Internet Security(c) A Jumpstart for Systems Administrators and IT Managers 

1 2 3

• 1. Table of Contents

• 2. BackCover

• 3. Internet Security - A Jumpstart for Systems Administrators and IT Managers

• 4. Foreword

• 5. Introduction

• 6. Chapter 1: The Internet and Security

  1.1 The history of the Internet 1.1.1 The Internet 1.1.2 The Ethernet

• 7. 1.2 TCPIP: the nails of the Internet

  1.2 TCPIP: the nails of the Internet 1.2.1 IP address classes 1.2.2 Domains 1.2.3 ARP and routing 1.2.4 Ports 1.2.5 DHCP

• 8. Chapter 2: The Security Review Process

  2.1 Introduction

• 9. 2.2 Review the state of the business

  2.2 Review the state of the business 2.2.1 Identify the core business 2.2.2 Identify the stakeholders 2.2.3 Compile customer demographics 2.2.4 Identify the vendors and business partners 2.2.5 Identify the competition 2.2.6 Identify industry trends and standards

• 10. 2.3 Analyze the technology being used

  2.3 Analyze the technology being used

• 11. 2.4 Risk analysis

  2.4 Risk analysis

• 12. 2.5 Plans and policies

  2.5 Plans and policies 2.5.1 Policy goals and objectives 2.5.2 Scope 2.5.3 Responsibilities 2.5.4 Physical security 2.5.5 Network security 2.5.6 Data classification (data categorization) 2.5.7 Access control 2.5.8 Password change and enforcement policies and procedures 2.5.9 Incident handling procedures 2.5.10 Acceptable use policies 2.5.11 Change control 2.5.12 Training 2.5.13 Compliance

• 13. 2.6 Implementation

  2.6 Implementation 2.6.1 Goals and objectives 2.6.2 The scope 2.6.3 Infrastructure 2.6.4 Pilots 2.6.5 Training and execution

• 14. Chapter 3: Cryptography

  3.1 The history

• 15. 3.2 Key types

  3.2 Key types

• 16. 3.3 RSA: public and private key

  3.3 RSA: public and private key

• 17. 3.4 PKI and business solutions

  3.4 PKI and business solutions 3.4.1 Scenario one 3.4.2 Scenario two 3.4.3 Scenario three 3.4.4 Scenario four

• 18. Chapter 4: Secure Networks

  4.1 TCPIP and OSI

• 19. 4.2 Denial-of-service attacks

  4.2 Denial-of-service attacks

• 20. 4.3 Virtual private networks

  4.3 Virtual private networks 4.3.1 Point-to-point tunneling protocol (PPTP) 4.3.2 Layer 2 forwarding (L2F) 4.3.3 Layer 2 tunneling protocol (L2TP) 4.3.4 IP security protocol (IPSec)

• 21. 4.4 Secure sockets layer

  4.4 Secure sockets layer

• 22. Chapter 5: Protecting Your Intranet From the Extranet and Internet

  5.1 So many choices 5.1.1 Initial analysis of architectural requirements 5.1.2 Assessing the right type of firewall(s) for your enterprise 5.1.3 Bringing it all together using firewall evaluation guidelines

• 23. 5.2 Firewall product functional summaries

  5.2 Firewall product functional summaries 5.2.1 Product summaries

• 24. 5.3 Firewall buyer s assessment form

  5.3 Firewall buyer s assessment form

• 25. 5.4 Firewall vendors: Picking the products that are right for you

  5.4 Firewall vendors: Picking the products that are right for you

• 26. 5.5 SSL network appliance overview

  5.5 SSL network appliance overview 4 5.5.1 Deployment 5.5.2 One-way vs. end-to-end SSL 5.5.3 Key generation capacity 5.5.4 SSL transaction acceleration 5.5.5 Summary

• 27. 5.6 Secure access - SSL based extranet appliances

  5.6 Secure accessSSL based extranet appliances 5

• 28. 5.7 Understanding air gap-based filtering proxies and their benefits when used for deploying web applications

  5.7 Understanding air gap-based filtering proxies and their benefits when used for deploying web applications 6 5.7.1 The solution 5.7.2 An external server 5.7.3 Air gap switch 5.7.4 Internal server 5.7.5 Security benefits

• 29. Chapter 6: Authentication and Authorization

  6.1 The basics

• 30. 6.2 Authentication

  6.2 Authentication 6.2.1 User name and password 6.2.2 Certificates (x.509v3) 6.2.3 Biometric techniques 6.2.4 Smart cards 6.2.5 Anonymous

• 31. 6.3 Authorization

  6.3 Authorization 6.3.1 Passwords 6.3.2 Tokens 6.3.3 Kerberos (guard dogs) 6.3.4 Single sign-on

• 32. 6.4 Smart cards

  6.4 Smart cards

• 33. Chapter 7: E-Commerce: Public Key Infrastructure

  7.1 PKI and you 7.1.1 Customer to business 7.1.2 Business to business 7.1.3 Employees to business 7.1.4 PKI components

• 34. 7.2 X.509

  7.2 X.509

• 35. 7.3 Certificate authority

  7.3 Certificate authority 7.3.1 Closed system 7.3.2 Open system

• 36. 7.4 Certification practice statement

  7.4 Certification practice statement

• 37. 7.5 Certificate revocation list

  7.5 Certificate revocation list

• 38. 7.6 Key recovery

  7.6 Key recovery

• 39. 7.7 Lightweight directory access protocol

  7.7 Lightweight directory access protocol

• 40. 7.8 Public key cryptography standards

  7.8 Public key cryptography standards

• 41. 7.9 Public key infrastructure (X.509) standards

  7.9 Public key infrastructure (X.509) standards

• 42. Chapter 8: Messaging Security

  8.1 Safe communication: Messaging 8.1.1 Virus 8.1.2 Worm 8.1.3 Trojan horse 8.1.4 Hoax

• 43. 8.2 Junk mail

  8.2 Junk mail 8.2.1 The junk 8.2.2 The spam

• 44. 8.3 Keep it running

  8.3 Keep it running 8.3.1 Acceptable use 8.3.2 Mass-mail 8.3.3 E-mail virus scanning 8.3.4 Content scanning 8.3.5 Message retention 8.3.6 SMTP configuration settings

• 45. Chapter 9: What are we Doing Here?

  9.1 Risk analysis 9.1.1 Asset identification 9.1.2 Threat identification 9.1.3 Estimation of likelihood of occurrence (TSR) 9.1.4 Analysis of applicable controls and their costs (CD) 9.1.5 Implementation of countermeasures (ERT)

• 46. 9.2 The threats

  9.2 The threats 9.2.1 Business function 9.2.2 Critical definition 9.2.3 Service level 9.2.4 Threats

• 47. 9.3 Technology security review

  9.3 Technology security review

• 48. 9.4 Control directory and environment risk table

  9.4 Control directory and environment risk table

• 49. 9.5 Competitive asset

  9.5 Competitive asset

• 50. Chapter 10: Disaster Recovery

  10.1 Introduction

1 2 3