Cyber Security Practical Engineering Approach

Cover
Half Title
Series Page
Title Page
Copyright Page
Dedication
Contents
List of Figures
List of Tables
Foreword
Preface
Contributors
CHAPTER 1: Cybersecurity Fundamentals
1.1. SUMMARY
1.2. INTRODUCTION
1.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
1.4. INFORMATION SECURITY MODEL BASED ON ISO/IEC 27001
1.4.1. Main Information Security Properties
1.4.2. Resource or Asset
1.4.3. Security Events and Incidents
1.4.4. Threats
1.4.5. Attack
1.4.6. Vulnerability
1.4.7. Security Controls
1.4.8. Cybersecurity Risk
1.4.9. InfoSec Model Implementation
1.5. RISK ASSESSMENT BASIS
1.5.1. Risk Analysis
1.5.2. Risk Evaluation
1.6. SECURITY CONTROLS
1.7. EXERCISES
1.8. INFORMATION SECURITY EVALUATION
1.8.1. Security Metrics and Measurements
1.8.1.1. The Effect of Maturity
1.8.1.2. Details about Metrics
1.9. CYBERSECURITY LAB REQUIREMENTS AND IMPLEMENTATION
1.9.1. Host Machine
1.9.2. Virtualization Platform
1.9.3. Network Issues
1.9.4. External Interface and Integration Issues
CHAPTER 2: Access Control Techniques
2.1. SUMMARY
2.2. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
2.3. ACCESS CONTROL FUNDAMENTALS
2.3.1. Basic Components
2.4. ACCESS CONTROL MODELS
2.4.1. Specification Languages
2.4.2. Bell-Lapadula Model
2.4.3. Biba Model
2.4.4. Clark-Wilson Model
2.4.5. Chinese Wall Model
2.4.6. Lattices for Multilevel Models
2.5. NETWORK ACCESS CONTROL
2.5.1. RADIUS
2.5.2. TACACS+
2.5.3. 802.1X Authentication
2.5.4. Kerberos
2.6. EXERCISES
2.7. AUTHENTICATION MODALITIES
2.7.1. Knowledge-Based
2.7.2. Token-Based
2.7.3. ID-Based (Biometrics)
2.7.4. Multimodal Authentication
2.8. IDENTITY MANAGEMENT
2.8.1. A Framework for IdM in Cyberspace
CHAPTER 3: Basic Cryptography Operations
3.1. SUMMARY
3.2. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
3.3. CONCEPTS AND TERMINOLOGY
3.3.1. Key-Based Algorithms
3.3.1.1. Symmetric Key Algorithms
3.3.1.2. Public-Key Algorithms
3.3.1.3. Attack Types
3.3.2. Hash Functions
3.3.3. Digital Signatures
3.3.4. Key Management Issues
3.3.5. Email Security Protocols
3.3.6. Public-Key Infrastructures (PKI)
3.4. PKI Tools
3.5. EXERCISES
3.5.1. Basic Tasks
3.5.2. Advanced Tasks
CHAPTER 4: Internet and Web Communication Models
4.1. SUMMARY
4.2. COMPUTER NETWORK FUNDAMENTALS
4.2.1. Link Level
4.2.2. Network Level
4.2.2.1. ICMP Protocol
4.2.2.2. Security Issues at the Link Level
4.2.3. Transport Level
4.2.3.1. TCP
4.2.3.2. UDP
4.2.3.3. Security Issues at the Transport Level
4.2.4. Application Level
4.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
4.4. NETWORK ANALYSIS TOOLS
4.5. NETWORK TRAFFIC ANOMALY SIGNS
4.6. ANALYSIS STRATEGY
4.7. EXERCISES
CHAPTER 5: Synthesis of Perimeter Security Technologies
5.1. SUMMARY
5.2. PRELIMINARY CONSIDERATIONS
5.2.1. Defense in Depth
5.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
5.4. FIREWALLS
5.4.1. Netfilter/Iptables – Where It All Begins
5.4.2. Iptables – Looking into the Future
5.4.3. Firewall Types
5.5. EXERCISE – FIREWALL
5.5.1. Summary of Tasks
5.5.2. Basic Tasks
5.5.3. Advanced Tasks
5.6. INTRUSION DETECTION SYSTEMS (IDS)
5.6.1. IDS Types
5.6.2. IDS Evaluation
5.7. EXERCISE – INTRUSION DETECTION
5.7.1. Summary of Tasks
5.7.2. Basic Tasks
5.7.3. Advanced Tasks
5.7.4. Recommended Complementary Tasks
5.8. NETWORK AND TRANSPORT SECURITY PROTOCOLS
5.8.1. VPNs
5.8.2. TLS/SSL
5.8.3. SSH
5.8.4. IPSec
5.9. EXERCISE – SECURITY PROTOCOLS
CHAPTER 6: Anatomy of Network and Computer Attacks
6.1. SUMMARY
6.2. INTRODUCTION TO PENTEST
6.2.1. Types of Pentest
6.2.2. Pentest Limitations
6.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
6.4. INTRODUCTION TO KALI LINUX
6.5. INFORMATION GATHERING
6.6. SCANNING PORTS AND SERVICES
6.7. VULNERABILITY SCANNING
6.8. TARGET ENUMERATION
6.9. TARGET EXPLOITATION
6.10. EXERCISES
Bibliography
Index