Wiley Pathways Network Security Fundamentals, 1st Edition
August 2007, ©2008
Whether you're already working and looking to expand your skills in the computer networking and security field or setting out on a new career path, Network Security Fundamentals will help you get there. Easy-to-read, practical, and up-to-date, this text not only helps you learn network security techniques at your own pace; it helps you master the core competencies and skills you need to succeed.
With this book, you will be able to:
* Understand basic terminology and concepts related to security
* Utilize cryptography, authentication, authorization and access control to increase your Windows, Unix or Linux network's security
* Recognize and protect your network against viruses, worms, spyware, and other types of malware
* Set up recovery and fault tolerance procedures to plan for the worst and to help recover if disaster strikes
* Detect intrusions and use forensic analysis to investigate the nature of the attacks
Network Security Fundamentals is ideal for both traditional and online courses. The accompanying Network Security Fundamentals Project Manual ISBN: 978-0-470-12798-8 is also available to help reinforce your skills.
Wiley Pathways helps you achieve your goals
The texts and project manuals in this series offer a coordinated curriculum for learning information technology. Learn more at www.wiley.com/go/pathways.
1 Network Security Principles 1
1.1 Importance of Computer and Network Security 2
1.2 Underlying Computer and Network Security Concepts 6
1.3 Threats and Countermeasures 11
1.4 Policies and Standards 20
2 Network and Server Security 30
2.1 Network Protocols Review 31
2.2 Best Practices for Network Security 45
2.3 Securing Servers 49
2.4 Border Security 57
3 Cryptography 74
3.1 Cryptography Overview 75
3.2 Symmetric Encryption 83
3.3 Asymmetric Encryption 90
3.4 Hashes 93
3.5 Achieving CIA 97
3.6 Public Key Infrastructure (PKI) 99
4 Authentication 118
4.1 Authentication Overview 119
4.2 Authentication Credentials 125
4.3 Authentication Protocols 131
4.4 Best Practices for Secure Authentication 136
5 Authentication and Access Control 149
5.1 Access Control Models 150
5.2 Implementing Access Control on Windows Computers 154
5.3 Implementing Access Control on Unix Computers 174
6 Securing Network Transmission 188
6.1 Analyzing Security Requirements for Network Traffic 189
6.2 Defining Network Perimeters 195
6.3 Data Transmission Protection Protocols 201
7 Remote Access and Wireless Security 221
7.1 Dial-Up Networking 222
7.2 Virtual Private Networks 230
7.3 RADIUS and TACACS 235
7.4 Wireless Networks 239
8 Server Roles and Security 262
8.1 Server Roles and Baselines 263
8.2 Securing Network Infrastructure Servers 274
8.3 Securing Domain Controllers 289
8.4 Securing File and Print Servers 292
8.5 Securing Application Servers 298
9 Protecting Against Malware 310
9.1 Viruses and Other Malware 311
9.2 Protecting the Workstation 315
9.3 Web Browser Security 323
9.4 Email Security 336
10 Ongoing Security Management 356
10.1 Managing Updates 357
10.2 Auditing and Logging 366
10.3 Secure Remote Administration 371
11 Disaster Recovery and Fault Tolerance 395
11.1 Planning for the Worst 396
11.2 Creating a Backup Strategy 407
11.3 Designing for Fault Tolerance 415
12 Intrusion Detection and Forensics 433
12.1 Intrusion Detection 434
12.2 Honeypots 439
12.3 Forensics 444
- Clear, everyday language and clean format. Students can read each chapter without being intimidated by difficult language or overwhelmed by sidebars, textboxes, and other fillers that interrupt the flow of the writing.
- Modular format. Instructors can reorder textbook content to suit the needs of a particular class. The text proceeds logically from the basics to more challenging material, and chapters are further organized into sections that are self-contained for maximum teaching and learning flexibility.
- Pre-test. This pre-reading assessment tool in multiple-choice format introduces chapter material and the learning outcomes. By focusing students’ attention on what they do not know, the self-test provides a benchmark against which they can measure their own progress.
- What You’ll Learn in this Chapterand After Studying this Chapter. These bulleted lists tell students what they will be learning in this chapter and why it is significant. “What You’ll Learn…” lists focus on subject matter that will be taught. Each bullet in the list corresponds to a chapter section. “After Studying This Chapter…” lists emphasize capabilities and skills students will learn.
- Goals and Outcomes. These lists identify specific learner capabilities that will result from reading the chapter. They set students up to synthesize and evaluate the chapter material, and relate it to the real world.
- “For Example” Boxes. Found within each section, these boxes tie section content to real-world organizations, scenarios, and applications.
- Figures and tables. Line art and photos have been carefully chosen to be truly instructional rather than filler. Tables distill and present information in a way that is easy to identify, access, and understand, enhancing the focus of the text on essential ideas without distracting or overwhelming the reader.
- Self-Check. Related to the “What You’ll Learn” bullets and found at the end of each section, this battery of short answer questions emphasizes student understanding of concepts and mastery of section content. Each Self-Check question set includes a link to a section of the pre-test for further review and practice.
- Key Terms and Glossary. To help students develop a professional vocabulary, key terms are bolded in the introduction, summary and when they first appear in the chapter. A complete list of key terms with brief definitions appears at the end of each chapter and again in a glossary at the end of the book. Knowledge of key terms is assessed by all assessment tools (see below).
- Summary. Each chapter concludes with a summary paragraph that reviews the major concepts in the chapter and links back to the “What You’ll Learn” list.
Evaluation and Assessment Tools
- Summary Questions. These help students summarize the chapter’s main points by asking a series of multiple choice and true/false questions that emphasize student understanding of concepts and mastery of chapter content.
- Review Questions. In short answer format, these questions review the major points in each chapter, prompting analysis while reinforcing and confirming student understanding of concepts, and encouraging mastery of chapter content.
- Applying this Chapter Questions. This feature is used to drive home key ideas by asking students to synthesize and apply chapter concepts to new, real-life situations and scenarios.
- You Try It! Questions. Designed to extend students’ thinking, these questions are ideal for discussion or writing assignments. Using an open-ended format and sometimes based on Web sources, they encourage students to draw conclusions using chapter material applied to real-world situations, which fosters both mastery and independent learning.
- Post-test. After students have completed the chapter they have the ability to take a post test. It includes all of the questions in the pre-test, so that students can see how their learning has progressed and improved.
- Wiley E-Texts are powered by VitalSource technologies e-book software.
- With Wiley E-Texts you can access your e-book how and where you want to study: Online, Download and Mobile.
- Wiley e-texts are non-returnable and non-refundable.
- WileyPLUS registration codes are NOT included with the Wiley E-Text. For informationon WileyPLUS, click here .
- To learn more about Wiley e-texts, please refer to our FAQ.
- E-books are offered as e-Pubs or PDFs. To download and read them, users must install Adobe Digital Editions (ADE) on their PC.
- E-books have DRM protection on them, which means only the person who purchases and downloads the e-book can access it.
- E-books are non-returnable and non-refundable.
- To learn more about our e-books, please refer to our FAQ.