Home > Store

Network Security First-Step, 2nd Edition

eBook (Watermarked)

  • Your Price: $19.03
  • List Price: $23.79
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Acrobat® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Also available in other formats.

Register your product to gain access to bonus material or receive a coupon.


  • Copyright 2012
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 448
  • Edition: 2nd
  • eBook (Watermarked)
  • ISBN-10: 0-13-343397-8
  • ISBN-13: 978-0-13-343397-5

Network Security first-step

Second Edition

Tom Thomas and Donald Stoddard

Your first step into the world of network security

  • No security experience required
  • Includes clear and easily understood explanations
  • Makes learning easy

Your first step to network security begins here!

  • Learn how hacker attacks work, from start to finish
  • Choose the right security solution for each type of risk
  • Create clear and enforceable security policies, and keep them up to date
  • Establish reliable processes for responding to security advisories
  • Use encryption effectively, and recognize its limitations
  • Secure your network with firewalls, routers, and other devices
  • Prevent attacks aimed at wireless networks

No security experience required!

Computer networks are indispensible, but they also are not secure. With the proliferation of security threats, many people and companies are looking for ways to increase the security of their networks and data. Before you can effectively implement security technologies and techniques, you need to make sense of this complex and quickly evolving world of hackers and malware, as well as the tools to combat them.

Network Security First-Step, Second Edition explains the basics of network security in easy-to-grasp language that all of us can understand. This book takes you on a guided tour of the core technologies that make up and control network security. Whether you are looking to take your first step into a career in network security or simply are interested in gaining knowledge of the technology, this book is for you!

Sample Content

Table of Contents

Introduction xxii

Chapter 1 There Be Hackers Here! 1

Essentials First: Looking for a Target 2

Hacking Motivations 3

Targets of Opportunity 4

    Are You a Target of Opportunity? 6

Targets of Choice 7

    Are You a Target of Choice? 7

The Process of an Attack 9

    Reconnaissance 9

    Footprinting (aka Casing the Joint) 11

    Scanning 18

    Enumeration 23

        Enumerating Windows 24

    Gaining Access 26

        Operating System Attacks 27

        Application Attacks 27

        Misconfiguration Attacks 28

        Scripted Attacks 29

    Escalating Privilege 30

    Covering Tracks 31

Where Are Attacks Coming From? 32

Common Vulnerabilities, Threats, and Risks 33

Overview of Common Attacks and Exploits 36

Network Security Organizations 39

    CERT Coordination Center 40

    SANS 40

    Center for Internet Security (CIS) 40

    SCORE 41

    Internet Storm Center 41

    National Vulnerability Database 41

    Security Focus 42

    Learning from the Network Security Organizations 42

Chapter Summary 43

Chapter Review 43

Chapter 2 Security Policies 45

Responsibilities and Expectations 50

    A Real-World Example 50

    Who Is Responsible? You Are! 50

        Legal Precedence 50

        Internet Lawyers 51

        Evolution of the Legal System 51

    Criminal Prosecution 52

        Real-World Example 52

        Individuals Being Prosecuted 53

        International Prosecution 53

Corporate Policies and Trust 53

    Relevant Policies 54

    User Awareness Education 54

    Coming to a Balance 55

    Corporate Policies 55

Acceptable Use Policy 57

    Policy Overview 57

    Purpose 58

    Scope 58

    General Use and Ownership 58

    Security and Proprietary Information 59

    Unacceptable Use 60

        System and Network Activities 61

        Email and Communications Activities 62

    Enforcement 63

    Conclusion 63

Password Policy 64

    Overview 64

    Purpose 64

    Scope 64

    General Policy 65

    General Password Construction Guidelines 66

    Password Protection Standards 67

    Enforcement 68

    Conclusion 68

Virtual Private Network (VPN) Security Policy 69

    Purpose 69

    Scope 69

    Policy 70

    Conclusion 71

Wireless Communication Policy 71

    Scope 72

    Policy Statement 72

        General Network Access Requirements 72

        Lab and Isolated Wireless Device Requirements 72

        Home Wireless Device Requirements 73

    Enforcement 73

    Definitions 73

    Revision History 73

Extranet Connection Policy 74

    Purpose 74

    Scope 74

    Security Review 75

    Third-Party Connection Agreement 75

    Business Case 75

    Point of Contact 75

    Establishing Connectivity 75

    Modifying or Changing Connectivity and Access 76

    Terminating Access 76

    Conclusion 76

ISO Certification and Security 77

    Delivery 77

    ISO/IEC 27002 78

    Sample Security Policies on the Internet 79

Industry Standards 79

    Payment Card Industry Data Security Standard (PCI DSS) 80

    Sarbanes-Oxley Act of 2002 (SOX) 80

    Health Insurance Portability and Accounting Act (HIPAA) of 1996 81

    Massachusetts 201: Standards for the Protection of Personal Information of Residents of the Commonwealth 81

    SAS 70 Series 82

Chapter Summary 82

Chapter Review 83

Chapter 3 Processes and Procedures 85

Security Advisories and Alerts: Getting the Intel You Need to Stay Safe 86

    Responding to Security Advisories 87

        Step 1: Awareness 88

        Step 2: Incident Response 90

        Step 3: Imposing Your Will 95

        Steps 4 and 5: Handling Network Software Updates (Best Practices) 96

Industry Best Practices 98

    Use a Change Control Process 98

    Read All Related Materials 98

    Apply Updates as Needed 99

    Testing 99

    Uninstall 99

    Consistency 99

    Backup and Scheduled Downtime 100

    Have a Back-Out Plan 100

    Forewarn Helpdesk and Key User Groups 100

    Don’t Get More Than Two Service Packs Behind 100

    Target Noncritical Servers/Users First 100

    Service Pack Best Practices 101

    Hotfix Best Practices 101

        Service Pack Level Consistency 101

        Latest Service Pack Versus Multiple Hotfixes 101

    Security Update Best Practices 101

        Apply Admin Patches to Install Build Areas 102

        Apply Only on Exact Match 102

        Subscribe to Email Notification 102

Summary 102

Chapter Review and Questions 104

Chapter 4 Network Security Standards and Guidelines 105

Cisco SAFE 2.0 106

    Overview 106

    Purpose 106

Cisco Validated Design Program 107

    Branch/WAN Design Zone Guides 107

    Campus Design Zone Guides 107

    Data Center Design Zone Guides 108

    Security Design Zone Guides 109

Cisco Best Practice Overview and Guidelines 110

    Basic Cisco IOS Best Practices 110

        Secure Your Passwords 110

        Limit Administrative Access 111

        Limit Line Access Controls 111

        Limit Access to Inbound and Outbound Telnet (aka vty Port) 112

        Establish Session Timeouts 113

        Make Room Redundancy 113

        Protect Yourself from Common Attacks 114

    Firewall/ASAs 115

        Encrypt Your Privileged User Account 115

        Limit Access Control 116

        Make Room for Redundant Systems 116

        General Best Practices 117

        Configuration Guides 117

        Intrusion Prevention System (IPS) for IOS 117

NSA Security Configuration Guides 118

    Cisco Systems 119

        Switches Configuration Guide 119

        VoIP/IP Telephony Security Configuration Guides 119

    Microsoft Windows 119

        Microsoft Windows Applications 120

        Microsoft Windows 7/Vista/Server 2008 120

        Microsoft Windows XP/Server 2003 121

    Apple 121

Microsoft Security 121

    Security Policies 121

        Microsoft Windows XP Professional 122

        Microsoft Windows Server 2003 122

        Microsoft Windows 7 122

        Windows Server 2008 123

    Microsoft Security Compliance Manager 124

Chapter Summary 125

Chapter Link Toolbox Summary 125

Chapter 5 Overview of Security Technologies 127

Security First Design Concepts 128

Packet Filtering via ACLs 131

    Grocery List Analogy 132

    Limitations of Packet Filtering 136

Stateful Packet Inspection 136

    Detailed Packet Flow Using SPI 138

    Limitations of Stateful Packet Inspection 139

Network Address Translation (NAT) 140

    Increasing Network Security 142

    NAT’s Limitations 143

Proxies and Application-Level Protection 144

    Limitations of Proxies 146

Content Filters 147

    Limitations of Content Filtering 150

Public Key Infrastructure 150

    PKI’s Limitations 151

Reputation-Based Security 152

    Reactive Filtering Can’t Keep Up 154

    Cisco Web Reputation Solution 155

AAA Technologies 156

    Authentication 156

    Authorization 157

    Accounting 157

    Remote Authentication Dial-In User Service (RADIUS) 158

    Terminal Access Controller Access Control System (TACACS) 159

    TACACS+ Versus RADIUS 160

Two-Factor Authentication/Multifactor Authentication 161

    IEEE 802.1x: Network Access Control (NAC) 162

        Network Admission Control 163

    Cisco TrustSec 164

        Solution Overview 164

        Cisco Identity Services Engine 166

Chapter Summary 168

Chapter Review Questions 168

Chapter 6 Security Protocols 169

Triple DES Encryption 171

    Encryption Strength 171

    Limitations of 3DES 172

Advanced Encryption Standard (AES) 172

    Different Encryption Strengths 173

    Limitations of AES 173

Message Digest 5 Algorithm 173

    MD5 Hash in Action 175

Secure Hash Algorithm (SHA Hash) 175

    Types of SHA 176

        SHA-1 176

        SHA-2 176

Point-to-Point Tunneling Protocol (PPTP) 177

    PPTP Functionality 177

    Limitations of PPTP 178

Layer 2 Tunneling Protocol (L2TP) 179

    L2TP Versus PPTP 180

    Benefits of L2TP 180

    L2TP Operation 181

Secure Shell (SSH) 182

    SSH Versus Telnet 184

    SSH Operation 186

    Tunneling and Port Forwarding 187

    Limitations of SSH 188

SNMP v3 188

    Security Built In 189

Chapter Summary 192

Chapter Review Questions 192

Chapter 7 Firewalls 193

Firewall Frequently Asked Questions 194

    Who Needs a Firewall? 195

    Why Do I Need a Firewall? 195

    Do I Have Anything Worth Protecting? 195

What Does a Firewall Do? 196

Firewalls Are “The Security Policy” 197

We Do Not Have a Security Policy 200

Firewall Operational Overview 200

    Firewalls in Action 202

    Implementing a Firewall 203

    Determine the Inbound Access Policy 205

    Determine Outbound Access Policy 206

Essentials First: Life in the DMZ 206

Case Studies 208

    Case Study: To DMZ or Not to DMZ? 208

Firewall Limitations 214

Chapter Summary 215

Chapter Review Questions 216

Chapter 8 Router Security 217

Edge Router as a Choke Point 221

    Limitations of Choke Routers 223

Routers Running Zone Based Firewall 224

    Zone-Based Policy Overview 225

    Zone-Based Policy Configuration Model 226

    Rules for Applying Zone-Based Policy Firewall 226

    Designing Zone-Based Policy Network Security 227

    Using IPsec VPN with Zone-Based Policy Firewall 228

Intrusion Detection with Cisco IOS 229

    When to Use the FFS IDS 230

    FFS IDS Operational Overview 231

    FFS Limitations 233

Secure IOS Template 234

Routing Protocol Security 251

    OSPF Authentication 251

        Benefits of OSPF Neighbor Authentication 252

        When to Deploy OSPF Neighbor Authentication 252

        How OSPF Authentication Works 253

Chapter Summary 254

Chapter Review Questions 255

Chapter 9 IPsec Virtual Private Networks (VPNs) 257

Analogy: VPNs Securely Connect IsLANds 259

VPN Overview 261

    VPN Benefits and Goals 263

    VPN Implementation Strategies 264

    Split Tunneling 265

Overview of IPsec VPNs 265

    Authentication and Data Integrity 268

    Tunneling Data 269

    VPN Deployment with Layered Security 270

    IPsec Encryption Modes 271

        IPsec Tunnel Mode 271

        Transport Mode 272

    IPsec Family of Protocols 272

    Security Associations 273

    ISAKMP Overview 273

    Internet Key Exchange (IKE) Overview 274

        IKE Main Mode 274

        IKE Aggressive Mode 275

    IPsec Security Association (IPsec SA) 275

    IPsec Operational Overview 276

        IKE Phase 1 277

        IKE Phase 2 278

        Perfect Forward Secrecy 278

        Diffie-Hellman Algorithm 279

Router Configuration as VPN Peer 281

    Configuring ISAKMP 281

        Preshared Keys 282

    Configuring the ISAKMP Protection Suite 282

    Configuring the ISAKMP Key 283

    Configuring IPsec 284

        Step 1: Create the Extended ACL 284

        Step 2: Create the IPsec Transforms 284

        Step 3: Create the Crypto Map 285

        Step 4: Apply the Crypto Map to an Interface 286

Firewall VPN Configuration for Client Access 286

    Step 1: Define Interesting Traffic 288

    Step 2: IKE Phase 1[udp port 500] 288

    Step 3: IKE Phase 2 288

    Step 4: Data Transfer 289

    Step 5: Tunnel Termination 289

SSL VPN Overview 289

Comparing SSL and IPsec VPNs 290

Which to Deploy: Choosing Between IPsec and SSL VPNs 292

Remote-Access VPN Security Considerations 293

    Steps to Securing the Remote-Access VPN 294

        Cisco AnyConnect VPN Secure Mobility Solution 295

Chapter Summary 296

Chapter Review Questions 297

Chapter 10 Wireless Security 299

Essentials First: Wireless LANs 301

    What Is Wi-Fi? 302

    Benefits of Wireless LANs 303

    Wireless Equals Radio Frequency 303

Wireless Networking 304

    Modes of Operation 305

    Coverage 306

    Bandwidth Availability 307

WarGames Wirelessly 307

    Warchalking 308

    Wardriving 309

    Warspamming 311

    Warspying 312

Wireless Threats 312

    Sniffing to Eavesdrop and Intercept Data 313

    Denial-of-Service Attacks 315

    Rogue/Unauthorized Access Points 316

    Misconfiguration and Bad Behavior 317

        AP Deployment Guidelines 317

        Wireless Security 318

    Service Set Identifier (SSID) 318

    Device and Access Point Association 319

    Wired Equivalent Privacy (WEP) 319

        WEP Limitations and Weaknesses 320

    MAC Address Filtering 320

Extensible Authentication Protocol (EAP) 321

    LEAP 322

    EAP-TLS 322

    EAP-PSK 323

    EAP-TTLS 323

Essential Wireless Security 323

Essentials First: Wireless Hacking Tools 325

    NetStumbler 325

    Wireless Packet Sniffers 326

    Aircrack-ng 327

    OmniPeek 327

    Wireshark 329

Chapter Summary 329

Chapter Review Questions 330

Chapter 11 Intrusion Detection and Honeypots 331

Essentials First: Intrusion Detection 333

    IDS Functional Overview 335

        Host Intrusion Detection System 340

        Network Intrusion Detection System 341

        Wireless IDS 343

        Network Behavior Analysis 344

How Are Intrusions Detected? 345

    Signature or Pattern Detection 346

    Anomaly-Based Detection 346

    Stateful Protocol Analysis 347

    Combining Methods 347

    Intrusion Prevention 347

    IDS Products 348

        Snort! 348

    Limitations of IDS 350

Essentials First: Honeypots 354

    Honeypot Overview 354

    Honeypot Design Strategies 356

    Honeypot Limitations 357

Chapter Summary 357

Chapter Review Questions 357

Chapter 12 Tools of the Trade 359

Essentials First: Vulnerability Analysis 361

    Fundamental Attacks 361

        IP Spoofing/Session Hijacking 362

        Packet Analyzers 363

        Denial of Service (DoS) Attacks 363

        Other Types of Attacks 366

        Back Doors 368

Security Assessments and Penetration Testing 370

    Internal Vulnerability and Penetration Assessment 370

        Assessment Methodology 371

    External Penetration and Vulnerability Assessment 371

        Assessment Methodology 372

    Physical Security Assessment 373

        Assessment Methodology 373

    Miscellaneous Assessments 374

        Assessment Providers 375

Security Scanners 375

    Features and Benefits of Vulnerability Scanners 376

    Freeware Security Scanners 376

        Metasploit 376

        NMAP 376

        SAINT 377

        Nessus 377

        Retina Version 5.11.10 380

CORE IMPACT Pro (a Professional Penetration Testing Product) 382

    In Their Own Words 383

    Scan and Detection Accuracy 384

    Documentation 384

    Documentation and Support 386

    Vulnerability Updates 386

Chapter Summary 386

Chapter Review Questions 387

Appendix A Answers to Review Questions 389

9781587204104   TOC   11/30/2011


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020