Artech House is pleased to offer you this title in a special In-Print-Forever® ( IPF® ) hardbound edition. This book is not available from inventory but can be printed at your request and delivered within 2-4 weeks of receipt of order. Please note that because IPF® books are printed on demand, returns cannot be accepted.
Here's easy-to-understand book that introduces you to fundamental network security concepts, principles, and terms, while providing you with practical techniques that you can apply on the job. It helps you identify the best type of intrusion detection system for your environment, develop organizational guidelines for passwords, set general computer security policies, and perform a security review and risk assessment . The book presents specific tools that can be used to test, strengthen, monitor, and hack systems. From LAN/WAN security, cryptography, digital signatures and certificates, and encryption on the Web - to secure e-mail protocols, biometrics, virtual private network protocols and firewalls, it covers essential topics on network security that can be understood even if you don 't have a technical background. Over 110 illustrations clarify key concepts throughout the book.
Table Of Contents
Basic Security ConceptsWhy is Computer and Network Security Important. Background and History. The Security Trinity. Information Security. Risk Assessment. Security Models. Basic Terminology. More Basic Terminology.; Threats, Vulnerabilities and AttacksProtocols. The OSI Reference Model. TCP/IP Protocol Suite. Useful Web Sites. Search Engines. Mailing Lists.; Encryption, Digital Signatures and CertificationCryptography. Stream Ciphers. Breaking Ciphers. Block Ciphers. Encryption. Public Key Cryptosystems. Message Integrity. Authentication. Digital Signatures. Competing Standards. Digital Certificates. Limitations of Digital Certificates. Certificate Authorities. Public Key Infrastructure. The Future. The Limitations of Encryption.; KerberosHow Kerberos Works. Kerberos ' Limitations.; Encryption on the WWW - The World Wide Web. Secure Sockets Layer (HTTPS). Secure HTTP (SHTTP). Microsoft's Internet Explorer. Viewing Digital Certificates with Internet Explorer. Viewing the Encryption Strength of IE5. Viewing Certification Authorities with IE5. Netscape Navigator. Viewing Digital Certificates with Navigator. Authenticode Certificates.; E-Mail - E-Mail Issues. E-Mail Issues. Secure E-Mail Protocols. Web-Based E-Mail Services. Security of Stored Messages. Identity: Spoofing and Hiding. E-Mail as a weapon. E-Mail Policies. E-Mail Privacy. Auto-Responses.; Operating System SecurityPasswords. Password Attacks. Onetime Passwords. Access Control. Data Redundancy. General Recommendations. Modems. Useful Tools.; LAN Security - LAN Guidelines. Controlling End-User Access. Concurrent Logins. Available Disk Space. Restrictions to Location or Workstation. Time/Day Restrictions. Access to Directories and Trustee Rights. File Attributes. Other Privileges. Single Sign-On. Policy-Based Network Management. Honeypot Systems. Network Segmentation. Static IP Addresses vs. DHCP; Media and ProtocolsNetwork Media. Plenum Cabling and Risers. WANs. Redundancy and Alternative Connections.; Routers and SNMPRouter Issues. SNMP.; Virtual Private NetworksEncryption on the Network. Node-to-Node Encryption. End-to-End Encryption. Where to Encrypt. Virtual Private Networks. PPTP. L2TP. IPSec. SOCKS.; FirewallsFirewalls Pros and Cons. Types of Firewalls. Packet Filters vs. Proxies. Firewall Configurations. Restricting Users ' Access to the Internet. Firewall Products. Personal Firewalls; BiometricsIdentification and Authentication. Biometric Identification and Authentication. Biometric Identification Reliability. Backup Authentication. Environmental Conditions. User Acceptance. Security of the Biometric System. Interoperability. Costs vs. Savings.; Policies and ProceduresPolicies vs. Procedures. Information Security Policy Objectives. Developing Security Policies. Policy and Procedure Manuals. Policy Awareness & Education. Policy Enforcement. Policy Format. Security Policy Suggestions. Information Protection Team. Crisis Management Planning. Sources for Information Policies.; Auditing and Intrusion DetectionWhat Is an Audit. Operational Security Audits. System Security Auditing. Activity and Usage Auditing. Audit Mistakes. Deficiencies of Traditional Audit Techniques. Intrusion Detection. Intrusion Detection Systems. Host-Based Intrusion Detection Systems. Network-Based Intrusion Detection Systems. Knowledge-Based Intrusion Detection Systems. Statistical-Based Intrusion Detection Systems. Defense In-Depth Approach. Future Directions.; Crisis Management PlanningCrisis Management. Disaster Recovery Planning. Computer Security Incident Response Plan.; Browser SecurityCookie Files. Cache Files. Autocomplete.
John E. Canavan
John E. Canavan is vice president, information systems and technology at Bethpage FCU. He holds a B.S. in information systems from Quinnipiac University and a M.S. in telecommunications management from Golden Gate University.