Details
Cybersecurity Essentials
1. Aufl.
|
27,99 € |
|
| Verlag: | Wiley |
| Format: | |
| Veröffentl.: | 31.08.2018 |
| ISBN/EAN: | 9781119362432 |
| Sprache: | englisch |
| Anzahl Seiten: | 784 |
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.
Beschreibungen
<b>An accessible introduction to cybersecurity concepts and practices</b> <p><i>Cybersecurity Essentials</i> provides a comprehensive introduction to the field, with expert coverage of essential topics required for entry-level cybersecurity certifications. An effective defense consists of four distinct challenges: securing the infrastructure, securing devices, securing local networks, and securing the perimeter. Overcoming these challenges requires a detailed understanding of the concepts and practices within each realm. This book covers each challenge individually for greater depth of information, with real-world scenarios that show what vulnerabilities look like in everyday computing scenarios. Each part concludes with a summary of key concepts, review questions, and hands-on exercises, allowing you to test your understanding while exercising your new critical skills. <p>Cybersecurity jobs range from basic configuration to advanced systems analysis and defense assessment. This book provides the foundational information you need to understand the basics of the field, identify your place within it, and start down the security certification path. <ul> <li>Learn security and surveillance fundamentals</li> <li>Secure and protect remote access and devices</li> <li>Understand network topologies, protocols, and strategies</li> <li>Identify threats and mount an effective defense</li> </ul> <p><i>Cybersecurity Essentials</i> gives you the building blocks for an entry level security certification and provides a foundation of cybersecurity knowledge
<p>Introduction xix</p> <p><b>PART I SECURING THE INFRASTRUCTURE 1</b></p> <p><b>Chapter 1 </b><b>Infrastructure Security in the Real World 3</b></p> <p>Security Challenges 3</p> <p>Infrastructure Security Scenario 1 4</p> <p>Infrastructure Security Scenario 2 6</p> <p>Summary 8</p> <p><b>Chapter 2 </b><b>Understanding Access-Control and Monitoring Systems 9</b></p> <p>A Quick Primer on Infrastructure Security 9</p> <p>Access Control 12</p> <p>Security Policies 14</p> <p>Physical Security Controls 15</p> <p>Locks and Keys 16</p> <p>Standard Key-Locking Deadbolts 17</p> <p>Solenoid-Operated Deadbolt Locks 18</p> <p>Cipher Locks 19</p> <p>Access-Control Gates 20</p> <p>Sliding Gates 20</p> <p>Swinging Gates 21</p> <p>Control Relays 21</p> <p>Authentication Systems 23</p> <p>Magnetic Stripe Readers 24</p> <p>Smart Cards 25</p> <p>RFID Badges 26</p> <p>Biometric Scanners 27</p> <p>Remote-Access Monitoring 29</p> <p>Opened- and Closed-Condition Monitoring 30</p> <p>Automated Access-Control Systems 32</p> <p>Hands-On Exercises 33</p> <p>Discussion 34</p> <p>Procedure 35</p> <p>Review Questions 43</p> <p><b>Chapter 3 </b><b>Understanding Video Surveillance Systems 45</b></p> <p>Video Surveillance Systems 45</p> <p>Cameras 46</p> <p>Hands-On Exercises 60</p> <p>Discussion 61</p> <p>Procedure 61</p> <p>Review Questions 69</p> <p><b>Chapter 4 </b><b>Understanding Intrusion-Detection and Reporting Systems 71</b></p> <p>Intrusion-Detection and Reporting Systems 71</p> <p>Security Controllers 74</p> <p>Sensors 77</p> <p>Vehicle-Detection Sensors 82</p> <p>Fire-Detection Sensors 85</p> <p>Output Devices 87</p> <p>Hands-On Exercises 90</p> <p>Discussion 90</p> <p>Procedure 92</p> <p>Review Questions 94</p> <p><b>Chapter 5 </b><b>Infrastructure Security: Review Questions and Hands-On Exercises 97</b></p> <p>Summary Points 97</p> <p>Security Challenge Scenarios 101</p> <p>Infrastructure Security Scenario 1 101</p> <p>Infrastructure Security Scenario 2 102</p> <p>Professional Feedback 102</p> <p>Review Questions 107</p> <p>Exam Questions 109</p> <p><b>PART II SECURING LOCAL HOSTS 113</b></p> <p><b>Chapter 6 </b><b>Local Host Security in the Real World 115</b></p> <p>Security Challenges 115</p> <p>Computing Device Security Scenario 1 116</p> <p>Computing Device Security Scenario 2 117</p> <p>Summary 120</p> <p><b>Chapter 7 </b><b>Securing Devices 121</b></p> <p>The Three Layers of Security 121</p> <p>Securing Host Devices 123</p> <p>Securing Outer-Perimeter Portals 124</p> <p>Additional Inner-Perimeter Access Options 127</p> <p>Hands-On Exercises 137</p> <p>Objectives 137</p> <p>Procedure 137</p> <p>Review Questions 148</p> <p><b>Chapter 8 </b><b>Protecting the Inner Perimeter 149</b></p> <p>The Inner Perimeter 149</p> <p>Operating Systems 151</p> <p>Operating System Security Choices 168</p> <p>Common Operating System Security Tools 169</p> <p>Using Local Administrative Tools 177</p> <p>Implementing Data Encryption 182</p> <p>Hands-On Exercises 188</p> <p>Objectives 188</p> <p>Resources 188</p> <p>Discussion 189</p> <p>Procedures 190</p> <p>Tables 200</p> <p>Lab Questions 201</p> <p><b>Chapter 9 </b><b>Protecting Remote Access 203</b></p> <p>Protecting Local Computing Devices 203</p> <p>Using a Secure Connection 204</p> <p>Establishing and Using a Firewall 204</p> <p>Installing and Using Anti-Malware Software 205</p> <p>Removing Unnecessary Software 205</p> <p>Disabling Nonessential Services 205</p> <p>Disabling Unnecessary OS Default Features 205</p> <p>Securing the Web Browser 205</p> <p>Applying Updates and Patches 206</p> <p>Requiring Strong Passwords 206</p> <p>Implementing Local Protection Tools 206</p> <p>Software-Based Local Firewalls 207</p> <p>Using Local Intrusion-Detection Tools 209</p> <p>Profile-Based Anomaly-Detection Systems 210</p> <p>Threshold-Based Anomaly-Detection Systems 211</p> <p>Configuring Browser Security Options 211</p> <p>Configuring Security Levels 213</p> <p>Configuring Script Support 214</p> <p>Defending Against Malicious Software 218</p> <p>Using Antivirus Programs 220</p> <p>Using Antispyware 221</p> <p>Hardening Operating Systems 222</p> <p>Service Packs 222</p> <p>Patches 222</p> <p>Updates 223</p> <p>Overseeing Application Software Security 223</p> <p>Software Exploitation 223</p> <p>Applying Software Updates and Patches 224</p> <p>Hands-On Exercises 225</p> <p>Objectives 225</p> <p>Resources 225</p> <p>Discussion 225</p> <p>Procedures 226</p> <p>Tables 241</p> <p>Lab Questions 242</p> <p><b>Chapter 10 </b><b>Local Host Security: Review Questions and Hands-On Exercises 243</b></p> <p>Summary Points 243</p> <p>Security Challenge Scenarios 248</p> <p>Computing Device Security Scenario 1 248</p> <p>Computing Device Security Scenario 2 248</p> <p>Professional Feedback 248</p> <p>Review Questions 257</p> <p>Exam Questions 259</p> <p><b>PART III SECURING LOCAL NETWORKS 263</b></p> <p><b>Chapter 11 </b><b>Local Network Security in the Real World 265</b></p> <p>Security Challenges 266</p> <p>Local Network Security Scenario 1 266</p> <p>Local Network Security Scenario 2 270</p> <p>Summary 272</p> <p><b>Chapter 12 </b><b>Networking Basics 273</b></p> <p>Understanding the Basics of Networking 273</p> <p>Campus Area Networks or Corporate Area Networks (CANs) 274</p> <p>Metropolitan Area Networks (MANs) 274</p> <p>Wireless Local Area Networks (WLANs) 274</p> <p>Storage Area Networks (SANs) 274</p> <p>The OSI Networking Model 275</p> <p>Layer 1: Physical 276</p> <p>Layer 2: Data Link 276</p> <p>Layer 3: Network 276</p> <p>Layer 4: Transport 276</p> <p>Layer 5: Session 276</p> <p>Layer 6: Presentation 277</p> <p>Layer 7: Application 277</p> <p>Data Transmission Packets 277</p> <p>OSI Layer Security 278</p> <p>Network Topologies 280</p> <p>Bus Topology 280</p> <p>Ring Topology 280</p> <p>Star Topology 281</p> <p>Mesh Topology 282</p> <p>Logical Topologies 282</p> <p>Hands-On Exercises 283</p> <p>Objectives 283</p> <p>Resources 283</p> <p>Discussion 283</p> <p>Procedure 284</p> <p>Lab Questions 295</p> <p>Lab Answers 295</p> <p><b>Chapter 13 </b><b>Understanding Networking Protocols 297</b></p> <p>The Basics of Networking Protocols 297</p> <p>MAC Addresses 298</p> <p>TCP/IP 299</p> <p>Ethernet 309</p> <p>Network Control Strategies 311</p> <p>Hands-On Exercises 313</p> <p>Objectives 313</p> <p>Discussion 313</p> <p>Procedures 314</p> <p>Lab Questions 325</p> <p>Lab Answers 326</p> <p><b>Chapter 14 </b><b>Understanding Network Servers 327</b></p> <p>The Basics of Network Servers 327</p> <p>Server Security 330</p> <p>Network Administrators 331</p> <p>Server Software Security 335</p> <p>User Accounts 341</p> <p>Network Authentication Options 347</p> <p>Establishing Resource Controls 348</p> <p>Maintaining Server Security 352</p> <p>Vulnerability Scanning 358</p> <p>Hands-On Exercises 361</p> <p>Objectives 361</p> <p>Resources 361</p> <p>Discussion 362</p> <p>Procedures 362</p> <p>Lab Questions 382</p> <p>Lab Answers 382</p> <p><b>Chapter 15 </b><b>Understanding Network Connectivity Devices 385</b></p> <p>Network Switches 386</p> <p>Routers 388</p> <p>Gateways 390</p> <p>Network Bridges 391</p> <p>Wireless Network Connectivity 392</p> <p>Network Connectivity Device Vulnerabilities 392</p> <p>Network Connectivity Device Attacks 393</p> <p>Network Connectivity Defense 397</p> <p>Network Hardening 398</p> <p>Hands-On Exercises 399</p> <p>Objectives 399</p> <p>Resources 399</p> <p>Procedures 399</p> <p>Lab Questions 404</p> <p>Lab Answers 404</p> <p><b>Chapter 16 </b><b>Understanding Network Transmission Media Security 407</b></p> <p>The Basics of Network Transmission Media 407</p> <p>Copper Wire 408</p> <p>Light Waves 410</p> <p>Wireless Signals 412</p> <p>Transmission Media Vulnerabilities 415</p> <p>Securing Wireless Networks 415</p> <p>Hands-On Exercises 417</p> <p>Objectives 417</p> <p>Resources 417</p> <p>Procedure 417</p> <p>Lab Questions 421</p> <p>Lab Answers 421</p> <p><b>Chapter 17 </b><b>Local Network Security: Review Questions 423</b></p> <p>Summary Points 423</p> <p>Security Challenge Scenarios 432</p> <p>Local Network Security Scenario 1 432</p> <p>Local Network Security Scenario 2 432</p> <p>Professional Feedback 432</p> <p>Review Questions 443</p> <p><b>PART IV SECURING THE PERIMETER 449</b></p> <p><b>Chapter 18 </b><b>Perimeter Security in the Real World 451</b></p> <p>Security Challenges 451</p> <p>Internet Security Scenario 1 451</p> <p>Internet Security Scenario 2 454</p> <p>Summary 455</p> <p><b>Chapter 19 </b><b>Understanding the Environment 457</b></p> <p>The Basics of Internet Security 457</p> <p>Understanding the Environment 460</p> <p>Basic Internet Concepts 461</p> <p>Internet Services 468</p> <p>Standards and RFCs 470</p> <p>Hands-On Exercises 471</p> <p>Objectives 471</p> <p>Resources 472</p> <p>Discussion 472</p> <p>Procedures 472</p> <p>Lab Questions 486</p> <p>Lab Answers 486</p> <p><b>Chapter 20 </b><b>Hiding the Private Network 487</b></p> <p>Understanding Private Networks 487</p> <p>Network Address Translation 488</p> <p>Port Address Translation 489</p> <p>Port Forwarding or Mapping 490</p> <p>Network Segmentation 492</p> <p>Software-Defined Networking 494</p> <p>Hands-On Exercises 496</p> <p>Objectives 496</p> <p>Resources 496</p> <p>Discussion 496</p> <p>Procedure 497</p> <p>Lab Questions 508</p> <p>Lab Answers 509</p> <p><b>Chapter 21 </b><b>Protecting the Perimeter 511</b></p> <p>Understanding the Perimeter 511</p> <p>Firewalls 515</p> <p>Firewall Considerations 517</p> <p>Network Appliances 519</p> <p>Proxy Servers 520</p> <p>Demilitarized Zones (DMZs) 522</p> <p>Single-Firewall DMZs 523</p> <p>Dual-Firewall DMZs 524</p> <p>Honeypots 525</p> <p>Extranets 526</p> <p>Hands-On Exercises 528</p> <p>Objectives 528</p> <p>Resources 528</p> <p>Procedures 528</p> <p>Lab Questions 534</p> <p>Lab Answers 534</p> <p><b>Chapter 22 </b><b>Protecting Data Moving Through the Internet 535</b></p> <p>Securing Data in Motion 535</p> <p>Authentication 536</p> <p>Encryption 542</p> <p>Cryptography 543</p> <p>Digital Certificates 545</p> <p>Hash Tables 548</p> <p>Cookies 548</p> <p>CAPTCHAs 549</p> <p>Virtual Private Networks 550</p> <p>Hands-On Exercises 552</p> <p>Objectives 552</p> <p>Resources 552</p> <p>Discussion 552</p> <p>Procedures 552</p> <p>Lab Questions 563</p> <p>Lab Answers 563</p> <p><b>Chapter 23 </b><b>Tools and Utilities 565</b></p> <p>Using Basic Tools 565</p> <p>IFconfig/IPconfig 565</p> <p>Whois 566</p> <p>Nslookup 567</p> <p>PING 567</p> <p>Traceroute 568</p> <p>Telnet 569</p> <p>Secure Shell 570</p> <p>Monitoring Tools and Software 570</p> <p>Nagios 572</p> <p>SolarWinds 572</p> <p>Microsoft Network Monitor 572</p> <p>Wireshark 572</p> <p>Snort 573</p> <p>Nmap 575</p> <p>Nikto 575</p> <p>OpenVAS 575</p> <p>Metasploit 575</p> <p>The Browser Exploitation Framework (BeEF) 576</p> <p>Other Products 576</p> <p>Hands-On Exercises 578</p> <p>Objectives 578</p> <p>Resources 578</p> <p>Discussion 578</p> <p>Procedures 579</p> <p>Capturing a PING 583</p> <p>Lab Questions 589</p> <p>Lab Answers 589</p> <p><b>Chapter 24 </b><b>Identifying and Defending Against Vulnerabilities 591</b></p> <p>Zero Day Vulnerabilities 591</p> <p>Software Exploits 592</p> <p>SQL Injection 594</p> <p>Java 597</p> <p>Other Software Exploits 599</p> <p>Social Engineering Exploits 600</p> <p>Phishing Attacks 600</p> <p>Network Threats and Attacks 603</p> <p>Broadcast Storms 603</p> <p>Session-Hijacking Attacks 604</p> <p>Dictionary Attacks 606</p> <p>Denial of Service (DoS) Attacks 606</p> <p>Tarpitting 611</p> <p>Spam 612</p> <p>Protecting Against Spam Exploits 613</p> <p>Other Exploits 614</p> <p>Transport Layer Security (TLS) Exploits 614</p> <p>FREAK Exploits 615</p> <p>Logjam Exploits 615</p> <p>Hands-On Exercises 616</p> <p>Objectives 616</p> <p>Resources 616</p> <p>Discussion 616</p> <p>Procedures 616</p> <p><b>Chapter 25 </b><b>Perimeter Security: Review Questions and Hands-On Exercises 627</b></p> <p>Summary Points 627</p> <p>Security Scenario Review 637</p> <p>Network Security Scenario 1 637</p> <p>Network Security Scenario 2 637</p> <p>Professional Feedback 637</p> <p>Review Questions 644</p> <p>Exam Questions 647</p> <p>Appendix A 651</p> <p>Appendix B 703</p> <p>Appendix C 715</p> <p>Index 727</p>
<p><b>CHARLES J. BROOKS</b> is co-owner and vice president of Educational Technologies Group Inc., as well as co-owner of eITPrep LLP, an online training company.<b> <br /><br />CHRISTOPHER GROW</b> is the president of A.C.C.N.S. Consulting and the Technichal Services manager for Educational Technologies Group L.L.C. with 20+ years of IT/IS and cyber security experience.<b> <br /><br />PHILIP CRAIG</b> is the founder of BlackByte Cyber Security, LLC, a consultancy supporting the Pacific Northwest National Laboratory (PNNL) research and national security agendas.<br /><br /><b>DONALD SHORT</b> is the President of One World Telecommunications, Inc., an Internet Service Provider in Kennewick.</p>
<p><b>An easy-to-use and comprehensive introduction to cybersecurity</b> <p><i>Cybersecurity Essentials</i> provides a comprehensive introduction, with expert coverage of essential topics required for entry-level cybersecurity certifications. It covers the four distinct challenges of creating an effective cybersecurity defense: securing the infrastructure, securing devices, securing local networks, and securing the perimeter. The authors—noted security experts—summarize the fundamental concepts of each challenge and include real-world scenarios that show how these vulnerabilities look in everyday computing. The text offers a summary of the key concepts, review questions, and hands-on exercises designed to help assess an understanding of key concepts. <p><b>Learn these fundamentals of security infrastructure—and more:</b> <ul> <li>Basic security and surveillance systems</li> <li>Intrusion detection and reporting systems</li> <li>Local host security</li> <li>Securing devices</li> <li>Protecting the inner perimeter</li> <li>Protecting remote access</li> <li>Local network Security</li> <li>Network topologies and protocols</li> </ul> <p><b>This <i>Essentials</i> book features:</b> <ul> <li>Chapter-opening learning objectives</li> <li>Essentials and Beyond—summaries and additional suggested exercises</li> <li>Hands-on exercises</li> </ul>
Diese Produkte könnten Sie auch interessieren:
