Introduction to Information Security

Introduction to Information Security

A Strategic-Based Approach

1st Edition - November 12, 2013
This is the Latest Edition
  • Authors: Timothy Shimeall, Jonathan Spring
  • Paperback ISBN: 9781597499699
  • eBook ISBN: 9781597499729

Purchase options

Purchase options
Available
DRM-free (Mobi, PDF, EPub)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

Most introductory texts provide a technology-based survey of methods and techniques that leaves the reader without a clear understanding of the interrelationships between methods and techniques. By providing a strategy-based introduction, the reader is given a clear understanding of how to provide overlapping defenses for critical information. This understanding provides a basis for engineering and risk-management decisions in the defense of information. Information security is a rapidly growing field, with a projected need for thousands of professionals within the next decade in the government sector alone. It is also a field that has changed in the last decade from a largely theory-based discipline to an experience-based discipline. This shift in the field has left several of the classic texts with a strongly dated feel.

Key Features

  • Provides a broad introduction to the methods and techniques in the field of information security
  • Offers a strategy-based view of these tools and techniques, facilitating selection of overlapping methods for in-depth defense of information
  • Provides very current view of the emerging standards of practice in information security

Readership

Students in Intro to Security courses, Network and System Administrators, IT Professionals

Table of Contents

  • Acknowledgments

    Legal Acknowledgments

    Introduction

    Approach of this Book

    Classroom Use

    Support Materials

    Chapter 1. Motivation and Security Definitions

    Information in this chapter

    Introduction

    Information Security and its Motivation

    Terminology: Vulnerabilities of Software, Exploits, Malware, Intrusions, and Controls

    Security Risk Management

    How to use this Book

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 2. Strategies and Security

    Information in this chapter

    Introduction

    Security Strategies

    Attack Strategies

    Defense Strategies

    Security Controls

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Part 1: Deception

    Chapter 3. Deception Strategies: Networks, Organization, and Structures

    Information in this chapter

    Introduction

    How the Internet Works

    Deception and Network Organization

    Outsourcing

    Application Hosting

    Dynamic Addressing

    Summary

    Chapter Review Questions

    Chapter Exercises

    References

    Chapter 4. Deception Strategies: Defensive Technologies

    Information in this chapter

    Introduction

    Internet Protocols

    Proxies and Gateways

    Honeypots and Honeynets

    Tarpits

    Virtual Hosts

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Part 2: Frustration

    Chapter 5. Frustration Strategies: Technical Controls

    Information in this chapter

    Introduction

    Minimization Goals and Objectives

    Asymmetry in Information Security

    Host Hardening

    Network Devices and Minimization

    Network Architecture and Frustration

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 6. Frustration Strategies: Formal Verification

    Information in this chapter

    Introduction

    Formal Models and Model Verification

    Discretionary Models

    Confidentiality Models

    Integrity Models

    Limits of Formal Models

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Part 3: Resistance

    Chapter 7. Resistance Strategies: Authentication and Permissions

    Information in this chapter

    Introduction

    Authentication and Permission Goals and Objectives

    Authentication Methods

    Authentication Systems

    Permissions and Access Control

    Attacks

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 8. Resistance Strategies: Symmetric Encryption

    Information in this chapter

    Introduction

    Encryption Concepts

    Symmetric Encryption

    Asymmetric Encryption

    Key Management and Distribution

    Computer Identification

    Steganography

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 9. Resistance Strategies: Partitioning and Need to Know

    Information in this chapter

    Introduction

    Outsider and Insider Threat

    Internal Security Partitions

    Need to Know

    Policy Management

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 10. Change Management

    Information in this chapter

    Introduction

    Change Management Versus Configuration Management

    Why Use Change and Configuration Management Systems

    Change Management Process

    Minor or Insignificant Change Process

    Automation of the Change Process

    Change Management and Security-Related Issues

    Change Management and Software Control Issues

    Change Management Documentation

    Patch Management

    Configuration Management System

    Software Configuration Management

    Network Configuration Management System

    Configuration Management Database

    Certification

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Part 4: Recognition/Recovery

    Chapter 11. Network Analysis and Forensics

    Information in this chapter

    Introduction

    Introduction to the OSI Model

    Analysis for Managers

    Flow-Level Analysis

    Metadata Analysis

    Application-Level Analysis

    Signature Analysis

    Full-Packet Capture

    Network Forensics

    Sensor Network Architecture

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 12. Recognition Strategies: Intrusion Detection and Prevention

    Information in this chapter

    Introduction

    Why Intrusion Detection

    Network Intrusion Detection Pitfalls

    Modes of Intrusion Detection

    Network Behavior Analyzers

    Wireless IDPS

    Network Intrusion Prevention Systems

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 13. Digital Forensics

    Information in this chapter

    Introduction

    Uses of Digital Forensics

    Forensic Fundamentals

    Hashing

    Technology

    Onsite Collections

    Final Report

    Organizational Preparedness

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 14. Recognition Strategies: Integrity Detection

    Information in this chapter

    Introduction

    Checksums

    Cryptographic Integrity Detection

    Rule-Based Integrity Checking

    Content Comparisons

    An Example: GPS

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 15. Recovery of Security

    Information in this chapter

    Introduction

    Emergency Management

    Recovery Priorities

    Building a Response Policy

    Recovery from Accidents: Continuity of Operations

    Recovery from Malicious Events

    Incident Handling

    Incorporating Lessons Learned

    Summary

    References

    Chapter Review Questions

    Chapter Exercises

    Chapter 16. Professional Certifications and Overall Conclusions

    Information in this chapter

    Introduction

    Professional Certifications

    Tying the Pieces Together

    Where to Go from Here

    References

    Chapter Review Questions

    Chapter Exercises

    Index

Product details

  • No. of pages: 382
  • Language: English
  • Copyright: © Syngress 2013
  • Published: November 12, 2013
  • Imprint: Syngress
  • Paperback ISBN: 9781597499699
  • eBook ISBN: 9781597499729
  • About the Authors

    Timothy Shimeall

    Dr. Timothy Shimeall is an Adjunct Professor of the Heinz College of Carnegie Mellon University, with teaching and research interests focused in the area of information survivability. He is an active instructor in information security management and information warfare, and has led a variety of survivability-related independent studies. Tim is also a senior member of the technical staff with the CERT Network Situational Awareness Group of Carnegie Mellon’s Software Engineering Institute, where he is responsible for overseeing and participating in the development of analysis methods in the area of network systems security and survivability. This work includes development of methods to identify trends in security incidents and in the development of software used by computer and network intruders. Of particular interest are incidents affecting defended systems and malicious software that are effective despite common defenses. Prior to his time at Carnegie Mellon, Tim was an Associate Professor at the Naval Postgraduate School in Monterey, CA.

    Affiliations and Expertise

    Timothy J. Shimeall, Ph.D. in Information and Computer Science, adjunct professor at Carnegie Mellon.

    Jonathan Spring

    Jonathan Spring is a member of the technical staff with the CERT Network Situational Awareness Group of the Software Engineering Institute, Carnegie Mellon University. He began working at CERT in 2009. He also serves as an adjunct professor at the University of Pittsburgh’s School of Information Sciences. His current research topics include monitoring cloud computing and DNS traffic analysis. He holds a Master’s degree in information security and a Bachelor’s degree in philosophy from the University of Pittsburgh.

    Affiliations and Expertise

    Software Engineering Institute, Carnegie Mellon University.