Atjaunināt sīkdatņu piekrišanu

E-grāmata: Guide to Computer Network Security

2.90/5 (12 ratings by Goodreads)
Citas grāmatas par šo tēmu:
  • Formāts - EPUB+DRM
  • Cena: 77,31 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
Guide to Computer Network SecurityPalielināt
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

This fully revised and updated new edition of the definitive text/reference on computer network and information security presents a comprehensive guide to the repertoire of security tools, algorithms and best practices mandated by the technology we depend on. Topics and features: highlights the magnitude of the vulnerabilities, weaknesses and loopholes inherent in computer networks; discusses how to develop effective security solutions, protocols, and best practices for the modern computing environment; examines the role of legislation, regulation, and enforcement in securing computing and mobile systems; describes the burning security issues brought about by the advent of the Internet of Things and the eroding boundaries between enterprise and home networks (NEW); provides both quickly workable and more thought-provoking exercises at the end of each chapter, with one chapter devoted entirely to hands-on exercises; supplies additional support materials for instructors at an associated website.

Recenzijas

The fourth edition of this outstanding guide is fully revised, keeping in line with the latest technological developments of the computing ecosystem, which resulted from the removal of the logical boundaries between enterprise, mobile, wireless, and home networks, as well as the rapid extension and embedding process of social networks. This is an outstanding reference for all computer network security professionals who need to acquire knowledge shared from the great experience of the author. (Computing Reviews, December, 2017)

Part I Introduction to Traditional Computer Network Security
1 Computer Network Fundamentals
3(38)
1.1 Introduction
3(1)
1.2 Computer Network Models
4(1)
1.3 Computer Network Types
5(1)
1.3.1 Local Area Networks (LANs)
5(1)
1.3.2 Wide Area Networks (WANs)
6(1)
1.3.3 Metropolitan Area Networks (MANs)
6(1)
1.4 Data Communication Media Technology
6(7)
1.4.1 Transmission Technology
7(3)
1.4.2 Transmission Media
10(3)
1.5 Network Topology
13(3)
1.5.1 Mesh
13(1)
1.5.2 Tree
13(1)
1.5.3 Bus
14(1)
1.5.4 Star
15(1)
1.5.5 Ring
16(1)
1.6 Network Connectivity and Protocols
16(6)
1.6.1 Open System Interconnection (OSI) Protocol Suite
18(1)
1.6.2 Transmission Control Protocol/Internet Protocol (TCP/IP) Model
19(3)
1.7 Network Services
22(4)
1.7.1 Connection Services
22(2)
1.7.2 Network Switching Services
24(2)
1.8 Network Connecting Devices
26(8)
1.8.1 LAN Connecting Devices
26(2)
1.8.2 Internetworking Devices
28(6)
1.9 Network Technologies
34(5)
1.9.1 LAN Technologies
34(2)
1.9.2 WAN Technologies
36(3)
1.9.3 Wireless LANs
39(1)
1.10 Conclusion
39(2)
References
40(1)
2 Computer Network Security Fundamentals
41(20)
2.1 Introduction
41(3)
2.1.1 Computer Security
43(1)
2.1.2 Network Security
43(1)
2.1.3 Information Security
43(1)
2.2 Securing the Computer Network
44(1)
2.2.1 Hardware
44(1)
2.2.2 Software
44(1)
2.3 Forms of Protection
44(4)
2.3.1 Access Control
45(1)
2.3.2 Authentication
46(1)
2.3.3 Confidentiality
46(1)
2.3.4 Integrity
47(1)
2.3.5 Nonrepudiation
47(1)
2.4 Security Standards
48(13)
2.4.1 Security Standards Based on Type of Service/Industry
49(3)
2.4.2 Security Standards Based on Size/Implementation
52(1)
2.4.3 Security Standards Based on Interests
53(1)
2.4.4 Security Best Practices
53(4)
References
57(4)
Part II Security Issues and Challenges in the Traditional Computer Network
3 Security Threats and Threat Motives to Computer Networks
61(26)
3.1 Introduction
61(1)
3.2 Sources of Security Threats
62(17)
3.2.1 Design Philosophy
63(1)
3.2.2 Weaknesses in Network Infrastructure and Communication Protocols
63(3)
3.2.3 Rapid Growth of Cyberspace
66(1)
3.2.4 The Growth of the Hacker Community
67(11)
3.2.5 Vulnerability in Operating System Protocol
78(1)
3.2.6 The Invisible Security Threat: The Insider Effect
78(1)
3.2.7 Social Engineering
79(1)
3.2.8 Physical Theft
79(1)
3.3 Security Threat Motives
79(3)
3.3.1 Terrorism
80(1)
3.3.2 Military Espionage
80(1)
3.3.3 Economic Espionage
80(1)
3.3.4 Targeting the National Information Infrastructure
81(1)
3.3.5 Vendetta/Revenge
81(1)
3.3.6 Hate (National Origin, Gender, and Race)
82(1)
3.3.7 Notoriety
82(1)
3.3.8 Greed
82(1)
3.3.9 Ignorance
82(1)
3.4 Security Threat Management
82(1)
3.4.1 Risk Assessment
83(1)
3.4.2 Forensic Analysis
83(1)
3.5 Security Threat Correlation
83(1)
3.5.1 Threat Information Quality
84(1)
3.6 Security Threat Awareness
84(3)
References
86(1)
4 Introduction to Computer Network Vulnerabilities
87(18)
4.1 Definition
87(1)
4.2 Sources of Vulnerabilities
87(13)
4.2.1 Design Flaws
88(3)
4.2.2 Poor Security Management
91(1)
4.2.3 Incorrect Implementation
92(1)
4.2.4 Internet Technology Vulnerability
93(2)
4.2.5 Changing Nature of Hacker Technologies and Activities
95(1)
4.2.6 Difficulty of Fixing Vulnerable Systems
96(1)
4.2.7 Limits of Effectiveness of Reactive Solutions
97(1)
4.2.8 Social Engineering
98(2)
4.3 Vulnerability Assessment
100(5)
4.3.1 Vulnerability Assessment Services
100(1)
4.3.2 Advantages of Vulnerability Assessment Services
101(2)
References
103(2)
5 Cyber Crimes and Hackers
105(28)
5.1 Introduction
105(1)
5.2 Cybercrimes
106(4)
5.2.1 Ways of Executing Cybercrimes
107(2)
5.2.2 Cybercriminals
109(1)
5.3 Hackers
110(18)
5.3.1 History of Hacking
110(3)
5.3.2 Types of Hackers
113(4)
5.3.3 Hacker Motives
117(3)
5.3.4 Hacking Topologies
120(4)
5.3.5 Hackers' Tools of System Exploitation
124(3)
5.3.6 Types of Attacks
127(1)
5.4 Dealing with the Rising Tide of Cybercrimes
128(1)
5.4.1 Prevention
128(1)
5.4.2 Detection
129(1)
5.4.3 Recovery
129(1)
5.5 Conclusion
129(4)
References
130(3)
6 Scripting and Security in Computer Networks and Web Browsers
133(14)
6.1 Introduction
133(1)
6.2 Scripting
134(1)
6.3 Scripting Languages
134(3)
6.3.1 Server-Side Scripting Languages
135(1)
6.3.2 Client-Side Scripting Languages
135(2)
6.4 Scripting in Computer Network
137(3)
6.4.1 Introduction to the Common Gateway Interface (CGI)
138(2)
6.4.2 Server-Side Scripting: The CGI Interface
140(1)
6.5 Computer Networks Scripts and Security
140(4)
6.5.1 CGI Script Security
141(2)
6.5.2 JavaScript and VBScript Security
143(1)
6.5.3 Web Script Security
144(1)
6.6 Dealing with the Script Security Problems
144(3)
References
145(2)
7 Security Assessment, Analysis, and Assurance
147(28)
7.1 Introduction
147(1)
7.2 System Security Policy
148(3)
7.3 Building a Security Policy
151(6)
7.3.1 Security Policy Access Rights Matrix
151(2)
7.3.2 Policy and Procedures
153(4)
7.4 Security Requirements Specification
157(1)
7.5 Threat Identification
158(3)
7.5.1 Human Factors
158(1)
7.5.2 Natural Disasters
159(1)
7.5.3 Infrastructure Failures
159(2)
7.6 Threat Analysis
161(2)
7.6.1 Approaches to Security Threat Analysis
162(1)
7.7 Vulnerability Identification and Assessment
163(3)
7.7.1 Hardware
163(1)
7.7.2 Software
164(1)
7.7.3 Humanware
165(1)
7.7.4 Policies, Procedures, and Practices
165(1)
7.8 Security Certification
166(2)
7.8.1 Phases of a Certification Process
167(1)
7.8.2 Benefits of Security Certification
167(1)
7.9 Security Monitoring and Auditing
168(2)
7.9.1 Monitoring Tools
168(1)
7.9.2 Type of Data Gathered
169(1)
7.9.3 Analyzed Information
169(1)
7.9.4 Auditing
170(1)
7.10 Products and Services
170(5)
References
171(4)
Part III Dealing with Computer Network Security Challenges
8 Disaster Management
175(12)
8.1 Introduction
175(2)
8.1.1 Categories of Disasters
176(1)
8.2 Disaster Prevention
177(2)
8.3 Disaster Response
179(1)
8.4 Disaster Recovery
179(4)
8.4.1 Planning for a Disaster Recovery
180(1)
8.4.2 Procedures of Recovery
181(2)
8.5 Make Your Business Disaster Ready
183(1)
8.5.1 Always Be Ready for a Disaster
183(1)
8.5.2 Always Back Up Media
184(1)
8.5.3 Risk Assessment
184(1)
8.6 Resources for Disaster Planning and Recovery
184(3)
8.6.1 Local Disaster Resources
184(2)
References
186(1)
9 Access Control and Authorization
187(20)
9.1 Definitions
187(1)
9.2 Access Rights
188(6)
9.2.1 Access Control Techniques and Technologies
189(5)
9.3 Access Control Systems
194(5)
9.3.1 Physical Access Control
194(1)
9.3.2 Access Cards
194(1)
9.3.3 Electronic Surveillance
195(1)
9.3.4 Biometrics
196(3)
9.3.5 Event Monitoring
199(1)
9.4 Authorization
199(2)
9.4.1 Authorization Mechanisms
200(1)
9.5 Types of Authorization Systems
201(1)
9.5.1 Centralized
201(1)
9.5.2 Decentralized
201(1)
9.5.3 Implicit
202(1)
9.5.4 Explicit
202(1)
9.6 Authorization Principles
202(1)
9.6.1 Least Privilege
203(1)
9.6.2 Separation of Duties
203(1)
9.7 Authorization Granularity
203(1)
9.7.1 Fine-Grained Authorization
204(1)
9.7.2 Coarse-Grained Authorization
204(1)
9.8 Web Access and Authorization
204(3)
References
206(1)
10 Authentication
207(20)
10.1 Definition
207(1)
10.2 Multiple Factors and Effectiveness of Authentication
208(2)
10.3 Authentication Elements
210(2)
10.3.1 Person or Group Seeking Authentication
210(1)
10.3.2 Distinguishing Characteristics for Authentication
211(1)
10.3.3 The Authenticator
211(1)
10.3.4 The Authentication Mechanism
211(1)
10.3.5 Access Control Mechanism
212(1)
10.4 Types of Authentication
212(2)
10.4.1 Nonrepudiable Authentication
213(1)
10.4.2 Repudiable Authentication
213(1)
10.5 Authentication Methods
214(9)
10.5.1 Password Authentication
214(3)
10.5.2 Public Key Authentication
217(3)
10.5.3 Remote Authentication
220(2)
10.5.4 Anonymous Authentication
222(1)
10.5.5 Digital Signature-Based Authentication
222(1)
10.5.6 Wireless Authentication
223(1)
10.6 Developing an Authentication Policy
223(4)
References
225(2)
11 Cryptography
227(24)
11.1 Definition
227(3)
11.1.1 Block Ciphers
229(1)
11.2 Symmetric Encryption
230(4)
11.2.1 Symmetric Encryption Algorithms
232(1)
11.2.2 Problems with Symmetric Encryption
233(1)
11.3 Public Key Encryption
234(4)
11.3.1 Public Key Encryption Algorithms
236(1)
11.3.2 Problems with Public Key Encryption
237(1)
11.3.3 Public Key Encryption Services
237(1)
11.4 Enhancing Security: Combining Symmetric and Public Key Encryptions
238(1)
11.5 Key Management: Generation, Transportation, and Distribution
238(7)
11.5.1 The Key Exchange Problem
238(1)
11.5.2 Key Distribution Centers (KDCs)
239(2)
11.5.3 Public Key Management
241(2)
11.5.4 Key Escrow
243(2)
11.6 Public Key Infrastructure (PKI)
245(1)
11.6.1 Certificates
245(1)
11.6.2 Certificate Authority
246(1)
11.6.3 Registration Authority (RA)
246(1)
11.6.4 Lightweight Directory Access Protocols (LDAP)
246(1)
11.6.5 Role of Cryptography in Communication
246(1)
11.7 Hash Function
246(1)
11.8 Digital Signatures
247(4)
References
250(1)
12 Firewalls
251(24)
12.1 Definition
251(3)
12.2 Types of Firewalls
254(10)
12.2.1 Packet Inspection Firewalls
255(5)
12.2.2 Application Proxy Server: Filtering Based on Known Services
260(3)
12.2.3 Virtual Private Network (VPN) Firewalls
263(1)
12.2.4 Small Office or Home (SOHO) Firewalls
263(1)
12.3 Configuration and Implementation of a Firewall
264(3)
12.4 The Demilitarized Zone (DMZ)
267(2)
12.4.1 Scalability and Increasing Security in a DMZ
269(1)
12.5 Improving Security Through the Firewall
269(1)
12.6 Firewall Forensics
270(2)
12.7 Firewall Services and Limitations
272(3)
12.7.1 Firewall Services
272(1)
12.7.2 Limitations of Firewalls
272(2)
References
274(1)
13 System Intrusion Detection and Prevention
275(28)
13.1 Definition
275(1)
13.2 Intrusion Detection
275(3)
13.2.1 The System Intrusion Process
276(1)
13.2.2 The Dangers of System Intrusions
277(1)
13.3 Intrusion Detection Systems (IDSs)
278(4)
13.3.1 Anomaly Detection
279(2)
13.3.2 Misuse Detection
281(1)
13.4 Types of Intrusion Detection Systems
282(8)
13.4.1 Network-Based Intrusion Detection Systems (NIDSs)
282(5)
13.4.2 Host-Based Intrusion Detection Systems (HIDS)
287(2)
13.4.3 The Hybrid Intrusion Detection System
289(1)
13.5 The Changing Nature of IDS Tools
290(1)
13.6 Other Types of Intrusion Detection Systems
290(2)
13.6.1 System Integrity Verifiers (SIVs)
290(1)
13.6.2 Log File Monitors (LFM)
290(1)
13.6.3 Honeypots
291(1)
13.7 Response to System Intrusion
292(2)
13.7.1 Incident Response Team
293(1)
13.7.2 IDS Logs as Evidence
293(1)
13.8 Challenges to Intrusion Detection Systems
294(1)
13.8.1 Deploying IDS in Switched Environments
294(1)
13.9 Implementing an Intrusion Detection System
295(1)
13.10 Intrusion Prevention Systems (IPSs)
295(4)
13.10.1 Network-Based Intrusion Prevention Systems (NIPSs)
295(2)
13.10.2 Host-Based Intrusion Prevention Systems (HIPSs)
297(2)
13.11 Intrusion Detection Tools
299(4)
References
300(3)
14 Computer and Network Forensics
303(28)
14.1 Definition
303(1)
14.2 Computer Forensics
304(15)
14.2.1 History of Computer Forensics
305(1)
14.2.2 Elements of Computer Forensics
306(1)
14.2.3 Investigative Procedures
307(6)
14.2.4 Analysis of Evidence
313(6)
14.3 Network Forensics
319(6)
14.3.1 Intrusion Analysis
320(4)
14.3.2 Damage Assessment
324(1)
14.4 Forensic Tools
325(6)
14.4.1 Computer Forensic Tools
325(2)
14.4.2 Network Forensic Tools
327(1)
References
328(3)
15 Virus and Content Filtering
331(20)
15.1 Definitions
331(1)
15.2 Scanning, Filtering, and Blocking
331(5)
15.2.1 Content Scanning
332(1)
15.2.2 Inclusion Filtering
332(1)
15.2.3 Exclusion Filtering
333(1)
15.2.4 Other Types of Content Filtering
333(2)
15.2.5 Location of Content Filters
335(1)
15.3 Virus Filtering
336(7)
15.3.1 Viruses
336(7)
15.4 Content Filtering
343(4)
15.4.1 Application-Level Filtering
344(1)
15.4.2 Packet-Level Filtering and Blocking
345(1)
15.4.3 Filtered Material
346(1)
15.5 Spam
347(4)
References
350(1)
16 Standardization and Security Criteria: Security Evaluation of Computer Products
351(14)
16.1 Introduction
351(1)
16.2 Product Standardization
352(1)
16.2.1 Need for Standardization of (Security) Products
352(1)
16.2.2 Common Computer Product Standards
353(1)
16.3 Security Evaluations
353(5)
16.3.1 Purpose of Security Evaluation
354(1)
16.3.2 Security Evaluation Criteria
355(1)
16.3.3 Basic Elements of an Evaluation
356(1)
16.3.4 Outcome/Benefits
356(2)
16.4 Major Security Evaluation Criteria
358(5)
16.4.1 Common Criteria (CC)
358(1)
16.4.2 FIPS
359(1)
16.4.3 The Orange Book/TCSEC
359(3)
16.4.4 Information Technology Security Evaluation Criteria (ITSEC)
362(1)
16.4.5 The Trusted Network Interpretation (TNI): The Red Book
362(1)
16.5 Does Evaluation Mean Security?
363(2)
References
364(1)
17 Computer Network Security Protocols
365(32)
17.1 Introduction
365(1)
17.2 Application-Level Security
366(14)
17.2.1 Remote Authentication Dial-In User Service (RADIUS)
367(1)
17.2.2 Terminal Access Controller Access Control System (TACACS+)
368(1)
17.2.3 Pretty Good Privacy (PGP)
369(2)
17.2.4 Secure/Multipurpose Internet Mail Extension (S/MIME)
371(1)
17.2.5 Secure HTTP (S-HTTP)
372(3)
17.2.6 Hypertext Transfer Protocol over Secure Socket Layer (HTTPS)
375(1)
17.2.7 Secure Electronic Transactions (SET)
375(2)
17.2.8 Kerberos
377(3)
17.3 Security in the Transport Layer
380(5)
17.3.1 Secure Socket Layer (SSL)
380(4)
17.3.2 Transport Layer Security (TLS)
384(1)
17.4 Security in the Network Layer
385(8)
17.4.1 Internet Protocol Security (IPsec)
385(4)
17.4.2 Virtual Private Networks (VPN)
389(3)
17.4.3 VPN Tunneling Technology, PPTP, and L2TP
392(1)
17.5 Security in the Physical Layer
393(4)
17.5.1 Point-to-Point Protocol (PPP)
393(2)
17.5.2 Other Network Physical Layer Security Protocols Include
395(1)
References
396(1)
18 Security in Wireless Networks and Devices
397(32)
18.1 Introduction
397(1)
18.2 Types of Wireless Broadband Networks
398(14)
18.2.1 Wireless Personal Area Networks (WPANs)
398(3)
18.2.2 Wireless Local Area Networks (WLANs) (Wi-Fi)
401(1)
18.2.3 WiMAX LAN
401(7)
18.2.4 4G (LTE) and 5G: Enhancing Mobile Broadband
408(1)
18.2.5 Mobile Cellular Network
408(4)
18.3 Development of Cellular Technology
412(2)
18.3.1 First Generation
412(1)
18.3.2 Second Generation
412(1)
18.3.3 Third Generation
413(1)
18.3.4 Fourth Generation (4G/LTE)
414(1)
18.4 Other Features of Mobile Cellular Technology
414(2)
18.4.1 Universality
414(1)
18.4.2 Flexibility
415(1)
18.4.3 Quality of Service (QoS)
415(1)
18.4.4 Service Richness
415(1)
18.4.5 Mobile Cellular Security Protocol Stack
415(1)
18.5 Security Vulnerabilities in Cellular Wireless Networks
416(13)
18.5.1 WLAN Security Concerns
418(6)
18.5.2 Best Practices for Wi-Fi Security
424(2)
References
426(3)
19 Security in Sensor Networks
429(16)
19.1 Introduction
429(1)
19.2 The Growth of Sensor Networks
430(1)
19.3 Design Factors in Sensor Networks
431(4)
19.3.1 Routing
431(3)
19.3.2 Power Consumption
434(1)
19.3.3 Fault Tolerance
434(1)
19.3.4 Scalability
434(1)
19.3.5 Production Costs
434(1)
19.3.6 Nature of Hardware Deployed
434(1)
19.3.7 Topology of Sensor Networks
435(1)
19.3.8 Transmission Media
435(1)
19.4 Security in Sensor Networks
435(4)
19.4.1 Security Challenges
435(1)
19.4.2 Sensor Network Vulnerabilities and Attacks
436(2)
19.4.3 Securing Sensor Networks
438(1)
19.5 Security Mechanisms and Best Practices for Sensor Networks
439(1)
19.6 Trends in Sensor Network Security Research
440(5)
19.6.1 Cryptography
440(1)
19.6.2 Key Management
441(1)
19.6.3 Confidentiality, Authentication, and Freshness
442(1)
19.6.4 Resilience to Capture
442(1)
References
443(2)
20 Other Efforts to Secure Data in Computer Networks and Beyond
445(12)
20.1 Introduction
445(1)
20.2 Legislation
445(1)
20.3 Regulation
446(1)
20.4 Self-Regulation
447(1)
20.4.1 Hardware-Based Self-Regulation
447(1)
20.4.2 Software-Based Self-Regulation
448(1)
20.5 Education
448(2)
20.5.1 Focused Education
449(1)
20.5.2 Mass Education
450(1)
20.6 Reporting Centers
450(1)
20.7 Market Forces
451(1)
20.8 Activism
451(6)
20.8.1 Advocacy
451(1)
20.8.2 Hotlines
452(1)
Reference
453(4)
Part IV The Emergence of the Digital and Social Network Ecosystem
21 Virtualization Technology and Security
457(20)
21.1 Introduction
457(1)
21.2 History of Virtualization
458(1)
21.3 Virtualization Terminologies
459(1)
21.3.1 Host CPU/Guest CPU
459(1)
21.3.2 Host OS/Guest OS
459(1)
21.3.3 Hypervisor
460(1)
21.3.4 Emulation
460(1)
21.4 Types of Computing System Virtualization
460(10)
21.4.1 Platform Virtualization
460(8)
21.4.2 Network Virtualization
468(1)
21.4.3 Storage Virtualization
469(1)
21.4.4 Application Virtualization
469(1)
21.5 The Benefits of Virtualization
470(3)
21.5.1 Reduction of Server Sprawl
470(1)
21.5.2 Conservation of Energy
470(1)
21.5.3 Reduced IT Management Costs
470(1)
21.5.4 Better Disaster Recovery Management
470(1)
21.5.5 Software Development Testing and Verification
471(1)
21.5.6 Isolation of Legacy Applications
471(1)
21.5.7 Cross-Platform Support
471(1)
21.5.8 Minimizing Hardware Costs
471(1)
21.5.9 Faster Server Provisioning
471(1)
21.5.10 Better Load Balancing
472(1)
21.5.11 Reduce the Data Center Footprint
472(1)
21.5.12 Increase Uptime
472(1)
21.5.13 Isolate Applications
472(1)
21.5.14 Extend the Life of Older Applications
472(1)
21.6 Virtualization Infrastructure Security
473(4)
21.6.1 Hypervisor Security
473(1)
21.6.2 Securing Communications Between Desktop and Virtual Infrastructure
474(1)
21.6.3 Security of Communication Between Virtual Machines
474(1)
21.6.4 Threats and Vulnerabilities Originating from a VM
474(1)
References
475(2)
22 Cloud Computing Technology and Security
477(26)
22.1 Introduction
477(1)
22.2 Cloud Computing Infrastructure Characteristics
478(2)
22.3 Cloud Computing Service Models
480(2)
22.4 Cloud Computing Deployment Models
482(1)
22.5 Virtualization and Cloud Computing
482(1)
22.6 Benefits of Cloud Computing
483(3)
22.7 Cloud Computing, Power Consumption and Environmental Issues
486(1)
22.8 Cloud Computing Security, Reliability, Availability, and Compliance Issues
487(16)
22.8.1 Cloud Computing Actors, Their Roles, and Responsibilities
488(2)
22.8.2 Security of Data and Applications in the Cloud
490(6)
22.8.3 Security of Data in Transition: Cloud Security Best Practices
496(1)
22.8.4 Service-Level Agreements (SLAs)
496(1)
22.8.5 Data Encryption
497(1)
22.8.6 Web Access Point Security
497(1)
22.8.7 Compliance
497(3)
References
500(3)
23 Mobile Systems and Corresponding Intractable Security Issues
503(14)
23.1 Introduction
503(1)
23.2 Current Major Mobile Operating Systems
504(1)
23.3 Security in the Mobile Ecosystems
504(5)
23.3.1 Application-Based Threats
506(1)
23.3.2 Web-Based Threats
507(1)
23.3.3 Network Threats
507(1)
23.3.4 Physical Threats
508(1)
23.3.5 Operating System-Based Threats
508(1)
23.4 General Mobile Devices Attack Types
509(2)
23.5 Mitigation of Mobile Devices Attacks
511(3)
23.5.1 Mobile Device Encryption
513(1)
23.5.2 Mobile Remote Wiping
513(1)
23.5.3 Mobile Passcode Policy
514(1)
23.6 Users Role in Securing Mobile Devices
514(3)
References
515(2)
24 Internet of Things (IoT): Growth, Challenges, and Security
517(18)
24.1 Introduction
517(2)
24.2 Overview and Growth of Internet of Things
519(1)
24.3 Architecture and Networking of IoT
520(5)
24.3.1 Architecture and Protocol Stack of IoTs
520(3)
24.3.2 Challenges of Using TCP/IP Architecture over the IoT
523(2)
24.4 IoT Governance, Privacy, and Security Challenges
525(10)
24.4.1 Governance and Privacy Concerns
526(1)
24.4.2 Security Challenges
527(1)
24.4.3 Autonomy
527(1)
24.4.4 Computational Constraints
528(1)
24.4.5 Discovery
528(1)
24.4.6 Trust Relationships
529(1)
References
530(5)
Part V Securing the Last Frontiers --- The Home Front
25 Conquering the Last Frontier in the Digital Invasion: The Home Front
535(16)
25.1 Introduction
535(1)
25.2 The Changing Home Network and Hotspots
536(5)
25.2.1 Cable LAN
536(1)
25.2.2 Wireless Home Networks
537(3)
25.2.3 Types of Broadband Internet Connections
540(1)
25.2.4 Smart Home Devices
541(1)
25.3 Data and Activities in the Home LAN
541(2)
25.3.1 Work Data
541(1)
25.3.2 Social Media Data
542(1)
25.3.3 Banking and Investment Data
542(1)
25.3.4 Health Devices
542(1)
25.3.5 Home Monitoring and Security Devices
542(1)
25.4 Threats to the Home and Home LAN
543(8)
25.4.1 Most Common Threats to Homes and Home LANs
544(1)
25.4.2 Actions to Safeguard the Family LAN
544(1)
25.4.3 Using Encryption to Protect the Family LAN
545(1)
25.4.4 Protecting the Family LAN with Known Protocols
546(2)
References
548(3)
Part VI Hands-On Projects
26 Projects
551(12)
26.1 Introduction
551(1)
26.2 Part 1: Case Studies
551(1)
26.3 Part 2: Weekly/Biweekly Laboratory Assignments
552(3)
26.4 Part 3: Semester Projects
555(3)
26.4.1 Intrusion Detection Systems
555(3)
26.4.2 Scanning Tools for System Vulnerabilities
558(1)
26.5 The Following Tools Are Used to Enhance Security in Web Applications
558(1)
26.5.1 Public Key Infrastructure
558(1)
26.6 Part 4: Research Projects
559(4)
26.6.1 Consensus Defense
559(1)
26.6.2 Specialized Security
559(1)
26.6.3 Protecting an Extended Network
559(1)
26.6.4 Automated Vulnerability Reporting
560(1)
26.6.5 Turn-Key Product for Network Security Testing
560(1)
26.6.6 The Role of Local Networks in the Defense of the National Critical Infrastructure
560(1)
26.6.7 Enterprise VPN Security
560(1)
26.6.8 Perimeter Security
561(1)
26.6.9 Enterprise Security
561(1)
26.6.10 Password Security: Investigating the Weaknesses
561(2)
Index 563
Dr. Joseph Migga Kizza is Head and Professor, Department of Computer Science and Engineering, and past Director of the Center for Information Security and Assurance at the University of Tennessee at Chattanooga, TN, USA. Among his other publications are the successful Springer textbooks Ethical and Social Issues in the Information Age and Ethics in Computing: A Concise Module.
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97833195560626e.html
Keywords: