Chapter 1: Basic Access, Authentication Methods, and Implementation Modes
1.1 Basic Access
1.1.1 Authentication Proofs
1.1.2 Basic Password Guidelines
1.1.3 Password Attacks
1.1.4 One Time Password
1.2 Tokens
1.2.1 Tokens
1.2.2 Token Types
1.3 Biometrics
1.3.1 Biometrics
1.3.2 Multi-Factor Authentication
1.3.3 Mutual Authentication
1.3.4 Certificates
1.3.5 E-Commerce with SSL
1.4 Authentication Protocols
1.4.1 Password Authentication Protocol
1.4.2 Challenge-Handshake
1.5 Kerberos
1.5.1 Introduction to Kerberos
1.5.2 The Kerberos Process
1.6 Access Controls
1.6.1 Mandatory Access Control
1.6.2 Discretionary Access Control
1.6.3 Role-Based Access Control
1.6.4 Authentication and Authorization
1.6.5 Accounting
1.7 IT Security Tools
1.7.1 IT Security Tools
1.7.2 Packet Sniffers
1.7.3 Intrusion Detection System
1.7.4 Directory Services
1.7.5 Remote Access
1.7.6 Simple Network Management Protocol

Chapter 2: Threats and Attacks Against Your Network
2.1 Denial of Services (DoS)
2.1.1 Denial of Service Attacks
2.1.2 Types DoS Attacks
2.1.3 DoS Attacks on TCP/IP
2.1.4 DoS Defenses
2.1.5 DoS Wireless Considerations
2.2 Distributed Denial of Service (DDoS) Attack
2.2.1 DDoS Attacks
2.2.2 SMURF Attacks
2.2.3 Tribe Flood Network (TFN)
2.2.4 Stacheldraht Attack
2.3 Identity Theft
2.3.1 Identity Theft Overview
2.3.2 Back Door
2.3.3 Back Door Defense
2.3.4 Spoofing Attacks
2.3.5 Spoofing Defense
2.4 Identity Attacks
2.4.1 Man-in-the-Middle Attack
2.4.2 Man-in-the-Middle Defense
2.4.3 Poisoning the ARP Cache
2.4.4 Replays
2.4.5 Replays Defense
2.4.6 TCP/IP Hijacking
2.5 Common Attacks
2.5.1 Password Guessing
2.5.2 Password Defense
2.5.3 Software Exploitation
2.6 Malicious Code
2.6.1 Basic Malicious Code
2.6.2 Malicious Code Defense

Chapter 3: Remote Access Security and Services
3.1 Wireless Communication
3.1.1 Wireless Communication
3.1.2 Wireless Standards
3.1.3 Wireless Topology
3.1.4 Wireless Issues
3.1.5 Wireless Defense
3.2 Virtual Private Networks
3.2.1 Virtual Private Network Communication
3.2.2 Point-to-Point Tunneling Protocol
3.2.3 Layer 2 Tunneling Protocol
3.2.4 Secure Shell
3.2.5 IP Security Protocol
3.2.6 VPN Issues
3.2.7 VPN Defense
3.3 Authentication and Accounting
3.3.1 Authentication and Accounting Protocols
3.3.2 Remote Address Dial-in User Service
3.3.3 Terminal Access Controller Access Control System
3.3.4 Security Note for TACACS+ and RADIUS

Chapter 4: Securing Traffic: Email and Web Security
4.1 Email
4.1.1 Origins of Email
4.1.2 Multipurpose Internet Mail Extensions (MIME)
4.1.3 MIME Encoding
4.1.4 S/MIME
4.1.5 Digital Certificates S/MIME
4.1.6 S/MIME Issues
4.1.7 PGP
4.1.8 How PGP Works
4.1.9 PGP Issues
4.1.10 Vulnerabilities and Defenses
4.2 Web Traffic SSL/TLS
4.2.1 Introduction to SSL
4.2.2 SSL Process
4.2.3 SSL Issues
4.2.4 SSL Defenses
4.2.5 TLS

Chapter 5: Web Attacks and Server Vulnerabilities
5.1 Web Attacks
5.1.1 Client and Server Vulnerabilities
5.1.2 The difference between Sever and Client
5.1.3 Basic HTML and Scripting Languages
5.1.4 Role of Scripting
5.1.5 Client-Side Scripting
5.1.6 Server-Side Scripting
5.2 About Scripting Languages
5.2.1 About Scripting Languages
5.2.2 Popular Client-Side Scripting Languages
5.2.3 Other Client-Side Scripting Languages
5.2.4 Server Side Scripting Languages
5.2.5 Popular Server-Side Scripting Languages
5.2.6 Other Server-Side Scripting Languages
5.2.7 Scripting from a Security Perspective
5.2.8 Client Side Web Attacks
5.2.9 Additional Client Side Web Attacks
5.2.10 Server Side Web Attacks

Chapter 6: Authentication Services
6.1 Authentication Services
6.1.1 The Need for Directories
6.1.2 x.500 Directories
6.1.3 x.500 Evolution
6.1.4 About the X.500 Database
6.1.5 Internet-Based Directories
6.1.6 Directory-Based Access Systems
6.2 LDAP in Practice
6.2.1 LDAP in Practice
6.2.2 LDAP Hierarchy
6.2.3 LDAP Queries and Storage
6.2.4 LDAP Defenses
6.2.5 LDAP Replication Issues

Chapter 7: Communication Security
7.1 Authentication Services
7.1.1 Authentication Services
7.1.2 Public - Private Key Cryptography
7.1.3 Digital Certificates
7.2 FTP Security
7.2.1 FTP Security
7.2.2 FTP Review
7.2.3 How FTP Works
7.2.4 Secure FTP
7.2.5 Secure Socket Shell (SSH)
7.2.6 Secure Socket Layer (SSL)
7.2.7 How SSL Works
7.3 Packet Sniffing
7.3.1 What is a Data Packet?
7.3.2 Packet Sniffers
7.3.3 Other Packet Sniffing Tools
7.4 Instant Messaging
7.4.1 What is IM?
7.4.2 IM Vulnerabilities
7.4.3 IM Defense
7.4.4 Additional IM Issues
7.5 Wireless Communication
7.5.1 Wireless Communication
7.5.2 Wireless Standards
7.5.3 Wireless Topology
7.5.4 Wireless Attacks
7.5.5 Proper Antenna For The Job
7.5.6 Wireless Security
7.5.7 Wireless Site Survey
7.5.8 Wireless Issues
7.5.9 Wireless Defense

Chapter 8: Infrastructure Design
8.1 Designing the Infrastructure
8.1.1 Infrastructure Overview
8.1.2 The Largest Network
8.1.3 Network Topology
8.2 Firewalls
8.2.1 Firewalls
8.2.2 What is a Firewall?
8.2.3 Infrastructure
8.2.4 Firewall Form Factors
8.3 Routers
8.3.1 Router
8.3.2 Other Router Function
8.4 Switches
8.4.1 Switches
8.4.2 Switches Infrastructure
8.4.3 Switch Security
8.4.4 Switch Security Issues
8.4.5 Poison ARP
8.5 Wireless Infrastructure
8.5.1 Wi-Fi
8.5.2 Bluetooth
8.5.3 Wireless Infrastructure Security Threats
8.5.4 SSID
8.5.5 Rogue Access Points
8.5.6 Bluetooth Security
8.6 Modems
8.6.1 What is a modem?
8.6.2 How does a modem work?
8.7 Remote Access Services (RAS)
8.7.1 Remote Access Services
8.7.2 RAS Security Protocols and Logging
8.8 Telecom/PBX
8.8.1 Telecom/PBX
8.8.2 How phreaking began?
8.8.3 PBX
8.9 Virtual Private Network (VPN)
8.9.1 Virtual Private Network
8.9.2 VPN Types
8.9.3 Advantages and Disadvantages of VPNs
8.9.4 VPN Protocols
8.9.5 Mobile Devices
8.9.6 Wireless Transmission Type

Chapter 9: Media Security
9.1 Media Vulnerabilities
9.1.1 Types of Media Vulnerabilities
9.1.2 Signal Intelligence
9.1.3 Human Intelligence
9.1.4 Theft
9.2 The Nature of the Threat
9.2.1 Networking Coax
9.2.2 Coax and RF
9.2.4 Fiber
9.2.5 A Wireless Warning
9.3 Storage Media Security
9.3.1 Tape
9.3.2 CDR
9.3.3 Hard Drives
9.3.4 RAID 0
9.3.5 RAID 1
9.3.6 RAID 2, 3, and 4
9.3.7 RAID 5
9.3.8 RAID 0/1
9.3.9 Diskettes
9.3.10 Flashcard/Smartcard

Chapter 10: Security Topologies
10.1 NAT
10.1.1 Address Shortage
10.1.2 Private IP Address
10.1.3 NAT Translating
10.1.4 Static and Dynamic NAT
10.1.5 Static NAT
10.1.6 Dynamic NAT
10.1.7 Port Address Translation
10.1.8 DHCP
10.1.9 APIPA
10.2 DMZ
10.2.1 DMZ
10.2.2 DMZ Topologies
10.2.3 Single Firewall DMZ
10.2.4 Dual Firewall DMZ
10.2.5 NIDS and IDS
10.2.6 Bastion Hosts
10.2.7 Honeypots
10.2.8 Internal and External DMZ
10.2.9 DMZ Best Practice
10.3 Intranets and Extranets
10.3.1 Intranets and Extranets
10.3.2 Intranet Uses
10.3.3 Intranet Security
10.3.4 Intranet Security Guidelines
10.3.5 Extranet
10.3.6 Extranet Security Guidelines
10.4 VLANs
10.4.1 VLANs
10.4.2 Port Address Based VLAN
10.4.3 MAC Address and Protocol Based VLAN
10.4.4 Benefits of VLAN Implementation
10.5 Tunneling
10.5.1 Tunneling
10.5.2 VPN
10.5.3 PPTP
10.5.4 L2TP
10.5.5 IPSec
10.5.6 GRE

Chapter 11: Intrusion Detection
11.1 Intro to Intrusion Detection
11.1.1 Overview
11.1.2 Intrusion Detection
11.1.3 Anatomy of an Attack
11.1.4 Backdoors
11.1.5 Buffer Overruns
11.1.6 Stack Overflows
11.1.7 Protocol Errors
11.1.8 Sabotage
11.2 Intrusion Detection Technologies
11.2.1 Network Based IDS
11.2.2 Pattern Matching
11.2.3 Building Signatures
11.2.4 Protocol Analysis
11.2.5 Anomaly Detection
11.2.6 Host Based IDS
11.2.7 False Positives
11.2.8 Honeypots
11.2.9 Incident Response
11.2.10 Network Monitor
11.2.11 The Unspoken Threat
11.2.12 Radio/ Telecommunication
11.2.13 Internet and WAN
11.2.14 Defensive Posture

Chapter 12: Creating a Security Plan: Baseline and Checklists
12.1 Understanding Security
12.1.1 Understanding Security Documentation
12.1.2 Written Security Policies
12.1.3 Additional Types of Documentation
12.2 Network Hardening
12.2.1 Network Hardening
12.2.2 Directory Services
12.2.3 DNS Servers
12.2.4 DHCP Servers
12.2.5 DHCP Solutions
12.2.6 Updates
12.3 Email and News Servers
12.3.1 Email Servers
12.3.2 Defensive Measures for Email Servers
12.3.3 NNTP Servers
12.3.4 Defensive Measure for NNTP
12.4 Data Repositories
12.4.1 Data Repositories
12.4.2 Directory Service Attacks
12.5 Security Checklist
12.5.1 Developing Security Checklist
12.5.2 Evaluating the Security Checklist
12.5.3 Security Checklist Results

Chapter 13: Cryptography Concepts and Management
13.1 Cryptograph Concepts
13.1.1 Using Encryption Algorithms
13.1.2 About Encryption Algorithms
13.1.3 Modern Cryptographic System
13.1.4 About Stream Ciphers
13.1.5 About Block Ciphers
13.1.6 The Problem with Secrets
13.1.7 Hashing
13.1.8 Public Key Encryption
13.2 Key Management
13.2.1 Overview
13.2.2 Trust Models
13.2.3 Revocation or Suspension
13.2.4 Key Recovery
13.2.5 Public Key Infrastructure

Chapter 14: Operational Security
14.1 Basic of Operational Security
14.1.1 What is Operational Security?
14.1.2 Access Control
14.1.3 Group Accounts
14.1.4 Social Engineering
14.1.5 Environment
14.1.6 Need to Know and Least Privilege
14.1.7 Workplace Operational Security
14.1.8 Logging and Auditing
14.2 Disaster Recovery
14.2.1 What do we do now?
14.2.2 The Disaster Levels
14.2.3 Executing the Recovery
14.2.4 Emergency Response
14.3 Business Continuity Planning
14.3.1 What is Business Continuity Planning?
14.3.2 Dealing with Disaster
14.3.3 Setting the Scope
14.3.4 Counting the Cost
14.3.5 Why People Do Planning

Chapter 15: Policies and Procedures
15.1 Security Policy
15.1.1 Creating Security Policies
15.1.2 What Makes a good Security Policy?
15.1.3 Type a Security Policies
15.1.4 Security Policy Formulation
15.2 Employee Diligence
15.2.1 Policy Review
15.2.2 Keeping up with Changes
15.3 Access/Password Management
15.3.1 Password Policy
15.3.2 What is in a Password Policy
15.3.3 Additional Password Rules
15.3.4 Remote Access Policies
15.4 Disposal/ Termination
15.4.1 Security Media for Disposal
15.4.2 Employee Termination
15.4.3 Other Items in a Termination Policy
15.5 Incident Response Policy
15.5.1 Incident Indicators
15.5.2 Incident Response Policy Goals
15.5.3 Point of Contact
15.5.4 Escalation

Chapter 16: Security Management
16.1 Documentation
16.1.1 Hardware and Software
16.1.2 Changes
16.1.3 Logging
16.1.4 Data Storage
16.1.5 Destruction
16.2 Education
16.2.1 Overview
16.2.2 Communication
16.2.3 Responsibility
16.3 Privilege Management
16.3.1 Privilege Management
16.3.2 Controlling Access to Resources
16.3.3 Single Sign-On
16.3.4 Centralized and Decentralized Access Control
16.3.5 Access Control Types: MAC, DAC, and RBAC
16.4 Risk Management
16.4.1 Risk Management
16.4.2 Asset Identification
16.4.3 Thread Identification
16.4.4 Vulnerabilities
16.4.5 Risk Assessment
16.5 Forensic
16.5.1 Forensic
16.5.2 Preserving Evidence
16.5.3 Collecting Evidence

You can contact your mentor Paul Skiera at ps@asu.edu