You are previewing The InfoSec Handbook.
O'Reilly logo
The InfoSec Handbook

Book Description

The InfoSec Handbook offers the reader an organized layout of information that is easily read and understood. Allowing beginners to enter the field and understand the key concepts and ideas, while still keeping the experienced readers updated on topics and concepts.

It is intended mainly for beginners to the field of information security, written in a way that makes it easy for them to understand the detailed content of the book. The book offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security. It helps the reader build a strong foundation of information, allowing them to move forward from the book with a larger knowledge base.

Security is a constantly growing concern that everyone must deal with. Whether it’s an average computer user or a highly skilled computer user, they are always confronted with different security risks. These risks range in danger and should always be dealt with accordingly. Unfortunately, not everyone is aware of the dangers or how to prevent them and this is where most of the issues arise in information technology (IT). When computer users do not take security into account many issues can arise from that like system compromises or loss of data and information. This is an obvious issue that is present with all computer users.

This book is intended to educate the average and experienced user of what kinds of different security practices and standards exist. It will also cover how to manage security software and updates in order to be as protected as possible from all of the threats that they face

Table of Contents

  1. Cover
  2. Title
  3. Copyright
  4. About ApressOpen
  5. Dedication
  6. Contents at a Glance
  7. Contents
  8. About the Authors
  9. Acknowledgments
  10. Introduction
  11. Part I: Introduction
    1. Chapter 1: Introduction to Security
      1. What is Security?
      2. Why is Security Important?
      3. What if You Do Not Care About Security?
      4. The Evolution of the Computer and Information Security
      5. Information Security Today
      6. Applicable Standards and Certifications
      7. The Role of a Security Program
    2. Chapter 2: History of Computer Security
      1. Introduction
      2. Communication
      3. World Wars and Their Influence on the Field of Security
        1. Cypher Machine: Enigma
        2. Code Breakers
        3. Some Historical Figures of Importance: Hackers and Phreakers
        4. Kevin Mitnick
      4. Chapter Summary
  12. Part II: Key Principles and Practices
    1. Chapter 3: Key Concepts and Principles
      1. Introduction
      2. Security Threats
        1. External and Internal Threats
        2. Information Security Frameworks and Information Security Architecture
      3. Pillars of Security
        1. People
        2. Policies, Procedures, and Processes
        3. Technology
      4. Information Security Concepts
        1. CIA Triad
        2. Parkerian Hexad
      5. Implementation of Information Security
        1. Risk Assessment
        2. Planning and Architecture
        3. Gap Analysis
        4. Integration and Deployment
        5. Operations
        6. Monitoring
        7. Legal Compliance and Audit
        8. Crisis Management
      6. Principles of Information Security
      7. Chapter Summary
    2. Chapter 4: Access Controls
      1. Introduction
        1. Confidentiality and Data Integrity
        2. Who Can Access the Data?
      2. What is an Access Control?
        1. Authentication and Authorization
        2. Authentication and Access Control Layers
        3. Access Control Strategies
      3. Implementing Access Controls
        1. Access Control Lists (ACLs)
        2. AAA Framework
        3. LDAP and Active Directory
        4. IDAM
      4. Chapter Summary
    3. Chapter 5: Information Systems Management
      1. Introduction
        1. Risk
        2. Incident
        3. Disaster
        4. Disaster Recovery
        5. Business Continuity
      2. Risk Management
        1. Identification of Risk
        2. Risk Analysis
        3. Risk Responses
        4. Execution of the Risk Treatment Plans
        5. The Importance of Conducting a Periodic Risk Assessment
      3. Incident Response
        1. Incident Response Policy, Plan, and Processes
        2. Incident Response Teams
        3. Ensuring Effectiveness of Incident Response
      4. Disaster Recovery and Business Continuity
        1. How to Approach Business Continuity Plan
      5. Chapter Summary
  13. Part III: Application Security
    1. Chapter 6: Application and Web Security
      1. Introduction
      2. Software Applications
        1. Completeness of the Inputs
        2. Correctness of the Inputs
        3. Completeness of Processing
        4. Correctness of Processing
        5. Completeness of the Updates
        6. Correctness of the Updates
        7. Preservation of the Integrity of the Data in Storage
        8. Preservation of the Integrity of the Data while in Transmission
        9. Importance of an Effective Application Design and Development Life Cycle
        10. Important Guidelines for Secure Design and Development
      3. Web Browsers, Web Servers, and Web Applications
        1. Vulnerabilities in Web Browsers
        2. Vulnerabilities of Web Servers
        3. Web Applications
      4. Chapter Summary
    2. Chapter 7: Malicious Software and Anti-Virus Software
      1. Introduction
      2. Malware Software
        1. Introduction to Malware
      3. Types of Malware in Detail
        1. Spyware
        2. Adware
        3. Trojans
        4. Viruses
        5. Worms
        6. Backdoors
        7. Botnets
      4. A Closer Look at Spyware
        1. Trojans and Backdoors
        2. Rootkits
        3. Viruses and Worms
        4. Botnets
      5. Brief History of Viruses, Worms, and Trojans
        1. The Current Situation
      6. Anti-Virus Software
        1. Need for Anti-Virus Software
      7. Top 5 Commercially Available Anti-Virus Software
        1. Symantec Norton Anti-Virus Software
        2. McAfee Anti-Virus
        3. Kaspersky Anti-Virus
        4. Bitdefender Anti-Virus
        5. AVG Anti-Virus Software
      8. A Few Words of Caution
      9. Chapter Summary
    3. Chapter 8: Cryptography
      1. Introduction
      2. Cryptographic Algorithms
      3. Symmetric Key Cryptography
        1. Key Distribution
      4. Asymmetric Key Cryptography
        1. Public Key Cryptography
        2. RSA Algorithm
        3. Advantages of Public Key Cryptography
        4. Applications of PKC
        5. Public Key Infrastructure (PKI)
        6. Certificate Authority (CA)
        7. Digital Certificate
      5. Hash Function Cryptography
        1. Popular Hashes
        2. Digital Signatures
      6. Summary of Cryptography Standard Algorithms
      7. Disk / Drive Encryption
      8. Attacks on Cryptography
      9. Chapter Summary
  14. Part IV: Network Security
    1. Chapter 9: Understanding Networks and Network Security
      1. Introduction
      2. Networking Fundamentals
      3. Computer Communication
      4. Network and its Components
        1. Network Protocols
      5. Network Vulnerabilities and Threats
        1. Vulnerabilities
        2. Threats
        3. Attacks
      6. Chapter Summary
    2. Chapter 10: Firewalls
      1. Introduction
        1. How Do You Protect a Network?
      2. Firewall
        1. Basic Functions of Firewall
        2. Packet Filtering
        3. Stateful Packet Filtering
        4. Network Address Translation (NAT)
        5. Application Level Gateways (Application Proxy)
      3. Firewall Deployment Architecture
        1. Option 1: Bastion Host
        2. Option 2: Staging Area or Demilitarized Zone (DMZ)
      4. Personal Firewall
        1. Firewall Best Practices
        2. Auditing of Firewall
      5. Chapter Summary
    3. Chapter 11: Intrusion Detection and Prevention Systems
      1. Introduction
      2. Why Use IDS?
        1. Types of IDS
      3. How Does Detection Work?
        1. Signature-Based Detection
        2. Anomaly-Based Detection
      4. IDS/IPS System Architecture and Framework
        1. Appliance (Sensors)
        2. Signature Update Server
        3. IDS/IPS in Context
      5. Chapter Summary
    4. Chapter 12: Virtual Private Networks
      1. Introduction
      2. Advantages of VPN
      3. VPN Types
        1. Remote Access (Host-to-Site) VPN
        2. Site-to-Site (Intranet and Extranet) VPN
      4. VPN and Firewall
      5. VPN Protocols
        1. Tunneling
        2. Data Authentication and Data Integrity
        3. Anti-Replay Services
        4. Data Encryption
        5. Layer Two Tunneling Protocol (L2TPv3)
        6. Generic Routing Encapsulation (GRE)
        7. Internet Protocol Security (IPSec)
      6. MPLS (Multi-Protocol Label Switching)
        1. MPLS VPN
        2. MPLS VPN Security
        3. Important IETF Standards and RFCs for VPN Implementation
      7. A Few Final Thoughts about VPN
      8. Chapter Summary
    5. Chapter 13: Data Backups and Cloud Computing
      1. Introduction
      2. Need for Data Backups
      3. Types of Backups
        1. Category 1: Based on current data on the system and the data on the backups
        2. Category 2: Based on what goes into the backup
        3. Category 3: Based on storage of backups
        4. Category 4: Based on the extent of the automation of the backups
        5. RAID Levels
        6. Other Important Fault Tolerance Mechanisms
        7. Role of Storage Area Networks (SAN) in providing Backups and Disaster Recovery
        8. Cloud Infrastructure in Backup Strategy
        9. Database Backups
      4. Backup Strategy
        1. Restoration Strategy
        2. Important Security Considerations
        3. Some Inherent Issues with Backups and Restoration
        4. Best Practices Related to Backups and Restoration
      5. Introduction to Cloud Computing
        1. What is Cloud Computing?
      6. Fundamentals of Cloud Computing
        1. Cloud Service Models
      7. Important Benefits of Cloud Computing
        1. Upfront Capital Expenditure (CAPEX) versus Pay as you use Operational Expenditure (OPEX)
        2. Elasticity or Flexibility
        3. Reduced need for specialized resources and maintenance services
        4. On-Demand Self-Service Mode versus Well-Planned Time-Consuming Ramp Up
        5. Redundancy and Resilience versus Single Points of Failure
        6. Cost of traditional DRP and BCP versus the DRP & BCP through Cloud Environment
        7. Ease of use on the Cloud Environment
      8. Important Enablers of Cloud Computing
      9. Four Cloud Deployment Models
        1. Private Cloud
        2. Public Cloud
        3. Community Cloud
        4. Hybrid Cloud
      10. Main Security and Privacy Concerns of Cloud Computing
        1. Compliance
        2. Lack of Segregation of Duties
        3. Complexity of the Cloud Computing System
        4. Shared Multi-tenant Environment
        5. Internet and Internet Facing Applications
        6. Control of the Cloud Consumer on the Cloud Environment
        7. Types of Agreements related to Service Levels and Privacy with the Cloud Provider
        8. Data Management and Data Protection
        9. Insider Threats
        10. Security Issues on account of multiple levels
        11. Physical security issues related to Cloud Computing environment
        12. Cloud Applications Security
        13. Threats on account of Virtual Environment
        14. Encryption and Key Management
      11. Some Mechanisms to address the Security and Privacy Concerns in Cloud Computing Environment
        1. Understand the Cloud Computing environment and protect yourself
        2. Understand the Technical Competence and segregation of duties of the Cloud Provider
        3. Protection against Technical Vulnerabilities and Malicious Attacks
        4. Regular Hardening and Appropriate Configurations of the Cloud Computing Environment
        5. Data Protection
        6. Encryption
        7. Good Governance Mechanisms
        8. Compliance
        9. Logging and Auditing
        10. Patching / Updating
        11. Application Design and Development
        12. Physical Security
        13. Strong Access Controls
        14. Backups
        15. Third-Party Certifications / Auditing
      12. Chapter Summary
  15. Part V: Physical Security
    1. Chapter 14: Physical Security and Biometrics
      1. Introduction
      2. Physical and Technical Controls
        1. ID Cards and Badges
        2. Photo ID cards
        3. Magnetic Access Cards
        4. Other Access Mechanisms
        5. Locks and Keys
        6. Electronic Monitoring and Surveillance Cameras
        7. Alarms and Alarm Systems
      3. Biometrics
        1. Some of the important biometric mechanisms
        2. How the biometric system works
        3. Enrollment
        4. Recognition
        5. Performance of the Biometrics System
        6. The test of a good biometric system
        7. Possible information security issues with the Biometric Systems
        8. Multimodal biometric system
        9. Advantages of Biometric systems
      4. Administrative Controls
        1. Fire Safety Factors
        2. Interception of Data
        3. Mobile and Portable Devices
        4. Visitor Control
      5. Chapter Summary
    2. Chapter 15: Social Engineering
      1. Introduction
      2. Social Engineering Attacks: How They Exploit Human Nature
        1. Helping Nature
        2. Trusting Nature
        3. Obeying the Authority
        4. Fear
      3. Social Engineering: Attacks Caused by Human Beings
      4. Social Engineering: Attacks Caused by Computers or Other Automated Means
      5. Social Engineering: Methods that are Used for Attacks
      6. Social Engineering: Other Important Attack Methods
      7. Social Engineering: How to Reduce the Possibility of Falling Prey to Attacks
      8. Chapter Summary
    3. Chapter 16: Current Trends in Information Security
      1. Wireless Security
        1. Bluetooth Technology and Security
      2. Mobile Security
      3. Chapter Summary
    4. Bibliography
      1. Chapter 1
        1. Footnotes
        2. References
      2. Chapter 2
        1. Footnotes
        2. Additional References
      3. Chapter 3
        1. Footnotes
      4. Chapter 4
        1. Footnotes
      5. Chapter 5
        1. Footnotes
      6. Chapter 6
        1. Footnotes
        2. Additional References
      7. Chapter 7
        1. Footnotes
      8. Chapter 8
        1. Footnotes
        2. Additional References
      9. Chapter 9
        1. Footnotes
        2. Additional References
      10. Chapter 10
        1. Footnotes
        2. Additional References
      11. Chapter 11
        1. Footnotes
        2. Additional References
      12. Chapter 12
        1. Footnotes
        2. Additional References
      13. Chapter 13
        1. Footnotes
        2. References
      14. Chapter 14
        1. Footnotes
        2. References
        3. Additional References
      15. Chapter 15
        1. Footnotes
        2. Additional References
      16. Chapter 16
        1. Footnotes
  16. Index