Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Network Security Fundamentals", Gert De Laet/Gert Sch

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Network Security Fundamentals", Gert De Laet/Gert Schauwers
Date: Mon, 20 Feb 2006 08:18:00 -0800 
BKNTSCFD.RVW   20051127

"Network Security Fundamentals", Gert De Laet/Gert Schauwers, 2005,
1-58705-167-2, U$50.00/C$73.00
%A   Gert De Laet
%A   Gert Schauwers
%C   800 East 96th Street, Indianapolis, IN   46240
%D   2005
%G   1-58705-167-2
%I   Cisco Press
%O   U$50.00/C$73.00 feedback@ciscopress.com 800-382-3419
%O  http://www.amazon.com/exec/obidos/ASIN/1587051672/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1587051672/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1587051672/robsladesin03-20
%O   Audience i- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P   454 p.
%T   "Network Security Fundamentals"

The introduction states that the intended audience is comprised of two
groups: system administrators who are new to network security
concepts, and managers who need guidance for product purchase and
strategy decisions.

Part one is an introduction.  Chapter one is supposed to be an
overview of network security.  It is a very short piece full of
idiosyncratic definitions, isolated bits of security information, and
with a set of extremely simplistic "reading check" type questions at
the end.  A few network security vulnerabilities (and, oddly, a
discussion of buffer overflows) make up chapter two.  Various security
tools are listed in chapter three.

Part two should be about the diverse building blocks that go into
making up a protective system or architecture, but it really isn't. 
Chapter four is a very spotty overview of cryptography, failing to
address some significant concepts.  A very limited explanation of
security policy and its creation is in chapter five.  (The sample
policy provided, even within its limited scope, is rather thin.) 
Secure design, in chapter six, is possibly even worse: vague opinings
and a sales pitch for the Cisco SAFE blueprint document.

Part five addresses specific security tools.  Chapter seven looks at
Web security by presenting certain security related settings for
Windows systems and browsers.  Router access configurations and the
Cisco CBAC (Content-Based Access Control) content inspection and
intrusion detection system (IDS) is outlined in chapter eight. 
Apparently more intent on selling Cisco products than educating
readers, chapter nine does provide the basic information about
different types of firewalls, but in a disorganized and confusing
manner.  Much the same approach is taken with IDSs in chapter ten. 
Chapter eleven describes two centralized remote authentication systems
(RADIUS, Remote Authentication Dial-In User Service; and TACACS+,
Terminal Access Controller Access Control System plus), but mostly in
terms of packet types rather than functions.  Virtual Private Network
technologies are described in a disjointed manner in chapter twelve. 
A few aspects of public key infrastructure are presented in chapter
thirteen, along with a great many screen shots of Windows dialogue
boxes.  The security, or insecurity, of wireless LANs is briefly
reviewed in chapter fourteen.  Chapter fifteen lists some auditing
technologies.

Those who are not familiar with security would probably feel more so
after reading this book, although some of the material is of
questionable accuracy and even more debatable clarity.  Managers might
be a bit more aware of some of the issues involved in protection
strategy and product choice, although at the risk of making some
errors.  On balance, this work is probably serviceable as a quick
guide.  The more accurate works of which I am aware are more demanding
of the reader, and there are some "instant introductions" to network
security that are considerably worse.

copyright Robert M. Slade, 2005   BKNTSCFD.RVW   20051127


======================
rslade@computercrime.org  slade@victoria.tc.ca  rslade@sun.soci.niu.edu
It is the test of a good religion whether you can joke about it.
                                                  - G. K. Chesterton
Where does the idea come from that if what we are doing is fun,
it can't be God's will?  The God who made giraffes has a sense of
humor.  Make no mistake about that.             - Catherine Marshall


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Network Security Fundamentals", Gert De Laet/Gert Schauwers, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] REVIEW: "Real Digital Forensics", Keith J. Jones/Richard Bejtlich/Curtis W. Rose, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Date:  [CISSP-D] REVIEW: "Cryptography and Public Key Infrastructure on the Internet", Klaus Schmeh, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] REVIEW: "Real Digital Forensics", Keith J. Jones/Richard Bejtlich/Curtis W. Rose, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Thread:  [CISSP-D] REVIEW: "Cryptography and Public Key Infrastructure on the Internet", Klaus Schmeh, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]