SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Welcome to today’s most useful and practical one-volume introduction to computer security. Chuck Easttom brings together up-to-the-minute coverage of all basic concepts, terminology, and issues, along with all the skills you need to get started in the field. Drawing on his extensive experience as a security instructor and consultant, Easttom thoroughly covers core topics, such as vulnerability assessment, virus attacks, hacking, spyware, network defense, passwords, firewalls, VPNs, and intrusion detection. Writing clearly and simply, he fully addresses crucial issues that many introductory security books ignore, from industrial espionage to cyberbullying.
Computer Security Fundamentals, Second Edition is packed with tips and examples, all extensively updated for the state-of-the-art in both attacks and defense. Each chapter offers exercises, projects, and review questions designed to deepen your understanding and help you apply all you’ve learned. Whether you’re a student, a system or network administrator, a manager, or a law enforcement professional, this book will help you protect your systems and data and expand your career options.
Learn how to
Introduction 1
Chapter 1: Introduction to Computer Security
Introduction
How Seriously Should You Take Threats to Network Security?
Identifying Types of Threats
Malware
Compromising System Security
Denial of Service Attacks
Web Attacks
Session Hijacking
DNS Poisoning
Assessing the Likelihood of an Attack on Your Network
Basic Security Terminology
Hacker Slang
Professional Terms
Concepts and Approaches
How Do Legal Issues Impact Network Security?
Online Security Resources
CERT
Microsoft Security Advisor
F-Secure
SANS Institute
Summary
Test Your Skills
Chapter 2: Networks and the Internet
Introduction
Network Basics
The Physical Connection: Local Networks
Faster Connection Speeds
Data Transmission
How the Internet Works
IP Addresses
CIDR
Uniform Resource Locators
History of the Internet
Basic Network Utilities
IPConfig
Ping
Tracert
Other Network Devices
Advanced Network Communications Topics
The OSI Model
Media Access Control (MAC) Addresses
Summary
Test Your Skills
Chapter 3: Cyber Stalking, Fraud, and Abuse
Introduction
How Internet Fraud Works
Investment Offers
Auction Frauds
Identity Theft
Phishing
Cyber Stalking
Laws about Internet Fraud
Protecting Yourself against Cyber Crime
Protecting against Investment Fraud
Protecting against Identity Theft
Secure Browser Settings
Summary
Test Your Skills
Chapter Footnotes
Chapter 4: Denial of Service Attacks
Introduction
Denial of Service
Illustrating an Attack
Common Tools Used for DoS
DoS Weaknesses
Specific DoS Attacks
Land Attack
Distributed Denial of Service (DDoS)
Summary
Test Your Skills
Chapter 5: Malware
Introduction
Viruses
How a Virus Spreads
Recent Virus Examples
W32/Netsky-P
Troj/Invo-Zip
MacDefender
The Sobig Virus
The Mimail Virus
The Bagle Virus
A Nonvirus Virus
Rules for Avoiding Viruses
Trojan Horses .
The Buffer-Overflow Attack
The Sasser Virus/Buffer Overflow
Spyware
Legal Uses of Spyware
How Is Spyware Delivered to a Target System?
Obtaining Spyware Software
Other Forms of Malware
Rootkit
Malicious Web-Based Code
Logic Bombs
Spam
Detecting and Eliminating Viruses and Spyware
Antivirus Software
Antispyware Software
Summary
Test Your Skills
Chapter 6: Techniques Used by Hackers
Introduction
Basic Terminology
The Reconnaissance Phase
Passive Scanning Techniques
Active Scanning Techniques
Actual Attacks
SQL Script Injection
Cross-Site Scripting
Password Cracking
Summary
Test Your Skills
Chapter 7: Industrial Espionage in Cyberspace
Introduction
What Is Industrial Espionage?
Information as an Asset
Real-World Examples of Industrial Espionage
Example 1: VIA Technology
Example 2: General Motors
Example 3: Interactive Television Technologies, Inc.
Example 4: Bloomberg, Inc
Example 5: Avant Software
Industrial Espionage and You
How Does Espionage Occur?
Low-Tech Industrial Espionage
Spyware Used in Industrial Espionage
Steganography Used in Industrial Espionage
Phone Taps and Bugs
Protecting against Industrial Espionage
Industrial Espionage Act
Spear Phishing
Summary
Test Your Skills
Chapter 8: Encryption
Introduction
Cryptography Basics
History of Encryption
The Caesar Cipher
Multi-Alphabet Substitution
Binary Operations
Modern Methods
Single-Key (Symmetric) Encryption
Public Key (Asymmetric) Encryption
Legitimate Versus Fraudulent Encryption Methods
Digital Signatures
Hashing
Authentication
Encryptions Used in Internet
Virtual Private Networks
PPTP
L2TP
IPsec
Summary
Test Your Skills
Chapter 9: Computer Security Software
Introduction
Virus Scanners
How Does a Virus Scanner Work?
Virus-Scanning Techniques
Commercial Antivirus Software
Firewalls
Benefits and Limitation of Firewalls
Firewall Types and Components
How Firewalls Examine Packets
Firewall Configurations
Commercial and Free Firewall Products
Firewall Logs
Antispyware
Intrusion-Detection Software
IDS Categorization
IDS Approaches
Snort
Honey Pots
Other Preemptive Techniques
Summary
Test Your Skills
Chapter 10: Security Policies
Introduction
What Is a Policy
Defining User Policies
Passwords
Internet Use
Email Usage
Installing/Uninstalling Software
Instant Messaging
Desktop Configuration
Final Thoughts on User Policies
Defining System Administration Policies
New Employees
Departing Employees
Change Requests
Security Breaches
Virus Infection
Denial of Service Attacks
Intrusion by a Hacker
Defining Access Control
Developmental Policies
Standards, Guidelines, and Procedures
Summary
Test Your Skills
Chapter 11: Network Scanning and Vulnerability Scanning
Introduction
Basics of Assessing a System
Patch
Ports
Protect
Policies
Probe
Physical
Securing Computer Systems
Securing an Individual Workstation
Securing a Server
Securing a Network
Scanning Your Network
MBSA
NESSUS
Getting Professional Help
Summary
Test Your Skills
Chapter 12: Cyber Terrorism and Information Warfare
Introduction
Actual Cases of Cyber Terrorism
China Eagle Union
Economic Attacks
Military Operations Attacks
General Attacks
Supervisory Control and Data Acquisitions
Information Warfare
Propaganda
Information Control
Disinformation
Actual Cases
Future Trends
Positive Trends
Negative Trends
Defense against Cyber Terrorism
Summary
Test Your Skills
Chapter 13: Cyber Detective
Introduction
General Searches
Court Records and Criminal Checks
Sex Offender Registries
Civil Court Records
Other Resources
Usenet
Summary
Test Your Skills
Chapter 14: Introduction to Forensics
Introduction
General Guidelines
Don’t Touch the Suspect Drive
Document Trail
Secure the Evidence
FBI Forensics Guidelines
Finding Evidence on the PC
Finding Evidence in the Browser
Finding Evidence in System Logs
Windows Logs
Linux Logs
Getting Back Deleted Files
Operating System Utilities
Net Sessions
Openfiles
Fc
Netstat
The Windows Registry
Summary
Test Your Skills
Appendix A: Glossary
Appendix B: Resources
General Computer Crime and Cyber Terrorism
General Knowledge
Cyber Stalking
Identity Theft
Port Scanners and Sniffers
Password Crackers
Countermeasures
Spyware
Counter Spyware
Cyber Investigation Tools
General Tools
Virus Research
9780789748904 TOC 12/6/2011