Details

Computer Network Security

Computer Network Security


1. Aufl.

von: Ali Sadiqui

139,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 19.02.2020
ISBN/EAN: 9781119706724
Sprache: englisch
Anzahl Seiten: 272

In den Warenkorb
Als Gutschein
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

Titelbeschreibung

<P>Developed in collaboration with a training and certification team from Cisco, Computer Network Security is an exploration of the state-of-the-art and good practices in setting up a secure computer system. Concrete examples are offered in each chapter, to help the reader to master the concept and apply the security configuration. <P>This book is intended for students preparing for the CCNA Security Exam (210-260 IINS) ? whether at professional training centers, technical faculties, or training centers associated with the �Cisco Academy� program. It is also relevant to anyone interested in computer security, be they professionals in this field or users who want to identify the threats and vulnerabilities of a network to ensure better security.

Inhaltsverzeichnis

<p>Preface xi</p> <p>Introduction xiii</p> <p><b>Chapter 1. Fundamentals of Network Security</b> <b>1</b></p> <p>1.1. Introduction 1</p> <p>1.1.1. The main objectives of securing a network 2</p> <p>1.1.2. Information security terminology 2</p> <p>1.2. Types of network security 4</p> <p>1.2.1. Physical security 4</p> <p>1.2.2. Logical security 4</p> <p>1.2.3. Administrative security 5</p> <p>1.3. The main risks related to the logical security of the network 5</p> <p>1.3.1. Different kinds of network attacks 5</p> <p>1.3.2. Network security measures 7</p> <p>1.3.3. Vulnerability audit measures 8</p> <p>1.4. Exercises to test learning 8</p> <p><b>Chapter 2. Securing Network Devices</b> <b>15</b></p> <p>2.1. Types of network traffic 15</p> <p>2.2. Securing the management plan 16</p> <p>2.3. Securing passwords 16</p> <p>2.4. Implementing connection restrictions 17</p> <p>2.4.1. Configuring a login banner 17</p> <p>2.4.2. Configuring connection parameters 17</p> <p>2.5. Securing access through console lines, VTY and auxiliaries 18</p> <p>2.5.1. Securing access through the console line and deactivating the auxiliary line 18</p> <p>2.5.2. Securing VTY access with ssh 18</p> <p>2.6. Allocation of administrative roles 19</p> <p>2.6.1. Privilege levels of the IOS system 19</p> <p>2.6.2. Configuring a privilege level 19</p> <p>2.6.3. Setting a privilege level per user 20</p> <p>2.6.4. Setting a privilege level for console, VTY, and auxiliary line access 20</p> <p>2.6.5. Securing access with the management of “views” and “super-views” 21</p> <p>2.6.6. Securing configuration files and the IOS system 22</p> <p>2.6.7. Using automated security features 23</p> <p>2.7. Securing the control plane 24</p> <p>2.7.1. Introduction 24</p> <p>2.7.2. MD5 authentication 24</p> <p>2.7.3. Configuring OSPF protocol authentication 24</p> <p>2.7.4. Configuring EIGRP protocol authentication 25</p> <p>2.7.5. Configuring RIP authentication 26</p> <p>2.8. Exercises for application 26</p> <p><b>Chapter 3. Supervising a Computer Network</b> <b>41</b></p> <p>3.1. Introduction 41</p> <p>3.2. Implementing an NTP server 42</p> <p>3.2.1. Introduction to the NTP 42</p> <p>3.2.2. How the NTP works 42</p> <p>3.2.3. NTP configuration 43</p> <p>3.3. Implementing a Syslog server 44</p> <p>3.3.1. Introduction to the Syslog 44</p> <p>3.3.2. How Syslog works 45</p> <p>3.3.3. Configuring a Syslog client 46</p> <p>3.4. Implementing the Simple Network Management Protocol (SNMP) 46</p> <p>3.4.1. Introducing the SNMP 46</p> <p>3.4.2. How SNMP works 47</p> <p>3.4.3. SNMP configuration 49</p> <p>3.5. Exercises for application 50</p> <p><b>Chapter 4. Securing Access Using AAA</b> <b>67</b></p> <p>4.1. Introduction 67</p> <p>4.2. AAA authentication 68</p> <p>4.2.1. Local AAA authentication 68</p> <p>4.2.2. AAA authentication based on a server 69</p> <p>4.3. AAA authorizations 71</p> <p>4.4. AAA traceability 71</p> <p>4.5. Exercises for application 72</p> <p><b>Chapter 5. Using Firewalls</b> <b>79</b></p> <p>5.1. Introducing firewalls 80</p> <p>5.2. Types of firewalls 80</p> <p>5.3. Setting up a firewall 80</p> <p>5.4. Different firewall strategies 81</p> <p>5.5. ACL-based firewalls 81</p> <p>5.5.1. Introduction 81</p> <p>5.5.2. The location of ACLs 81</p> <p>5.5.3. IPv4 ACLs 81</p> <p>5.5.4. IPv6 ACLs 82</p> <p>5.5.5. ACL recommendation 83</p> <p>5.6. Zone-based firewalls 84</p> <p>5.6.1. Introduction 84</p> <p>5.6.2. Types of security zones in a network 84</p> <p>5.6.3. Rules applied to interzone traffic 85</p> <p>5.6.4. Terminology 86</p> <p>5.6.5. Configuring a ZFW 86</p> <p>5.7. Creating zones 86</p> <p>5.8. Creating Class-Maps 86</p> <p>5.9. Creating the Policy-Map to apply the Class-Maps 87</p> <p>5.10. Defining the zone pairs 87</p> <p>5.11. Applying the policy maps to the zone pairs 87</p> <p>5.12. Assigning interfaces to zones 87</p> <p>5.13. Exercises for application 88</p> <p><b>Chapter 6. Putting in Place an Intrusion Prevention System (IPS)</b> <b>101</b></p> <p>6.1. Introduction to a detector 102</p> <p>6.2. The differences between an IDS and an IPS 102</p> <p>6.3. Types of IPS 103</p> <p>6.4. Cisco IP solutions 103</p> <p>6.5. Modes of deploying IPS 103</p> <p>6.6. Types of alarms 104</p> <p>6.7. Detecting malicious traffic 104</p> <p>6.7.1. Modes of detection 104</p> <p>6.7.2. Signature-based detection 104</p> <p>6.7.3. Other modes of detecting malicious traffic 105</p> <p>6.8. Signature micro-engines 106</p> <p>6.9. Severity levels of the signatures 107</p> <p>6.10. Monitoring and managing alarms and alerts 108</p> <p>6.11. List of actions to be taken during an attack 108</p> <p>6.12. Configuration of an IOS IPS 109</p> <p>6.13. Recommended practices 111</p> <p>6.14. Exercises for application 112</p> <p><b>Chapter 7. Securing a Local Network</b> <b>125</b></p> <p>7.1. Introduction 125</p> <p>7.2. Types of attacks on Layer 2 126</p> <p>7.2.1. MAC address flooding attacks 126</p> <p>7.2.2. MAC spoofing attack 127</p> <p>7.2.3. The DHCP starvation attack 127</p> <p>7.2.4. VLAN hopping attacks 128</p> <p>7.2.5. STP-based attacks 130</p> <p>7.3. The best security practices for protecting Layer 2 131</p> <p>7.4. Exercises for application 132</p> <p><b>Chapter 8. Cryptography</b> <b>143</b></p> <p>8.1. Basic concepts in cryptography 143</p> <p>8.1.1. Definition 143</p> <p>8.1.2. Terminology 144</p> <p>8.2. The different classifications of cryptology 144</p> <p>8.2.1. Traditional cryptography 145</p> <p>8.2.2. Modern cryptography 146</p> <p>8.2.3. Symmetric and asymmetric encryption 147</p> <p>8.3. Key management 149</p> <p>8.3.1. Introduction 149</p> <p>8.3.2. Diffie-Hellman key exchange 149</p> <p>8.4. Hash functions 151</p> <p>8.5. HMAC codes 151</p> <p>8.6. Asymmetric cryptography 151</p> <p>8.6.1. Introduction 151</p> <p>8.6.2. How it works 152</p> <p>8.6.3. Digital signatures 153</p> <p>8.6.4. Public key infrastructure 155</p> <p>8.7. Exercises for application 159</p> <p><b>Chapter 9. IPsec VPNs</b> <b>173</b></p> <p>9.1. The IPsec protocol 173</p> <p>9.1.1. Objectives of IPsec 173</p> <p>9.1.2. Basic IPsec protocols 174</p> <p>9.1.3. The IPsec framework 174</p> <p>9.1.4. The IPsec security association 175</p> <p>9.1.5. IPsec modes 175</p> <p>9.2. IKE protocol 176</p> <p>9.2.1. Introduction 176</p> <p>9.2.2. Components of IKE 176</p> <p>9.2.3. IKE phases 176</p> <p>9.3. The site-to-site VPN configuration 178</p> <p>9.3.1. Introduction 178</p> <p>9.3.2. Configuration of IPsec VPN 179</p> <p>9.4. Exercises for application 181</p> <p><b>Chapter 10. Studying Advanced Firewalls</b> <b>189</b></p> <p>10.1. Cisco ASA firewalls 189</p> <p>10.1.1. Introduction 189</p> <p>10.1.2. ASA models 190</p> <p>10.1.3. Modes for using ASA devices 190</p> <p>10.1.4. An overview of ASA 5505 191</p> <p>10.1.5. ASA levels of security 192</p> <p>10.1.6. Configuring an ASA with CLI 193</p> <p>10.2. Exercises for application 198</p> <p>10.3. Configuring Cisco elements with graphical tools 210</p> <p>10.3.1. An overview of the CCP 210</p> <p>10.3.2. An overview of the ASDM 210</p> <p>10.3.3. Using CCP and ASDM 210</p> <p>10.4. The TMG 2010 firewall 211</p> <p>10.4.1. Introduction 211</p> <p>10.4.2. Installation and configuration 211</p> <p>References 243</p> <p>Index 245</p>

Autorenportrait

<p><b>Ali Sadiqui</b> is a trainer-researcher at the Office de la Formation Professionnelle et de la Promotion du Travail (OFPPT), Morocco. He is a member of several research laboratories and obtained his doctorate from the Sidi Mohamed Ben Abdellah University, Morocco.</p>

Country of final manufacture

US

Diese Produkte könnten Sie auch interessieren:

Distributed Cooperative Control
Distributed Cooperative Control
von: Yi Guo
PDF ebook
97,99 €
Bandwidth Efficient Coding
Bandwidth Efficient Coding
von: John B. Anderson
PDF ebook
114,99 €
Bandwidth Efficient Coding
Bandwidth Efficient Coding
von: John B. Anderson
EPUB ebook
114,99 €