applying This Chapter, 146

You Try It, 148

5. Authorization and Access Control, 149

Introduction, 150

5.1. Access Control Models, 150

5.1.1. Discretionary Access Control (DAC), 150

5.1.2. Mandatory Access Control (MAC), 151

5.1.3. Role-Based Access Control (RBAC), 152

5.1.4. Principle of Least Permission, 154

Self-Check, 154

5.2. Implementing Access Control on Windows Computers, 154

5.2.1. Principals, 154

5.2.2. Windows Access Control Model, 161

5.2.3. Understanding Active Directory Object Permissions, 163

5.2.4. Designing Access Control for Files and Folders, 165

5.2.5. User Rights Assignment, 172

Self-Check, 173

5.3. Implementing Access Control on Unix Computers, 174

5.3.1. Principals, 174

5.3.2. Objects, 176

Self-Check, 181

Assess Your Understanding, 184

Summary Questions, 184

Applying This Chapter, 185

You Try It, 187

6. Securing Network Transmission, 188

Introduction, 189

6.1. Analyzing Security Requirements for Network Traffic, 189

6.1.1. Types of Attacks, 189

6.1.2. Considerations for Designing a Secure Infrastructure, 192

6.1.3. Securely Transmitting Data, 193

Self-Check, 194

6.2. Defining Network Perimeters, 195

6.2.1. Isolating Insecure Networks Using Subnets, 195

6.2.2. Switches and VLANs, 196

6.2.3. Using IP Address and IP Packet Filtering, 199

Self-Check, 201

6.3. Data Transmission Protection Protocols, 201

6.3.1. SSL and TLS, 201

6.3.2. IP Security (IPsec), 205

6.3.3. Server Message Block Signing, 211

6.3.4. Secure Shell, 212

Self-Check, 214

Assess Your Understanding, 217

Summary Questions, 217

Applying This Chapter, 218

You Try It, 220

7. Remote Access and Wireless Security, 221

Introduction, 222

7.1. Dial-Up Networking, 222

7.1.1. Dial-Up Networking Protocols, 222

7.1.2. Dial-Up Networking Authentication Protocols, 223

7.1.3. Limiting Dial-Up Access, 228

7.1.4. Preventing Access to the Network, 229

Self-Check, 230

7.2. Virtual Private Networks, 230

7.2.1. Point-to-Point Tunneling Protocol (PPTP), 231

7.2.2. L2TP and IPsec, 233

7.2.3. Hardware VPN Solutions, 234

Self-Check, 235

7.3. RADIUS and TACACS, 235

7.3.1. Using RADIUS Authentication, 236

7.3.2. Using TACACS and TACACS+, 237

Self-Check, 239

7.4. Wireless Networks, 239

7.4.1. Wireless Networking Standards, 239

7.4.2. Wireless Modes, 240

7.4.3. Preventing Intruders from Connecting to a Wireless Network, 240

7.4.4. Wired Equivalent Privacy (WEP), 241

7.4.5. WiFi Protected Access (WPA), 244

7.4.6. 802.1x, 246

7.4.7. 802.11i, 252

7.4.8. Designing for an Open Access Point, 253

7.4.9. Identifying Wireless Network Vulnerabilities, 253

Self-Check, 255

Assess Your Understanding, 258

Summary Questions, 258

Applying This Chapter, 259

You Try It, 261

8. Server Roles and Security, 262

Introduction, 263

8.1. Server Roles and Baselines, 263

8.1.1. Trusted Computing Base, 263

8.1.2. Secure Baseline, 264

8.1.3. Preparing to Implement the Baseline, 265

8.1.4. Security Templates, 265

8.1.5. Security Configuration Wizard, 270

8.1.6. Secure Baseline Configuration for Linux Servers, 272

8.1.7. Virtualization, 273

Self-Check, 274

8.2. Securing Network Infrastructure Servers, 274

8.2.1. Securing DNS Servers, 275

8.2.2. Securing DHCP Servers, 284

8.2.3. Securing WINS Servers, 287

8.2.4. Securing Remote Access Servers, 288

8.2.5. Securing NAT Servers, 289

Self-Check, 289

8.3. Securing Domain Controllers, 289

Self-Check, 292

8.4. Securing File and Print Servers, 292

8.4.1. Securing File Servers, 292

8.4.2. Securing Print Servers, 293

8.4.3. Securing FTP Server, 295

Self-Check, 297

8.5. Securing Application Servers, 298

8.5.1. Securing Web Servers, 298

8.5.2. Securing Database Servers, 301

Self-Check, 304

Assess Your Understanding, 306

Summary Questions, 306

Applying This Chapter, 307

You Try It, 309

9. Protecting Against Malware, 310

Introduction, 311

9.1. Viruses and Other Malware, 311

9.1.1. Viruses, 311

9.1.2. Worms, 312

9.1.3. Trojan Horses, 312

9.1.4. Browser Parasites, 313

9.1.5. Spyware, 314

9.1.6. Backdoors, 314

Self-Check, 315

9.2. Protecting the Workstation, 315

9.2.1. Antivirus Software, 317

9.2.2. Anti-Spyware, 317

9.2.3. Computer Configuration Guidelines, 318

9.2.4. User Training, 320

Self-Check, 323

9.3. Web Browser Security, 323

9.3.1. Web Browser Risks, 323

9.3.2. Web Browser Technologies, 324

9.3.3. Specific Threats to a Browser Session, 327

9.3.4. Browser Configuration, 329

9.3.5. Internet Explorer Security Zones, 334

9.3.6. Configuring Web Features in Firefox, 337

Self-Check, 337

9.4. Email Security, 337

9.4.1. Attacks that Disclose Data, 337

9.4.2. Spam, 342

9.4.3. Protecting Against Malcode Propagated by Email, 345

9.4.4. Mail Client Configurations, 346

9.4.5. Architectural Considerations, 347

Self-Check, 349

Assess Your Understanding, 352

Summary Questions, 352

Applying This Chapter, 353

You Try It, 355

10. Ongoing Security Management, 356

Introduction, 357

10.1. Managing Updates, 357

10.1.1. Configuration Management, 357

10.1.2. Understanding the Components of Configuration Management, 358

10.1.3. Importance of Automating Updates, 360

10.1.4. Creating a Security Update Infrastructure, 360

10.1.5. A WSUS Solution, 362

10.1.6. Configuring SUS Clients, 362

Self-Check, 367

10.2. Auditing and Logging, 367

10.2.1. Security Audits, 367

10.2.2. Monitoring, 368

10.2.3. Auditing on Unix, 368

10.2.4. Auditing in Windows, 369

Self-Check, 371

10.3. Secure Remote Administration, 371

10.3.1. Creating a Remote Management Plan, 372

10.3.2. Remote Management Security Considerations, 374

10.3.3. Planning Remote Management Deployment, 375

10.3.4. Securing Windows Inbound Management Tools, 376

10.3.5. Securing TCP/IP Remote Management Tools, 382

10.3.6. Designing for Emergency Management Services, 383

Self-Check, 390

11. Disaster Recovery and Fault Tolerance, 395

Introduction, 396

11.1. Planning for the Worst, 396

11.1.1. Business Continuity Planning, 396

11.1.2. Disaster Recovery Planning, 399

11.1.3. Designing an Incident Response Procedure, 403

Self-Check, 407

11.2. Creating a Backup Strategy, 407

11.2.1. Analyzing Backup Requirements, 407

11.2.2. Backing Up System Configurations, 408

11.2.3. Choosing a Backup Tool, 408

11.2.4. Choosing the Backup Media, 409

11.2.5. Determining the Types of Backup, 410

11.2.6. Determining Backup Frequency, 411

11.2.7. Assigning Responsibility for Backups, 413

11.2.8. Testing Recovery, 414

Self-Check, 414

11.3. Designing for Fault Tolerance, 415

11.3.1. Eliminating Single Points of Failure, 415

11.3.2. Selecting Fault Tolerant Storage, 416

11.3.3. RAID Levels, 416

11.3.4. Choosing Between Hardware and Software RAID, 421

11.3.5. Storage Area Networks (SANs), 423

11.3.6. Designing a Failover Solution, 425

Self-Check, 427

Assess Your Understanding, 429

Summary Questions, 429

Applying This Chapter, 430

You Try It, 432

12. Intrusion Detection and Forensics, 433

Introduction, 434

12.1. Intrusion Detection, 434

12.1.1. Intrusion Detection and Response, 434

12.1.2. Intrusion Detection Systems (IDS), 434

12.1.3. IDS Issues, 438

12.1.4. Intrusion Prevention Systems (IPS), 439

Self-Check, 439

12.2. Honeypots, 439

12.2.1. Preventing, Detecting, and Responding to Attacks, 440

12.2.2. Honeypot Categories, 441

12.2.3. When to Use a Honeypot, 442

12.2.4. Legal Considerations, 443

Self-Check, 444

12.3. Forensics, 444

12.3.1. Understanding Evidence, 444

12.3.2. Gathering Evidence on a Live System, 445

12.3.3. Preparing a Hard Drive Image, 448

12.3.4. Searching for Data on a Hard Drive, 450

Self-Check, 457

Assess Your Understanding, 459

Summary Questions, 459

Applying This Chapter, 460

You Try It, 461

Please use the Print button in the CourseSmart Reader header.