Amsterdam ; ; Boston, : Elsevier Digital Press, c2003

1-281-03527-0

9786611035273

0-08-053018-4

1 online resource (1331 p.)

HancockBill <1957->

005.8

Computer security

Computer networks - Security measures

Electronic books.

Inglese

Description based upon print version of record.

Includes bibliographical references and index.

Front Cover; Cybersecurity Operations Handbook; Copyright Page; Contents; List of Figures; List of Tables; Foreword; Preface; Acknowledgments; Disclaimer; Chapter 1. Why Worry about Security? I; 1.1 Threats to personal privacy; 1.2 Fraud and theft; 1.3 Employee sabotage; 1.4 Infrastructure attacks; 1.5 Malicious hackers; 1.6 Malicious code; 1.7 Industrial espionage; 1.8 The 1996 National Information Infrastructure Protection Act; 1.9 President's executive order on critical infrastructure protection; 1.10 The USA Patriot Act of 2001; 1.11 The Homeland Security Act of 2002; 1.12 Chapter summary

1.13 EndnotesChapter 2. Network Security Management Basics; 2.1 Foundations of information assurance; 2.2 Defense-in-depth strategy; 2.3 Overview of RFC 2196 (Site Security Handbook); 2.4 The Common Criteria model; 2.5 Privacy standards and regulations; 2.6 Password management; 2.7 Incident handling; 2.8 Information warfare and information operations; 2.9 Web security overview; 2.10 Chapter summary; 2.11 Endnotes; Chapter 3. Security Foundations; 3.1 Access control; 3.2 Purpose of access control; 3.3 Access control entities; 3.4 Fundamental concepts of access control

3.5 Access control criteria3.6 Access control models; 3.7 Uses of

access control; 3.8 Access control administration models; 3.9 Access control mechanisms; 3.10 Physical and environmental security controls; 3.11 Applications development security; 3.12 Standardization of application security features; 3.13 Techniques to enforce application security; 3.14 Security architecture; 3.15 Security and the law; 3.16 Investigations; 3.17 Ethics; 3.18 Operations security; 3.19 Host-based intrusion detection; 3.20 Network-based detection efforts; 3.21 Chapter summary; 3.22 Endnotes

Chapter 4. Firewalls and Perimeters4.1 Firewall environments; 4.2 Perimeter concepts; 4.3 How intruders break; 4.4 What is a firewall?; 4.5 Static packet filtering; 4.6 Edge, or boundary, routers and packet filters; 4.7 Stateful filtering and inspection; 4.8 Proxy servers; 4.9 Circuit gateways; 4.10 Application gateway; 4.11 Chapter summary; 4.12 Endnotes; Chapter 5. VPNs and Remote Access; 5.1 Historical evolution of the VPN; 5.2 VPN basics; 5.3 Why is a VPN needed?; 5.4 VPN security essentials; 5.5 VPN tunneling and protocols; 5.6 Business benefits of VPNs; 5.7 A case study

5.8 Chapter summary5.9 Endnotes; Chapter 6. Intrusion Detection in Depth; 6.1 Basic intrusion detection concepts; 6.2 Types of IDSs; 6.3 IDS detectable attack types; 6.4 Understanding TCP/IP for intrusion detection; 6.5 Tcpdump overview; 6.6 Case study-Kevin Mitnik; 6.7 Chapter summary; 6.8 Endnotes; Chapter 7. Securing Communications; 7.1 Cryptography; 7.2 Cryptographic techniques; 7.3 Cryptographic keys; 7.4 Cryptographic hash functions; 7.5 Digital signatures; 7.6 Secret-key cryptography; 7.7 Public-key cryptography; 7.8 OpenPGP; 7.9 Cryptanalysis and cryptographic attack techniques

7.10 Steganography

Cybersecurity Operations Handbook is the first book for daily operations teams who install, operate and maintain a range of security technologies to protect corporate infrastructure. Written by experts in security operations, this book provides extensive guidance on almost all aspects of daily operational security, asset protection, integrity management, availability methodology, incident response and other issues that operational teams need to know to properly run security products and services in a live environment. Provides a master document on Mandatory FCC Best Practices and compl