Content
-
- Defining Information Security Policy (ISP) and Types of ISP
-
- Why is a Security Policy Important?
-
- Goals for an Effective Security Policy
-
- Components of Security Policy
- Acceptable Use Policy
- Violations and Penalties
- User Accounts, Password Protection and Remote Access Policies
- Internet Use Policy
- LAN Security Policy
- Steps to Building a Security Policy
- Develop a Policy Team
- Determine Overall Approach to Security
- Identify Assets to be Protected
- Determine What Should be Audited for Security
- Identify Security Risks
- Define Acceptable Use
- Accounting for What the Firewall Cannot Do
- Other Security Policy Topics
- Documentation and Records Policy and Procedures
- Storage Media Policies and Procedures
- Managing Records
- Continuity Planning and Responses to Security Violations
- Defining Incident, Incident Response (IR), Disaster Recovery (DR) and Business Continuity (BC)
- Business Impact Analysis
- Identification and Prioritization of Threats and Attacks
- Business Unit Analysis
- Assessment of Potential Damage
- Classification of Subordinate Plans
- Incident Response Planning
- Four Phases of Incident Response (Planning, Detection, Reaction and Recovery)
- Disaster Recovery Planning2
- Key Activities and Processes of Disaster Recovery Planning
- Recovery Operations
- Business Continuity Planning
- Developing Continuity Program
- Business Continuity Model and The Planning Document
- Crisis Management
- Key Crisis Management Activities and Actions
- Overcoming Administrative Obstacles
- Educating Employees
- Presenting and Reviewing the Process
- Amending the Security Policy
- Components of Security Policy
Authenticating Users
- Access Control
- Mandatory Access Control (MAC)
- Data Classification Model
- Security Clearance3
- Nondiscretionary Access Control
- Discretionary Access Control (DAC)
- Centralized vs Decentralized Access Control
- Access control software management
- Mandatory Access Control (MAC)
- The Authentication Process in General
- How Firewalls Implement the Authentication Process
- Types of Authentication with Firewalls
- User Authentication
- Client Authentication
- Session Authentication
- Centralized Authentication
- Kerberos Authentication
- TACACIS+
- Radius
- Password Security Issues
- Password Security Tools
- Other Authentication Systems
Encryption and Firewalls
- Why Firewalls Need to Use Encryption
- Encryption Overview
- Principles of Cryptography
- Digital Certificates, and Public and Private Keys
- Analyzing Popular Encryption Schemes
- Symmetric and Asymmetric Encryption
- Digital Signatures
- Hybrid Systems
- Using Cryptographic Controls
- E-mail Security
- Securing the Web
- Using IPSec Encryption
- Securing Authentication
- Attacks on Cryptosystems
- Man-in-the-Middle Attacks
- Correlation Attacks
- Dictionary Attacks
- Timing Attacks
- Defending from Attacks
Choosing A Bastian Host
- Installing A Bastian Host: General Requirements
- Selecting the Host Machine
- Positioning the Bastian Host
- Configuring Your Bastian Host
- Making the Host Defend Itself
- Selecting Services to be Provided
- Principles of Cryptography
- Special Considerations for Unix and Windows Systems
- Handling Backups4
- Auditing the Bastian Host
- Connecting the Bastian Host
Setting up a Virtual Private Network
- VPN Components and Operations
- Types of VPN's
- VPN Set-Ups
- Tunneling Protocols Used with VPN's
- Enabling Remote Access within VPN's
- VPN Best Practices
Building your own Firewall
- Enterprise Versus Desktop Firewalls
- Desktop Firewalls
- Enterprise Firewalls
Ongoing Administration
- Making Your Firewall Meet New Needs
- Identifying New Risks
- Adding Software Updates and Patches
- Adhering to Proven Principles
- Environmental Management
- Using Remote Management Interface
- Preparing Usage Reports
- Watching for Suspicious Events
- Security Breaches Will Happen!
- Using an Intrusion Detection System
- Receiving Security Alerts
- When an Intrusion Occurs
- During and After an Intrusion
- Compiling Legal Evidence
- Configuring Advanced Firewall Functions