Chapter 16 Understanding Network Transmission Media Security 407
The Basics of Network Transmission Media 407
Copper Wire 408
Light Waves 410
Wireless Signals 412
Transmission Media Vulnerabilities 415
Securing Wireless Networks 415
Hands-On Exercises 417
Objectives 417
Resources 417
Procedure 417
Lab Questions 421
Lab Answers 421
Chapter 17 Local Network Security: Review Questions 423
Summary Points 423
Security Challenge Scenarios 432
Local Network Security Scenario 1 432
Local Network Security Scenario 2 432
Professional Feedback 432
Review Questions 443
PART IV SECURING THE PERIMETER 449
Chapter 18 Perimeter Security in the Real World 451
Security Challenges 451
Internet Security Scenario 1 451
Internet Security Scenario 2 454
Summary 455
Chapter 19 Understanding the Environment 457
The Basics of Internet Security 457
Understanding the Environment 460
Basic Internet Concepts 461
Internet Services 468
Standards and RFCs 470
Hands-On Exercises 471
Objectives 471
Resources 472
Discussion 472
Procedures 472
Lab Questions 486
Lab Answers 486
Chapter 20 Hiding the Private Network 487
Understanding Private Networks 487
Network Address Translation 488
Port Address Translation 489
Port Forwarding or Mapping 490
Network Segmentation 492
Software-Defined Networking 494
Hands-On Exercises 496
Objectives 496
Resources 496
Discussion 496
Procedure 497
Lab Questions 508
Lab Answers 509
Chapter 21 Protecting the Perimeter 511
Understanding the Perimeter 511
Firewalls 515
Firewall Considerations 517
Network Appliances 519
Proxy Servers 520
Demilitarized Zones (DMZs) 522
Single-Firewall DMZs 523
Dual-Firewall DMZs 524
Honeypots 525
Extranets 526
Hands-On Exercises 528
Objectives 528
Resources 528
Procedures 528
Lab Questions 534
Lab Answers 534
Chapter 22 Protecting Data Moving Through the Internet 535
Securing Data in Motion 535
Authentication 536
Encryption 542
Cryptography 543
Digital Certificates 545
Hash Tables 548
Cookies 548
CAPTCHAs 549
Virtual Private Networks 550
Hands-On Exercises 552
Objectives 552
Resources 552
Discussion 552
Procedures 552
Lab Questions 563
Lab Answers 563
Chapter 23 Tools and Utilities 565
Using Basic Tools 565
IFconfig/IPconfig 565
Whois 566
Nslookup 567
PING 567
Traceroute 568
Telnet 569
Secure Shell 570
Monitoring Tools and Software 570
Nagios 572
SolarWinds 572
Microsoft Network Monitor 572
Wireshark 572
Snort 573
Nmap 575
Nikto 575
OpenVAS 575
Metasploit 575
The Browser Exploitation Framework (BeEF) 576
Other Products 576
Hands-On Exercises 578
Objectives 578
Resources 578
Discussion 578
Procedures 579
Capturing a PING 583
Lab Questions 589
Lab Answers 589
Chapter 24 Identifying and Defending Against Vulnerabilities 591
Zero Day Vulnerabilities 591
Software Exploits 592
SQL Injection 594
Java 597
Other Software Exploits 599
Social Engineering Exploits 600
Phishing Attacks 600
Network Threats and Attacks 603
Broadcast Storms 603
Session-Hijacking Attacks 604
Dictionary Attacks 606
Denial of Service (DoS) Attacks 606
Tarpitting 611
Spam 612
Protecting Against Spam Exploits 613
Other Exploits 614
Transport Layer Security (TLS) Exploits 614
FREAK Exploits 615
Logjam Exploits 615
Hands-On Exercises 616
Objectives 616
Resources 616
Discussion 616
Procedures 616
Chapter 25 Perimeter Security: Review Questions and Hands-On Exercises 627
Summary Points 627
Security Scenario Review 637
Network Security Scenario 1 637
Network Security Scenario 2 637
Professional Feedback 637
Review Questions 644
Exam Questions 647
Appendix A 651
Appendix B 703
Appendix C 715
Index 727
"Cybersecurity Essentials" provides a comprehensive introduction, with expert coverage of essential topics required for entry-level cybersecurity certificates. It covers the four distinct challenges of creating an effective cybersecurity defense: securing the infrastructure, securing devices, securing local networks, and securing the perimeter. The authors summarize the fundamental concepts of each challenge and include real-world scenarios that show how these vulnerabilities look in everyday computing. The text offers a summary of the key concepts, review questions, and hands-on exercises designed to help assess an understanding of key concepts. -- From publisher's description.
ABOUT THE AUTHOR CHARLES J. BROOKS is co-owner and vice president of Educational Technologies Group Inc., as well as co-owner of eITPrep LLP, an online training company.
CHRISTOPHER GROW is the president of A.C.C.N.S. Consulting and the Technichal Services manager for Educational Technologies Group L.L.C. with 20+ years of IT/IS and cyber security experience.
PHILIP CRAIG is the founder of BlackByte Cyber Security, LLC, a consultancy supporting the Pacific Northwest National Laboratory (PNNL) research and national security agendas.
DONALD SHORT is the President of One World Telecommunications, Inc., an Internet Service Provider in Kennewick.