Guide To Computer Network Security (3rd Edition) Joseph Migga Kizza Springer
User Manual:
Open the PDF directly: View PDF
Page Count: 550 [warning: Documents this large are best viewed by clicking the View PDF Link!]
- Preface to Third Edition
- Contents
- Part I: Introduction to Computer Network Security
- 1: Computer Network Fundamentals
- 2: Computer Network Security Fundamentals
- Part II: Security Issues and Challenges in the Traditional Computer Network
- 3: Security Motives and Threats to Computer Networks
- 3.1 Introduction
- 3.2 Sources of Security Threats
- 3.2.1 Design Philosophy
- 3.2.2 Weaknesses in Network Infrastructure and Communication Protocols
- 3.2.3 Rapid Growth of Cyberspace
- 3.2.4 The Growth of the Hacker Community
- 3.2.5 Vulnerability in Operating System Protocol
- 3.2.6 The Invisible Security Threat: The Insider Effect
- 3.2.7 Social Engineering
- 3.2.8 Physical Theft
- 3.3 Security Threat Motives
- 3.4 Security Threat Management
- 3.5 Security Threat Correlation
- 3.6 Security Threat Awareness
- References
- 4: Introduction to Computer Network Vulnerabilities
- 4.1 Definition
- 4.2 Sources of Vulnerabilities
- 4.3 Vulnerability Assessment
- References
- 5: Cyber Crimes and Hackers
- 6: Scripting and Security in Computer Networks and Web Browsers
- 7: Security Assessment, Analysis, and Assurance
- 7.1 Introduction
- 7.2 System Security Policy
- 7.3 Building a Security Policy
- 7.4 Security Requirements Specification
- 7.5 Threat Identification
- 7.6 Threat Analysis
- 7.7 Vulnerability Identification and Assessment
- 7.8 Security Certification
- 7.9 Security Monitoring and Auditing
- 7.10 Products and Services
- References
- 3: Security Motives and Threats to Computer Networks
- Part III: Dealing with Computer Network Security Challenges
- 8: Disaster Management
- 9: Access Control and Authorization
- 10: Authentication
- 10.1 Definition
- 10.2 Multiple Factors and Effectiveness of Authentication
- 10.3 Authentication Elements
- 10.4 Types of Authentication
- 10.5 Authentication Methods
- 10.6 Developing an Authentication Policy
- References
- 11: Cryptography
- 12: Firewalls
- 12.1 Definition
- 12.2 Types of Firewalls
- 12.3 Configuration and Implementation of a Firewall
- 12.4 The Demilitarized Zone (DMZ)
- 12.5 Improving Security Through the Firewall
- 12.6 Firewall Forensics
- 12.7 Firewall Services and Limitations
- References
- 13: System Intrusion Detection and Prevention
- 13.1 Definition
- 13.2 Intrusion Detection
- 13.3 Intrusion Detection Systems (IDSs)
- 13.4 Types of Intrusion Detection Systems
- 13.4.1 Network-Based Intrusion Detection Systems (NIDSs)
- 13.4.2 Host-Based Intrusion Detection Systems (HIDS)
- 13.4.3 The Hybrid Intrusion Detection System
- 13.5 The Changing Nature of IDS Tools
- 13.6 Other Types of Intrusion Detection Systems
- 13.7 Response to System Intrusion
- 13.8 Challenges to Intrusion Detection Systems
- 13.9 Implementing an Intrusion Detection System
- 13.10 Intrusion Prevention Systems (IPSs)
- 13.11 Intrusion Detection Tools
- References
- 14: Computer and Network Forensics
- 15: Virus and Content Filtering
- 16: Standardization and Security Criteria: Security Evaluation of Computer Products
- 17: Computer Network Security Protocols
- 17.1 Introduction
- 17.2 Application Level Security
- 17.3 Security in the Transport Layer
- 17.4 Security in the Network Layer
- 17.5 Security in the Link Layer and over LANS
- References
- 18: Security in Wireless Networks and Devices
- 18.1 Introduction
- 18.2 Types of Wireless Broadband Networks
- 18.3 Development of Cellular Technology
- 18.4 Other Features of Mobile Cellular Technology
- 18.5 Security Vulnerabilities in Cellular Wireless Networks
- 18.5.1 WLANs Security Concerns
- 18.5.1.1 Identity in WLANs
- 18.5.1.2 Lack of Access Control Mechanism
- 18.5.1.3 Lack of Authentication Mechanism in 802.11
- 18.5.1.4 Lack of a WEP Key Management Protocol
- 18.5.1.5 War-Driving, War-Walking, War-Flying, and War-Chalking
- 18.5.1.6 Insertion Attacks
- 18.5.1.7 Interception and Monitoring Wireless Traffic Attacks
- 18.5.1.8 AP and Client Misconfigurations and Attack
- 18.5.1.9 SNMP Community Words
- 18.5.1.10 Client Side Security Risk
- 18.5.1.11 Risks Due to Installation
- 18.5.1.12 Jamming
- 18.5.1.13 Client-to-Client Attacks
- 18.5.1.14 Parasitic Grids
- 18.5.2 Best Practices for Wi-Fi Security
- 18.5.1 WLANs Security Concerns
- References
- 19: Security in Sensor Networks
- 19.1 Introduction
- 19.2 The Growth of Sensor Networks
- 19.3 Design Factors in Sensor Networks
- 19.4 Security in Sensor Networks
- 19.5 Security Mechanisms and Best Practices for Sensor Networks
- 19.6 Trends in Sensor Network Security Research
- References
- 20: Other Efforts to Secure Data in Computer Networks
- Part IV: Elastic Extension Beyond the Traditional Computer Network: Virtualization, Cloud Computing and Mobile Systems
- 21: Cloud Computing and Related Security Issues
- 21.1 Introduction
- 21.2 Cloud Computing Infrastructure Characteristics
- 21.3 Cloud Computing Service Models
- 21.4 Cloud Computing Deployment Models
- 21.5 Virtualization and Cloud Computing
- 21.6 Benefits of Cloud Computing
- 21.7 Cloud Computing, Power Consumption, and Environmental Issues
- 21.8 Cloud Computing Security, Reliability, Availability, and Compliance Issues
- References
- 22: Virtualization Security
- 22.1 Introduction
- 22.2 History of Virtualization
- 22.3 Virtualization Terminologies
- 22.4 Types of Computing System Virtualization
- 22.5 The Benefits of Virtualization
- 22.5.1 Reduction of Server Sprawl
- 22.5.2 Conservation of Energy
- 22.5.3 Reduced IT Management Costs
- 22.5.4 Better Disaster Recovery Management
- 22.5.5 Software Development Testing and Verification
- 22.5.6 Isolation of Legacy Applications
- 22.5.7 Cross-Platform Support
- 22.5.8 Minimizing Hardware Costs
- 22.5.9 Faster Server Provisioning
- 22.5.10 Better Load Balancing
- 22.5.11 Reduce the Data Center Footprint
- 22.5.12 Increase Uptime
- 22.5.13 Isolate Applications
- 22.5.14 Extend the Life of Older Applications
- 22.6 Virtualization Infrastructure Security
- References
- 23: Mobile Systems and Corresponding Intractable Security Issues
- 21: Cloud Computing and Related Security Issues
- Part V: Securing the Last Frontiers – The Home Front
- Part VI: Hands-on Projects
- 25: Projects
- 25.1 Introduction
- 25.2 Part I: Weekly/Biweekly Laboratory Assignments
- 25.3 Part II: Semester Projects
- 25.4 The Following Tools Are Used to Enhance Security in Web Applications
- 25.5 Part III: Research Projects
- 25.5.1 Consensus Defense
- 25.5.2 Specialized Security
- 25.5.3 Protecting an Extended Network
- 25.5.4 Automated Vulnerability Reporting
- 25.5.5 Turn-Key Product for Network Security Testing
- 25.5.6 The Role of Local Networks in the Defense of the National Critical Infrastructure
- 25.5.7 Enterprise VPN Security
- 25.5.8 Perimeter Security
- 25.5.9 Enterprise Security
- 25.5.10 Password Security: Investigating the Weaknesses
- 25.6 Case Studies
- 25: Projects
- Index