本书从信息安全的三个层面——技术、实践和意识，较为全面地阐述了通信、基础设施和操作安全的基本原理；还详细介绍了计算机系统和网络如何防御各种攻击。同时，本书也涵盖了(ISC)2 SSCP认证考试的内容——该认证考试侧重于最佳实践、安全专家的角色以及责任。通过对本书的学习，既可以学习到计算机和网络安全的基础知识，又可以为参加CompTIA的Security+认证考试做好准备。本书适合作为计算机专业、信息系统与管理专业、电子信息科学专业的本科生教材。

通过本书，既可以学习到计算机和网络安全的基础知识，又可以为参加CompTIA的Security+认证考试做好准备；本书也涵盖了(ISC)2 SSCP认证考试的内容——该认证考试侧重于最佳实践、安全专家的角色以及责任。本书由IT安全领域的专家编写，从信息安全的三个层面——技术、实践和意识——较为全面地阐述了通信、基础设施和操作安全的基本原理；还详细介绍了计算机系统和网络如何防御各种攻击。

本书共包含24章，分别讲述了以下主题：计算机安全概论与趋势，一般的安全概念，运营/组织安全，人员在安全中的作用，加密，公钥基础结构，标准和协议，物理安全对网络安全的影响，网络基础，基础结构安全，远程访问，无线通信与及时消息，安全基线，攻击和恶意代码，Email，Web组件，软件开发，灾难恢复、业务连续性与组织策略，风险管理，变更管理，有关计算机的争论，安全与法律。

本书适合作为计算机专业、信息系统与管理专业、电子信息科学专业的本科生教材。

Acknowledgments

Foreword

Preface

Introduction

Chapter 1 Introduction and Security Trends

The Security Problem

Security Incidents

Threats to Security

Security Trends

Avenues of Attack

The Steps in an Attack

Minimizing Possible Avenues of Attack

Types of Attacks

Ghapter Review

Chapter 2 General Security Concepts

Basic Security Terminology

Security Basics

Access Control

Authentication

Security Models

Confidentiality Models

Integrity Models

Chapter Review

Chapter 3 Operational/Organizational Security

Security Operations in Your Organization

Policies, Procedures, Standards, and Guidelines

The Security Perimeter

Physical Security

Access Controls

Physical Barriers

Social Engineering

Environment

Fire Suppression

Wireless

Electromagnetic Eavesdropping

Shielding

Location

Chapter

Chapter 4 The Role of People in Security

People--A Security Problem

Poor Security Practices

Social Engineering

People as a Security Tool

Security Awareness

Chapter Review

Chapter 5 Cryptography

Algorithms

Hashing

SHA

Message Digest (MD)

Hashing Summary

Symmetric Encryption

DES

3DES

AES

CAST

RC

Blowfish

IDEA

Symmetric Encryption Summary

Asymmetric Encryption

RSA

Diffie-Hellman

EIGamal

ECC

Asymmetric Encryption Summary

Usage

Confidentiality

Integrity

Nonrepudiation

Authentication

Digital Signatures

Key Escrow

Chapter Review

Chapter 6 Public Key Infrastructure

The Basics of Public Key Infrastructures

Certificate Authorities

Registration Authorities

Local Registration Authorities

Certificate Repositories

Trust and Certificate Verification

Digital Certificates

Certificate Attributes

Certificate Extensions

Certificate Lifecycles

Centralized or Decentralized Infrastructures

Hardware Storage Devices

Private Key Protection

Key Recovery

Key Escrow

Public Certificate Authorities

In-House Certificate Authorities

Outsourced Certificate Authorities

Tying Different PI(Is Together

Trust Models

Certificate Usage

Chapter Review

Chapter 7 Standards and Protocols

PKIX/PKCS

PKIX Standards

PKCS

Why You Need to Know

X.509

SSL/TLS

ISAKMP

CMP

XKMS

S/MIME

IETFS/MIME v3 Specifications

PGP

How It Works

Where Can You Use PCP?

HTFPS

IPSec

CEP

FIPS

Common Criteria (CC)

WTLS

WEP

WEP Security Issues

ISO 17799

Chapter Review

Chapter 8 The Impact of Physical Security on Network Security

The Problem

Physical Security Safeguards

Policies and Procedures

Access Controls

Authentication

Chapter Review

Chapter 9 Network Fundamentals

Network Architectures

Network Topology

Network Protocols

Packets

TCP vs. UDP

ICMP

Packet Delivery

Local Packet Delivery

Remote Packet Delivery

Subnetting

Network Address Translation

Chapter Review

Chapter 10 Infrastructure Security

Devices

Workstations

Savers

Network Interface Cards (NICs)

Hubs

Bridges

Switches

Routers

Firewalls

Wireless

Modems

RAS

Telecom/PBX

VPN

IDS

Network Monitoring/Diagnostic

Mobile Devices

Media

Coax

UTP/STP

Fiber

Unguided Media

Security Concerns for Transmission Media

Physical Security

Removable Media

Magnetic Media

Optical Media

Electronic Media

Security Topologies

Security Zones

VLANs

NAT

Tunneling

Ghapter Review

Chapter 11 Remote Access

The Remote Access Process

Identification

Authentication

Authorization

Telnet

SSH

L2TP and PPIp

PPIP

L2TP

IEEE 802.11

VPN

IPSec

IPSec Configurations

IPSec Security

IEEE 802. Ix

RADIUS

RADIUS Authentication

RADIUS Authorization

RADIUS Accounting

DIAMETER

TACACS+

TACACS+ Authentication

TAGACS+ Authorization

TAGAGS+ Accounting

Vulnerabilities

Connection Summary

Ghapter Review

Chapter 12 Wireless and Instant Hessaging

Wireless

WAP and WTLS

802.11

Instant Messaging

Chapter Review

Chapter 13 Intrusion Detection Systems

History of Intrusion Detectiion Systems

IDS Overview

Host-Based Intrusion Detection Systems

Advantages of Host-Based IDSs

Disadvantages of Host-Based IDSs

Active vs. Passive Host-Based IDSs

Network-Based Intrusion Detection Systems

Advantages of a Network-Based IDS

Disadvantages of a Network-Based 1DS

Active vs. Passive Network-Based IDSs

Signatures

False Positives and Negatives

IDS Models

Preventative Intrusion Detection Systems

IDS Products and Vendors

Honeypots

Incident Response

Ghapter Review

Chapter 14 Security Baselines

Oven, Jew Baselines

Password Selection

Password Polio/Guidelines

Selecting a Password

Components of a Good Password

Password Aging

Operating System and Network Operating System Hardening

Hardening Microsoft Operating Systems

Hardening UNIX-or Linux-BaSed Operating Systems

Network Hardening

Software Updates

Device Configuration

Ports and Services

Traffic Filtering

Application Hardening

Application Patches

Web Servers

Mall Servers

FIP Servers

DNS Servers

File and Print Services

Active Directory

Chapter Review

Chapter 15 Attacks and Malware

Attacking Computer Systems and Networks

DeniM-of-Service Attacks

Backdoors and Trapdoors

Sniffing

Spoofing

Man-in-the-Middle Attacks

Replay Attacks

TCP/IP Hijacking

Attacks on Encryption

Password Guessing

Software Exploitation

Wardialing and WarDriving

Social Engineering

Malware

Auditing

Chapter Review

Chapter 16 E-mail

Security of E-mail Transmissions

Malidous Code

Hoax E-mails

Unsolicited Commercial E-mail (Spare)

Mail Encrypfon

Chapter Review

Chapter 17 Web Components

Current Web Components and Concerns

Protocols

Encryption (SSL and TLS)

The Web (HTTP and HTIPS)

Web Services

Directory Services (DAP and LDAP)

File Transfer (FIT and SFTP)

Vulnerabilities

Code-Based Vulnerabilities

Buffer Overflows

Java and IavaScript

ActiveX

CGI

Server-Side Scripts

Cookies

Signed Applets

Browser Plug-Ins

Chapter Review

Chapter 18 Software Development

The Software EngineeeingProcess

Process Models

ROI and Error Correction

Secure Code Techniques

Good Practices

Requirements

Testing

Chapter Review

Chapter 19 Disaster Recovery, Business Continuity, and Organizational Policies

Disaster Recovery

Disaster Recovery Plans/Process

Backups

Utilities

Secure Recovery

High Availability and Fault Tolerance

Computer Incident Response Teams

Test, Exercise, and Rehearse

Policies and Procedures

Security Policies

Privacy

Service Level Agreements

Human Resources Policies

Code of Ethics

Incident Response Policies

Chapter Review

Chapter 20 Risk Management

An Overview of Risk Management

Macro-Level Example of Risk Management

International Banking

Key Terms Essential to Understanding Risk Management

What Is Risk Management?

Business Risks

Examples of Business Risks

Examples of Technology Risks

Risk Management Models

General Risk Management Model

Software Engineering Institute Model

Qualitatively Assessing Risk

Quantitatively Assessing Risk

Qualitative vs. Quantitative Risk Assessmem

Tools

Chapter Review

Chapter 21 Change Management

Why Change Management?

The Key Concept: Segregation of Duties

Elements of Change Management

Implementing Change Management

The Purpose of a Change Control Board

Code Integrity

The Capability Maturity Model

Chapter Review

Chapter 22 Privilege Management

User, Group, and Role Management

User.

Groups

Role

Single Sign-On

Centralized vs. Decentralized Management

Centralized Management

Decentralized Management

The Decentralized, Gentralized Model

Auditing (Privilege, Usage, and Escalation)

Privilege Auditing

Usage Auditing

Escalation Auditing

Handling Access Control (MAC, DAC, and RBAC)

Mandatory Access Control (MAC)

Discretionary Access Control (DAC)

Role-Based Access Control (RBAC)

Chapter Review

Chapter 23 Computer Forensics

Evidence

Standards for Evidence

Types of Evidence

Three Rules Regarding Evidence

Collecting Evidence

Acquiring Evidence

Identifying Evidence

Protecting Evidence

Transporting Evidence

Storing Evidence

Conducting the Investigation

Chain of Custody

Free Space vs. Slack Space

Free Space

Slack Space

What's This Message Digest and Hash?

Analysis

Chapter Review

Chapter 24 Security and Law

Import/Export Encryption Restrictions

United States Law

Non-U.S. Laws

Digital Signature Laws

Non-U.S. Laws

Digital Rights Management

Privacy Laws

United States Laws

European Laws

Computer Trespass

Convention on Cybercrime

Ethics

Chapter Review

Glossary

Index