Chapter 3. Understanding Defenses

On completing this chapter, you will be able to

• Explain how digital IDs can protect a network

• Describe intrusion protection and intrusion prevention techniques

• Explain how PC cardbased solutions can counter network weaknesses

• Explain how different encryption techniques protect a network environment

• Describe physical security of a site that uses access control and biometric techniques

• Explain how antivirus software is used

• List the basic functions of a firewall

Immense numbers of tools, techniques, systems, services, and processes are available to protect your data in today's challenging network environment. This chapter presents an overview of the techniques used to counter the network weaknesses discussed in Chapter 2, "Understanding VulnerabilitiesThe Need for Security," and those who exploit them. Because this chapter is an overview, many of the techniques are described at a basic level, especially those that are discussed in Part III of this book, "Tools and Techniques."

The chapter begins with a detailed explanation of digital IDs and how digital IDs can protect a network. Intrusion protection and intrusion prevention techniques are covered briefly in this chapter; Chapter 10, "Intrusion Detection System Concepts," covers the subject in detail. This chapter describes how PC cardbased solutions counter network weaknesses. It also covers different encryption techniques that can be used to protect the network environment. The chapter continues with a discussion of how the physical security of a site can be achieved using access control and biometric techniques. Discussions of antivirus software and the basic functionality of firewalls conclude the chapter.