๐”– Scriptorium
โœฆ   LIBER   โœฆ
๐Ÿ“

Cybersecurity: A Practical Engineering Approach

โœ Scribed by Henrique M D Santos

Publisher
CRC Press
Year
2022
Tongue
English
Leaves
341
Category
Library
โฌ‡  Acquire This Volume

No coin nor oath required. For personal study only.

โœฆ Synopsis

Cybersecurity: A Practical Engineering Approach introduces the implementation of a secure cyber architecture, beginning with the identification of security risks. It then builds solutions to mitigate risks by considering the technological justification of the solutions as well as their efficiency. The process follows an engineering process model. Each module builds on a subset of the risks, discussing the knowledge necessary to approach a solution, followed by the security control architecture design and the implementation. The modular approach allows students to focus on more manageable problems, making the learning process simpler and more attractive.

โœฆ Table of Contents

Cover
Half Title
Series Page
Title Page
Copyright Page
Dedication
Contents
List of Figures
List of Tables
Foreword
Preface
Contributors
CHAPTER 1: Cybersecurity Fundamentals
1.1. SUMMARY
1.2. INTRODUCTION
1.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
1.4. INFORMATION SECURITY MODEL BASED ON ISO/IEC 27001
1.4.1. Main Information Security Properties
1.4.2. Resource or Asset
1.4.3. Security Events and Incidents
1.4.4. Threats
1.4.5. Attack
1.4.6. Vulnerability
1.4.7. Security Controls
1.4.8. Cybersecurity Risk
1.4.9. InfoSec Model Implementation
1.5. RISK ASSESSMENT BASIS
1.5.1. Risk Analysis
1.5.2. Risk Evaluation
1.6. SECURITY CONTROLS
1.7. EXERCISES
1.8. INFORMATION SECURITY EVALUATION
1.8.1. Security Metrics and Measurements
1.8.1.1. The Effect of Maturity
1.8.1.2. Details about Metrics
1.9. CYBERSECURITY LAB REQUIREMENTS AND IMPLEMENTATION
1.9.1. Host Machine
1.9.2. Virtualization Platform
1.9.3. Network Issues
1.9.4. External Interface and Integration Issues
CHAPTER 2: Access Control Techniques
2.1. SUMMARY
2.2. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
2.3. ACCESS CONTROL FUNDAMENTALS
2.3.1. Basic Components
2.4. ACCESS CONTROL MODELS
2.4.1. Specification Languages
2.4.2. Bell-Lapadula Model
2.4.3. Biba Model
2.4.4. Clark-Wilson Model
2.4.5. Chinese Wall Model
2.4.6. Lattices for Multilevel Models
2.5. NETWORK ACCESS CONTROL
2.5.1. RADIUS
2.5.2. TACACS+
2.5.3. 802.1X Authentication
2.5.4. Kerberos
2.6. EXERCISES
2.7. AUTHENTICATION MODALITIES
2.7.1. Knowledge-Based
2.7.2. Token-Based
2.7.3. ID-Based (Biometrics)
2.7.4. Multimodal Authentication
2.8. IDENTITY MANAGEMENT
2.8.1. A Framework for IdM in Cyberspace
CHAPTER 3: Basic Cryptography Operations
3.1. SUMMARY
3.2. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
3.3. CONCEPTS AND TERMINOLOGY
3.3.1. Key-Based Algorithms
3.3.1.1. Symmetric Key Algorithms
3.3.1.2. Public-Key Algorithms
3.3.1.3. Attack Types
3.3.2. Hash Functions
3.3.3. Digital Signatures
3.3.4. Key Management Issues
3.3.5. Email Security Protocols
3.3.6. Public-Key Infrastructures (PKI)
3.4. PKI Tools
3.5. EXERCISES
3.5.1. Basic Tasks
3.5.2. Advanced Tasks
CHAPTER 4: Internet and Web Communication Models
4.1. SUMMARY
4.2. COMPUTER NETWORK FUNDAMENTALS
4.2.1. Link Level
4.2.2. Network Level
4.2.2.1. ICMP Protocol
4.2.2.2. Security Issues at the Link Level
4.2.3. Transport Level
4.2.3.1. TCP
4.2.3.2. UDP
4.2.3.3. Security Issues at the Transport Level
4.2.4. Application Level
4.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
4.4. NETWORK ANALYSIS TOOLS
4.5. NETWORK TRAFFIC ANOMALY SIGNS
4.6. ANALYSIS STRATEGY
4.7. EXERCISES
CHAPTER 5: Synthesis of Perimeter Security Technologies
5.1. SUMMARY
5.2. PRELIMINARY CONSIDERATIONS
5.2.1. Defense in Depth
5.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
5.4. FIREWALLS
5.4.1. Netfilter/Iptables โ€“ Where It All Begins
5.4.2. Iptables โ€“ Looking into the Future
5.4.3. Firewall Types
5.5. EXERCISE โ€“ FIREWALL
5.5.1. Summary of Tasks
5.5.2. Basic Tasks
5.5.3. Advanced Tasks
5.6. INTRUSION DETECTION SYSTEMS (IDS)
5.6.1. IDS Types
5.6.2. IDS Evaluation
5.7. EXERCISE โ€“ INTRUSION DETECTION
5.7.1. Summary of Tasks
5.7.2. Basic Tasks
5.7.3. Advanced Tasks
5.7.4. Recommended Complementary Tasks
5.8. NETWORK AND TRANSPORT SECURITY PROTOCOLS
5.8.1. VPNs
5.8.2. TLS/SSL
5.8.3. SSH
5.8.4. IPSec
5.9. EXERCISE โ€“ SECURITY PROTOCOLS
CHAPTER 6: Anatomy of Network and Computer Attacks
6.1. SUMMARY
6.2. INTRODUCTION TO PENTEST
6.2.1. Types of Pentest
6.2.2. Pentest Limitations
6.3. PROBLEM STATEMENT AND CHAPTER EXERCISE DESCRIPTION
6.4. INTRODUCTION TO KALI LINUX
6.5. INFORMATION GATHERING
6.6. SCANNING PORTS AND SERVICES
6.7. VULNERABILITY SCANNING
6.8. TARGET ENUMERATION
6.9. TARGET EXPLOITATION
6.10. EXERCISES
Bibliography
Index

๐Ÿ“œ SIMILAR VOLUMES

Cybersecurity: A Practical Engineering A
๐Ÿ“ Cybersecurity: A Practical Engineering Approach
โœ Henrique M. D. Santos ๐Ÿ“‚ Library ๐Ÿ“… 2022 ๐Ÿ› CRC Press/Chapman & Hall ๐ŸŒ English

<p><span>Cybersecurity: A Practical Engineering Approach</span><span> introduces the implementation of a secure cyber architecture, beginning with the identification of security risks. It then builds solutions to mitigate risks by considering the technological justification of the solutions as well

Traffic Engineering: A Practical Approac
๐Ÿ“ Traffic Engineering: A Practical Approach
โœ Franco Callegati, Walter Cerroni, Carla Raffaelli ๐Ÿ“‚ Library ๐Ÿ“… 2022 ๐Ÿ› Springer ๐ŸŒ English

<span>This textbook discusses the principles of queuing theory and teletraffic engineering in telecommunication networks. The book lays out the rigorous theoretical background while keeping strong links to practical applications and real-life scenarios. The overall goal of this textbook is to provid