A Practical Introduction to Enterprise Network and Security Management
Productivity Press (Verlag)
978-1-4987-8797-0 (ISBN)
- Titel erscheint in neuer Auflage
- Artikel merken
Computer networking and cybersecurity are challenging subjects, partly because of the constant rise and fall of related technologies and IT paradigms. As the title implies, much focus of this book is on providing the audience with practical, as well as, theoretical knowledge necessary to build a solid ground for a successful professional career.
A Practical Introduction to Enterprise Network and Security Management contains 12 chapters of the correct amount of coverage for a semester or quarter. It balances introductory and fairly advanced subjects on computer networking and cybersecurity to deliver effectively technical and managerial knowledge. It explains sometimes challenging concepts in a manner that students can follow with careful reading.
A Practical Introduction to Enterprise Network and Security Management is designed to offer impactful, hands-on learning experiences without relying on a computer lab. First, each chapter comes with practical exercise questions. In the class setting, they are good as individual or group assignments. Many of them are based on simulated or real cases, and take advantage of actual industry products and systems for a reader to better relate theories to practice. Second, there are a number of information-rich screen shots, figures, and tables in each chapter carefully constructed to solidify concepts and thus enhance visual learning.
A Practical Introduction to Enterprise Network and Security Management:
Is written for students studying management information systems, accounting information systems, or computer science in a semester of 15 to 16 weeks, and exposed to the subject for the first time
Takes advantage of many real cases and examples, and actual industry products and services (software, hardware, and configurations) so that students can better relate concepts and theories to practice
Explains subjects in a systematic, but very practical manner that students can follow through
Provides students with practical understanding of both computer networking and cybersecurity
Contains highly practical exercise questions, which can be individual or group assignments within or without the class, included in each chapter to reinforce learning.
In addition to the thorough technical details, managerial issues including, enterprise network planning, design, and management from the practitioner’s perspective are embedded throughout the text to assist balanced learning. Bearing in mind of the critical importance of security in today’s enterprise networks, the text discusses the implications of network design and management on enterprise security whenever appropriate. Lastly, to reinforce knowledge in security management further, two chapters introduce the fundamentals of cybersecurity in terms of threat types and defense techniques.
Bongsik Shin is a professor of Management Information Systems at San Diego State University. He earned a Ph.D. from the University of Arizona and was an assistant professor at the University of Nebraska at Omaha before joining San Diego State University. He has taught computer network & cybersecurity management, business intelligence (data warehousing & data mining, statistics), decision support systems, electronic commerce, and IT management & strategy. Especially, he has been teaching computer networking and cybersecurity continuously over 20 years. His academic activities in pursuit of teaching and research excellence have been funded by more than 25 internal and external grants. His recent research efforts have been all about cybersecurity on subjects related to cyber threat intelligence, ransomware, authentication & access control and countermeasures of phishing. Recently, his team, he as the principal investigator, has been awarded a grant by the Department of Defense of the US to conduct research on "Actionable Intelligence-Oriented Cyber Threat Modeling." He has published more than 30 articles in such high impact journals as MIS Quarterly, IEEE Transactions on Engineering Management, IEEE Transactions on Systems, Man, and Cybernetics, Communications of the ACM, Journal of Association for Information Systems, European Journal of Information Systems, Journal of Management Information Systems, Information Systems Journal, Information & Management, and Decision Support Systems. In 2016, he served as a conference co-chair of Americas Conference on Information Systems, one of the three largest MIS conferences with attendees from 40+ countries.
Preface
Author
Chapter 1: Fundamental Concepts 1
Introduction
Network Elements
Host
Client–Server Mode
P2P Mode
Network Interface Card
Intermediary Device
Network Link
Application
Data/Message
Protocol
Modes of Communication
Methods of Data Distribution
Unicasting
Broadcasting
Multicasting
Directionality in Data Exchange
Simplex
Duplex
Network Topology
Point-to-Point Topology
Bus Topology
Ring Topology
Star (Hub-and-Spoke) Topology
Mesh Topology
Tree (or Hierarchical) Topology
Classification of Networks
Personal Area Network
Local Area Network
Metropolitan Area Network
Wide Area Network
Rise of Internet of Things
Subnetwork versus Inter-network
Measures of Network Performance
Capacity
Data Types and Data Rate
Delay
Reliability
Quality of Service
Numbering Systems
Binary versus Decimal
Binary versus Hexadecimal
v
vi Contents
Network Addressing
Characterizing Network Addressing
MAC Address
IP Address
Pairing of MAC and IP Addresses Chapter Summary
Key Terms
Chapter Review Questions
Chapter 2: Architectures and Standards
Introduction
TCP/IP versus OSI
Standard Architecture
Standard and Protocol
Protocol Data Unit
Layer Functions: An Analogy
Layer Processing
Application Layer (Layer 5)
HTTP Demonstration
Select Application Layer Protocols
Transport Layer (Layer 4)
Provision of Data Integrity
Error Control
Flow Control
TCP and Data Integrity
UDP and Data Integrity
Session Management
Session versus No Session
Session Management by TCP
TCP Session in Real Setting
Additional Notes
Port Management
Port Types and Ranges
Source versus Destination Port
Socket
Internet Layer (Layer 3)
Packet Creation and Routing Decision
Packet Creation
Packet Routing Decision
Performing Supervisory Functions
Data Link Layer (Layer 2)
LAN Data Link
Frame and Switching
Link Types
Technology Standard(s)
Single Active Delivery Path
Frame’s MAC Addresses
WAN Data Link
Physical Layer (Layer 1)
Layer Implementation
Application Layer
Transport and Internet Layers
Data link and Physical Layers
Chapter Summary Key Terms
Chapter Review Questions
Chapter 3: Intermediary Devices
Introduction
Intermediary Devices
Operational Layers
Operating System
General Attributes
Access to Operating System
Hub (Multiport Repeater)
Bridge and Wireless Access Point
Switch
General Features
Switch Port
Switch Table
Switch Table Entries
Switch Learning
Aging of Entries
Switch Types
Nonmanaged versus Managed Switches
Store-and-Forward versus Cut-Through Switches
Symmetric versus Asymmetric Switches
Layer 2 versus Layer 3 Switches
Fixed, Stackable, and Modular Switches
Power over Ethernet
Security Issues
Safeguarding Switch Ports
Port Mirroring
Routers
Two Primary Functions
Routing Table Development and Its Update
Packet Forwarding
Router Components
Router Ports and Naming
Router Configuration
Basic Features
Advanced Features
Switching versus Routing
Data Link Layer versus Internet Layer
Connection-Oriented versus Connectionless
Single Delivery versus Multiple Delivery Paths
Address Resolution Protocol
Background
ARP Usage Scenarios
Choice of Intermediary Devices
Collision versus Broadcast Domains
Collision Domain
Collision Domain Types
Collision Domain and Network Design
CSMA/CD
Broadcast Domain
viii Contents
Chapter Summary Key Terms
Chapter Review Questions
Chapter 4: Elements of Data Transmissions
Introduction
Data Transmission Elements
Digital Signaling
On/Off Signaling
Voltage Signaling
Analog Signaling
Properties of Analog Signal
Modulation
Signaling Devices
Modem and Analog Signaling
CSU/DSU and Digital Signaling
Bandwidth and Related Concepts
Bandwidth
Baseband and Broadband
Synchronous versus Asynchronous Transmissions
Asynchronous Transmission
Synchronous Transmission
Multiplexing
Frequency Division Multiplexing
FDM Example: ADSL
Time Division Multiplexing
TDM Example: T-1 Line
Spread Spectrum
Digital Speed Hierarchies
Digital Signal
Optical Carrier/Synchronous Transport Module
Networking Media
Propagation Effects
Attenuation
Distortion
Twisted Pairs
UTP versus STP
Cable Structure and Categories
Twisted-Pair Patch Cable
Optical Fibers
Advantages
Physical Structure
Single Mode versus Multimode
Fiber Patch Cable
LAN Cabling Standards
Structured Cabling
Background
Structured Cabling System Chapter Summary
Key Terms
Chapter Review Questions
Chapter 5: IP Address Planning and Management
Introduction
Governance of IP Address Space
Structure of the IP Address
Binary versus Decimal Value Conversion
Structure of the IP Address
Classful IP: Legacy
Class A Network
Class B Network
Class C Network
Classless IP: Today
Special IP Address Ranges
Loopback
Internal Testing of TCP/IP Stack
Off-Line Testing of an Application
Broadcasting
Limited Broadcasting
Directed Broadcasting
Security Risk of Directed Broadcasting
Multicasting
Private IP and NAT
NAT: One-to-One IP Mapping
NAT: Many-to-One IP Mapping
Pros and Cons of NAT
Subnetting
Defining Subnet Boundary (Review)
Subnetwork Addressing
Subnet Mask
Subnet Mask
Subnetting Address Space
Broadcasting within a Subnet
Supernetting
Managing IP Address SPACE
Determining Number of Nodes
Determining Subnets
Managing Security with DMZ Subnet
Developing IP Assignment Policy Chapter Summary
Key Terms
Chapter Review Questions
Hands-On Exercise: Enterprise IP Management at Atlas Co.
Chapter 6: Fundamentals of Packet Routing
Introduction
Routing Mechanism
Routing Table
Background
Routing Table Elements
Packet Forwarding Decision
Entry Types of Routing Table
Directly Connected Routes
Static Routes
x Contents
Static Routes of a Router
Static Routes of a Host
Dynamic Routes
Dynamic Routing Protocols
Protocol Categories
Interior Gateway Protocols
Exterior Gateway Protocols
Delivery of Advertisement
Determination of Dynamic Routes
Security Management
Static versus Dynamic Routing
Inter-domain Routing
Perspectives on Packet Routing Chapter Summary
Key Terms
Chapter Review Questions
Chapter 7: Ethernet LAN
Introduction
Standard Layers
Ethernet Frame
Frame Structure
Addressing Modes
Ethernet LAN Design
Flat versus Hierarchical Design
Access Layer
Distribution and Core Layers
Benefits of Hierarchical Design
Spanning Tree Protocol
Link Redundancy
Protocols and Mechanism
Link Aggregation Review Questions
Virtual LANs (VLANs)
Background: Without VLANs
VLAN Concept
VLAN Scenarios
Without VLANs
With VLANs
How VLANs Work
VLAN ID versus Subnet Addressing
VLAN Tagging/Trunking (IEEE802.1Q)
Background
VLAN Tagging
VLAN Tagging/Untagging Process
VLAN Types
Default VLAN
Data VLAN
7.10.2.1 Data VLAN and Security
Voice VLAN
Inter-VLAN Routing
A Router Interface per VLAN
Scenario 1
Scenario 2
Sub-Interfaces/Ports (Advanced)
VLANS and Network Management Chapter Summary
Key Terms
Chapter Review Questions
Chapter 8: Wireless LAN (WiFi)
Introduction
Standard Layers and Wireless Cards
WiFi Setup Modes
Ad Hoc Mode
Infrastructure Mode
Wireless Access Points
AP in Infrastructure Mode
AP in Non-infrastructure Modes
Repeater Mode
Bridge Mode
SSID, BSS, and ESS
Service Set Identifier
BSS versus ESS
Basic Service Set
Extended Service Set
Media Access Control
CSMA/CA
RTS/CTS
WiFi Frames
Data Frame
Management Frame
Control Frame
WiFi and Radio Frequency
Radio Spectrum
Low versus High Radio Frequency
Governance
Licensed versus Unlicensed Radio
WiFi Channels
Planning Basic Service Sets
Authentication and Association
Three-Stage Process
Authentication Methods of a Station
Open Authentication
Pre-shared Key Authentication
Authentication Server
Additional Notes on Security
WiFi Standards
8.10.1 IEEE802.11n
Throughput Modes
2.4/5.0 GHz Bands
Single-User MIMO
QoS Support
IEEE802.11ac
5.0 GHz Band
Throughput Modes
Multi-user MIMO
WiFi Mesh Network (IEEE802.11s)
WiFi Home/SOHO Network
DSL/Cable Modem
Wireless Access Router
IP Configuration
Case: Wireless Access Router Configuration Chapter Summary
Key Terms
Chapter Review Questions
Chapter 9: Wide Area Network
Introduction
WAN and Enterprise Networks
WAN Connection Scenarios
Service-Level Agreement
CPE versus SPF
Demarcation Point
WAN Design Considerations
Layers of WAN Standards
Physical Layer
Data Link Layer
Circuit Switching
Packet Switching
Comparison: WAN versus LAN
IP Addressing for WAN Links
Leased Lines
Packet Switched Data Network
One Subnet between Two Locations
One Subnet for All Locations
Physical Layer Options: Leased Lines
T-Carrier/E-Carrier
T1 and T3 Circuits
SONET/SDH
Data Link Standard: Leased Lines
PPP Frame Structure
Router Authentication
PAP versus CHAP
Data Link Standards: PSDN
General Attributes
Shared Capacity
Customization of Subscribed Speeds
Support for Data and Voice
Frame Multiplexing
Unreliable Transmission
Virtual Circuits
WAN Switch Table
PVC versus SVC
Access Link Speeds
Frame Relay
General Characteristics
Frame Structure
Data Link Connection Identifier
How DLCI Works
FR Switch Table
Multiple VCs and DLCIs
Mapping IP Addresses
Asynchronous Transfer Mode
Background
Cell Switching
Quality of Service
Carrier Ethernet
Background
Strengths
Service Transport
Multi-Protocol Label Switching
Labels and Label Information Base
Benefits of MPLS
Wireless WAN: Cellular Network
General Architecture
Cell
Base Station
Mobile Terminal Switching Office
Call Channels
Multiple Access Technologies
Frequency Division Multiple Access
Time Division Multiple Access
Code Division Multiple Access
Orthogonal Frequency Division Multiple Access
Generations of Cellular Standards
LTE and Future
Long-Term Evolution
What Does the Future Hold? Chapter Summary
Key Terms
Chapter Review Questions
Chapter 10: The Internet and Client–Server
Systems
Introduction
Internet Architecture
Internet Service Provider
National ISPs
Regional/Local ISPs
ISP Network Architecture
Internet Exchange Point
Autonomous System
World Wide Web and Search Engine
World Wide Web
Deep Web
VPN for Secure Communications
Technology
Background
VPN Technology
Benefits of VPN
Cost-Effectiveness
Accessibility and Scalability
Flexibility
Risks of VPN
Reliability
Security
Types of VPN
Remote-Access VPN
Site-to-Site VPN
VPN Standards
IP Security
Tunnel Mode
Transport Mode
Secure Socket Layer
Broad Acceptance
VPN Implementation
SSL and Internet Commerce
IPSec versus SSL
IPv6 (IP Next Generation)
Background
IP Packet Structure
IP Addressing
Subnet Address Bits
Host Address Bits
Address Abbreviation
IPv6 versus IPv4 Standards
Transition Approaches
Dual IP Stacks within a Node
Direct Address Conversion
Packet Tunneling
Client–Server Applications
Domain Name System
Domain and Name Resolution
Domain Hierarchy
DNS Architecture
Dynamic Host Configuration Protocol
The Process View
Server Virtualization
Traditional Computing Model
Virtualization Concept
Virtualization Approaches
Hosted Virtualization
Hypervisor-Based Virtualization
Shared Infrastructure
Summary: Benefits Realized Chapter Summary
Key Terms
Chapter Review Questions
Chapter 11: Cybersecurity: Threats
Introduction
Malicious Codes: Malware
Virus
Worm
Trojan
Bot
Other Malware Types
Malware Issues
Password Cracking
Brute Force Method
Dictionary Method
Spoofing
Source Address Spoofing
IP Spoofing
MAC Spoofing
Email Spoofing
Web (or HTTP) Spoofing
Denial of Service
Pinging and SYN Requests
Pinging
SYN Requests
Distributed DOS
MAC Address Flooding
Packet Sniffing
Packet Sniffing with Wireshark
Port Scanning
Port Scanning with Zenmap
Social Engineering
Man-in-the-Middle
MITM with Bogus DHCP Server
Spam
Poisoning
ARP Poisoning (ARP Spoofing)
DNS Poisoning (DNS Spoofing)
Zero-Day Attack
WiFi Threats
Wardriving
Denial of Service
Rogue AP
MITM Chapter Summary Key Terms
Chapter Review Questions
Chapter 12: Cybersecurity: Defenses
Introduction
Security Requirements and Solutions
Security Requirements
Confidentiality (Privacy)
Data Integrity
Authentication
Access Control/Authorization
Availability
Technology Solutions
Principles in Architecting Defense
Layering
Limiting
Simplicity
Firewall
Firewall and DMZ
Separating Firewall and Border Router
Firewall Functions and Management
Firewall Functions
Managing Firewall
Stateless versus Stateful Filtering
Stateless Filtering
Stateful Filtering
Scenario (XYZ Company)
Access Control List
How Many ACLs?
ACL Filtering versus Packet Routing
Cryptography
Cryptography System
Basic Components
How It Works
Symmetric-Key Cryptography
Asymmetric-Key Cryptography
How It Works
Pros and Cons
Hybrid Approach
Hashing Cryptography
Digital Signature
Digital Certificate
Digital Certificate
Certificate Authority
Security Protocol
WiFi Security Standards
Wired Equivalent Privacy
WiFi Protected Access (WPA and WPA2)
Enterprise Mode versus Personal Mode Chapter Summary
Key Terms
Chapter Review Questions
Glossary
Acronyms
Index
| Erscheinungsdatum | 31.01.2018 |
|---|---|
| Zusatzinfo | 100 Illustrations, black and white |
| Verlagsort | Portland |
| Sprache | englisch |
| Maße | 178 x 254 mm |
| Gewicht | 1300 g |
| Themenwelt | Mathematik / Informatik ► Informatik ► Netzwerke |
| ISBN-10 | 1-4987-8797-5 / 1498787975 |
| ISBN-13 | 978-1-4987-8797-0 / 9781498787970 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
