The Process of Network Security

In The Process of Network Security, security specialist Thomas A. Wadlow reveals the approaches, techniques, and best practices that effectively secure the modern workplace. Written for network managers and administrators responsible for the security of large, enterprise-wide networks, this book focuses on security as a continuous process involving vigilant daily efforts in analysis, implementation, evaluation, and maintenance. It also emphasizes that in order to truly protect the enterprise, security professionals must consider not just individual machines, but the entire system — machines, people, and procedures.

The Process of Network Security discusses the many issues involved and walks you through the specific steps of setting up a secure system, focusing on standard operating procedures and day-to-day operations and maintenance. Providing a broad perspective on the challenge of enterprise security, this book covers a wide range of topics, including:

• Understanding the nature of attacks and attackers
• Setting security goals
• Creating a secure network design
• Building a team
• Fortifying network components
• Implementing physical and personnel security
• Monitoring and ordering a network
• Discovering and handling an actual attack
• Dealing with law enforcement authorities

You will find many experience-based observations, insights, and sound advice to point you in the right direction and to help you avoid potentially dangerous pitfalls and threats that face your network security. The book also addresses the "catch-22" that security specialists face: how to demonstrate the value of security when proof of its success cannot always be thoroughly tracked or measured.

Written in a conversational tone, The Process of Network Security conveys both the specific information and the general mindset that will enable you to anticipate, prevent, and respond to network threats.

1. Understanding Security
• What Are We Protecting?
• Thinking Like a Defender
• The Reader of This Book
• The Organization We Are Protecting
• The Process of Security
• How Do You Know That the Process Is Working?
• Trend Analysis
2. Writing a Security Policy
• Pitfalls
• Staging a Coup
• Contents of the Policy
3. Who Is Attacking You?
• The Nature of the Beast
• Security as an Evolutionary Strategy
4. Security Design Process
• Thinking About Security
• Principles of Security
• The Shape of Your Defenses
• Organizational Network
• Passive Outer Defenses
• Active Inner Defenses
• Passive Monitoring
• Active Monitoring
• The Shape of Your Security Organization
• Response Team
• Forensics Team
• Watch Team
• Employee Training
5. Building a Security Team
• Employee Characteristics
• Job Functions in a Security Team
• Training and Cross-Training
• Interviewing Security Candidates
• Background Checks
• Hiring
• Firing
6. Fortifying Network Components
• What Is a Network Component?
• Component Types
• Selecting Components
• Component Categories
• Fortifying Components
• Customizing New Components
• Upgrading Old Components
• System Fortification
• Configuration of the Operating System
• Applying Patches
• Removing Unnecessary Services
• Limiting Necessary Services
• Disabling and Deleting Unnecessary Software
• Conclusion
7. Personnel Security
• Management Issues
• Hiring Process
• Trouble with Employees
• Firing Process
• Resignation Process
• Contractors
8. Physical Security
• What Are the Threats?
• Physical Security Basics
• Going Overboard
• Backups
• Denial of Service
• Electrical Power
• Telephones
• Access Control Logging and Log Analysis
9. Monitoring Your Network
• The Shape of the Logging System
• What to Log
• Logging Mechanisms
• Time
• Sensors
• Logging System Design
• Log Management
• Log Analysis
10. Auditing Your Network
• Why Should You Audit Your Network?
• Types of Audit
• What Should the Audit Measure?
• Who Should Do the Audit?
• Expectations
• What You Should Expect from the Auditor
• What the Auditor Should Expect from You
• How the Audit Should Be Conducted
• What You Should Do About the Audit Results
11. Quantifying the Value of Security
• Perception of Value
• Process of Explaining Security Issues
• Measurements
12. Preparing for an Attack
• Getting Started
• War Games
• Post-Mortem Analysis
• Developing a Response Plan
• Personnel
• Safety Equipment
• Survival Pack Contents
• Choosing Hiding Places
• Set Your Own Ground Rules
13. Handling an Attack
• Exciting, but Not Fun
• Thinking Pathologically
• About Attacks
• What You Can Do
• What You Should Not Do
• Response Team
• Priorities During an Attack
14. Forensics
• Getting Started
• The Art of Investigation
• The Clean Room
• Analyzing the Contaminated File System
• Analysis Tools
• What to Look For
15. Log Analysis
• Integrity Checks
• Log Analysis
• The Hunt
• Developing Theories
• Legalities
16. Damage Control
• Priorities
• Advance Preparation
• Post-Mortem Analysis

1. Glossary

The key word here is "process". A very good InfoSec book. Recommended.