Hands-On Information Security Lab Manual 3rd Edition

Description

The latest book from Cengage Learning on Hands-On Information Security Lab Manual


Contents:

1

Information Security Technical Functions

This chapter provides an overview of the technical functions typically performed by an Information Security professional, and relates those functions to the text's laboratory exercises through the use of flows

These flows illustrate the combination of individual laboratory exercise components as phased tasked in the accomplishment of the function

2

Information Security Technical Exercise Theory

In this section the theory and overview of each laboratory exercise is presented

Where possible, additional details that facilitate understanding how the laboratory exercise works and is used is included

Footprinting

Scanning And Enumeration

OS Processes And Services

Vulnerability Identification And Research

Vulnerability Validation

System Remediation And Hardening,

Web Browser Security

File Systems Overview And Familiarization

Data Management

Data Backup And Recovery

Access Controls

Host Intrusion Detection Systems

Log Security Issues

Anti-Forensics

Software Firewalls

Hardware Firewalls and WAPs

Network Intrusion Detection Systems

Network Traffic Analysis

Virtual Private Networks And Remote Access

Digital Certificates

Password Circumvention and Management

Malware: Anti-Virus and BOT Defense

Digital Forensics u Data Acquisition

Digital Forensics - Data Analysis

3

Windows - Based Information Security Exercises

Chapter 3 contains the detailed exercises associated with Windows-based computers

Specifically this chapter contains exercises focused on Microsoft Windows XP and Vista

Some exercises are also focused on Server OSs like Microsoft Server 2003 where applicable

Footprinting

Scanning And Enumeration

OS Processes And Services

Vulnerability Identification And Research

Vulnerability Validation

System Remediation And Hardening,

Web Browser Security

File Systems Overview And Familiarization

New

Data Management

Data Backup And Recovery

Access Controls

Host Intrusion Detection Systems

Log Security Issues

Anti-Forensics

Software Firewalls

Hardware Firewalls and WAPs

Network Intrusion Detection Systems

Network Traffic Analysis

Virtual Private Networks And Remote Access

Digital Certificates

Password Circumvention and Management

Malware: Anti-Virus and BOT Defense

Digital Forensics u Data Acquisition

Digital Forensics - Data Analysis

Chapter 4 LINUX - Based Information Security Exercises

Chapter 4 contains the detailed exercises associated with LINUX-based computers

Specifically this chapter contains exercises focused on SUSE 9.0 Workstation

Some exercises are also focused on SUSE 9.0 Server where applicable

Footprinting

Scanning And Enumeration

OS Processes And Services

Vulnerability Identification And Research

Vulnerability Validation

System Remediation And Hardening,

Web Browser Security

File Systems Overview And Familiarization

New

Data Management

Data Backup And Recovery

Access Controls

Host Intrusion Detection Systems

Log Security Issues

Anti-Forensics

Software Firewalls

Hardware Firewalls and WAPs

Network Intrusion Detection Systems

Network Traffic Analysis

Virtual Private Networks And Remote Access

Digital Certificates

Password Circumvention and Management

Malware: Anti-Virus and BOT Defense

Digital Forensics u Data Acquisition

Digital Forensics - Data Analysis

5

Domain 3: Business Continuity and Disaster Recovery Planning

The differences between BDP and DRP and how they work together

Scoping a BCP/DRP project

Business Impact Assessment (BIA)

Risk analysis

Maximum Tolerable Downtime (MTD)

Recovery Point Objective (RPO)

Recovery Time Objective (RTO)

Ranking critical business processes

Developing the business continuity and disaster recovery plan

Emergency response

Damage assessment and salvage

Notification

Personnel safety

Communications

Public utilities and infrastructure

Logistics and supplies

Fire and water protection

Business resumption planning

Restoration and recovery

Training

Plan maintenance

DRP and BCP testing Study questions, exercises, project(s)

 6

Domain 4: Cryptography

Applications and uses of cryptography

Methods of encryption

Substitution

Permutation

One time pads

Types of encryption

Block ciphers

Stream ciphers

Types of encryption keys

Shared secrets

Public key cryptography

Initialization vectors (IVs)

Cryptographic systems

Key management

Message digests and hashing

Digital signatures

Non-repudiation

Cryptanalysis (attacks on cryptographic algorithms)

Applications of cryptography

Network security (SSL, VPN, SET, and so on)

E-mail security (S/MIME, PGP, and so on)

Public key infrastructure (PKI)

Alternatives (watermarking, steganography)

Study questions, exercises, project(s)

7

Domain 5: Information Security and Risk Management

Goals, mission, and objectives of an organization, and how security supports them

Risk management

Security strategies

Security concepts

The CIA Triad: Confidentiality, Integrity, and Availability

Defense in depth

Single points of failure

Privacy

Security management

Security governance

Security policy

Guidelines

Standards

Procedures

Security roles and responsibilities

Security education, training, and awareness

Reporting security issues to management

Service level agreements

Secure outsourcing

Identity management

Data classification and protection

Certification and accreditation

Security operations

Security assessments

Personnel security

Professional ethics

Study questions, exercises, project(s)

8

Domain 6: Legal, Regulations, Compliance and Investigations

Computer crime laws and regulations

U.S

laws

European laws

Investigations

Determining whether a crime has been committed

Forensic techniques and procedures

Gathering evidence

Preserving evidence

Chain of evidence

Ethical issues

Codes of conduct

RFC 1087 and investigations

Applying the (ISC) code of ethics

Study questions, exercises, project(s)

9

Domain 7: Operations Security

Security operations concepts

Need to know

Least privilege

Separation of duties

Monitoring of special privileges

Job rotation

Record retention

Backups

Anti-virus and anti-malware

Remote access

Employing resource protection

Incident management

Violations and breaches

Malware attacks (viruses, worms, spyware, phishing, and so on)

Reporting to law enforcement

High availability architectures

Fault tolerance

Clusters

Failover

Denial of service

Vulnerability management

Patch management

Administrative management and control

Change management

Configuration management

Study questions, exercises, project(s)

10

Domain 8: Physical (Environmental) Security

Site physical security

Site access controls

Key cards, Biometrics, Mantraps, Guards

Dogs, Fences, Surveillance

Zones of security

Loading and unloading areas

Access logs

Visible notices

Exterior lighting

Secure siting

Nearby threats

Flooding

Chemicals

Social unrest

Building marking

Protection of equipment

Theft protection

Damage protection

Earthquake bracing, and so on

Check in / check out

Cabling security

Environment security

Heating and air conditioning

Humidity

Electric power

Line conditioning

Uninterruptible power supplies

Electric generators

Study questions, exercises, project(s)

11

Domain 9: Security Architecture and Design

Security Models

Biba

Bell LaPadula

Access Matrix

Take-Grant

Clark-Wilson

Multi-level security

Mandatory access control (MAC)

Discretionary access control (DAC)

Security threats

Covert channels

State attacks (TOCTTOU)

Emanations

Maintenance hooks, back doors, privileged programs

Countermeasures

Assurance, trust, and confidence

Trusted Computing Base (TCB)

Reference monitor

Kernel

Information systems evaluation models

Common Criteria

TCSEC

ITSEC

Computer architecture

Central processor

Single and multi processor designs

Bus

Memory

Secondary storage

Study questions, exercises, project(s)

12

Domain 10: Telecommunications and Network Security

Telecommunications technologies

X.25, Frame Relay, ATM, T-1/E-1, SONET, and so on

Wireless

EVDO, 1XRTT, CDMA, GSM/GPRS, Wimax, and so on

Network technologies

Ethernet, Token ring, Bisync, RS-232, RS-449

Wireless

WiFi, Bluetooth

Network protocols

TCP/IP, IPX/SPX, ATM, and so on

Routing protocols (RIP, IGRP, OSPF, and so on)

Remote access / tunneling protocols

VPN, SSL, IPSec, L2TP, PPTP, PPP, SLIP, and so on

Network authentication protocols

RADIUS, DIAMETER, CHAP, EAP, and so on

Network based threats and vulnerabilities

Attacks (DoS, DDoS, Teardrop, Smurf, PoD, worms, spam, many more)

Vulnerabilities (open services, unpatched system, poor configurations, and so on)

Network countermeasures

Intrusion detection systems (IDS)

Intrusion prevention systems (IPS)

Firewalls

Private addressing / NAT

Gateways

Access control lists

Study questions, exercises, project(s)

13

Preparing for the Exam

Understanding certification requirements

Assessing your work experience

Finding an exam near you

Registering for the exam

Starting an exam study program

Preparing for exam day

Book travel and lodging

Confirming transportation

Know the route

Parking

What to bring

14

After Earning the Certification

Annual maintenance fees

Earning CPEs

Conferences and seminars

Training

Teaching

Writing

Volunteer opportunities

Speaking, proctoring, articles, writing exam questions

Networking with other CISSPs

Mailing lists

Forums

Web sites

15

Glossary

Index.