The contemporary IT landscape is littered with various technologies that vendors claim will “solve” an organization’s cybersecurity challenges. These technologies are powerful and, in the right context, can be very effective. But misunderstood and misused, they either do not provide effective protection or do not protect the right things. This results in unnecessary expenditures, false beliefs of security, and interference with an organization’s mission. This book introduces major technologies that are employed in today’s cybersecurity landscape and the fundamental principles and philosophies behind them. By grasping these core concepts, professionals in every organization are better equipped to know what kind of technology they need, ask the right questions of vendors, and better interface with their CISO and security organization. The book is largely directed at beginners, including non-technical professionals such as policy makers, compliance teams, and business executives. What You Will Learn:
• Authentication technologies, including secure password storage and how hackers “crack” password lists
• Access control technology, such as BLP, BIBA, and more recent models such as RBAC and ABAC
• Core cryptography technology, including AES encryption and public key signatures
• Classical host security technologies that protect against malware (viruses, trojans, ransomware)
• Classical network security technologies, such as border security (gateways, firewalls, proxies), network IDS and IPS, and modern deception systems
• Web security technologies, including cookies, state, and session defenses, and threats that try to subvert them
• Email and social media security threats such as spam, phishing, social media, and other email threats
Who This Book Is For: Professionals with no technical training in engineering, computers, or other technology; those who want to know things at a technical level but have no previous background; professionals with a background in policy, compliance, and management; technical professionals without a background in computer security who seek an introduction to security topics; those with a security background who are not familiar with this breadth of technology.
Author(s): Seth James Nielson
Edition: 1
Publisher: Apress
Year: 2023
Language: English
Commentary: TruePDF | Full TOC | PDF/X-1:2001
Pages: 447
Tags: Systems And Data Security
Contents
About the Author
About the Technical Reviewer
Introduction
1 The Psychology of Cybersecurity
The Human Brain As Security Technology
Correctly Understanding Human Cognition
The Psychology of Human Error
Mental Automation
Complex Rules
Meta-ignorance
Wrong Model Stubbornness
Errors and Cybersecurity
The Psychology of Manipulation
Action Bias
Emotional Fallback
Deference to Authority
Visual Emotional Responses
Psychology-Aware Design Considerations
Design Principles
Summary
Further Reading
2 Authentication Technology
Foundations of Authentication
Something You Know
Password Verification and Storage
Cracking Stored Passwords
Password Reset Challenges
Something You Have
Something You Are
Multifactor Authentication
Summary
Further Reading
3 Authorization Technology
Computer Security Policies
A Survey of Authorization Policies
Bell-LaPadula
Biba
Domain and Type Enforcement
A Sample DTE Policy
RBAC and ABAC
RBAC
ABAC
Common RBAC and ABAC Problems
Access Control Technologies
Access Control Lists
Capabilities
Access Control Implementation Issues
Complete Mediation and Reference Monitors
Access Control and Psychology
Side Channels
Summary
Further Reading
4 Cryptography Foundations
Introducing Cryptography Through Historical Examples
The Caesar Cipher
Generalized Monoalphabetic Substitution
Increasing the Block Size: The Playfair Cipher
Introducing Stream Ciphers: The Vigenere Cipher
How Strong Is an Encryption Algorithm
Foundations
Information—Binary Data
Information Security Goals
XOR
Hashing
Summary
Further Reading
5 Core Cryptography Technology
Symmetric Cryptography
Modern Block Ciphers
Advanced Encryption Standard
Modes of Operation
Modern Stream Ciphers
One-Time Pad
AES Counter Mode
ChaCha20
Message Authentication Codes and CombinedModes of Operation
Asymmetric Cryptography
Asymmetric Encryption
Digital Signatures
Key Agreement
A Word About Quantum Cryptography
Summary
Further Reading
6 Cryptographic Systems Technologies
The Attacker: Man-in-the-Middle
Putting Together a Cryptographic System
Putting the Pieces Together
Confidentiality Components
Integrity Components
Authenticity Components
Securing Web Communications: HTTPS and TLS
The TLS Protocol
TLS Data Transfer
The TLS Handshake
Certificate Authentication and PKI
Securing Storage: IEEE Standard 1619.1
Bulk Encryption of Storage Data
Key Life Cycle Management
Summary
Further Reading
7 Host Security Technology
Host Security Fundamentals
Operating Systems and Isolation
Enforcing Access Controls
Stronger Hardware-Based Isolation
Stronger Software-Based Isolation
Software Vulnerabilities
Malware Classifications, Impact, and Scope
Viruses
Worms
Trojan Horses
Rootkits
Ransomware
Bot Networks
Malware-Specific Defenses
Identify and Neutralize Strategies
Static Analysis
Dynamic Analysis
Mitigation Strategies
Recover and Respond Strategies
Summary
Further Reading
8 Classical Network Security Technology
Legacy Networking Security Implications
Servers and Port Scans
Firewalls
Per-Packet Filtration
Example: Only Web Access for Web Servers
Stateful Packet Filtration
SYN Flood Attacks
DDOS and Amplification Attacks
Application-Level Gateways
Layer-7 Firewalls
Network Address Translation
Putting It All Together
Proxies
Virtual Private Networks
Intrusion Detection and Prevention
Defensive Deception
Network Architectures
Infiltration, Exfiltration, and AdvancedPersistent Threats
Reconnaissance
Establish Foothold
Lateral Movement
Exfiltration or Other Malice
Clean Up and Finalize
Summary
Further Reading
9 World Wide Web Security
An Overview of Basic Web Components
Resources and URLs
HTML
Overview of HTTP
Cookies and State
HTTPS
Web Applications
Client-Side Technologies: Collaborative Websitesand JavaScript
Server-Side Technologies: Databases, Applications, and Server-Side Scripting
Databases
Application Servers
Server-Side Scripting
Web-Based SSO: OAuth
Web Threats and Defenses
TLS ``Visibility'' and Other Attacks
Cookies and Privacy
JavaScript Protections
SQL Injection Attacks
Cross-Site Scripting Attacks
Web Application Firewalls
Summary
Further Reading
10 Overlay Security: Email and Social Media
Overlay Networking Background
Social Networks As Overlay Networks
Email Operations
Social Media Sites
Threats
Spam
Phishing
Bulk Phishing
Spear Phishing
Artificial Amplification and Disinformation
Reputation Attacks
Defenses
Filtering Fraudulent Messages
Controlling Messages
Investigating Social Media Misuse
Summary
Further Reading
A Binary and Hexadecimal Numbers
Base-10 Numbers: Decimal
Base-2 Numbers: Binary
Base-16 Numbers: Hexadecimal
B Computers, Data, and Programs
Computer Hardware
Data Formats
Program Execution
CPU Simulation Example
Example 1: Count to 3
Example 2: Average Numbers in Memory
C Computer Communications and Networking
Computer Networks
The Network Protocol Stack
Packets
Sessions
Ports
Addresses
Network Structures
Protocol Stacks
The OSI Model
DNS and DHCP
Client Server Architecture
References
Index
