Contents Overview
Chapter 1 reviews the importance of network security and presents some relevant background
and history. It also introduces some basic terminology that is used throughout the book to
define network, information, and computer security.
Chapter 2 focuses on threats, vulnerabilities, and various types of attacks and hacks. It also
identifies useful sources of information on network and computer hacking.
Chapter 3 discusses encryption and its practical application. In addition, it details the various
types of ciphers and their application. Chapter 3 also introduces digital signatures, digital
certificates, and the concept of a public key infrastructure.
Chapter 4, an overview of the Kerberos security scheme, illustrates the basic technique that
Kerberos employs to provide network security. It also compares the Kerberos scheme to a
public key infrastructure.
Chapter 5 introduces the secure sockets layer (SSL) protocol and illustrates how some of the
cipher systems introduced in Chapter 3 are employed with Microsoft Internet Explorer and
Netscape Navigator. Next, Chapter 6 discusses security issues associated with sending,
receiving, authenticating, and storing e-mail. Furthermore, Chapter 6 reviews the various
secure e-mail protocols and different applications of encryption with e-mail and discusses the
concept of e-mail as a weapon.
Chapter 7 covers general operating system security guidelines and introduces concepts that
are common or applicable to most operating systems, including password guidelines and
access controls. In addition, it reviews some of the techniques used to break passwords and
ways to counter these techniques. Chapter 7 also reviews issues associated with modems and
introduces some useful tools that can be employed to make a system more secure.
Chapter 8 covers general LAN security guidelines and introduces the concepts of policybased
network management, honeypot systems, segmentation of LAN traffic, and security
issues associated with the use of dynamic host configuration protocol (DHCP). Chapter 9
introduces security issues associated with the various physical media that can be employed for
a LAN installation. It also discusses security issues to consider when installing cable and
when selecting WAN circuits, media, and protocols. In addition, Chapter 9 describes frame
relay, xDSL, wireless local area network (LAN) and wide area network (WAN) media, and
different types of circuits.
Chapter 10 examines router security issues and introduces the Cisco Internetworking
Operating System. It also discusses the simple network management protocol (SNMP) and
some of the risks that are inherent in using this protocol.
Chapter 11 explains the functioning of virtual private networks (VPNs) and the considerations
that must be addressed before implementing a VPN. Chapter 11 also surveys the various
protocols now in use and presents an example of a low-cost VPN implementation.
Chapter 12 introduces the concept of a firewall and explains how it functions. In addition, it
discusses the pros and cons of firewalls and the various types of firewalls and their
implementation. It also discusses some of the freeware firewalls and personal firewalls that
are available to download.
Chapter 13 covers the benefits and drawbacks of biometric identification and authentication
systems. In addition, it discusses the different biometric techniques employed and issues that
must be considered before deploying a biometric system.
Chapter 14 provides a detailed discussion of the development, format, content,
implementation, and enforcement of corporate network security policies and procedures.
Chapter 14 also provides some general recommendations for policies and procedures.
Chapter 15 focuses on the role that network and system auditing and monitoring plays in a
multitiered approach to network security. In addition, it discusses traditional audits,
automated auditing tools, and developments in the area of intrusion detection systems.
Chapter 16 discusses the need for organizations to develop adequate plans to respond to a
disaster or computer security incident. In addition, it describes disaster recovery planning and
presents a case study. Chapter 16 also covers computer incident response planning and
provides some general guidelines. It also lists sources of information for response planning.
Chapter 17 identifies specific risks associated with browser cookie and cache files. In
addition, it discusses the risks associated with Internet Explorer's AutoComplete function.
