INTRODUCTION

Welcome to Cybersecurity Essentials. This book is designed to provide a solid theory and practical platform for cybersecurity personnel. Key information provided in this edition includes:

• Critical infrastructure security systems and devices
• Security for local intelligent computing, and controlling devices and systems
• Security for local area network components and systems
• Cybersecurity for users and networks attached to the Internet

Each chapter begins with a list of learning objectives that establishes a foundation and systematic preview of the chapter.

A wealth of graphic diagrams and screen shots are included in each chapter to provide constant visual reinforcement of the concepts being discussed.

Key thoughts, cautions, and warnings in the chapter are presented in special boxes to call extra attention to them. Key terms are presented in italic type throughout the text. These terms are also defined in a comprehensive glossary at the end of the book that provides quick, easy access to the key terms that appear in each chapter.

Each part concludes with an extensive key-points review of its material.

One of the driving forces in the ongoing development of cybersecurity initiatives in the United States is the National Institute of Standards and Technology’s (NIST) Cybersecurity Frameworks. These frameworks have been developed to assist governmental and business organizations in the design and development of systems and techniques to provide security for their critical infrastructure.

Security Challenges

Another outstanding pedagogical feature of this book is the presentation of the scenario-based NIST Security Challenges placed at the beginning of each Part. At the beginning of each Part there are one or more scenario-based Security Challenges that present descriptions of a particular security setting related to the information that will be presented in the chapter. You will be asked to read the scenario, put on your security professional persona, and consider how you might go about exploiting the key assets of the scenario, then contemplate how you could go about establishing systems and strategies to protect those assets.

These challenges are designed to provide you with real, open-ended context that sets the expectation level for the material to be studied. Ideally, you will be considering how the theory and hands-on materials you encounter as you move through the chapter apply to those scenarios.

At the completion of each Part, you will be asked to return to these Security Challenges and create new observations based on your increased knowledge. You will also be asked to compare their observations to those of professional security specialists who have provided their feedback for these scenarios.

Who Should Read This Book

This book is intended for:

• Students preparing for a career in IT, networking, or cybersecurity
• Network professionals who want to improve their network security skills
• Management personnel who need to understand the cybersecurity threats they face and basic options for confronting those threats

If you’re interested in certification for the CompTIA Security+ or Microsoft MTA – 98-367 Security Fundamentals Certification exams, this book can be a great resource to help you prepare. See https://certification.comptia.org/certifications/security and www.microsoft.com/en-us/learning/exam-98-367.aspx for more certification information and resources.

What You Will Learn

You will learn to apply a systematic approach to securing IT networks and infrastructure. This approach begins with addressing physical security concerns from the outer edge of the physical environment to the interior region where the most valuable assets are located. The first half of any security objective is to limit physical access to the assets. If you can’t get to it, you can’t steal, damage, or destroy it. You will learn to view physical security in terms of three perimeters and to implement the proper tools at each.

After securing the physical environment, you will explore tools and techniques used to secure local endpoint computing devices. Following the three-perimeter strategy developed for physical security, you will address the security of these devices from their outer edge to their most desirable asset: your data.

After the local endpoint devices have been secured, you will turn your attentions to securing the servers, connectivity devices, and transmission media that make up the balance of your local area network. You will learn to secure these devices to protect your IT assets within the connected environment that you control.

Finally, you will explore tools and techniques used to protect your data when it leaves the protection of the network you control and passes through unprotected territory: the Internet. This will include building network structures to protect your network from the bad people hiding in the Internet, as well as how to guard your data when it is traveling through their territory.

What Is Covered in This Book

This book is a basic training system designed to provide a solid theoretical understanding of cybersecurity challenges, tools, and techniques, as well as to develop the foundations of a professional cybersecurity skill set. This is accomplished in a progressive four-section process, as follows:

Part I—Infrastructure Security—This part introduces the concepts and techniques associated with physical infrastructure security devices, systems, and techniques used to combat theft, prevent physical damage, maintain system integrity and services, and limit unauthorized disclosure of information.

Chapter 1 presents two Infrastructure Security Scenarios for the reader to consider and research selected NIST Cybersecurity Framework Functions and Categories and then apply them to the given scenarios.

Chapter 2 deals with common Access Control systems for protecting physical infrastructure assets. This section contains information about different types of physical barriers and their associated monitoring and control systems. The Authentication Systems section that follows is a logical extension of the physical access control materials. Devices and systems covered in this portion of the chapter are used for controlling access and denial of access to key physical assets.

Next the material moves on to examine the components and operation of a typical physical security monitoring and notification system. In this section, security controllers, sensors, and enunciators are covered along with logical implementation strategies.

The material in Chapter 3 flows quite naturally to the addition of visual Surveillance Systems to the security monitoring system. Information contained in this section includes: surveillance cameras, video recorders, modulators, and switchers.

Chapter 4 completes the Infrastructure Security material with a section covering Intrusion detection and reporting systems.

Chapter 5 provides a Summary and Review for the Scenarios and chapters of Part I. This chapter includes a complete list of relevant Summary Points and a Review Quiz. It also returns the reader to the Scenarios that began the Infrastructure Security part so they can update their response to the scenario challenges and then compare them to the response generated by an active Cyber Security Professional.

Part II—Local Host Security—One of the most useful tools ever introduced to business, industry, government, and medicine is the personal computer. This chapter primarily deals with personal computers and focuses on security efforts at the local computer level.

Chapter 6 presents two Local Host Security Scenarios for the reader to consider and research selected NIST Cybersecurity Framework Functions and Categories and then apply them to the given scenarios.

Chapter 7 begins the Part II discussion with sections covering physically securing personal computing devices. Information covered here includes biometric authentication devices such as fingerprint scanners, smart cards, and RFID cards. The material then moves on to physical port access risks and solutions. Options for accessing the PC covered here include the USB and Firewire ports.

Chapter 8 provides an overview of operating system structures, security features, and tools across the spectrum of operating system suppliers. In addition, the chapter covers logical (software-based) authentication methods for access control at the user’s level. Topics covered here include passwords and computer locking features. Finally, the chapter provides an overview of operating system auditing and logging utilities and wraps up with a discussion of OS-based encryption tools.

Chapter 9 completes the Local Host Security part by examining security associated with remote access options. Included in this line of discussion are local software-based firewalls, intrusion detection systems, and Internet Browser Security options. The chapter concludes with a detailed discussion dealing with malicious software protection options, such as antivirus and antispyware programs, as well as software updating and patching efforts.

Chapter 10 provides a Summary and Review for the Scenarios and chapters of Part II. This chapter includes a complete list of relevant Summary Points and a Review...