Description

Book Synopsis

Dr. Chuck Easttom is the author of 37 books, including several on computer security, forensics, and cryptography. He has also authored scientific papers on digital forensics, cyber warfare, cryptography, and applied mathematics. He is an inventor with 25 computer science patents. He holds a doctor of science degree in cybersecurity (dissertation topic: a study of lattice-based algorithms for post quantum cryptography), a Ph.D. in Computer Science (dissertation topic: A Systematic Framework for Network Forensics Using Graph Theory), and a Ph.D. in Nanotechnology (dissertation topic: The Effects of Complexity on Carbon Nanotube Failures) and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He also holds more than 70 industry certifications (CISSP, CEH, etc.). He is a frequent speaker at cybersecurity, computer science, and engineering conferences. He is a Distinguished Speaker and senior member of the ACM and

Table of Contents

Introduction xxix

Chapter 1: Introduction to Computer Security 2

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

How Seriously Should You Take Threats to Network Security?. . . . . . . . . . 4

Identifying Types of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 7

Assessing the Likelihood of an Attack on Your Network.. . . . . . . . . . . . 17

Basic Security Terminology. . . . . . . . . . . . . . . . . . . . . . . . 18

Concepts and Approaches.. . . . . . . . . . . . . . . . . . . . . . . . 21

How Do Legal Issues Impact Network Security?.. . . . . . . . . . . . . . . 24

Online Security Resources.. . . . . . . . . . . . . . . . . . . . . . . . 25

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Chapter 2: Networks and the Internet 34

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Network Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

How the Internet Works. . . . . . . . . . . . . . . . . . . . . . . . . 43

History of the Internet.. . . . . . . . . . . . . . . . . . . . . . . . . . 50

Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 52

Other Network Devices.. . . . . . . . . . . . . . . . . . . . . . . . . 59

Advanced Network Communications Topics.. . . . . . . . . . . . . . . . 60

Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Chapter 3: Cyber Stalking, Fraud, and Abuse 74

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

How Internet Fraud Works.. . . . . . . . . . . . . . . . . . . . . . . . 75

Identity Theft.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Cyber Stalking.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

Protecting Yourself Against Cybercrime.. . . . . . . . . . . . . . . . . . 91

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Chapter 4: Denial of Service Attacks 106

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

DoS Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Illustrating an Attack.. . . . . . . . . . . . . . . . . . . . . . . . . . 107

Common Tools Used for DoS Attacks.. . . . . . . . . . . . . . . . . . . 109

DoS Weaknesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Specific DoS Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . 112

Real-World Examples of DoS Attacks.. . . . . . . . . . . . . . . . . . . 120

How to Defend Against DoS Attacks.. . . . . . . . . . . . . . . . . . . 121

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Chapter 5: Malware 130

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Viruses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

The Buffer-Overflow Attack. . . . . . . . . . . . . . . . . . . . . . . 145

Spyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Other Forms of Malware.. . . . . . . . . . . . . . . . . . . . . . . . 149

Detecting and Eliminating Viruses and Spyware. . . . . . . . . . . . . . . 153

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Chapter 6: Techniques Used by Hackers 166

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Basic Terminology.. . . . . . . . . . . . . . . . . . . . . . . . . . . 167

The Reconnaissance Phase.. . . . . . . . . . . . . . . . . . . . . . . 167

Actual Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Malware Creation. . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Penetration Testing.. . . . . . . . . . . . . . . . . . . . . . . . . . 187

The Dark Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

Chapter 7: Industrial Espionage in Cyberspace 200

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

What Is Industrial Espionage?.. . . . . . . . . . . . . . . . . . . . . . 202

Information as an Asset. . . . . . . . . . . . . . . . . . . . . . . . . 203

Real-World Examples of Industrial Espionage.. . . . . . . . . . . . . . . 205

How Does Espionage Occur?. . . . . . . . . . . . . . . . . . . . . . 207

Protecting Against Industrial Espionage.. . . . . . . . . . . . . . . . . . 212

Trade Secrets.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

The Industrial Espionage Act.. . . . . . . . . . . . . . . . . . . . . . 218

Spear Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

Chapter 8: Encryption 226

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

Cryptography Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . 227

History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . . . 228

Modern Cryptography Methods.. . . . . . . . . . . . . . . . . . . . . 236

Public Key (Asymmetric) Encryption.. . . . . . . . . . . . . . . . . . . 245

PGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

Legitimate Versus Fraudulent Encryption Methods.. . . . . . . . . . . . . 251

Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . 252

Hashing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 254

Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

Cryptanalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

Cryptography Used on the Internet.. . . . . . . . . . . . . . . . . . . . 259

Quantum Computing Cryptography. . . . . . . . . . . . . . . . . . . . 259

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Chapter 9: Computer Security Technology 268

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268

Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272

Antispyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

IDSs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279

Digital Certificates.. . . . . . . . . . . . . . . . . . . . . . . . . . . 292

SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

Virtual Private Networks.. . . . . . . . . . . . . . . . . . . . . . . . 296

Wi-Fi Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

Chapter 10: Security Policies 304

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304

What Is a Policy?.. . . . . . . . . . . . . . . . . . . . . . . . . . . 305

Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 305

Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 308

Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 316

Security Breaches.. . . . . . . . . . . . . . . . . . . . . . . . . . . 319

Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 321

Development Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 322

Standards, Guidelines, and Procedures.. . . . . . . . . . . . . . . . . . 323

Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 324

Zero Trust.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327

Important Laws.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 328

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330

Chapter 11: Network Scanning and Vulnerability Scanning 336

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336

Basics of Assessing a System.. . . . . . . . . . . . . . . . . . . . . . 337

Securing Computer Systems.. . . . . . . . . . . . . . . . . . . . . . 346

Scanning Your Network. . . . . . . . . . . . . . . . . . . . . . . . . 352

Testing and Scanning Standards.. . . . . . . . . . . . . . . . . . . . . 363

Getting Professional Help.. . . . . . . . . . . . . . . . . . . . . . . . 366

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

Chapter 12: Cyber Terrorism and Information Warfare 378

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378

Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 379

Weapons of Cyber Warfare.. . . . . . . . . . . . . . . . . . . . . . . 382

Economic Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384

Military Operations Attacks. . . . . . . . . . . . . . . . . . . . . . . 386

General Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 387

Supervisory Control and Data Acquisitions (SCADA).. . . . . . . . . . . . . 387

Information Warfare.. . . . . . . . . . . . . . . . . . . . . . . . . . 388

Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 391

Future Trends.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395

Defense Against Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 399

Terrorist Recruiting and Communication.. . . . . . . . . . . . . . . . . . 399

TOR and the Dark Web.. . . . . . . . . . . . . . . . . . . . . . . . . 400

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402

Chapter 13: Cyber Detective 408

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408

General Searches. . . . . . . . . . . . . . . . . . . . . . . . . . . 410

Company Searches.. . . . . . . . . . . . . . . . . . . . . . . . . . 413

Court Records and Criminal Checks.. . . . . . . . . . . . . . . . . . . 413

Usenet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

Google.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418

Maltego. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421

Chapter 14: Introduction to Forensics 426

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426

General Guidelines. . . . . . . . . . . . . . . . . . . . . . . . . . . 427

Finding Evidence on a PC. . . . . . . . . . . . . . . . . . . . . . . . 440

Finding Evidence in System Logs.. . . . . . . . . . . . . . . . . . . . 441

Getting Back Deleted Files.. . . . . . . . . . . . . . . . . . . . . . . 442

Operating System Utilities. . . . . . . . . . . . . . . . . . . . . . . . 445

The Windows Registry. . . . . . . . . . . . . . . . . . . . . . . . . 447

Mobile Forensics: Cell Phone Concepts.. . . . . . . . . . . . . . . . . . 452

The Need for Forensic Certification.. . . . . . . . . . . . . . . . . . . . 457

Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 458

Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 459

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463

Chapter 15: Cybersecurity Engineering 466

Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466

Defining Cybersecurity Engineering.. . . . . . . . . . . . . . . . . . . . 467

Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475

SecML. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

Modeling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489

Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491

Glossary 494

Appendix A: Resources 500

Appendix B: Answers to the Multiple Choice Questions 502

9780137984787, TOC, 12/6/2022

Computer Security Fundamentals

Product form

£56.94

Includes FREE delivery

RRP £66.99 – you save £10.05 (15%)

Order before 4pm today for delivery by Sat 20 Dec 2025.

A Paperback / softback by William Easttom, II

Out of stock


    View other formats and editions of Computer Security Fundamentals by William Easttom, II

    Publisher: Pearson Education (US)
    Publication Date: 19/01/2023
    ISBN13: 9780137984787, 978-0137984787
    ISBN10: 0137984782
    Also in:
    Computing Network security

    Description

    Book Synopsis

    Dr. Chuck Easttom is the author of 37 books, including several on computer security, forensics, and cryptography. He has also authored scientific papers on digital forensics, cyber warfare, cryptography, and applied mathematics. He is an inventor with 25 computer science patents. He holds a doctor of science degree in cybersecurity (dissertation topic: a study of lattice-based algorithms for post quantum cryptography), a Ph.D. in Computer Science (dissertation topic: A Systematic Framework for Network Forensics Using Graph Theory), and a Ph.D. in Nanotechnology (dissertation topic: The Effects of Complexity on Carbon Nanotube Failures) and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He also holds more than 70 industry certifications (CISSP, CEH, etc.). He is a frequent speaker at cybersecurity, computer science, and engineering conferences. He is a Distinguished Speaker and senior member of the ACM and

    Table of Contents

    Introduction xxix

    Chapter 1: Introduction to Computer Security 2

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

    How Seriously Should You Take Threats to Network Security?. . . . . . . . . . 4

    Identifying Types of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 7

    Assessing the Likelihood of an Attack on Your Network.. . . . . . . . . . . . 17

    Basic Security Terminology. . . . . . . . . . . . . . . . . . . . . . . . 18

    Concepts and Approaches.. . . . . . . . . . . . . . . . . . . . . . . . 21

    How Do Legal Issues Impact Network Security?.. . . . . . . . . . . . . . . 24

    Online Security Resources.. . . . . . . . . . . . . . . . . . . . . . . . 25

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

    Chapter 2: Networks and the Internet 34

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

    Network Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

    How the Internet Works. . . . . . . . . . . . . . . . . . . . . . . . . 43

    History of the Internet.. . . . . . . . . . . . . . . . . . . . . . . . . . 50

    Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 52

    Other Network Devices.. . . . . . . . . . . . . . . . . . . . . . . . . 59

    Advanced Network Communications Topics.. . . . . . . . . . . . . . . . 60

    Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

    Chapter 3: Cyber Stalking, Fraud, and Abuse 74

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

    How Internet Fraud Works.. . . . . . . . . . . . . . . . . . . . . . . . 75

    Identity Theft.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

    Cyber Stalking.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

    Protecting Yourself Against Cybercrime.. . . . . . . . . . . . . . . . . . 91

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

    Chapter 4: Denial of Service Attacks 106

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

    DoS Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

    Illustrating an Attack.. . . . . . . . . . . . . . . . . . . . . . . . . . 107

    Common Tools Used for DoS Attacks.. . . . . . . . . . . . . . . . . . . 109

    DoS Weaknesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 112

    Specific DoS Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . 112

    Real-World Examples of DoS Attacks.. . . . . . . . . . . . . . . . . . . 120

    How to Defend Against DoS Attacks.. . . . . . . . . . . . . . . . . . . 121

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

    Chapter 5: Malware 130

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

    Viruses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

    Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

    The Buffer-Overflow Attack. . . . . . . . . . . . . . . . . . . . . . . 145

    Spyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

    Other Forms of Malware.. . . . . . . . . . . . . . . . . . . . . . . . 149

    Detecting and Eliminating Viruses and Spyware. . . . . . . . . . . . . . . 153

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

    Chapter 6: Techniques Used by Hackers 166

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

    Basic Terminology.. . . . . . . . . . . . . . . . . . . . . . . . . . . 167

    The Reconnaissance Phase.. . . . . . . . . . . . . . . . . . . . . . . 167

    Actual Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

    Malware Creation. . . . . . . . . . . . . . . . . . . . . . . . . . . 184

    Penetration Testing.. . . . . . . . . . . . . . . . . . . . . . . . . . 187

    The Dark Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

    Chapter 7: Industrial Espionage in Cyberspace 200

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

    What Is Industrial Espionage?.. . . . . . . . . . . . . . . . . . . . . . 202

    Information as an Asset. . . . . . . . . . . . . . . . . . . . . . . . . 203

    Real-World Examples of Industrial Espionage.. . . . . . . . . . . . . . . 205

    How Does Espionage Occur?. . . . . . . . . . . . . . . . . . . . . . 207

    Protecting Against Industrial Espionage.. . . . . . . . . . . . . . . . . . 212

    Trade Secrets.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

    The Industrial Espionage Act.. . . . . . . . . . . . . . . . . . . . . . 218

    Spear Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

    Chapter 8: Encryption 226

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

    Cryptography Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . 227

    History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . . . 228

    Modern Cryptography Methods.. . . . . . . . . . . . . . . . . . . . . 236

    Public Key (Asymmetric) Encryption.. . . . . . . . . . . . . . . . . . . 245

    PGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

    Legitimate Versus Fraudulent Encryption Methods.. . . . . . . . . . . . . 251

    Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . 252

    Hashing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

    MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 254

    Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

    Cryptanalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

    Cryptography Used on the Internet.. . . . . . . . . . . . . . . . . . . . 259

    Quantum Computing Cryptography. . . . . . . . . . . . . . . . . . . . 259

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

    Chapter 9: Computer Security Technology 268

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268

    Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

    Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272

    Antispyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

    IDSs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279

    Digital Certificates.. . . . . . . . . . . . . . . . . . . . . . . . . . . 292

    SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

    Virtual Private Networks.. . . . . . . . . . . . . . . . . . . . . . . . 296

    Wi-Fi Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

    Chapter 10: Security Policies 304

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304

    What Is a Policy?.. . . . . . . . . . . . . . . . . . . . . . . . . . . 305

    Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 305

    Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 308

    Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 316

    Security Breaches.. . . . . . . . . . . . . . . . . . . . . . . . . . . 319

    Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 321

    Development Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 322

    Standards, Guidelines, and Procedures.. . . . . . . . . . . . . . . . . . 323

    Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 324

    Zero Trust.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327

    Important Laws.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 328

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330

    Chapter 11: Network Scanning and Vulnerability Scanning 336

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336

    Basics of Assessing a System.. . . . . . . . . . . . . . . . . . . . . . 337

    Securing Computer Systems.. . . . . . . . . . . . . . . . . . . . . . 346

    Scanning Your Network. . . . . . . . . . . . . . . . . . . . . . . . . 352

    Testing and Scanning Standards.. . . . . . . . . . . . . . . . . . . . . 363

    Getting Professional Help.. . . . . . . . . . . . . . . . . . . . . . . . 366

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

    Chapter 12: Cyber Terrorism and Information Warfare 378

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378

    Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 379

    Weapons of Cyber Warfare.. . . . . . . . . . . . . . . . . . . . . . . 382

    Economic Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384

    Military Operations Attacks. . . . . . . . . . . . . . . . . . . . . . . 386

    General Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 387

    Supervisory Control and Data Acquisitions (SCADA).. . . . . . . . . . . . . 387

    Information Warfare.. . . . . . . . . . . . . . . . . . . . . . . . . . 388

    Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 391

    Future Trends.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395

    Defense Against Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 399

    Terrorist Recruiting and Communication.. . . . . . . . . . . . . . . . . . 399

    TOR and the Dark Web.. . . . . . . . . . . . . . . . . . . . . . . . . 400

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402

    Chapter 13: Cyber Detective 408

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408

    General Searches. . . . . . . . . . . . . . . . . . . . . . . . . . . 410

    Company Searches.. . . . . . . . . . . . . . . . . . . . . . . . . . 413

    Court Records and Criminal Checks.. . . . . . . . . . . . . . . . . . . 413

    Usenet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

    Google.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418

    Maltego. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421

    Chapter 14: Introduction to Forensics 426

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426

    General Guidelines. . . . . . . . . . . . . . . . . . . . . . . . . . . 427

    Finding Evidence on a PC. . . . . . . . . . . . . . . . . . . . . . . . 440

    Finding Evidence in System Logs.. . . . . . . . . . . . . . . . . . . . 441

    Getting Back Deleted Files.. . . . . . . . . . . . . . . . . . . . . . . 442

    Operating System Utilities. . . . . . . . . . . . . . . . . . . . . . . . 445

    The Windows Registry. . . . . . . . . . . . . . . . . . . . . . . . . 447

    Mobile Forensics: Cell Phone Concepts.. . . . . . . . . . . . . . . . . . 452

    The Need for Forensic Certification.. . . . . . . . . . . . . . . . . . . . 457

    Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 458

    Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 459

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463

    Chapter 15: Cybersecurity Engineering 466

    Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466

    Defining Cybersecurity Engineering.. . . . . . . . . . . . . . . . . . . . 467

    Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475

    SecML. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

    Modeling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489

    Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491

    Glossary 494

    Appendix A: Resources 500

    Appendix B: Answers to the Multiple Choice Questions 502

    9780137984787, TOC, 12/6/2022

    Recently viewed products

    © 2025 Book Curl

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account