Network Security Fundamentals [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا

➟

جستجو در لغت نامه

بیشتر

کتابخانه شخصی پرسش از کتابدار ارسال منبع

Network Security Fundamentals [Electronic resources] - نسخه متنی

Gert De Laet, Gert Schauwers

| ،

افزودن به کتابخانه شخصی

میخواهم بخوانم

درحال خواندن

خوانده شده

ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال

جستجو در متن کتاب

بیشتر

تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب

➟

جستجو در لغت نامه

بیشتر

لیست موضوعات

Acknowledgments

Icons Used in This Book

Command Syntax Conventions

Part I. Introduction

Chapter 1. Network Security Overview

Weaknesses and Vulnerabilities

Responsibilities for Network Security

Security Objectives

Chapter 2. Understanding VulnerabilitiesThe Need for Security

Risk and Vulnerability

TCP/IP Suite Weaknesses

Buffer Overflows

Spoofing Techniques

Social Engineering

Chapter 3. Understanding Defenses

Intrusion Detection System

PC CardBased Solutions

Physical Security

Encrypted Login

Reusable Passwords

Antivirus Software

Encrypted Files

Part II. Building Blocks

Chapter 4. Cryptography

Cryptography versus Cryptanalysis

Modern-Day Techniques

Chapter 5. Security Policies

Defining a Security Policy?

Importance of a Security Policy

Development Process

Incident Handling Process

Sample Security Policy

Chapter 6. Secure Design

Network DesignPrinciples

Network DesignMethodology

Return on Investment

Physical Security Issues

Switches and Hubs

Part III. Tools and Techniques

Chapter 7. Web Security

Chapter 8. Router Security

Basic Router Security

Router Security to Protect the Network

References in This Chapter

Chapter 9. Firewalls

Firewall Basics

Different Types of Firewalls

Enhancements for Firewalls

Case Study: Placing Filtering Routers and Firewalls

Chapter 10. Intrusion Detection System Concepts

Introduction to Intrusion Detection

Host-Based IDSs

Network-Based IDSs

IDS Management CommunicationsMonitoring the Network

Sensor Maintenance

Case Study: Deployment of IDS Sensors in the Organization and Their Typical Placement

Chapter 11. Remote Access

Lock-and-Key Feature

Two-Factor Identification

Case Study: Configuring Secure Remote Access

Chapter 12. Virtual Private Networks

Generic Routing Encapsulation Tunnels

VPNs with IPSec

Case Study: Remote Access VPN

Chapter 13. Public Key Infrastructure

Public Key Distribution

Trusted Third Party

Enrollment Procedure

Revocation Procedure

Case Study: Creating Your Own CA

Chapter 14. Wireless Security

Different WLAN Configurations

What Is a WLAN?

How Wireless Works

Risks of Open Wireless Ports

War-Driving and War-Chalking

SAFE WLAN Design Techniques and Considerations

Case Study: Adding Wireless Solutions to a Secure Network

Chapter 15. Logging and Auditing

Simple Network Management Protocol

Remote Monitoring

Service Assurance Agent

Part IV. Appendixes

Appendix A. SAFE Blueprint

Introduction to the SAFE Blueprint

SAFE Blueprint: Overview of the Architecture

References in This Appendix

Appendix B. SANS Policies

SANS Initiatives and Programs

Security Policy Project

Is It a Policy, a Standard, or a Guideline?

References in This Appendix

Appendix C. NSA Guidelines

Security Guides

References in This Appendix

Appendix D. Answers to Chapter Q&A

Website References

توضیحات

افزودن یادداشت جدید

Chapter 10 Q&A

1:	List two weaknesses of the signature-based IDS.
A1:	Answer: Weaknesses of the signature-based IDS include the following: High false positive rate Evasion susceptibility Single vulnerability may require multiple signatures Continuous updates required Cannot detect unknown attacks
2:	Why does the deployment of a policy-based IDS take a long time?
A2:	Answer: Deployment of policy-based IDS is lengthy because all the security policy rules of the company must be programmed into the IDS.
3:	Which IDS is not limited by bandwidth restrictions or data encryption?
A3:	Answer: A host IDS is not limited by bandwidth restrictions or data encryption.
4:	Which IDS is very challenging in a switched environment?
A4:	Answer: A network IDS is very challenging in a switched environment because traffic is aggregated only on the backplanes of the devices.
5:	Name the two main components of a Cisco host IDS.
A5:	Answer: The two main components of a Cisco host IDS are as follows: Cisco Secure Agent Cisco Management Station
6:	Name the two interfaces of a network IDS.
A6:	Answer: The two interfaces of a network IDS are as follows: Monitoring or capturing interface Command and control interface
7:	What are the three main components of a network IDS?
A7:	Answer: The three main components of a network IDS are the network sensor, the network management station, and the communication channel.
8:	List three responses to events or alerts.
A8:	Answer: IDSs can respond to attacks in a few different ways. IDSs can actively terminate the session, block the attacking host, or passively create IP session logs.
9:	What two processes are in place to automate sensor maintenance?
A9:	Answer: Automatic updates (auto update server) and active update notification are two ways to automate sensor maintenance.
10:	The RDEP protocol communication consists of what two message types?A10:	Answer: The RDEP protocol communication consists of two message types: the RDEP request and the RDEP response message. These messages can be event messages or IP log messages.