-->
Navigation
Computer Security Fundamentals.2nd Edition, Pearson

Computer Security Fundamentals.2nd Edition, Pearson

Now pay Easier and Secure using Paypal
Price:

Read more

SECOND EDITION

Chuck Easttom


E-books Shop
Computer Security Fundamentals.2nd Edition

About the Author
Chuck Easttom has been in the IT industry for many years working in all aspects including network
administration, software engineering, and IT management. For the past 10 years he has been parttime
teaching at colleges and doing corporate training. For the past 7 years, he has also been an independent consultant working with a variety of companies and serving as an expert consultant/witness in various computer cases. Chuck holds more than 28 different IT industry certifications, including the CISSP, ISSAP, Certified Ethical Hacker, Certified Hacking Forensics Investigator, EC Council Certified Security Administrator, and EC Council Certified Instructor. He has served as a subject matter expert for the Computer Technology Industry Association (CompTIA) in the development or revision of four of their certification tests, including the initial creation of their Security+ certification. Most recently he worked with the EC Council to develop their new advanced cryptography course, which he is teaching around the world.

In addition to this book, Chuck has authored 12 other titles on topics such as computer security,
web development, programming, Linux, and computer crime. Chuck also is a frequent guest
speaker for computer groups, discussing computer security. You can reach Chuck at his website
www.chuckeasttom.com or by email at chuck@chuckeasttom.com

About the Technical Reviewer
Dr. Louay Karadsheh has a Doctorate of Management in information technology from Lawrence
Technological University, Southfield, MI. He teaches information assurance, operating system, and
networking classes. His research interest includes cloud computing, information assurance, knowledge management, and risk management. Dr. Karadsheh has published nine articles in refereed journals and international conference proceedings. He has 21 years of experience in planning, installation, troubleshooting, and designing local area networks and operating systems for small to medium-size sites. Dr. Karadsheh has provided technical edits/reviews for several major publishing companies, including Pearson Education and Cengage Learning, and evaluates the research proposals. He holds A+ and Security Certified Network professional certifications.

Acknowledgments
The creation of a book is not a simple process and requires the talents and dedication from many people to make it happen. With this in mind, I would like to thank the folks at Pearson for their commitment to this project. Specifically, I would like to say thanks to Betsy Brown for overseeing the project and keeping things
moving. A special thanks to Dayna Isley for outstanding editing and focus. Also, thanks to Dr.
Karadsheh, who worked tirelessly technically editing this book and fact checking it.

PEARSON
800 East 96th Street, Indianapolis, Indiana 46240 USA



Contents at a Glance

Introduction . . . . . . . 1
1 Introduction to Computer Security  . 2
2 Networks and the Internet. . . . . . . 22
3 Cyber Stalking, Fraud, and Abuse. . .  . 48
4 Denial of Service Attacks. . . . . 72
5 Malware  . . . . . . . . . . 92
6 Techniques Used by Hackers . . . . . . . 116
7 Industrial Espionage in Cyberspace. . . 132
8 Encryption  . . . . . . . . 154
9 Computer Security Software . . . . . . . .178
10 Security Policies.  . . .200
11 Network Scanning and Vulnerability Scanning . . . . 220
12 Cyber Terrorism and Information Warfare. . . . . 254
13 Cyber Detective . . . . . . . . . . . . 276
14 Introduction to Forensics . .... . . 292
A Glossary . . . . . .  . . . . . 306
B Resources.. . . . . .. . . . . 312
Index . . ............. . . . . . . . 316

Table of Contents
Introduction
Chapter 1: Introduction to Computer Security 
Introduction
How Seriously Should You Take Threats to Network Security?
Identifying Types of Threats 
Malware
Compromising System Security
Denial of Service Attacks
Web Attacks 
Session Hijacking
DNS Poisoning 
Assessing the Likelihood of an Attack on Your Network 
Basic Security Terminology
Hacker Slang
Professional Terms 
Concepts and Approaches 
How Do Legal Issues Impact Network Security?
Online Security Resources 
CERT 
Microsoft Security Advisor
F-Secure
SANS Institute
Summary 
Test Your Skills
Chapter 2: Networks and the Internet
Introduction
Network Basics
The Physical Connection: Local Networks
Faster Connection Speeds 
Data Transmission
How the Internet Works
IP Addresses
CIDR
Uniform Resource Locators
History of the Internet
Basic Network Utilities 
IPConfig
Ping 
Tracert 
Other Network Devices 
Advanced Network Communications Topics 
The OSI Model
Media Access Control (MAC) Addresses
Summary
Test Your Skills
Chapter 3: Cyber Stalking, Fraud, and Abuse
Introduction 
How Internet Fraud Works 
Investment Offers 
Auction Frauds
Identity Theft
Cyber Stalking
Laws about Internet Fraud
Protecting Yourself against Cyber Crime
Protecting against Investment Fraud
Protecting against Identity Theft
Secure Browser Settings
Summary 
Test Your Skills
Chapter Footnotes
Chapter 4: Denial of Service Attacks
Introduction 
Denial of Service
Illustrating an Attack
Common Tools Used for DoS 
DoS Weaknesses 
Specific DoS attacks 
Land Attack
Distributed Denial of Service (DDoS)
Summary
Test Your Skills
Chapter 5: Malware
Introduction 
How a Virus Spreads
Recent Virus Examples
W32/Netsky-P
Troj/Invo-Zip
MacDefender
The Sobig Virus
The Mimail Virus 
The Bagle Virus
A Nonvirus Virus
Rules for Avoiding Viruses
Trojan Horses
The Buffer-Overflow Attack
The Sasser Virus/Buffer Overflow
Spyware
Legal Uses of Spyware
How Is Spyware Delivered to a Target System?
Obtaining Spyware Software
Other Forms of Malware
Rootkit
Malicious Web-Based Code
Logic Bombs
Spam
Detecting and Eliminating Viruses and Spyware
Antivirus Software 
Antispyware Software 
Summary
Test Your Skills
Chapter 6: Techniques Used by Hackers
Introduction 
Basic Terminology 
The Reconnaissance Phase 
Passive Scanning Techniques 
Active Scanning Techniques 
Actual Attacks
SQL Script Injection
Cross-Site Scripting
Password Cracking
Summary
Test Your Skills
Chapter 7: Industrial Espionage in Cyberspace
Introduction
What Is Industrial Espionage?
Information as an Asset 
Real-World Examples of Industrial Espionage
Example 1: VIA Technology
Example 2: General Motors 
Example 3: Interactive Television Technologies, Inc
Example 4: Bloomberg, Inc
Example 5: Avant Software
Industrial Espionage and You
How Does Espionage Occur?
Low-Tech Industrial Espionage
Spyware Used in Industrial Espionage
Steganography Used in Industrial Espionage
Phone Taps and Bugs
Protecting against Industrial Espionage
Industrial Espionage Act
Spear Phishing
Summary
Test Your Skills
Chapter 8: Encryption
Introduction 
Cryptography Basics
History of Encryption
The Caesar Cipher 
Multi-Alphabet Substitution
Binary Operations
Modern Methods
Single-Key (Symmetric) Encryption
Public Key (Asymmetric) Encryption
Legitimate Versus Fraudulent Encryption Methods
Digital Signatures
Hashing 
Authentication
Encryptions Used in Internet 
Virtual Private Networks
PPTP
L2TP
IPsec
Summary
Test Your Skills
Chapter 9: Computer Security Software
Introduction 
Virus Scanners
How Does a Virus Scanner Work? 
Virus-Scanning Techniques
Commercial Antivirus Software
Firewalls
Benefits and Limitation of Firewalls
Firewall Types and Components
How Firewalls Examine Packets
Firewall Configurations
Commercial and Free Firewall Products
Firewall Logs
Antispyware
Intrusion-Detection Software 
IDS Categorization
IDS Approaches
Honey Pots
Other Preemptive Techniques
Summary 
Test Your Skills
Chapter 10: Security Policies
Introduction
What Is a Policy
Defining User Policies
Passwords
Internet Use
Email Usage
Installing/Uninstalling Software
Instant Messaging 
Desktop Configuration
Final Thoughts on User Policies
Defining System Administration Policies
New Employees
Departing Employees
Change Requests
Security Breaches
Virus Infection 
Denial of Service Attacks
Intrusion by a Hacker
Defining Access Control 
Developmental Policies
Standards, Guidelines, and Procedure
Summary 
Test Your Skills
Chapter 11: Network Scanning and Vulnerability Scanning
Introduction
Basics of Assessing a System
Patch
Ports
Protect
Policies
Probe
Physical
Securing Computer Systems 
Securing an Individual Workstation
Securing a Server
Scanning Your Network
MBSA
NESSUS 
Getting Professional Help
Summary
Test Your Skills
Chapter 12: Cyber Terrorism and Information Warfare
Introduction 
Actual Cases of Cyber Terrorism
China Eagle Union
Economic Attacks
Military Operations Attacks
General Attacks
Supervisory Control and Data Acquisitions
Information Warfare
Propaganda
Information Control
Disinformation
Actual Cases
Future Trends 
Positive Trends
Negative Trends
Defense against Cyber Terrorism
Summary
Test Your Skills
Chapter 13: Cyber Detective
Introduction
General Searches
Court Records and Criminal Checks 
Sex Offender Registries
Civil Court Records 
Other Resources
Usenet
Summary 
Test Your Skills
Chapter 14: Introduction to Forensics
Introduction
General Guidelines
Don’t Touch the Suspect Drive 
Document Trail
Secure the Evidence
FBI Forensics Guidelines
Finding Evidence on the PC
Finding Evidence in the Browser
Finding Evidence in System Logs
Windows Logs
Linux Logs
Getting Back Deleted Files
Operating System Utilities
Net Sessions
Openfiles
Fc
Netstat
The Windows Registry 
Summary
Test Your Skills
Appendix A: Glossary
Appendix B: Resources
General Computer Crime and Cyber Terrorism
General Knowledge
Cyber Stalking
Identity Theft
Port Scanners and Sniffers
Password Crackers
Countermeasures
Spyware
Counter Spyware
Cyber Investigation Tools
General Tools
Virus Research


 Screenshot 
E-books Shop

Purchase Now !
Just with Paypal



Product details
 Price
 File Size
 5,868 KB
 Pages
 350 p
 File Type
 PDF format
 ISBN-13
 ISBN-10
 978-0-7897-4890-4
 0-7897-4890-8
 Copyright
 2012 by Pearson             
●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬❂❂▬▬●
●▬❂▬●


═════ ═════