Introduction Chapter 1: Introduction to Computer Security Introduction How Seriously Should You Take Threats to Network Security? Identifying Types of Threats Malware Compromising System Security DoS Attacks Web Attacks Session Hijacking Insider Threats DNS Poisoning New Attacks Assessing the Likelihood of an Attack on Your Network Basic Security Terminology Hacker Slang Professional Terms Concepts and Approaches How Do Legal Issues Impact Network Security? Online Security Resources CERT Microsoft Security Advisor F-Secure SANS Institute Summary Test Your Skills Chapter 2: Networks and the Internet Introduction Network Basics The Physical Connection: Local Networks Faster Connection Speeds Data Transmission How the Internet Works IP Addresses CIDR Uniform Resource Locators What Is a Packet? Basic Communications History of the Internet Basic Network Utilities IPConfig Ping Tracert Netstat NSLookup Other Network Devices Advanced Network Communications Topics The OSI Model Media Access Control (MAC) Addresses Summary Test Your Skills Chapter 3: Cyber Stalking, Fraud, and Abuse Introduction How Internet Fraud Works Investment Offers Auction Frauds Identity Theft Phishing Cyber Stalking Real Cyber Stalking Cases How to Evaluate Cyber Stalking Crimes Against Children Laws About Internet Fraud Protecting Yourself Against Cyber Crime Protecting Against Investment Fraud Protecting Against Identity Theft Secure Browser Settings Summary Test Your Skills Chapter 4: Denial of Service Attacks Introduction DoS Illustrating an Attack Common Tools Used for DoS DoS Weaknesses Specific DoS Attacks Land Attack DDoS Summary Test Your Skills Chapter 5: Malware Introduction Viruses How a Virus Spreads Types of Viruses Virus Examples Rombertik Gameover ZeuS CryptoLocker and CryptoWall FakeAV MacDefender Troj/Invo-Zip W32/Netsky-P The Sobig Virus The Mimail Virus The Bagle Virus A Nonvirus Virus Flame Rules for Avoiding Viruses Trojan Horses The Buffer-Overflow Attack The Sasser Virus/Buffer Overflow Spyware Legal Uses of Spyware How Is Spyware Delivered to a Target System? Obtaining Spyware Software Other Forms of Malware Rootkit Malicious Web-Based Code Logic Bombs Spam Advanced Persistent Threats Detecting and Eliminating Viruses and Spyware Antivirus Software Antispyware Software Remediation Steps Summary Test Your Skills Chapter 6: Techniques Used by Hackers Introduction Basic Terminology The Reconnaissance Phase Passive Scanning Techniques Active Scanning Techniques Actual Attacks SQL Script Injection Cross-Site Scripting Password Cracking Malware Creation Windows Hacking Techniques Penetration Testing NIST 800-115 National Security Agency Information Assessment Methodology PCI Penetration Testing Standard Summary Test Your Skills Chapter 7: Industrial Espionage in Cyberspace Introduction What Is Industrial Espionage? Information as an Asset Real-World Examples of Industrial Espionage Example 1: Houston Astros Example 2: University Trade Secrets Example 3: VIA Technology Example 4: General Motors Example 5: Bloomberg, Inc. Example 6: Interactive Television Technologies, Inc. Trends in Industrial Espionage Industrial Espionage and You How Does Espionage Occur? Low-Tech Industrial Espionage Spyware Used in Industrial Espionage Steganography Used in Industrial Espionage Phone Taps and Bugs Protecting Against Industrial Espionage Industrial Espionage Act Spear Phishing Summary Test Your Skills Chapter 8: Encryption Introduction Cryptography Basics History of Encryption The Caesar Cipher Atbash Multi-Alphabet Substitution Rail Fence Enigma Binary Operations Modern Methods Single-Key (Symmetric) Encryption Modification of Symmetric Methods Public Key (Asymmetric) Encryption PGP Legitimate Versus Fraudulent Encryption Methods Digital Signatures Hashing MD5 SHA RipeMD MAC and HMAC Rainbow Tables Steganography Historical Steganography Methods and Tools Cryptanalysis Frequency Analysis Modern Methods Cryptography Used on the Internet Summary Test Your Skills Chapter 9: Computer Security Technology Introduction Virus Scanners How Does a Virus Scanner Work? Virus-Scanning Techniques Commercial Antivirus Software Firewalls Benefits and Limitation of Firewalls Firewall Types and Components Firewall Configurations Commercial and Free Firewall Products Firewall Logs Antispyware IDS IDS Categorization Identifying an Intrusion IDS Elements Snort Honey Pots Database Activity Monitoring Other Preemptive Techniques Authentication Digital Certificates SSL/TLS Virtual Private Networks Point-to-Point Tunneling Protocol Layer 2 Tunneling Protocol IPsec Wi-Fi Security Wired Equivalent Privacy Wi-Fi Protected Access WPA2 Summary Test Your Skills Chapter 10: Security Policies Introduction What Is a Policy? Defining User Policies Passwords Internet Use Email Usage Installing/Uninstalling Software Instant Messaging Desktop Configuration Bring Your Own Device Final Thoughts on User Policies Defining System Administration Policies New Employees Departing Employees Change Requests Security Breaches Virus Infection DoS Attacks Intrusion by a Hacker Defining Access Control Developmental Policies Standards, Guidelines, and Procedures Data Classification DoD Clearances Disaster Recovery Disaster Recovery Plan Business Continuity Plan Impact Analysis? Fault Tolerance Important Laws HIPAA Sarbanes-Oxley Payment Card Industry Data Security Standards Summary Test Your Skills Chapter 11: Network Scanning and Vulnerability Scanning Introduction Basics of Assessing a System Patch Ports Protect Policies Probe Physical Securing Computer Systems Securing an Individual Workstation Securing a Server Securing a Network Scanning Your Network MBSA NESSUS Getting Professional Help Summary Test Your Skills Chapter 12: Cyber Terrorism and Information Warfare Introduction Actual Cases of Cyber Terrorism The Chinese Eagle Union China's Advanced Persistent Threat India and Pakistan Russian Hackers Weapons of Cyber Warfare Stuxnet Flame StopGeorgia.ru Malware FinFisher BlackEnergy NSA ANT Catalog Economic Attacks Military Operations Attacks General Attacks Supervisory Control and Data Acquisitions (SCADA) Information Warfare Propaganda Information Control Disinformation Actual Cases Future Trends Positive Trends Negative Trends Defense Against Cyber Terrorism Terrorist Recruiting and Communication TOR and the Dark Web Summary Test Your Skills Chapter 13: Cyber Detective Introduction General Searches Court Records and Criminal Checks Sex Offender Registries Civil Court Records Other Resources Usenet Summary Test Your Skills Chapter 14: Introduction to Forensics Introduction General Guidelines Don't Touch the Suspect Drive Image a Drive with Forensic Toolkit Can You Ever Conduct Forensics on a Live Machine? Document Trail Secure the Evidence Chain of Custody FBI Forensics Guidelines U.S. Secret Service Forensics Guidelines EU Evidence Gathering Scientific Working Group on Digital Evidence Locard's Principle of Transference Tools Finding Evidence on the PC Finding Evidence in the Browser Finding Evidence in System Logs Windows Logs Linux Logs Getting Back Deleted Files Operating System Utilities Net Sessions Openfiles Fc Netstat The Windows Registry Specific Entries Mobile Forensics: Cell Phone Concepts Cell Concepts Module Cellular Networks iOS Android Windows What You Should Look For The Need for Forensic Certification Expert Witnesses Federal Rule 702 Daubert Additional Types of Forensics Network Forensics Virtual Forensics Summary Test Your Skills Appendix A: Glossary Appendix B: Resources Appendix C: Answers to the Multiple Choice Questions.

This guide covers web attacks, hacking, spyware, network defense, security appliances, VPNs, password use, and much more. Its many tips and examples reflect new industry trends and the state-of-the-art in both attacks and defense. Exercises, projects, and review questions in every chapter help you deepen your understanding and apply all you’ve learned.