Chapter 1 General Security Concepts: Access Control, Authentication, and Auditing Introduction to AAA What is AAA? Access Control Authentication Auditing Access Control MAC/DAC/RBAC MAC DAC RBAC Authentication Kerberos CHAP Certificates Username/Password Tokens Multi-factor Mutual Authentication Biometrics Auditing Auditing Systems Logging System Scanning Disabling Non-essential Services, Protocols, Systems and Processes Non-essential Services Non-essential Protocols Disabling Non-essential Systems Disabling Non-essential Processes Disabling Non-Essential Programs Summary Solutions Fast Track Frequently Asked Questions Chapter 2 General Security Concepts: Attacks Attacks Active Attacks DoS and DDoS Resource Consumption Attacks SYN Attacks DDoS Attacks Software Exploitation and Buffer Overflows MITM Attacks TCP/IP Hijacking Replay Attacks Spoofing Attacks IP Spoofing E-mail Spoofing Web Site Spoofing Phishing Wardialing Dumpster Diving Social Engineering Vulnerability Scanning Passive Attacks Sniffing and Eavesdropping Password Attacks Brute Force Attacks Dictionary-based Attacks Malicious Code Attacks Viruses Worms Trojan Horses Rootkits Back Doors Logic Bombs Spyware and Adware Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Communication Security: Remote Access and Messaging Introduction he Need for Communication Security Communications-based Security Remote Access Security 802.1x EAP Vulnerabilities Media Access Control Authentication VPN Site-to-site VPN Remote Access VPN RADIUS Authentication Process Vulnerabilities TACACS/+ TACACS XTACACS TACACS+ Vulnerabilities PPTP/L2TP PPTP L2TP SSH How SSH Works IPSec IPSec Authentication ISAKMP Vulnerabilities Eavesdropping Data Modification Identity Spoofing User Vulnerabilities and Errors Administrator Vulnerabilities and Errors E-mail Security MIME S/MIME PGP How PGP Works Vulnerabilities SMTP Relay Spoofing E-mail and Mobility E-mail and Viruses Spam Hoaxes Phishing Summary Solutions Fast Track Frequently Asked Questions Chapter 4 Communication Security: Wireless Introduction Wireless Concepts Understanding Wireless Networks Overview of Wireless Communication in a Wireless Network Radio Frequency Communications Spread Spectrum Technology Wireless Network Architecture CSMA/CD and CSMA/CA Wireless Local Area Networks WAP WTLS IEEE 802.11 IEEE 802.11b Ad-Hoc and Infrastructure Network Configuration WEP Creating Privacy with WEP Authentication Common Exploits of Wireless Networks Passive Attacks on Wireless Networks Active Attacks on Wireless Networks MITM Attacks on Wireless Networks Wireless Vulnerabilities WAP Vulnerabilities WEP Vulnerabilities Security of 64-Bit vs. 128-Bit Keys Acquiring a WEP Key Addressing Common Risks and Threats Finding a Target Finding Weaknesses in a Target Exploiting Those Weaknesses Sniffing Protecting Against Sniffing and Eavesdropping Spoofing (Interception) and Unauthorized Access Protecting Against Spoofing and Unauthorized Attacks Network Hijacking and Modification Protection against Network Hijacking and Modification Denial of Service and Flooding Attacks Protecting Against DoS and Flooding Attacks IEEE 802.1x Vulnerabilities Site Surveys Additional Security Measures for Wireless Networks Using a Separate Subnet for Wireless Networks Using VPNs for Wireless Access to Wired Network Temporal Key Integrity Protocol Message Integrity Code (MIC) IEEE 802.11i Standard Implementing Wireless Security: Common Best Practices Summary Solutions Fast Track Frequently Asked Questions Chapter 5 Communication Security: Web Based Services Introduction Web Security Web Server Lockdown Managing Access Control Handling Directory and Data Structures Eliminating Scripting Vulnerabilities Logging Activity Performing Backups Maintaining Integrity Finding Rogue Web Servers Stopping Browser Exploits Exploitable Browser Characteristics Cookies Web Spoofing Web Server Exploits SSL and HTTP/S SSL and TLS HTTP/S TLS S-HTTP Instant Messaging Packet Sniffers and Instant Messaging7 Text Messaging and Short Message Service (SMS) Web-based Vulnerabilities Understanding Java-, JavaScript-, and ActiveX-based Problems Preventing Problems with Java, JavaScript, and ActiveX Programming Secure Scripts Code Signing: Solution or More Problems? Understanding Code Signing The Benefits of Code Signing Problems with the Code Signing Process Buffer Overflows Making Browsers and E-mail Clients More Secure Restricting Programming Languages Keep Security Patches Current Securing Web Browser Software Securing Microsoft IE CGI What is a CGI Script and What Does It Do? Typical Uses of CGI Scripts Break-ins Resulting from Weak CGI Scripts CGI Wrappers Nikto FTP Security Active and Passive FTP S/FTP Secure Copy Blind FTP/Anonymous FTP Sharing and Vulnerabilities Packet Sniffing FTP Transmissions Directory Services and LDAP Security LDAP LDAP Directories Organizational Units Objects, Attributes and the Schema Securing LDAP Summary Solutions Fast Track Frequently Asked Questions Chapter 6 Infrastructure Security: Devices and Media Introduction Device-based Security Firewalls Packet-filtering Firewalls Application-layer Gateways Stateful Inspection Firewalls Routers Switches Wireless Modems RAS Telecom/PBX Virtual Private Network IDS Network Monitoring/Diagnostic Workstations Servers Mobile Devices Media-based Security Coax Thin Coax Thick Coax Vulnerabilities of Coax Cabling UTP/STP Fiber Optic Removable Media Magnetic Tape CDRs Hard Drives Diskettes Flashcards Smart Cards Summary Solutions Fast Track Frequently Asked Questions Chapter 7 Topologies and IDS Introduction Security Topologies Security Zones Introducing the Demilitarized Zone Intranet Extranet VLANs Network Address Translation Tunneling Intrusion Detection Characterizing IDSes Signature-based IDSes and Detection Evasion Popular Commercial IDS Systems Honeypots and Honeynets Judging False Positives and Negatives Incident Response Summary Solutions Fast Track Frequently Asked Questions Chapter 8 Infrastructure Security: System Hardening Introduction Concepts and Processes of OS and NOS Hardening File System Updates Hotfixes Service Packs