Download the Full Version of ebook for Fast Typing at ebookmass.

com

Cybersecurity Essentials Donald Short

https://ebookmass.com/product/cybersecurity-essentials-
donald-short/

OR CLICK BUTTON

DOWNLOAD NOW

Download More ebook Instantly Today - Get Yours Now at ebookmass.com

 Recommended digital products (PDF, EPUB, MOBI) that
you can download immediately if you are interested.

Essentials of Meteorology: An Invitation to the Atmosphere

8th Edition C Donald Ahrens

https://ebookmass.com/product/essentials-of-meteorology-an-invitation-
to-the-atmosphere-8th-edition-c-donald-ahrens/

ebookmass.com

Networking Essentials: A CompTIA Network+ N10-007 Textbook

(Pearson IT Cybersecurity Curriculum (ITCC)) – Ebook PDF
Version
https://ebookmass.com/product/networking-essentials-a-comptia-
network-n10-007-textbook-pearson-it-cybersecurity-curriculum-itcc-
ebook-pdf-version/
ebookmass.com

Cybersecurity Risk Management: Mastering the Fundamentals

using the NIST Cybersecurity Framework Cynthia Brumfield

https://ebookmass.com/product/cybersecurity-risk-management-mastering-
the-fundamentals-using-the-nist-cybersecurity-framework-cynthia-
brumfield/
ebookmass.com

Genocide: Key Themes Donald Bloxham

https://ebookmass.com/product/genocide-key-themes-donald-bloxham/

ebookmass.com
Cybersecurity Law 2nd Edition Jeff Kosseff

https://ebookmass.com/product/cybersecurity-law-2nd-edition-jeff-
kosseff/

ebookmass.com

The Spartans: a Very Short Introduction Andrew J. Bayliss

https://ebookmass.com/product/the-spartans-a-very-short-introduction-
andrew-j-bayliss/

ebookmass.com

Smart Cities Cybersecurity and Privacy Danda B. Rawat

https://ebookmass.com/product/smart-cities-cybersecurity-and-privacy-
danda-b-rawat/

ebookmass.com

Democracy: A Very Short Introduction (Very Short

Introductions) 2023rd Edition Zack

https://ebookmass.com/product/democracy-a-very-short-introduction-
very-short-introductions-2023rd-edition-zack/

ebookmass.com

Semi-State Actors in Cybersecurity Florian J. Egloff

https://ebookmass.com/product/semi-state-actors-in-cybersecurity-
florian-j-egloff/

ebookmass.com
CYBERSECURITY
ESSENTIALS

Charles J . Brook s
Christopher Grow
Philip Cr aig
D onald Shor t
Development Editor: David Clark
Technical Editors: Raymond Blockmon, Chris Culling, Jeff Parker
Production Editor: Athiyappan Lalith Kumar
Copy Editor: Kathy Carlyle
Editorial Manager: Mary Beth Wakefield
Production Manager: Kathleen Wisor
Executive Editor: Jim Minatel
Proofreader: Nancy Bell
Indexer: Johnna VanHoose Dinse
Project Coordinator, Cover: Brent Savage
Cover Designer: Wiley
Cover Image: © ktsdesign/Shutterstock

Copyright © 2018 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada
ISBN: 978-1-119-36239-5
ISBN: 978-1-119-36243-2 (ebk)
ISBN: 978-1-119-36245-6 (ebk)
Manufactured in the United States of America

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by
any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted
under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permis-
sion of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright
Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to
the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc.,
111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley
.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warran-
ties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all
warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be
created or extended by sales or promotional materials. The advice and strategies contained herein may not be
suitable for every situation. This work is sold with the understanding that the publisher is not engaged in ren-
dering legal, accounting, or other professional services. If professional assistance is required, the services of a
competent professional person should be sought. Neither the publisher nor the author shall be liable for dam-
ages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or
a potential source of further information does not mean that the author or the publisher endorses the infor-
mation the organization or Web site may provide or recommendations it may make. Further, readers should
be aware that Internet Web sites listed in this work may have changed or disappeared between when this work
was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our
Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317)
572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included
with standard print versions of this book may not be included in e-books or in print-on-demand. If this book
refers to media such as a CD or DVD that is not included in the version you purchased, you may download
this material at http://booksupport.wiley.com. For more information about Wiley products, visit
www.wiley.com.

Library of Congress Control Number: 2018943782

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John
Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without
written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc.
is not associated with any product or vendor mentioned in this book.

10 9 8 7 6 5 4 3 2 1
 To my wife Robbie, for all of her understanding, support,
and help with these projects, as well as Robert, Jamaica,
Michael, and Joshua.
Charles Brooks

To my close friends and family here and gone who

have stood by me and encouraged me along my way.
Your support through the years, mental, emotional, and
financial, has brought me to this point. I dedicate this
work to all of you, without which this would not have been
possible for me.
Christopher Grow

To my wife Caralee, who has endured many times over

the years my travels, my long stays in our nation’s capital,
and mostly her understanding of the importance of my
commitment to cybersecurity. As we celebrate her birthday
on September 11 every year, we are reminded of what it
means to our daily lives.
Philip Craig

To my family whose grace and support have amazed

me for decades. My loving wife of 33 years, Norma,
and my children Kenny and Breanne continue to
support my efforts and endure the challenges of my
entrepreneurial life.
Donald Short
A
As always, I want to thank the staff at ETG/Marcraft for making it easy to
turn out a good product. In particular, thanks to Cathy Boulay and Luke Johns
from the Product Development department for their excellent work in getting
the text and graphics ready to go and looking good.
Many thanks as well to Jeff Riley, whom I’ve known and worked with in the
book production business for many years. Thanks for putting together another
great project.
—Charles Brooks

I would like to start by thanking some of the many people who have made
what has become my repository of knowledge and skill available to help make
this book possible. First there is my father David P. Grow. His knowledge, men-
toring, patience, and understanding started my journey down the career path of
computer support and computer networking.
I would also like to thank all of my mentors along the way who have increased
my skills and knowledge. Whether they were employers or colleagues, each men-
tor has made contributions to my knowledge and skill that helped make this
all possible. Especially the support staff and leadership here with my current
employer at ETG/Marcraft: Charles Brooks, Kevin Smith, Cathy Boulay, Grant
Ter-Oganov and any personnel working behind the scenes that I did not meet.
Lastly I would like to thank my close friends and family for all their help and
support as I worked through the process of creating my contribution to this book.
—Christopher Grow

To the folks who commit their lives and careers developing new approaches
to cybersecurity that protects the immense landscape of computing infrastruc-
tures from acts of malicious and sometimes deadly outcomes of cyber attacks,
I dedicate these works to you. The next generation of cyber-protectors will gain
significant value from this book and hopefully will find its content sparking new
dedication to the cyber challenges we will face in the years ahead.
To the leadership at ETG/Marcraft whose vision recognizes the value of the
teaching through hands-on experiences and not just the texts, thank you for
recognizing and implementing your approach to our trade.
—Philip Craig

I would like to thank my customers and associates from the past 25 plus years
who have helped me grow and learn at a rate I would not have thought possible.
—Donald Short
A  A 
Charles J. Brooks is currently co-owner and vice president of Educational
Technologies Group Inc., as well as co-owner of eITPrep LLP, an online train-
ing company. He is in charge of research and product development at both
organizations.
A former electronics instructor and technical writer with the National
Education Corporation, Charles taught and wrote on post-secondary ETG cur-
riculum, including introductory electronics, transistor theory, linear integrated
circuits, basic digital theory, industrial electronics, microprocessors, and com-
puter peripherals.
Charles has authored several books, including seven editions of A+
Certification Training Guide, The Complete Introductory Computer Course,
and IBM PC Peripheral Troubleshooting and Repair. He also writes about
green technologies, networking, residential technology integration, and IT
convergence.
Christopher M. Grow is currently the Technical Services Manager for
Educational Technologies Group. He is responsible for product support, solution
development, onsite implementation/installation, and instructor support and
training for a wealth of cybersecurity and information technology products. He
also is involved in program management and contributes in R&D of new prod-
ucts and revisions of current offerings.
Christopher has been a consultant and contractor in the IT industry for over
20 years. As an Information Security and Surveillance manager for a casino in
Washington State, Christopher helped design and implement security policies,
frameworks, and training to protect and segregate public and private informa-
tion for the casino and their customers. He also helped to design procedures and
train personnel on the physical security aspects of the casino industry.
Philip Craig is the founder of BlackByte Cyber Security, LLC, a consultancy
supporting the Pacific Northwest National Laboratory (PNNL) research and
national security agendas as well as the National Rural Electric Cooperative
Association and National Rural Telecommunications Cooperative.
For many years, Phil served as a Senior Cyber Security Research Scientist at
PNNL, where he provided engineering and program management support in the
fields of cybersecurity, supervisory control and data acquisition (SCADA) tech-
nologies, computing, and communications infrastructure.
This included development of complex system and policy solutions in a vari-
ety of critical infrastructures including the nuclear power, electric power, and
vi About the Authors

water sectors. He developed and deployed both strategic and tactical cybersecu-
rity defensive solutions for the electric power and nuclear sectors.
Donald Short is the President of One World Telecommunications, Inc., an
Internet Service Provider in Kennewick, Washington, where he both manages
the business and programs web and database applications.
Don has been both a pharmacist and computer scientist for over 35 years,
working in many programming languages on a variety of network architectures,
and has developed large and complex online content and learning management
systems.
Contents
Introduction xix

PART I SECURING THE INFRASTRUCTURE 1

Chapter 1 Inf r a s truc ture S e curit y in the Real World 3

Security Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Infrastructure Security Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Infrastructure Security Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Chapter 2 Unders t anding Acce ss - Control and Monitoring Sys tems 9

A Quick Primer on Infrastructure Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Access Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Security Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Physical Security Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Locks and Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Standard Key-Locking Deadbolts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Solenoid-Operated Deadbolt Locks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Cipher Locks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Access-Control Gates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Sliding Gates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Swinging Gates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Control Relays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Authentication Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Magnetic Stripe Readers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Smart Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
RFID Badges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Biometric Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Remote-Access Monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Opened- and Closed-Condition Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Automated Access-Control Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
viii Contents

Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Chapter 3 Unders t anding Vide o Sur veillance Sys tems 45

Video Surveillance Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Cameras . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Chapter 4 Unders t anding Intru sion-D e te c tion and Repor ting

Sys tems 71
Intrusion-Detection
and Reporting Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Security Controllers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Sensors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Vehicle-Detection Sensors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Fire-Detection Sensors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Output Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Chapter 5 Inf r a s truc ture S ecurit y : Review Que s tions and

Hand s - On E xercis es 97
Summary Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Security Challenge Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Infrastructure Security Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Infrastructure Security Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Professional Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Exam Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
 Contents ix

PART II SECURING LOCAL HOSTS 113

Chapter 6 L oc al Hos t S ecurit y in the Real World 115

Security Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Computing Device Security Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Computing Device Security Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Chapter 7 S ecuring D evices 121

The Three Layers of Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Securing Host Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Securing Outer-Perimeter Portals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Additional Inner-Perimeter Access Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Chapter 8 Protec ting the Inner Perime ter 149

The Inner Perimeter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Operating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Operating System Security Choices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Common Operating System Security Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Using Local Administrative Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Implementing Data Encryption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201

Chapter 9 Protec ting Remote Acce ss 203

Protecting Local Computing Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Using a Secure Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
x Contents

Establishing and Using a Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

Installing and Using Anti-Malware Software . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Removing Unnecessary Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Disabling Nonessential Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Disabling Unnecessary OS Default Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Securing the Web Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Applying Updates and Patches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Requiring Strong Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Implementing Local Protection Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Software-Based Local Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Using Local Intrusion-Detection Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Profile-Based Anomaly-Detection Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
Threshold-Based Anomaly-Detection Systems. . . . . . . . . . . . . . . . . . . . . . . . . . 211
Configuring Browser Security Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Configuring Security Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Configuring Script Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Defending Against Malicious Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Using Antivirus Programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Using Antispyware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
Hardening Operating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Service Packs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Patches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Overseeing Application Software Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Software Exploitation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Applying Software Updates and Patches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

Chapter 10 L oc al Hos t S ecurit y : Review Que s tions and Hand s - On

E xercis es 243
Summary Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Security Challenge Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
 Contents xi

Computing Device Security Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248

Computing Device Security Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Professional Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Exam Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259

PART III SECURING LOCAL NETWORKS 263

Chapter 11 L oc al Ne t work S e curit y in the Real World 265

Security Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Local Network Security Scenario 1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Local Network Security Scenario 2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272

Chapter 12 Ne t work ing Ba sic s 273

Understanding the Basics of Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Campus Area Networks or Corporate Area Networks (CANs) . . . . . . . . . . . . . . 274
Metropolitan Area Networks (MANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Wireless Local Area Networks (WLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Storage Area Networks (SANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
The OSI Networking Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Layer 1: Physical . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Layer 2: Data Link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Layer 3: Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Layer 4: Transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Layer 5: Session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Layer 6: Presentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
Layer 7: Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
Data Transmission Packets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
OSI Layer Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Network Topologies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Bus Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Ring Topology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Star Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Mesh Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Logical Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
xii Contents

Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

Chapter 13 Unders t anding Ne t work ing Protocols 297

The Basics of Networking Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
TCP/IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Network Control Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326

Chapter 14 Unders t anding Ne t work S er vers 327

The Basics of Network Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
Server Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
Network Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Server Software Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
User Accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Network Authentication Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Establishing Resource Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
Maintaining Server Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Vulnerability Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
 Contents xiii

Chapter 15 Unders t anding Ne t work Conne c tivit y D evices 385

Network Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
Network Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Wireless Network Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Network Connectivity Device Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Network Connectivity Device Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
Network Connectivity Defense . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Network Hardening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404

Chapter 16 Unders t anding Ne t work Tr ansmission Me dia S e curit y 4 07

The Basics of Network Transmission Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
Copper Wire . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
Light Waves . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Wireless Signals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Transmission Media Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Securing Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421

Chapter 17 L oc al Ne t work S ecurit y : Review Que s tions 423

Summary Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423
Security Challenge Scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
Local Network Security Scenario 1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
Local Network Security Scenario 2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
Professional Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
xiv Contents

PART IV SECURING THE PERIMETER 449

Chapter 18 Perime ter S ecurit y in the Real World 451

Security Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
Internet Security Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
Internet Security Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455

Chapter 19 Under s t anding the Environment 457

The Basics of Internet Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457
Understanding the Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Basic Internet Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
Internet Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Standards and RFCs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486

Chapter 20 Hiding the Priv ate Ne t work 487

Understanding Private Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
Network Address Translation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
Port Address Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Port Forwarding or Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Network Segmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
Software-Defined Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Hands-On Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
Lab Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 508
Lab Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509
Exploring the Variety of Random
Documents with Different Content
back
back
back
back
back
back
back
back
back
back
back
back
back
back
back
back
back
Welcome to our website – the ideal destination for book lovers and
knowledge seekers. With a mission to inspire endlessly, we offer a
vast collection of books, ranging from classic literary works to
specialized publications, self-development books, and children's
literature. Each book is a new journey of discovery, expanding
knowledge and enriching the soul of the reade

Our website is not just a platform for buying books, but a bridge
connecting readers to the timeless values of culture and wisdom. With
an elegant, user-friendly interface and an intelligent search system,
we are committed to providing a quick and convenient shopping
experience. Additionally, our special promotions and home delivery
services ensure that you save time and fully enjoy the joy of reading.

Let us accompany you on the journey of exploring knowledge and

personal growth!

ebookmass.com