List of Figures

Chapter 1: General Security Concepts

Figure 1.1: The security triad
Figure 1.2: Operational Security Issues
Figure 1.3: A logon process occurring on a workstation
Figure 1.4: CHAP authentication
Figure 1.5: A certificate being issued once identification has been verified
Figure 1.6: Security token authentication
Figure 1.7: Kerberos authentication process
Figure 1.8: Two-factor authentication
Figure 1.9: The smart card authentication process
Figure 1.10: A typical LAN connection to the Internet
Figure 1.11: An Intranet network
Figure 1.12: A typical Extranet between two organizations
Figure 1.13: A typical DMZ
Figure 1.14: A typical segmented VLAN
Figure 1.15: A typical Internet connection to a local network
Figure 1.16: A typical tunnel
Figure 1.17: The business requirements of a security environment
Figure 1.18: Internal and external threats in an organization

Chapter 2: Know Your Enemy

Figure 2.1: Distributed Denial of Service attack
Figure 2.2: A back door attack in progress
Figure 2.3: A spoofing attack during logon
Figure 2.4: A man in the middle attack occurring between a client and a web server
Figure 2.5: A replay attack occurring
Figure 2.6: The TCP/IP protocol architecture layers
Figure 2.7: The encapsulation process of an e-mail message
Figure 2.8: An e-mail message sent by an e-mail client to an e-mail server
Figure 2.9: The TCP connection process
Figure 2.10: The Windows socket interface
Figure 2.11: TCP SYN flood attack
Figure 2.12: TCP sequence number attack
Figure 2.13: TCP/IP hijacking attack
Figure 2.14: A Smurf Attack underway against a network
Figure 2.15: Viruses spreading from an infected system using the network or removable media
Figure 2.16: An e-mail virus spreading geometrically to other users
Figure 2.17: The polymorphic virus changing characteristics
Figure 2.18: A stealth virus hiding in a disk boot sector
Figure 2.19: A Multipartite virus commencing an attack on a system
Figure 2.20: A logic bomb being initiated by a connection to the Internet and opening a word processing document

Chapter 3: Infrastructure and Connectivity

Figure 3.1: A typical network infrastructure
Figure 3.2: A proxy firewall blocking network access from external networks
Figure 3.3: A dual-homed firewall segregating two networks from each other
Figure 3.4: Router connecting a LAN to a WAN
Figure 3.5: A corporate network implementing routers for segmentation and security
Figure 3.6: Switching between two systems
Figure 3.7: Wireless access point and workstation
Figure 3.8: A RAS connection between a remote workstation and a Windows server
Figure 3.9: A modern digital PBX system integrating voice and data onto a single network connection
Figure 3.10: Two LANs being connected using a VPN across the Internet
Figure 3.11: An IDS and a firewall working together to secure a network
Figure 3.12: A mobile environment using WAP security
Figure 3.13: PPP using a single B channel on an ISDN connection
Figure 3.14: The RADIUS client manages the local connection and authenticates against a central server.
Figure 3.15: A TCP packet requesting a web page from a web server
Figure 3.16: E-mail connections between clients and a server
Figure 3.17: A web server providing streaming video, animations, and HTML data to a client
Figure 3.18: Coaxial cable construction
Figure 3.19: Common BNC connectors
Figure 3.20: Baseband versus broadband signaling
Figure 3.21: Network termination in a coax network
Figure 3.22: A vampire tap and a T-connector on a coax
Figure 3.23: UTP and STP cable construction
Figure 3.24: 10Base-T network with a sniffer attached at the hub
Figure 3.25: Commonly used fiber connectors
Figure 3.26: An inline fiber splitter
Figure 3.27: RF communications between two ground stations
Figure 3.28: Cellular network in a metropolitan area

Chapter 4: Monitoring Communications Activity

Figure 4.1: A typical NDS tree structure
Figure 4.2: NetBEUI network using a VPN over a TCP/IP network
Figure 4.3: WINS Server resolving TCP/IP addresses to names
Figure 4.4: An NFS device being mounted by a remote UNIX system
Figure 4.5: Tap locations used to monitor network traffic
Figure 4.6: The components of an IDS working together to provide network monitoring
Figure 4.7: An MD-IDS in action
Figure 4.8: AD-IDS using expert system technology to evaluate risks
Figure 4.9: N-IDS placement in a network determines what data will be analyzed.
Figure 4.10: A hub being used to attach the N-IDS to the network
Figure 4.11: IDS instructing TCP to reset all connections
Figure 4.12: IDS instructing the firewall to close Port 80 for 60 seconds to thwart an IIS attack
Figure 4.13: A network honey pot deceives an attacker and gathers intelligence.
Figure 4.14: A Host-based IDS interacting with the operating system
Figure 4.15: Incident response cycle
Figure 4.16: WTLS used between two WAP devices
Figure 4.17: The WAP protocol in action
Figure 4.18: A WAP gateway enabling a connection to WAP devices by the Internet
Figure 4.19: An IM network with worldwide users

Chapter 5: Implementing and Maintaining a Secure Network

Figure 5.1: NetBIOS binding to TCP/IP network protocol
Figure 5.2: Network binding in a Windows 98 system
Figure 5.3: Event view log of a Windows 2000 system
Figure 5.4: Hierarchical file structure used in Unix and other operating systems
Figure 5.5: E-mail virus scanner on an e-mail server
Figure 5.6: Network share connection
Figure 5.7: Directory structure showing unique identification of a user

Chapter 6: Working with a Secure Network

Figure 6.1: The three-layer security model
Figure 6.2: A mantrap in action
Figure 6.3: Network perimeter defense
Figure 6.4: Network security zones
Figure 6.5: Network partitioning separating networks from each other in a larger network
Figure 6.6: Cell system in a metropolitan area
Figure 6.7: Electromagnetic interference (EMI) pickup in a data cable
Figure 6.8: RF Desensitization occurring as a result of cellular phone interference
Figure 6.9: Water-based fire suppression system
Figure 6.10: Information breakdown
Figure 6.11: The Bell La-Padula model
Figure 6.12: The Biba model
Figure 6.13: The Clark-Wilson model
Figure 6.14: The Information Flow model
Figure 6.15: The Noninterference model

Chapter 7: Cryptography Basics and Methods

Figure 7.1: A simple transposition code in action
Figure 7.2: A very simple hashing process
Figure 7.3: Quantum cryptography being used to encrypt a message
Figure 7.4: Symmetric encryption system
Figure 7.5: A two-key system in use
Figure 7.6: Cryptographic systems protect data from internal and external disclosure.
Figure 7.7: A simple integrity checking process for an encrypted message
Figure 7.8: The MAC value is calculated by the sender and receiver using the same algorithm.
Figure 7.9: Digital signature processing steps
Figure 7.10: A one-time pad used for authentication
Figure 7.11: The Certificate Authority process
Figure 7.12: An RA relieving work from a CA
Figure 7.13: The LRA verifying identity for the CA
Figure 7.14: A certificate illustrating some of the information stored
Figure 7.15: Certificate revocation request
Figure 7.16: A hierarchical trust structure
Figure 7.17: A bridge trust structure
Figure 7.18: A mesh trust structure
Figure 7.19: A hybrid model

Chapter 8: Cryptography Standards

Figure 8.1: The RFC process for standards development
Figure 8.2: Organizational chart of the International Telecommunications Union
Figure 8.3: The SSL connection process
Figure 8.4: The TLS connection process
Figure 8.5: The ISAKMP Protocol negotiation and connection process
Figure 8.6: Two web-enabled systems communicating via the XKMS process
Figure 8.7: The SET transaction in process
Figure 8.8: The SSH connection-establishment process
Figure 8.9: The PGP encryption system
Figure 8.10: WTLS security between a PDA and a wireless server
Figure 8.11: A centralized key-generating facility
Figure 8.12: A distributed key-generating system
Figure 8.13: The KDC process in a Kerberos environment
Figure 8.14: The KEA process
Figure 8.15: The key archival system
Figure 8.16: Symmetrical and asymmetrical keys in use

Chapter 9: Security Policies and Procedures

Figure 9.1: Server clustering in a networked environment
Figure 9.2: The four primary RAID technologies used in systems
Figure 9.3: Database transaction auditing process
Figure 9.4: Grandfather, Father, Son backup method
Figure 9.5: Full Archival backup method
Figure 9.6: A backup server archiving server files
Figure 9.7: System regeneration process for a workstation or server
Figure 9.8: Parties in a certificate-based transaction
Figure 9.9: Privilege grouping
Figure 9.10: AD logon process validating a user



CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net