Muutke küpsiste eelistusi

Wireless and Mobile Device Security 2nd edition [Pehme köide]

3.22/5 (9 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 400 pages, kaal: 680 g
  • Ilmumisaeg: 14-Apr-2021
  • Kirjastus: Jones and Bartlett Publishers, Inc
  • ISBN-10: 128421172X
  • ISBN-13: 9781284211726
Teised raamatud teemal:
Wireless and Mobile Device Security 2nd editionSuurem pilt
  • Formaat: Paperback / softback, 400 pages, kaal: 680 g
  • Ilmumisaeg: 14-Apr-2021
  • Kirjastus: Jones and Bartlett Publishers, Inc
  • ISBN-10: 128421172X
  • ISBN-13: 9781284211726
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781284211726.html
Märksõnad:
The world of wireless and mobile devices is evolving rapidly, with many individuals relying solely on their wireless devices in the workplace and in the home. The growing use of mobile devices demands that organizations become more educated in securing this technology and determining how to best protect their assets. Written by an industry expert, Wireless and Mobile Device Security, Second Edition explores the evolution of wired networks to wireless networking and its impact on the corporate world. Using case studies and real-world events, it goes on to discuss risk assessments, threats, and vulnerabilities of wireless networks, as well as the security measures that should be put in place to mitigate breaches.KEY FEATURES•Available with Cybersecurity Cloud Labs, providing immersive mock IT infrastructures where students can learn and practice foundational cybersecurity skills.•Discusses the history and evolution of wireless networks, including emerging trends in 5G connectivity and IOT•Explores the impact of wireless on the corporate world•Focuses on 802.11 WLAN security in both the small office/home office world and for larger organizations•Offers security solutions for the risks and vulnerabilities in mobile devices•Surveys the mobile malware landscape and discusses mitigation strategies
Preface xvii
Acknowledgments xix
About the Author xxi
Part I Introduction to Wireless and Mobile Networks 1(90)
Chapter 1 The Evolution of Data and Wireless Networks
3(24)
The Dawn of Data Communication
4(4)
Early Data Networks
5(2)
The Internet Revolution
7(1)
Advances in Personal Computers
7(1)
Networking and the Open Systems Interconnection Reference Model
8(6)
The Seven Layers of the OSI Reference Model
9(2)
Communicating over a Network
11(1)
IP Addressing
11(1)
Data Link Layer
12(1)
Physical Layer
13(1)
From Wired to Wireless
14(2)
Business Challenges Addressed by Wireless Networking
16(3)
The Economic Impact of Wireless Networking
16(1)
Wireless Networking and the Way People Work
16(3)
The Wi-Fi Market
19(3)
IP Mobility
20(2)
The Internet of Things
22(1)
Summary
23(1)
Key Concepts And Terms
24(1)
Assessment
24(3)
Chapter 2 The Mobile Revolution
27(18)
Introduction to Cellular (Mobile Communication)
28(5)
Cellular Coverage Maps
28(4)
Cellular Handoff
32(1)
The Evolution of Mobile Networks
33(4)
AMPS 1G
33(1)
GSM and CDMA 2G
34(1)
GPRS and Edge 2G+
35(1)
3G Technology
35(1)
4G and LTE
36(1)
5G
36(1)
The BlackBerry Effect and the BYOD Revolution
37(1)
The Economic Impact of Mobile IP
38(2)
The Business Impact of Mobility
40(2)
Business Use Cases
40(2)
Summary
42(1)
Key Concepts And Terms
42(1)
Assessment
43(2)
Chapter 3 Anywhere, Anytime, on Anything: "There's an App for That!"
45(20)
Anywhere, Anytime, on Anything
46(2)
Convenience Trumps Security
47(1)
Always Connected, Always On
47(1)
The Rise of the Mobile Workforce
48(2)
From Castle-and-Moat toward Zero Trust
50(1)
The Mobile Cloud
50(1)
Mobile Cloud Computing
51(1)
Cloud Apps versus Native Mobile Apps
51(1)
Deploying Wireless: Different Strokes for Different Folks
51(1)
The Industrial Internet of Things
52(2)
IoT Wireless Technologies
53(1)
Wireless Communication Technologies
54(2)
Bluetooth Low Energy
55(1)
Zigbee IP
55(1)
Z-Wave
55(1)
RFID
56(1)
NFC
56(1)
Thread
56(1)
6LoWPAN
56(1)
Cloud VPNS, WANs, and Interconnects
56(2)
Free Space Optics
57(1)
WiMAX
57(1)
vSAT
57(1)
SD-WAN
57(1)
WAN Technologies for loT
58(1)
Sigfox
58(1)
LoRaWAN
58(1)
Low-Power Wi-Fi (HaLow)
59(1)
Millimeter Radio
59(1)
Private LTE Networks
59(1)
Wireless Network Security
60(2)
Lingering Security Issues
62(1)
Mobile IP Security
62(1)
Summary
62(1)
Key Concepts And Terms
63(1)
Assessment
63(2)
Chapter 4 Security Threats Overview: Wired, Wireless, and Mobile
65(26)
What to Protect?
66(1)
General Threat Categories
67(3)
Confidentiality
68(1)
Integrity
68(1)
Availability
69(1)
Accountability
69(1)
Nonrepudiation
70(1)
Threats to Wireless and Mobile Devices
70(4)
Data Theft Threats
71(1)
Device Control Threats
72(1)
System Access Threats
73(1)
Risk Mitigation
74(4)
Mitigating the Risk of BYOD
75(3)
BYOD for Small-to-Medium Businesses
78(1)
Defense in Depth
78(2)
Authorization and Access Control
80(2)
AAA
80(2)
Information Security Standards
82(2)
ISO/IEC 27001:2013
82(1)
ISO/IEC 27002:2013
83(1)
NIST SP 800-53
83(1)
Regulatory Compliance
84(4)
The Sarbanes-Oxley Act
84(1)
The Gramm-Leach-Bliley Act
84(1)
The Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act
85(1)
The Payment Card Industry Data Security Standard
85(1)
GDPR & CCPA
86(1)
Detrimental Effects of Regulations
86(2)
Summary
88(1)
Key Concepts And Terms
88(1)
Assessment
89(2)
Part II WLAN Security 91(148)
Chapter 5 How Do WLANs Work?
93(32)
WLAN Topologies
94(1)
ISM Unlicensed Spectrum
94(4)
WLAN Anatomy
96(1)
Wireless Client Devices
96(1)
802.11 Service Sets
97(1)
The 802.11 Standards
98(4)
New Wi-Fi Alliance Naming System
99(3)
802.11 Unlicensed Bands
102(3)
Narrowband and Spread Spectrum
103(1)
Multipath
103(1)
Frequency Hopping Spread Spectrum
104(1)
Direct Sequence Spread Spectrum
104(1)
Wireless Access Points
105(4)
How Does a WAP Work?
105(3)
WAP Architecture
108(1)
Wireless Bridges
109(2)
Wireless Workgroup Bridges
109(1)
Residential Gateways
110(1)
Enterprise Gateways
111(1)
Wireless Antennas
111(7)
Omnidirectional Antennas
112(1)
Semi-Directional Antennas
112(1)
Highly Directional Antennas
113(1)
MIMO Antennas
114(4)
Determining Coverage Area
118(1)
Site Surveys
118(4)
Spectrum and Protocol Analysis
120(2)
Summary
122(1)
Key Concepts And Terms
123(1)
Assessment
123(2)
Chapter 6 WLAN and IP Networking Threat and Vulnerability Analysis
125(28)
Types of Attackers
126(2)
Skilled versus Unskilled Attackers
127(1)
Insiders versus Outsiders
127(1)
Targets of Opportunity versus Specific Targets
128(1)
Scouting for a Targeted Attack
129(1)
Physical Security and Wireless Networks
130(1)
Social Engineering
131(2)
Wardriving
133(1)
Rogue Access Points
134(1)
Rogue Access Point Vulnerabilities
134(1)
Evil Twins
135(2)
Bluetooth Vulnerabilities and Threats
137(6)
Bluetooth Versions
137(1)
Revisions Compared
138(1)
Bluetooth Pairing
139(1)
Bluejacking
140(1)
Bluesnarfing
141(1)
Bluebugging
142(1)
Is Bluetooth Vulnerable?
143(1)
Packet Analysis
143(1)
Wireless Networks and Information Theft
144(2)
Malicious Data Insertion on Wireless Networks
146(1)
Denial of Service Attacks
147(1)
Peer-to-Peer Hacking over Ad Hoc Networks
148(1)
When an Attacker Gains Unauthorized Control
149(1)
Summary
149(1)
Key Concepts And Terms
150(1)
Assessment
150(3)
Chapter 7 Basic WLAN Security Measures
153(22)
Design and Implementation Considerations for Basic Security
154(4)
Radio Frequency Design
154(1)
Equipment Configuration and Placement
155(1)
Interoperability and Layering
156(1)
Security Management
157(1)
Basic Security Best Practices
158(1)
Authentication and Access Restriction
158(5)
SSID Obfuscation
159(1)
MAC Filters
160(1)
Authentication and Association
160(1)
VPN over Wireless
161(1)
Virtual Local Area Networks
162(1)
Data Protection
163(6)
Wired Equivalent Privacy
164(1)
Wi-Fi Protected Access
165(1)
Wi-Fi Protected Access 2
165(1)
WPA2 with AES
166(1)
WPA2 with CCMP
167(1)
Order of Preference for Wi-Fi Data Protection
167(1)
WPA3
168(1)
Ongoing Management Security Considerations
169(2)
Firmware Upgrades
169(1)
Physical Security
170(1)
Periodic Inventory
170(1)
Identifying Rogue WLANs/Wireless Access Points
171(1)
Summary
171(1)
Key Concepts And Terms
172(1)
Assessment
172(3)
Chapter 8 Advanced WLAN Security Measures
175(24)
Establishing and Enforcing a Comprehensive Security Policy
176(3)
Centralized versus Distributed Design and Management
176(1)
Remote Access Policies
177(1)
Guest Policies
177(1)
Quarantining
178(1)
Compliance Considerations
178(1)
Employee Training and Education
179(1)
Implementing Authentication and Access Control
179(5)
Extensible Authentication Protocol
180(1)
Remote Authentication Dial-In User Service
180(2)
Intrusion Detection Systems and Intrusion Prevention Systems
182(1)
Protocol Filtering
182(1)
Authenticated Dynamic Host Configuration Protocol
183(1)
Data Protection
184(3)
WPA2 Personal and Enterprise Modes
184(1)
WPA3
184(1)
Internet Protocol Security
185(1)
Virtual Private Networks
186(1)
Malware and Application Security
186(1)
User Segmentation
187(2)
Virtual Local Area Networks
187(1)
Guest Access and Passwords
188(1)
Demilitarized Zone Segmentation
188(1)
Managing Network and User Devices
189(7)
Simple Network Management Protocol Version 3
189(1)
Discovery Protocols
190(1)
IP Services
190(1)
Coverage Area and Wi-Fi Roaming
191(1)
Client Security Outside the Perimeter
192(1)
Device Management and User Logons
193(1)
Hard Drive Encryption
194(1)
Quarantining
194(1)
Wi-Fi as a Service
195(1)
Summary
196(1)
Key Concepts And Terms
197(1)
Assessment
197(2)
Chapter 9 WLAN Auditing Tools
199(22)
WLAN Discovery Tools
200(4)
Enterprise Wi-Fi Audit Tools
201(1)
HeatMapper
202(2)
Penetration Testing Tools
204(1)
Metasploit
204(1)
Security Auditor's Research Assistant
204(1)
Password-Capture and Decryption Tools
205(3)
Network Enumerators
208(1)
Network Management and Control Tools
208(3)
Wireless Protocol Analyzers
208(1)
Aircrack-ng
209(1)
Airshark
209(1)
Network Management System
210(1)
WLAN Hardware Audit Tools and Antennas
211(1)
Hardware Audit Tools
211(1)
Antennas
211(1)
Attack Tools and Techniques
212(4)
Radio Frequency Jamming
212(1)
Denial of Service
213(1)
Hijacking Devices
213(1)
Hijacking a Session
214(2)
Network Utilities
216(1)
Summary
217(1)
Key Concepts And Terms
218(1)
Assessment
218(3)
Chapter 10 WLAN and IP Network Risk Assessment
221(18)
Risk Assessment
222(3)
Risk Assessment on WLANs
224(1)
Other Types of Risk Assessment
225(1)
IT Security Management
225(1)
Methodology
225(1)
Legal Requirements
226(1)
Other Justifications for Risk Assessments
226(1)
Security Risk Assessment Stages
226(9)
Planning
227(1)
Information Gathering
228(1)
Risk Analysis
229(5)
Identifying and Implementing Controls
234(1)
Monitoring
235(1)
Security Audits
235(1)
Summary
236(1)
Key Concepts And Terms
236(1)
Assessment
236(3)
Part III Mobile Security 239(96)
Chapter 11 Mobile Communication Security Challenges
241(18)
Mobile Phone Threats and Vulnerabilities
242(2)
Exploits, Tools, and Techniques
244(1)
Google Android Security Challenges
244(7)
Criticism of Android
247(1)
Android Exploitation Tools
248(1)
Android Security Architecture
249(1)
Android Application Architecture
249(1)
Google Play
250(1)
Apple iOS Security Challenges
251(4)
Apple iOS Exploits
252(2)
Apple iOS Architecture
254(1)
The App Store
254(1)
Windows Phone Security Challenges
255(2)
Windows Phone OS Exploits
255(1)
Windows Phone Security Architecture
255(1)
Windows Phone Architecture
256(1)
Windows Store
256(1)
Summary
257(1)
Key Concepts And Terms
257(1)
Assessment
257(2)
Chapter 12 Mobile Device Security Models
259(20)
Google Android Security
260(3)
The Android Security Model
260(1)
The Android Sandbox
261(1)
File-System Permissions
261(1)
Android SDK Security Features
261(1)
Rooting and Unlocking Devices
262(1)
Android Permission Model
262(1)
Apple iOS Security
263(4)
The Apple Security Model
263(1)
Application Provenance
264(1)
iOS Sandbox
264(1)
Security Concerns
265(1)
Permission-Based Access
265(1)
Encryption
266(1)
Jailbreaking iOS
266(1)
Windows Phone 8 Security
267(1)
Platform Application Security
267(1)
Security Features
267(1)
iOS and Android Evolution
267(3)
Android Version Evolution
268(1)
Apple iOS
269(1)
Security Challenges of Handoff-Type Features
270(1)
BYOD and Security
271(1)
Security Using Enterprise Mobility Management
272(3)
Mobile Device Management
273(1)
Mobile Application Management
273(2)
Summary
275(1)
Key Concepts And Terms
276(1)
Assessment
276(3)
Chapter 13 Mobile Wireless Attacks and Remediation
279(18)
Scanning the Corporate Network for Mobile Attacks
280(1)
Security Awareness
280(3)
Scanning the Network: What to Look For
281(1)
Scanning for Vulnerabilities
282(1)
The Kali Linux Security Platform
283(2)
Scanning with Airodump-ng
284(1)
Client and Infrastructure Exploits
285(1)
Client-Side Exploits
285(1)
Other USB Exploits
286(1)
Network Impersonation
286(1)
Network Security Protocol Exploits
287(3)
RADIUS Impersonation
287(1)
Public Certificate Authority Exploits
288(1)
Developer Digital Certificates
289(1)
Browser Application and Phishing Exploits
289(1)
Drive-By Browser Exploits
290(1)
Mobile Software Exploits and Remediation
290(5)
Weak Server-Side Security
291(1)
Unsecure Data Storage
291(1)
Insufficient Transport Layer Protection
292(1)
Data Leakage
292(1)
Poor Authorization and Authentication
293(1)
Broken Cryptography
293(1)
Client-Side Injection
293(1)
Security Decisions via Untrusted Inputs
294(1)
Improper Session Handling
294(1)
Lack of Binary Protections
295(1)
Summary
295(1)
Key Concepts And Terms
295(1)
Assessment
296(1)
Chapter 14 Fingerprinting Mobile Devices
297(20)
Is Fingerprinting a Bad or a Good Thing?
298(1)
Types of Fingerprinting
299(2)
Network Access Control
and Endpoint Fingerprinting
299(1)
Network Scanning and Proximity Fingerprinting
299(1)
Online or Remote Fingerprinting
300(1)
Cookies
301(1)
Cross-Site Profiling
302(1)
Fingerprinting Methods
303(2)
Passive Fingerprinting
303(1)
Examining TCP/IP Headers
304(1)
Application Identification
304(1)
Active Fingerprinting
305(1)
Unique Device Identification
305(2)
Apple iOS
305(1)
Android
306(1)
HTTP Headers
306(1)
New Methods of Mobile Fingerprinting
307(1)
JavaScript
307(1)
Fingerprinting Users
308(1)
Fingerprinting Users via Biometrics
308(1)
Spyware for Mobile Devices
309(3)
Spy Software
310(1)
Spy Cells: Stingray
311(1)
Fingerprinting on Modern Cellular Networks
312(2)
MNmap
313(1)
Man-in-the-Middle Attack
313(1)
Summary
314(1)
Key Concepts And Terms
314(1)
Assessment
315(2)
Chapter 15 Mobile MaLware and Application-Based Threats
317(18)
Malware on Android Devices
318(5)
Software Fragmentation
319(1)
Criminal and Developer Collaboration
320(3)
Madware
323(4)
Excessive Application Permissions
323(2)
Malware on Apple iOS Devices
325(1)
Mobile Malware Delivery Methods
326(1)
Mobile Malware and Social Engineering
327(1)
Captive Portals
327(1)
Drive-By Attacks
327(1)
Clickjacking
328(1)
Likejacking
328(1)
Plug-and-Play Scripts
328(1)
Mitigating Mobile Browser Attacks
328(1)
Mobile Application Attacks
329(1)
Mobile Malware Defense
330(1)
Mobile Device Management
330(1)
Penetration Testing and Smartphones
331(1)
Summary
332(1)
Key Concepts And Terms
332(1)
Assessment
333(2)
Appendix A Answer Key 335(2)
Appendix B Standard Acronyms 337(2)
Glossary of Key Terms 339(12)
References 351(12)
Index 363
Jim Doherty is the Sr. Vice President of Marketing Officer at Ixia.' Jim has lead held marketing, sales and engineering leadership positions at Certes Networks, Motorola, Cisco Systems and Ericsson during a 19-year career in the networking and communications sectors. Jim has made a name for himself in the industry due to his ability to explain networking technologies to non-technical audiences in a way that still satisfies technical professionals.' He has extensive speaking and presenting experience and if often sought out to explain networking and communication technologies to non-technical audiences.Jim is also the creator and co-author of the Networking Simplified series of books, and a comprehensive set of CCNA study notes; published in a number of certification guides.Jim holds a B.S. in electrical engineering from N.C. State University,and' an MBA from Duke University. Before earning his degrees Jim served in the US Marine Corps obtaining the rank of Sergeant.