{"product_id":"network-security-bible-isbn-9780470502495","title":"Network Security Bible","description":"\u003cp\u003eThe comprehensive A-to-Z guide on network security, fully revised and updated\u003c\/p\u003e \u003cp\u003eNetwork security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side.\u003c\/p\u003e \u003cp\u003eCovering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised \u003ci\u003eNetwork Security Bible\u003c\/i\u003e complements the Cisco Academy course instruction in networking security.\u003c\/p\u003e \u003cul\u003e \u003cli\u003eCovers all core areas of network security and how they interrelate\u003c\/li\u003e \u003cli\u003eFully revised to address new techniques, technology, and methods for securing an enterprise worldwide\u003c\/li\u003e \u003cli\u003eExamines new trends and best practices in use by organizations to secure their enterprises\u003c\/li\u003e \u003cli\u003eFeatures additional chapters on areas related to data protection\/correlation and forensics\u003c\/li\u003e \u003cli\u003eIncludes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eIf you need to get up to date or stay current on network security, \u003ci\u003eNetwork Security Bible, 2nd Edition\u003c\/i\u003e covers everything you need to know.\u003c\/p\u003e \u003cp\u003eIntroduction xxxv\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart I: Network Security Landscape\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1: State of Network Security 3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCyber Security 3\u003c\/p\u003e \u003cp\u003eSummary 7\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2: New Approaches to Cyber Security 9\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGeneral Trends 9\u003c\/p\u003e \u003cp\u003eThe Changing Face of Cyber Security 16\u003c\/p\u003e \u003cp\u003eSummary 17\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3: Interfacing with the Organization 19\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAn Enterprise Security Methodology 19\u003c\/p\u003e \u003cp\u003eKey Questions to Manage Risk 27\u003c\/p\u003e \u003cp\u003eSummary 32\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II: Security Principles and Practices\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4: Information System Security Principles 35\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eKey Principles of Network Security 35\u003c\/p\u003e \u003cp\u003eFormal Processes 37\u003c\/p\u003e \u003cp\u003eRisk Management 60\u003c\/p\u003e \u003cp\u003eCalculating and Managing Risk 70\u003c\/p\u003e \u003cp\u003eSummary 71\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5: Information System Security Management 73\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecurity Policies 73\u003c\/p\u003e \u003cp\u003eSecurity Awareness 77\u003c\/p\u003e \u003cp\u003eManaging the Technical Effort 79\u003c\/p\u003e \u003cp\u003eConfiguration Management 87\u003c\/p\u003e \u003cp\u003eBusiness Continuity and Disaster Recovery Planning 90\u003c\/p\u003e \u003cp\u003ePhysical Security 98\u003c\/p\u003e \u003cp\u003eLegal and Liability Issues 105\u003c\/p\u003e \u003cp\u003eSummary 107\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6: Access Control 109\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eControl Models 109\u003c\/p\u003e \u003cp\u003eTypes of Access Control Implementations 112\u003c\/p\u003e \u003cp\u003eIdentification and Authentication 115\u003c\/p\u003e \u003cp\u003eDatabases 121\u003c\/p\u003e \u003cp\u003eRemote Access 123\u003c\/p\u003e \u003cp\u003eSummary 125\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7: Attacks and Threats 127\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eMalicious Code 127\u003c\/p\u003e \u003cp\u003eReview of Common Attacks 129\u003c\/p\u003e \u003cp\u003eExternal Attack Methodologies Overview 136\u003c\/p\u003e \u003cp\u003eInternal Threat Overview 140\u003c\/p\u003e \u003cp\u003eSummary 142\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart III: Operating Systems and Applications\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8: Windows Security 145\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWindows Security at the Heart of the Defense 147\u003c\/p\u003e \u003cp\u003eOut-of-the-Box Operating System Hardening 151\u003c\/p\u003e \u003cp\u003eInstalling Applications 171\u003c\/p\u003e \u003cp\u003ePutting the Workstation on the Network 175\u003c\/p\u003e \u003cp\u003eOperating Windows Safely 177\u003c\/p\u003e \u003cp\u003eUpgrades and Patches 191\u003c\/p\u003e \u003cp\u003eMaintain and Test the Security 194\u003c\/p\u003e \u003cp\u003eAttacks Against the Windows Workstation 198\u003c\/p\u003e \u003cp\u003eSummary 205\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9: UNIX and Linux Security 207\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Focus of UNIX\/Linux Security 207\u003c\/p\u003e \u003cp\u003ePhysical Security 212\u003c\/p\u003e \u003cp\u003eControlling the Configuration 217\u003c\/p\u003e \u003cp\u003eOperating UNIX Safely 224\u003c\/p\u003e \u003cp\u003eHardening UNIX 245\u003c\/p\u003e \u003cp\u003eSummary 253\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10: Web Browser and Client Security 255\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWeb Browser and Client Risk 255\u003c\/p\u003e \u003cp\u003eHow a Web Browser Works 259\u003c\/p\u003e \u003cp\u003eWeb Browser Attacks 268\u003c\/p\u003e \u003cp\u003eOperating Safely 271\u003c\/p\u003e \u003cp\u003eWeb Browser Configurations 276\u003c\/p\u003e \u003cp\u003eSummary 286\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11: Web Security 287\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Is HTTP? 287\u003c\/p\u003e \u003cp\u003eHow Does HTTP Work? 289\u003c\/p\u003e \u003cp\u003eServer Content 301\u003c\/p\u003e \u003cp\u003eClient Content 303\u003c\/p\u003e \u003cp\u003eState 309\u003c\/p\u003e \u003cp\u003eAttacking Web Servers 315\u003c\/p\u003e \u003cp\u003eWeb Services 317\u003c\/p\u003e \u003cp\u003eSummary 321\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12: Electronic mail (E-mail) Security 323\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe E-mail Risk 323\u003c\/p\u003e \u003cp\u003eThe E-mail Protocols 340\u003c\/p\u003e \u003cp\u003eE-mail Authentication 345\u003c\/p\u003e \u003cp\u003eOperating Safely When Using E-mail 348\u003c\/p\u003e \u003cp\u003eSummary 355\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 13: Domain Name System 357\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDNS Basics 358\u003c\/p\u003e \u003cp\u003ePurpose of DNS 364\u003c\/p\u003e \u003cp\u003eSetting Up DNS 375\u003c\/p\u003e \u003cp\u003eSecurity Issues with DNS 377\u003c\/p\u003e \u003cp\u003eDNS Attacks 384\u003c\/p\u003e \u003cp\u003eDesigning DNS 386\u003c\/p\u003e \u003cp\u003eMaster Slave DNS 388\u003c\/p\u003e \u003cp\u003eDetailed DNS Architecture 388\u003c\/p\u003e \u003cp\u003eDNS SEC 389\u003c\/p\u003e \u003cp\u003eSummary 393\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 14: Server Security 395\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGeneral Server Risks 395\u003c\/p\u003e \u003cp\u003eSecurity by Design 396\u003c\/p\u003e \u003cp\u003eOperating Servers Safely 413\u003c\/p\u003e \u003cp\u003eServer Applications 417\u003c\/p\u003e \u003cp\u003eMulti-Level Security and Digital Rights Management 421\u003c\/p\u003e \u003cp\u003eSummary 427\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart IV: Network Security Fundamentals\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 15: Network Protocols 431\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eProtocols 431\u003c\/p\u003e \u003cp\u003eThe Open Systems Interconnect Model 432\u003c\/p\u003e \u003cp\u003eThe OSI Layers 433\u003c\/p\u003e \u003cp\u003eThe TCP\/IP Model 439\u003c\/p\u003e \u003cp\u003eTCP\/IP Model Layers 441\u003c\/p\u003e \u003cp\u003eInternet Protocol 442\u003c\/p\u003e \u003cp\u003eVoIP 450\u003c\/p\u003e \u003cp\u003eSummary 457\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 16: Wireless Security 459\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eElectromagnetic Spectrum 459\u003c\/p\u003e \u003cp\u003eThe Cellular Phone Network 462\u003c\/p\u003e \u003cp\u003ePlacing a Cellular Telephone Call 464\u003c\/p\u003e \u003cp\u003eWireless Transmission Systems 469\u003c\/p\u003e \u003cp\u003ePervasive Wireless Data Network Technologies 473\u003c\/p\u003e \u003cp\u003eIEEE Wireless LAN Specifications 478\u003c\/p\u003e \u003cp\u003eIEEE 802.11 480\u003c\/p\u003e \u003cp\u003eIEEE 802.11 Wireless Security 485\u003c\/p\u003e \u003cp\u003eBluetooth 503\u003c\/p\u003e \u003cp\u003eWireless Application Protocol 504\u003c\/p\u003e \u003cp\u003eFuture of Wireless 506\u003c\/p\u003e \u003cp\u003eSummary 508\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 17: Network Architecture Fundamentals 509\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eNetwork Segments 510\u003c\/p\u003e \u003cp\u003ePerimeter Defense 511\u003c\/p\u003e \u003cp\u003eNetwork Address Translation 511\u003c\/p\u003e \u003cp\u003eBasic Architecture Issues 513\u003c\/p\u003e \u003cp\u003eSubnetting, Switching, and VLANs 516\u003c\/p\u003e \u003cp\u003eAddress Resolution Protocol and Media Access Control 517\u003c\/p\u003e \u003cp\u003eDynamic Host Configuration Protocol and Addressing Control 518\u003c\/p\u003e \u003cp\u003eZero Configuration Networks 519\u003c\/p\u003e \u003cp\u003eSystem Design and Architecture Against Insider Threats 525\u003c\/p\u003e \u003cp\u003eCommon Attacks 528\u003c\/p\u003e \u003cp\u003eSummary 529\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 18: Firewalls 531\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFirewalls 531\u003c\/p\u003e \u003cp\u003eFirewall Rules 537\u003c\/p\u003e \u003cp\u003eThe Use of Personal Firewalls 542\u003c\/p\u003e \u003cp\u003eSummary 548\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 19: Intrusion Detection\/Prevention 549\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntrusion Detection Systems 549\u003c\/p\u003e \u003cp\u003eResponses to Intrusion Detection 556\u003c\/p\u003e \u003cp\u003eEmerging Technologies in Intrusion Detection Systems 556\u003c\/p\u003e \u003cp\u003eSummary 567\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart V: Communication\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 20: Secret Communication 571\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat is Cryptography? 572\u003c\/p\u003e \u003cp\u003eGeneral Terms 576\u003c\/p\u003e \u003cp\u003ePrinciples of Cryptography 577\u003c\/p\u003e \u003cp\u003eThe Four Cryptographic Primitives 587\u003c\/p\u003e \u003cp\u003ePutting These Primitives Together to Achieve CIA 602\u003c\/p\u003e \u003cp\u003eThe Difference Between Algorithm and Implementation 603\u003c\/p\u003e \u003cp\u003eProprietary Versus Open Source Algorithms 606\u003c\/p\u003e \u003cp\u003eAttacks on Hash Functions 607\u003c\/p\u003e \u003cp\u003eQuantum Cryptography 617\u003c\/p\u003e \u003cp\u003eSummary 628\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 21: Covert Communication 631\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhere Hidden Data Hides 631\u003c\/p\u003e \u003cp\u003eWhere Did It Come From? 633\u003c\/p\u003e \u003cp\u003eWhere Is It Going? 633\u003c\/p\u003e \u003cp\u003eOverview of Steganography 634\u003c\/p\u003e \u003cp\u003eHistory of Steganography 639\u003c\/p\u003e \u003cp\u003eCore Areas of Network Security and Their Relation to Steganography 641\u003c\/p\u003e \u003cp\u003ePrinciples of Steganography 643\u003c\/p\u003e \u003cp\u003eSteganography Compared to Cryptography 644\u003c\/p\u003e \u003cp\u003eTypes of Steganography 646\u003c\/p\u003e \u003cp\u003eProducts That Implement Steganography 654\u003c\/p\u003e \u003cp\u003eSteganography Versus Digital Watermarking 673\u003c\/p\u003e \u003cp\u003eTypes of Digital Watermarking 675\u003c\/p\u003e \u003cp\u003eGoals of Digital Watermarking 676\u003c\/p\u003e \u003cp\u003eDigital Watermarking and Stego 676\u003c\/p\u003e \u003cp\u003eSummary 679\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 22: Applications of Secure\/Covert Communication 681\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eE-mail 682\u003c\/p\u003e \u003cp\u003eAuthentication Servers 685\u003c\/p\u003e \u003cp\u003eWorking Model 686\u003c\/p\u003e \u003cp\u003ePublic Key Infrastructure 688\u003c\/p\u003e \u003cp\u003eVirtual Private Networks 692\u003c\/p\u003e \u003cp\u003eSecure Sockets Layer\/Transport Layer Security 699\u003c\/p\u003e \u003cp\u003eSSL Handshake 700\u003c\/p\u003e \u003cp\u003eSummary 704\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart VI: The Security Threat and Response\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 23: Intrusion Detection and Response 707\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntrusion Detection Mechanisms 707\u003c\/p\u003e \u003cp\u003eHoneypots 712\u003c\/p\u003e \u003cp\u003eIncident Handling 716\u003c\/p\u003e \u003cp\u003eSummary 727\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 24: Digital Forensics 729\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eComputer Forensics Defined 730\u003c\/p\u003e \u003cp\u003eTraditional Computer Forensics 730\u003c\/p\u003e \u003cp\u003eProactive Forensics 746\u003c\/p\u003e \u003cp\u003eFuture Research Areas 748\u003c\/p\u003e \u003cp\u003eThe Forensic Life Cycle 750\u003c\/p\u003e \u003cp\u003eSummary 750\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 25: Security Assessments, Testing, and Evaluation 751\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInformation Assurance Approaches and Methodologies 751\u003c\/p\u003e \u003cp\u003eCertification and Accreditation 756\u003c\/p\u003e \u003cp\u003eDiacap 760\u003c\/p\u003e \u003cp\u003eFederal Information Processing Standard 102 763\u003c\/p\u003e \u003cp\u003eOMB Circular A-130 764\u003c\/p\u003e \u003cp\u003eThe National Institute of Standards and Technology Assessment Guidelines 765\u003c\/p\u003e \u003cp\u003ePenetration Testing 770\u003c\/p\u003e \u003cp\u003eAuditing and Monitoring 772\u003c\/p\u003e \u003cp\u003eSummary 774\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart VII: Integrated Cyber Security\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 26: Validating Your Security 777\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eOverview 777\u003c\/p\u003e \u003cp\u003eCurrent State of Penetration Testing 780\u003c\/p\u003e \u003cp\u003eFormal Penetration Testing Methodology 783\u003c\/p\u003e \u003cp\u003eSteps to Exploiting a System 787\u003c\/p\u003e \u003cp\u003eSummary 795\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 27: Data Protection 797\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEndpoint Security 799\u003c\/p\u003e \u003cp\u003eInsider Threats and Data Protection 805\u003c\/p\u003e \u003cp\u003eSummary 806\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 28: Putting Everything Together 809\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCritical Problems Facing Organizations 809\u003c\/p\u003e \u003cp\u003eGeneral Tips for Protecting a Site 815\u003c\/p\u003e \u003cp\u003eSecurity Best Practices 819\u003c\/p\u003e \u003cp\u003eSummary 834\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 29: The Future 835\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eApproaching the Problem 835\u003c\/p\u003e \u003cp\u003eMission Resilience 837\u003c\/p\u003e \u003cp\u003eLimiting Failure Points 844\u003c\/p\u003e \u003cp\u003eSummary 847\u003c\/p\u003e \u003cp\u003eIndex 849\u003c\/p\u003e \u003cp\u003eEric Cole holds a PhD and CISSP and has been a security consultant for international banks and the Fortune 500. He made his mark working for the CIA for more than seven years and as a member of the Honeynet Project. He was also a member of the Commission on Cyber Security for the 44th Presidency. He has appeared as a security expert on CBS News and 60 Minutes and is a regular security expert for CNN Headline News. \u003c\/p\u003e   \u003cp\u003eComplements your Cisco Academy course instruction in networking security!\u003c\/p\u003e \u003cp\u003eNetwork Security Bible\u003c\/p\u003e \u003cp\u003eSecond Edition\u003c\/p\u003e \u003cp\u003eEric Cole\u003c\/p\u003e \u003cp\u003eUnderstand the changing security landscape\u003c\/p\u003e \u003cp\u003eLearn the latest approaches and best practices\u003c\/p\u003e \u003cp\u003eSecure your enterprise and data worldwide\u003c\/p\u003e \u003cp\u003eThe book you need to succeed!\u003c\/p\u003e \u003cp\u003eIf you're in charge of network security, you need this book\u003c\/p\u003e \u003cp\u003eSince the first edition of this comprehensive guide, cyber threats have increased, the stakes have gotten higher, and what is considered state of the art security has evolved. This packed new edition, thoroughly revised to cover the very latest techniques, is the detailed wall-to-wall resource you need to keep your network secure. Understand the changing threats, find out what defense in depth means and why you need it, learn best practices, and take control with this must-have book.\u003c\/p\u003e \u003cul\u003e \u003cli\u003e \u003cp\u003eUnderstand current threats and attacks and how they succeed\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eAnswer 30 critical questions and see how your network security is today\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eConsider mission resilience and make sure your critical functions survive\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eMaster crypto, steganography, VPN, and other covert communications\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eLearn effective techniques for Windows®, Linux®, browser, e-mail, and wireless security\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eExplore the basics of digital forensics, including evidence preservation\u003c\/p\u003e \u003c\/li\u003e \u003cli\u003e \u003cp\u003eDo risk analysis, make a global plan, and prepare for business continuity and recovery\u003c\/p\u003e \u003c\/li\u003e \u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47989681324261,"sku":"NP9780470502495","price":59.99,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9780470502495.jpg?v=1761785081","url":"https:\/\/k12savings.com\/es\/products\/network-security-bible-isbn-9780470502495","provider":"K12savings","version":"1.0","type":"link"}