Differences between revisions 8 and 10 (spanning 2 versions)
Revision 8 as of 2011-01-09 18:33:51
Size: 1372
Editor: 71-88-174-166
Comment:
Revision 10 as of 2011-01-09 18:35:51
Size: 1405
Editor: 71-88-174-166
Comment:
Deletions are marked like this. Additions are marked like this.
Line 23: Line 23:
    1. '''Security Attacks'''. An example can be seen here: {{attachment:OSI Model.png}}     1. '''Security Attacks'''. An example can be seen here: {{attachment:OSI     1.
    1. {{attachment:OSI
Model.png}}

Describe NetworkSecurityEssentials4

This page includes Dr. A's own notes on Network Security Essentials 4th Edition.

Chapter 1

  1. No clear boundary exists between computer security and network/Internet security. This book comes to the problem from the network security side.
  2. CIA triad from "computer security"
    1. Confidentiality

    2. Integrity

    3. Availability

    4. Many experts add:
      1. Authenticity
      2. Accountability (non-repudiation, deterrence, fault isolation, intrusion detection and prevention, after-action recovery and legal action)
  3. Computer security is complex
    1. Requirements stated in one word, but mechanisms to fulfill requirements often complex
    2. Security mechanisms prone to attack
    3. Threat analysis to a security service may reveal additional complexity
    4. Placement of the mechanisms not trivial... see the rest on page 8.
  4. OSI securiity model
    1. Users and software use Security Services which in turn use...

    2. Security Mechanisms to block

    3. Security Attacks. An example can be seen here: {{attachment:OSI 1.

    4. OSI Model.png

    5. You should know these categories well!

NetworkSecurity/NetworkSecurityEssentials4 (last edited 2011-04-04 15:47:11 by vmhost3b)