Network Defense and Countermeasures: Principles and Practices, 4th Edition

Network Defense and Countermeasures: Principles and Practices, 4th Edition

by Chuck Easttom
Released October 2023
Publisher(s): Pearson IT Certification
ISBN: 9780138200626

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

All you need to know about defending networks, in one book

Clearly explains concepts, terminology, challenges, tools, and skills Covers key security standards and models for business and government The perfect introduction for all network/computer security professionals and students Welcome to todays most useful and practical introduction to defending modern networks. Drawing on decades of experience, Chuck Easttom brings together updated coverage of all the concepts, terminology, techniques, and solutions youll need to be effective.

Easttom thoroughly introduces the core technologies of modern network security, including firewalls, intrusion-detection systems, and VPNs. Next, he shows how encryption can be used to safeguard data as it moves across networks.

Youll learn how to harden operating systems, defend against malware and network attacks, establish robust security policies, and assess network security using industry-leading standards and models. Youll also find thorough coverage of key issues such as physical security, forensics, and cyberterrorism.

Throughout, Easttom blends theory and application, helping you understand both what to do and why. In every chapter, quizzes, exercises, projects, and web resources deepen your understanding and help you use what youve learnedin the classroom and in your career.

LEARN HOW TO

  • Evaluate key network risks and dangers

  • Choose the right network security approach for your organization

  • Anticipate and counter widespread network attacks, including those based on social engineering

  • Successfully deploy and apply firewalls and intrusion detection systems

  • Secure network communication with virtual private networks

  • Protect data with cryptographic public/private key systems, digital signatures, and certificates

  • Defend against malware, including ransomware, Trojan horses, and spyware

  • Harden operating systems and keep their security up to date

  • Define and implement security policies that reduce risk

  • Explore leading security standards and models, including ISO and NIST standards

  • Prepare for an investigation if your network has been attacked

  • Understand the growing risks of espionage and cyberterrorism

Table of contents

  1. Cover Page
  2. About This eBook
  3. Title Page
  4. Copyright Page
  5. Pearson’s Commitment to Diversity, Equity, and Inclusion
  6. Credits
  7. Contents at a Glance
  8. Table of Contents
  9. Preface
    1. Audience
    2. Overview of the Book
  10. About the Author
  11. Dedication
  12. Acknowledgments
  13. About the Technical Reviewer
  14. We Want to Hear from You!
  15. Reader Services
  16. Chapter 1. Introduction to Network Security
    1. Introduction
    2. The Basics of a Network
    3. Basic Network Utilities
    4. The OSI Model
    5. What Does This Mean for Security?
    6. Assessing Likely Threats to the Network
    7. Classifications of Threats
    8. Likely Attacks
    9. Threat Assessment
    10. Understanding Security Terminology
    11. Choosing a Network Security Approach
    12. Network Security and the Law
    13. Using Security Resources
    14. Summary
    15. Endnotes
  17. Chapter 2. Types of Attacks
    1. Introduction
    2. Understanding Denial of Service Attacks
    3. Defending Against Buffer Overflow Attacks
    4. Defending Against IP Spoofing
    5. Defending Against Session Hijacking
    6. Blocking Virus and Trojan Horse Attacks
    7. Summary
    8. Endnotes
  18. Chapter 3. Fundamentals of Firewalls
    1. Introduction
    2. What Is a Firewall?
    3. Implementing Firewalls
    4. Firewall Deployment
    5. Selecting and Using a Firewall
    6. Using Proxy Servers
    7. Summary
  19. Chapter 4. Firewall Practical Applications
    1. Introduction
    2. Using Single Machine Firewalls
    3. Windows 10 Firewall
    4. User Account Control
    5. Linux Firewalls
    6. Using Small Office/Home Office Firewalls
    7. Using Medium-Sized Network Firewalls
    8. Using Enterprise Firewalls
    9. Summary
    10. Endnotes
  20. Chapter 5. Intrusion-Detection Systems
    1. Introduction
    2. Understanding IDS Concepts
    3. IDS Components and Processes
    4. SIEM
    5. Evasion Techniques
    6. Understanding and Implementing IDSs
    7. Understanding and Implementing Honeypots
    8. Summary
  21. Chapter 6. Encryption Fundamentals
    1. Introduction
    2. The History of Encryption
    3. Learning About Modern Encryption Methods
    4. Identifying Good Encryption
    5. Understanding Digital Signatures and Certificates
    6. Understanding and Using Decryption
    7. Cracking Passwords
    8. Steganography
    9. Steganalysis
    10. Quantum Computing and Quantum Cryptography
    11. Summary
    12. Endnote
  22. Chapter 7. Virtual Private Networks
    1. Introduction
    2. Basic VPN Technology
    3. Using VPN Protocols for VPN Encryption
    4. IPsec
    5. SSL/TLS
    6. Other VPN Protocols
    7. Implementing VPN Solutions
    8. Summary
    9. Endnotes
  23. Chapter 8. Operating System Hardening
    1. Introduction
    2. Configuring Windows Properly
    3. Configuring Linux Properly
    4. Patching the Operating System
    5. Configuring Browsers
    6. Summary
  24. Chapter 9. Defending Against Virus Attacks
    1. Introduction
    2. Understanding Virus Attacks
    3. Virus Scanners
    4. Antivirus Policies and Procedures
    5. Additional Methods for Defending Your System
    6. What to Do If Your System Is Infected by a Virus
    7. Summary
    8. Endnotes
  25. Chapter 10. Defending Against Trojan Horses and Phishing
    1. Introduction
    2. Trojan Horses
    3. Phishing
    4. Summary
    5. Endnotes
    6. Projects
  26. Chapter 11. Security Policies
    1. Introduction
    2. ISO 27002
    3. Important Standards
    4. Defining User Policies
    5. Defining System Administration Policies
    6. Defining Access Control
    7. Defining Developmental Policies
    8. Disaster Recovery
    9. Summary
  27. Chapter 12. Assessing System Security
    1. Introduction
    2. Risk Assessment Concepts
    3. Evaluating the Security Risk
    4. Conducting the Initial Assessment
    5. Probing the Network
    6. Vulnerabilities
    7. McCumber Cube
    8. Security Documentation
    9. Summary
  28. Chapter 13. Security Standards
    1. Introduction
    2. COBIT
    3. ISO Standards
    4. NIST Standards
    5. U.S. DoD Standards
    6. Using the Common Criteria
    7. Using Security Models
    8. U.S. Federal Regulations, Guidelines, and Standards
    9. Summary
    10. Endnotes
  29. Chapter 14. Physical Security and Disaster Recovery
    1. Introduction
    2. Physical Security
    3. Disaster Recovery
    4. Ensuring Fault Tolerance
    5. Summary
  30. Chapter 15. Techniques Used by Attackers
    1. Introduction
    2. Preparing to Hack
    3. The Attack Phase
    4. Session Hijacking
    5. Wi-Fi Hacking
    6. Bluetooth Hacking
    7. Summary
  31. Chapter 16. Introduction to Forensics
    1. Introduction
    2. General Forensics Guidelines
    3. FBI Forensics Guidelines
    4. Imaging a Drive
    5. Finding Evidence on the PC
    6. Gathering Evidence from a Cell Phone
    7. Forensic Tools to Use
    8. Forensic Science
    9. To Certify or Not to Certify?
    10. Expert Witnesses
    11. Additional Types of Forensics
    12. Summary
    13. Endnote
  32. Chapter 17. Cyber Warfare and Terrorism
    1. Introduction
    2. Defending Against Computer-Based Espionage
    3. Defending Against Computer-Based Terrorism
    4. Choosing Defense Strategies
    5. Summary
    6. Endnotes
  33. Appendix A. Answers
  34. Glossary
  35. Index
  36. Code Snippets

Product information

  • Title: Network Defense and Countermeasures: Principles and Practices, 4th Edition
  • Author(s): Chuck Easttom
  • Release date: October 2023
  • Publisher(s): Pearson IT Certification
  • ISBN: 9780138200626