Corporate Computer and Network Security / Edition 1

Corporate Computer and Network Security / Edition 1

by Raymond Panko
     
 

ISBN-10: 0130384712

ISBN-13: 9780130384713

Pub. Date: 03/17/2003

Publisher: Prentice Hall

This textbook provides a framework for thinking about security, with attention to specific types of security problems and the tools for addressing them. Specific chapters discuss firewalls, host security, cryptography, application security, and incident and disaster response. Panko teaches that the University of Hawaii. Annotation (c)2003 Book News, Inc., Portland, OR

Overview

This textbook provides a framework for thinking about security, with attention to specific types of security problems and the tools for addressing them. Specific chapters discuss firewalls, host security, cryptography, application security, and incident and disaster response. Panko teaches that the University of Hawaii. Annotation (c)2003 Book News, Inc., Portland, OR

Product Details

ISBN-13:
9780130384713
Publisher:
Prentice Hall
Publication date:
03/17/2003
Edition description:
Older Edition
Pages:
544
Product dimensions:
7.10(w) x 9.28(h) x 0.99(d)

Table of Contents

Prefacexvii
About the Authorxxii
Chapter 1A Framework1
Corporations at Risk2
Attackers11
Attacks20
Penetration Attacks and Defenses26
Security Management31
The Plan-Protect-Respond (PPR) Cycle34
The Book40
Conclusion41
Chapter 1AExamples of Security Problems45
Introduction45
Examples45
The September 11 Disaster52
Chapter 2Access Control and Site Security55
Introduction56
Reusable Passwords58
Building Security70
Access Cards74
Biometric Authentication76
802.11 Wireless LAN (WLAN) Security83
Conclusion90
Chapter 3Review of TCP/IP Internetworking93
Introduction: A Review94
Single Networks Versus Internets94
TCP/IP Standards94
Layer Cooperation105
The Internet Protocol (IP)109
Transmission Control Protocol (TCP)121
User Datagram Protocol (UDP)128
Internet Control Message Protocol (ICMP) for Supervisory Information129
Conclusion133
Chapter 4Attack Methods135
Introduction136
Targeted Hacking Attacks (System Penetration/Break-Ins)136
Denial-of-Service Attacks155
Malware Attacks161
Conclusion170
Chapter 5Firewalls173
Introduction174
Firewall Hardware and Software177
Static Packet Filter Firewalls182
Stateful Firewalls189
Network Address Translation194
Application Firewalls196
Firewall Architectures201
Configuring, Testing, and Maintaining Firewalls208
Check Point and Cisco Systems Firewalls210
Conclusion213
Chapter 6Host Security215
Introduction216
Installation and Patching224
Turning Off Unnecessary Services228
Managing Users and Groups233
Managing Permissions238
Advanced Server Hardening Techniques243
Testing for Vulnerabilities249
Hardening Clients251
Palladium253
Conclusion254
Chapter 7The Elements of Cryptography255
Cryptographic Elements and Systems256
Encryption for Confidentiality256
Encryption for Confidentiality with Symmetric Key Encryption259
Encryption for Confidentiality with Public Key Encryption266
Encryption for Authentication268
Digital Certificates273
Symmetric Key Exchange279
Replay Attacks and Defenses282
Advanced Topics: Quantum Computing and Steganography284
Conclusion287
Chapter 8Cryptographic Systems: SSL/TLS, VPNs, and Kerberos289
Introduction290
SSL/TLS294
PPP297
PPTP and L2TP302
IPsec307
Kerberos315
Firewalls and Cryptographic Systems320
Conclusion321
Chapter 9Application Security: Electronic Commerce and E-Mail323
General Application Security Issues324
Webservice and E-Commerce Security330
E-Mail345
Security Issues in Other Applications354
Conclusion357
Chapter 10Incident and Disaster Response359
Introduction360
Backup362
Intrusion Detection Systems (IDSs)365
The Intrusion Response Process382
Business Continuity Planning389
Disaster Recovery391
Conclusion396
Chapter 11Managing the Security Function399
Introduction400
Organization400
Risk Analysis409
Security Architecture414
Control Principles419
Managing Operations422
Mobilizing Users426
Vulnerability Testing429
Conclusion432
Chapter 12The Broader Perspective433
Introduction434
Laws Governing Computer Crimes434
Consumer Privacy437
Employee Workplace Monitoring449
Government Surveillance456
Cyberwar and Cyberterror460
Conclusion469
Glossary471
Index501

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >