The process of network security

• Understanding the nature of attacks and attackers
• Setting security goals
• Creating a secure network design
• Building a team
• Fortifying network components
• Implementing physical and personnel security
• Monitoring and ordering a network
• Discovering and handling an actual attack
• Dealing with law enforcement authorities

Table of contents

Chapter 1: Understanding Security

What Are We Protecting?

Thinking Like a Defender

The Reader of This Book

The Organization We Are Protecting

The Process of Security

How Do You Know That the Process Is Working?

Trend Analysis

Chapter 2: Writing a Security Policy

Pitfalls

Staging a Coup

Contents of the Policy

Chapter 3: Who Is Attacking You?

The Nature of the Beast

Security as an Evolutionary Strategy

Chapter 4: Security Design Process

Thinking About Security

Principles of Security

The Shape of Your Defenses

The Shape of Your Security Organization

Chapter 5: Building a Security Team

Employee Characteristics

Job Functions in a Security Team

Training and Cross-Training

Interviewing Security Candidates

Background Checks

Hiring

Firing

Chapter 6: Fortifying Network Components

What Is a Network Component?

Component Types

Selecting Components

Component Categories

Fortifying Components

System Fortification

Chapter 7: Personnel Security

Management Issues

Hiring Process

Trouble with Employees

Firing Process

Resignation Process

Contractors

Chapter 8: Physical Security

What Are the Threats?

Physical Security Basics

Going Overboard

Backups

Denial of Service

Electrical Power

Telephones

Access Control Logging and Log Analysis

Chapter 9: Monitoring Your Network

The Shape of the Logging System

What to Log

Logging Mechanisms

Time

Sensors

Logging System Design

Log Management

Log Analysis

Chapter 10: Auditing Your Network

Why Should You Audit Your Network?

Types of Audit

What Should the Audit Measure?

Who Should Do the Audit?

Expectations

Chapter 11: Quantifying the Value of Security

Perception of Value

Process of Explaining Security Issues

Measurements

Chapter 12: Preparing for an Attack

Getting Started

War Games

Post-Mortem Analysis

Developing a Response Plan

Personnel

Safety Equipment

Survival Pack Contents

Choosing Hiding Places

Set Your Own Ground Rules

Chapter 13: Handling an Attack

Exciting, but Not Fun

Thinking Pathologically

About Attacks

What You Can Do

What You Should Not Do

Response Team

Priorities During an Attack

Chapter 14: Forensics

Getting Started

The Art of Investigation

The Clean Room

Analyzing the Contaminated File System

Analysis Tools

What to Look For

Chapter 15: Log Analysis

Integrity Checks

Log Analysis

The Hunt

Developing Theories

Legalities

Chapter 16: Damage Control

Priorities

Advance Preparation

Post-Mortem Analysis

Appendix A: Glossary