Cybersecurity Essentials
Description
Cybersecurity Essentials provides a comprehensive introduction to the field, with expert coverage of essential topics required for entry-level cybersecurity certifications. An effective defense consists of four distinct challenges: securing the infrastructure, securing devices, securing local networks, and securing the perimeter. Overcoming these challenges requires a detailed understanding of the concepts and practices within each realm. This book covers each challenge individually for greater depth of information, with real-world scenarios that show what vulnerabilities look like in everyday computing scenarios. Each part concludes with a summary of key concepts, review questions, and hands-on exercises, allowing you to test your understanding while exercising your new critical skills.
Cybersecurity jobs range from basic configuration to advanced systems analysis and defense assessment. This book provides the foundational information you need to understand the basics of the field, identify your place within it, and start down the security certification path.
* Learn security and surveillance fundamentals
* Secure and protect remote access and devices
* Understand network topologies, protocols, and strategies
* Identify threats and mount an effective defense
Cybersecurity Essentials gives you the building blocks for an entry level security certification and provides a foundation of cybersecurity knowledge
More details
Other editions
Additional editions
Persons
CHRISTOPHER GROW is the president of A.C.C.N.S. Consulting and the Technichal Services manager for Educational Technologies Group L.L.C. with 20+ years of IT/IS and cyber security experience.
PHILIP CRAIG is the founder of BlackByte Cyber Security, LLC, a consultancy supporting the Pacific Northwest National Laboratory (PNNL) research and national security agendas.
DONALD SHORT is the President of One World Telecommunications, Inc., an Internet Service Provider in Kennewick.
Content
- Cover
- Title Page
- Copyright
- Acknowledgments
- About the Authors
- Contents
- Introduction
- Security Challenges
- Who Should Read This Book
- What You Will Learn
- What Is Covered in This Book
- The Essentials Series
- How to Contact the Author
- Part I Securing the Infrastructure
- Chapter 1 Infrastructure Security in the Real World
- Security Challenges
- Infrastructure Security Scenario 1
- Infrastructure Security Scenario 2
- Summary
- Chapter 2 Understanding Access-Control and Monitoring Systems
- A Quick Primer on Infrastructure Security
- Access Control
- Security Policies
- Physical Security Controls
- Locks and Keys
- Standard Key-Locking Deadbolts
- Solenoid-Operated Deadbolt Locks
- Cipher Locks
- Access-Control Gates
- Sliding Gates
- Swinging Gates
- Control Relays
- Authentication Systems
- Magnetic Stripe Readers
- Smart Cards
- RFID Badges
- Biometric Scanners
- Remote-Access Monitoring
- Opened- and Closed-Condition Monitoring
- Automated Access-Control Systems
- Hands-On Exercises
- Discussion
- Procedure
- Review Questions
- Chapter 3 Understanding Video Surveillance Systems
- Video Surveillance Systems
- Cameras
- Hands-On Exercises
- Discussion
- Procedure
- Review Questions
- Chapter 4 Understanding Intrusion-Detection and Reporting Systems
- Intrusion-Detection and Reporting Systems
- Security Controllers
- Sensors
- Vehicle-Detection Sensors
- Fire-Detection Sensors
- Output Devices
- Hands-On Exercises
- Discussion
- Procedure
- Review Questions
- Chapter 5 Infrastructure Security: Review Questions and Hands-On Exercises
- Summary Points
- Security Challenge Scenarios
- Infrastructure Security Scenario 1
- Infrastructure Security Scenario 2
- Professional Feedback
- Review Questions
- Exam Questions
- Part II Securing Local Hosts
- Chapter 6 Local Host Security in the Real World
- Security Challenges
- Computing Device Security Scenario 1
- Computing Device Security Scenario 2
- Summary
- Chapter 7 Securing Devices
- The Three Layers of Security
- Securing Host Devices
- Securing Outer-Perimeter Portals
- Additional Inner-Perimeter Access Options
- Hands-On Exercises
- Objectives
- Procedure
- Review Questions
- Chapter 8 Protecting the Inner Perimeter
- The Inner Perimeter
- Operating Systems
- Operating System Security Choices
- Common Operating System Security Tools
- Using Local Administrative Tools
- Implementing Data Encryption
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Tables
- Lab Questions
- Chapter 9 Protecting Remote Access
- Protecting Local Computing Devices
- Using a Secure Connection
- Establishing and Using a Firewall
- Installing and Using Anti-Malware Software
- Removing Unnecessary Software
- Disabling Nonessential Services
- Disabling Unnecessary OS Default Features
- Securing the Web Browser
- Applying Updates and Patches
- Requiring Strong Passwords
- Implementing Local Protection Tools
- Software-Based Local Firewalls
- Using Local Intrusion-Detection Tools
- Profile-Based Anomaly-Detection Systems
- Threshold-Based Anomaly-Detection Systems
- Configuring Browser Security Options
- Configuring Security Levels
- Configuring Script Support
- Defending Against Malicious Software
- Using Antivirus Programs
- Using Antispyware
- Hardening Operating Systems
- Service Packs
- Patches
- Updates
- Overseeing Application Software Security
- Software Exploitation
- Applying Software Updates and Patches
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Tables
- Lab Questions
- Chapter 10 Local Host Security: Review Questions and Hands-On Exercises
- Summary Points
- Security Challenge Scenarios
- Computing Device Security Scenario 1
- Computing Device Security Scenario 2
- Professional Feedback
- Review Questions
- Exam Questions
- Part III Securing Local Networks
- Chapter 11 Local Network Security in the Real World
- Security Challenges
- Local Network Security Scenario 1
- Local Network Security Scenario 2
- Summary
- Chapter 12 Networking Basics
- Understanding the Basics of Networking
- Campus Area Networks or Corporate Area Networks (CANs)
- Metropolitan Area Networks (MANs)
- Wireless Local Area Networks (WLANs)
- Storage Area Networks (SANs)
- The OSI Networking Model
- Layer 1: Physical
- Layer 2: Data Link
- Layer 3: Network
- Layer 4: Transport
- Layer 5: Session
- Layer 6: Presentation
- Layer 7: Application
- Data Transmission Packets
- OSI Layer Security
- Network Topologies
- Bus Topology
- Ring Topology
- Star Topology
- Mesh Topology
- Logical Topologies
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedure
- Lab Questions
- Lab Answers
- Chapter 13 Understanding Networking Protocols
- The Basics of Networking Protocols
- MAC Addresses
- TCP/IP
- Ethernet
- Network Control Strategies
- Hands-On Exercises
- Objectives
- Discussion
- Procedures
- Lab Questions
- Lab Answers
- Chapter 14 Understanding Network Servers
- The Basics of Network Servers
- Server Security
- Network Administrators
- Server Software Security
- User Accounts
- Network Authentication Options
- Establishing Resource Controls
- Maintaining Server Security
- Vulnerability Scanning
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Lab Questions
- Lab Answers
- Chapter 15 Understanding Network Connectivity Devices
- Network Switches
- Routers
- Gateways
- Network Bridges
- Wireless Network Connectivity
- Network Connectivity Device Vulnerabilities
- Network Connectivity Device Attacks
- Network Connectivity Defense
- Network Hardening
- Hands-On Exercises
- Objectives
- Resources
- Procedures
- Lab Questions
- Lab Answers
- Chapter 16 Understanding Network Transmission Media Security
- The Basics of Network Transmission Media
- Copper Wire
- Light Waves
- Wireless Signals
- Transmission Media Vulnerabilities
- Securing Wireless Networks
- Hands-On Exercises
- Objectives
- Resources
- Procedure
- Lab Questions
- Lab Answers
- Chapter 17 Local Network Security: Review Questions
- Summary Points
- Security Challenge Scenarios
- Local Network Security Scenario 1
- Local Network Security Scenario 2
- Professional Feedback
- Review Questions
- Part IV Securing the Perimeter
- Chapter 18 Perimeter Security in the Real World
- Security Challenges
- Internet Security Scenario 1
- Internet Security Scenario 2
- Summary
- Chapter 19 Understanding the Environment
- The Basics of Internet Security
- Understanding the Environment
- Basic Internet Concepts
- Internet Services
- Standards and RFCs
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Lab Questions
- Lab Answers
- Chapter 20 Hiding the Private Network
- Understanding Private Networks
- Network Address Translation
- Port Address Translation
- Port Forwarding or Mapping
- Network Segmentation
- Software-Defined Networking
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedure
- Lab Questions
- Lab Answers
- Chapter 21 Protecting the Perimeter
- Understanding the Perimeter
- Firewalls
- Firewall Considerations
- Network Appliances
- Proxy Servers
- Demilitarized Zones (DMZs)
- Single-Firewall DMZs
- Dual-Firewall DMZs
- Honeypots
- Extranets
- Hands-On Exercises
- Objectives
- Resources
- Procedures
- Lab Questions
- Lab Answers
- Chapter 22 Protecting Data Moving Through the Internet
- Securing Data in Motion
- Authentication
- Encryption
- Cryptography
- Digital Certificates
- Hash Tables
- Cookies
- CAPTCHAs
- Virtual Private Networks
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Lab Questions
- Lab Answers
- Chapter 23 Tools and Utilities
- Using Basic Tools
- IFconfig/IPconfig
- Whois
- Nslookup
- PING
- Traceroute
- Telnet
- Secure Shell
- Monitoring Tools and Software
- Nagios
- SolarWinds
- Microsoft Network Monitor
- Wireshark
- Snort
- Nmap
- Nikto
- OpenVAS
- Metasploit
- The Browser Exploitation Framework (BeEF)
- Other Products
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Capturing a PING
- Lab Questions
- Lab Answers
- Chapter 24 Identifying and Defending Against Vulnerabilities
- Zero Day Vulnerabilities
- Software Exploits
- SQL Injection
- Java
- Other Software Exploits
- Social Engineering Exploits
- Phishing Attacks
- Network Threats and Attacks
- Broadcast Storms
- Session-Hijacking Attacks
- Dictionary Attacks
- Denial of Service (DoS) Attacks
- Tarpitting
- Spam
- Protecting Against Spam Exploits
- Other Exploits
- Transport Layer Security (TLS) Exploits
- FREAK Exploits
- Logjam Exploits
- Hands-On Exercises
- Objectives
- Resources
- Discussion
- Procedures
- Chapter 25 Perimeter Security: Review Questions and Hands-On Exercises
- Summary Points
- Security Scenario Review
- Network Security Scenario 1
- Network Security Scenario 2
- Professional Feedback
- Review Questions
- Exam Questions
- Appendix A Glossary
- Appendix B Acronyms
- Appendix C NIST Preliminary Cybersecurity Framework
- Index
- EULA
INTRODUCTION
Welcome to Cybersecurity Essentials. This book is designed to provide a solid theory and practical platform for cybersecurity personnel. Key information provided in this edition includes:
- Critical infrastructure security systems and devices
- Security for local intelligent computing, and controlling devices and systems
- Security for local area network components and systems
- Cybersecurity for users and networks attached to the Internet
Each chapter begins with a list of learning objectives that establishes a foundation and systematic preview of the chapter.
A wealth of graphic diagrams and screen shots are included in each chapter to provide constant visual reinforcement of the concepts being discussed.
Key thoughts, cautions, and warnings in the chapter are presented in special boxes to call extra attention to them. Key terms are presented in italic type throughout the text. These terms are also defined in a comprehensive glossary at the end of the book that provides quick, easy access to the key terms that appear in each chapter.
Each part concludes with an extensive key-points review of its material.
One of the driving forces in the ongoing development of cybersecurity initiatives in the United States is the National Institute of Standards and Technology's (NIST) Cybersecurity Frameworks. These frameworks have been developed to assist governmental and business organizations in the design and development of systems and techniques to provide security for their critical infrastructure.
Security Challenges
Another outstanding pedagogical feature of this book is the presentation of the scenario-based NIST Security Challenges placed at the beginning of each Part. At the beginning of each Part there are one or more scenario-based Security Challenges that present descriptions of a particular security setting related to the information that will be presented in the chapter. You will be asked to read the scenario, put on your security professional persona, and consider how you might go about exploiting the key assets of the scenario, then contemplate how you could go about establishing systems and strategies to protect those assets.
These challenges are designed to provide you with real, open-ended context that sets the expectation level for the material to be studied. Ideally, you will be considering how the theory and hands-on materials you encounter as you move through the chapter apply to those scenarios.
At the completion of each Part, you will be asked to return to these Security Challenges and create new observations based on your increased knowledge. You will also be asked to compare their observations to those of professional security specialists who have provided their feedback for these scenarios.
Who Should Read This Book
This book is intended for:
- Students preparing for a career in IT, networking, or cybersecurity
- Network professionals who want to improve their network security skills
- Management personnel who need to understand the cybersecurity threats they face and basic options for confronting those threats
If you're interested in certification for the CompTIA Security+ or Microsoft MTA - 98-367 Security Fundamentals Certification exams, this book can be a great resource to help you prepare. See https://certification.comptia.org/certifications/security and www.microsoft.com/en-us/learning/exam-98-367.aspx for more certification information and resources.
What You Will Learn
You will learn to apply a systematic approach to securing IT networks and infrastructure. This approach begins with addressing physical security concerns from the outer edge of the physical environment to the interior region where the most valuable assets are located. The first half of any security objective is to limit physical access to the assets. If you can't get to it, you can't steal, damage, or destroy it. You will learn to view physical security in terms of three perimeters and to implement the proper tools at each.
After securing the physical environment, you will explore tools and techniques used to secure local endpoint computing devices. Following the three-perimeter strategy developed for physical security, you will address the security of these devices from their outer edge to their most desirable asset: your data.
After the local endpoint devices have been secured, you will turn your attentions to securing the servers, connectivity devices, and transmission media that make up the balance of your local area network. You will learn to secure these devices to protect your IT assets within the connected environment that you control.
Finally, you will explore tools and techniques used to protect your data when it leaves the protection of the network you control and passes through unprotected territory: the Internet. This will include building network structures to protect your network from the bad people hiding in the Internet, as well as how to guard your data when it is traveling through their territory.
What Is Covered in This Book
This book is a basic training system designed to provide a solid theoretical understanding of cybersecurity challenges, tools, and techniques, as well as to develop the foundations of a professional cybersecurity skill set. This is accomplished in a progressive four-section process, as follows:
Part I-Infrastructure Security-This part introduces the concepts and techniques associated with physical infrastructure security devices, systems, and techniques used to combat theft, prevent physical damage, maintain system integrity and services, and limit unauthorized disclosure of information.
Chapter 1 presents two Infrastructure Security Scenarios for the reader to consider and research selected NIST Cybersecurity Framework Functions and Categories and then apply them to the given scenarios.
Chapter 2 deals with common Access Control systems for protecting physical infrastructure assets. This section contains information about different types of physical barriers and their associated monitoring and control systems. The Authentication Systems section that follows is a logical extension of the physical access control materials. Devices and systems covered in this portion of the chapter are used for controlling access and denial of access to key physical assets.
Next the material moves on to examine the components and operation of a typical physical security monitoring and notification system. In this section, security controllers, sensors, and enunciators are covered along with logical implementation strategies.
The material in Chapter 3 flows quite naturally to the addition of visual Surveillance Systems to the security monitoring system. Information contained in this section includes: surveillance cameras, video recorders, modulators, and switchers.
Chapter 4 completes the Infrastructure Security material with a section covering Intrusion detection and reporting systems.
Chapter 5 provides a Summary and Review for the Scenarios and chapters of Part I. This chapter includes a complete list of relevant Summary Points and a Review Quiz. It also returns the reader to the Scenarios that began the Infrastructure Security part so they can update their response to the scenario challenges and then compare them to the response generated by an active Cyber Security Professional.
Part II-Local Host Security-One of the most useful tools ever introduced to business, industry, government, and medicine is the personal computer. This chapter primarily deals with personal computers and focuses on security efforts at the local computer level.
Chapter 6 presents two Local Host Security Scenarios for the reader to consider and research selected NIST Cybersecurity Framework Functions and Categories and then apply them to the given scenarios.
Chapter 7 begins the Part II discussion with sections covering physically securing personal computing devices. Information covered here includes biometric authentication devices such as fingerprint scanners, smart cards, and RFID cards. The material then moves on to physical port access risks and solutions. Options for accessing the PC covered here include the USB and Firewire ports.
Chapter 8 provides an overview of operating system structures, security features, and tools across the spectrum of operating system suppliers. In addition, the chapter covers logical (software-based) authentication methods for access control at the user's level. Topics covered here include passwords and computer locking features. Finally, the chapter provides an overview of operating system auditing and logging utilities and wraps up with a discussion of OS-based encryption tools.
Chapter 9 completes the Local Host Security part by examining security associated with remote access options. Included in this line of discussion are local software-based firewalls, intrusion detection systems, and Internet Browser Security options. The chapter concludes with a detailed discussion dealing with malicious software protection options, such as antivirus and antispyware programs, as well as software updating and patching efforts.
Chapter 10 provides a Summary and Review for the Scenarios and chapters of Part II. This chapter includes a complete list of relevant Summary Points and a Review...
