A Practical Introduction to Enterprise Network and Security Management: 1st Edition (Hardback) book cover

A Practical Introduction to Enterprise Network and Security Management

1st Edition

By Bongsik Shin

Auerbach Publications

594 pages | 100 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781498787970
pub: 2017-07-12
SAVE ~$20.25
$135.00
$114.75
x
eBook (VitalSource) : 9781315154206
pub: 2017-07-12
from $28.98


FREE Standard Shipping!

Description

Computer networking and cybersecurity are challenging subjects, partly because of the constant rise and fall of related technologies and IT paradigms. As the title implies, much focus of this book is on providing the audience with practical, as well as, theoretical knowledge necessary to build a solid ground for a successful professional career.

A Practical Introduction to Enterprise Network and Security Management contains 12 chapters of the correct amount of coverage for a semester or quarter. It balances introductory and fairly advanced subjects on computer networking and cybersecurity to deliver effectively technical and managerial knowledge. It explains sometimes challenging concepts in a manner that students can follow with careful reading.

A Practical Introduction to Enterprise Network and Security Management is designed to offer impactful, hands-on learning experiences without relying on a computer lab. First, each chapter comes with practical exercise questions. In the class setting, they are good as individual or group assignments. Many of them are based on simulated or real cases, and take advantage of actual industry products and systems for a reader to better relate theories to practice. Second, there are a number of information-rich screen shots, figures, and tables in each chapter carefully constructed to solidify concepts and thus enhance visual learning.

A Practical Introduction to Enterprise Network and Security Management

  • Is written for students studying management information systems, accounting information systems, or computer science in a semester of 15 to 16 weeks, and exposed to the subject for the first time

  • Takes advantage of many real cases and examples, and actual industry products and services (software, hardware, and configurations) so that students can better relate concepts and theories to practice

  • Explains subjects in a systematic, but very practical manner that students can follow through

  • Provides students with practical understanding of both computer networking and cybersecurity

  • Contains highly practical exercise questions, which can be individual or group assignments within or without the class, included in each chapter to reinforce learning.

In addition to the thorough technical details, managerial issues including, enterprise network planning, design, and management from the practitioner’s perspective are embedded throughout the text to assist balanced learning. Bearing in mind of the critical importance of security in today’s enterprise networks, the text discusses the implications of network design and management on enterprise security whenever appropriate. Lastly, to reinforce knowledge in security management further, two chapters introduce the fundamentals of cybersecurity in terms of threat types and defense techniques.

Table of Contents

Preface

Author

Chapter 1: Fundamental Concepts 1

      1. Introduction
      2. Network Elements
        1. Host
          1. Client–Server Mode
          2. P2P Mode
          3. Network Interface Card

        2. Intermediary Device
        3. Network Link
        4. Application
        5. Data/Message
        6. Protocol

      3. Modes of Communication
        1. Methods of Data Distribution
          1. Unicasting
          2. Broadcasting
          3. Multicasting

        2. Directionality in Data Exchange
          1. Simplex
          2. Duplex

      4. Network Topology
        1. Point-to-Point Topology
        2. Bus Topology
        3. Ring Topology
        4. Star (Hub-and-Spoke) Topology
        5. Mesh Topology
        6. Tree (or Hierarchical) Topology

      5. Classification of Networks
        1. Personal Area Network
        2. Local Area Network
        3. Metropolitan Area Network
        4. Wide Area Network
        5. Rise of Internet of Things

      6. Subnetwork versus Inter-network
      7. Measures of Network Performance
        1. Capacity
          1. Data Types and Data Rate

        2. Delay
        3. Reliability
        4. Quality of Service

      8. Numbering Systems
        1. Binary versus Decimal
        2. Binary versus Hexadecimal

 

v

 

 

vi Contents

 

      1. Network Addressing
        1. Characterizing Network Addressing
        2. MAC Address
        3. IP Address
        4. Pairing of MAC and IP Addresses Chapter Summary

Key Terms

Chapter Review Questions

Chapter 2: Architectures and Standards

      1. Introduction
      2. TCP/IP versus OSI
        1. Standard Architecture
        2. Standard and Protocol
        3. Protocol Data Unit

      3. Layer Functions: An Analogy
      4. Layer Processing
      5. Application Layer (Layer 5)
        1. HTTP Demonstration
        2. Select Application Layer Protocols

      6. Transport Layer (Layer 4)
        1. Provision of Data Integrity
          1. Error Control
          2. Flow Control
          3. TCP and Data Integrity
          4. UDP and Data Integrity

        2. Session Management
          1. Session versus No Session
          2. Session Management by TCP
          3. TCP Session in Real Setting
          4. Additional Notes

        3. Port Management
          1. Port Types and Ranges
          2. Source versus Destination Port
          3. Socket

      7. Internet Layer (Layer 3)
        1. Packet Creation and Routing Decision
          1. Packet Creation
          2. Packet Routing Decision

        2. Performing Supervisory Functions

      8. Data Link Layer (Layer 2)
        1. LAN Data Link
          1. Frame and Switching
          2. Link Types
          3. Technology Standard(s)
          4. Single Active Delivery Path
          5. Frame’s MAC Addresses

        2. WAN Data Link

      9. Physical Layer (Layer 1)
      10. Layer Implementation
        1. Application Layer
        2. Transport and Internet Layers
        3. Data link and Physical Layers

 

Chapter Summary Key Terms

Chapter Review Questions

Chapter 3: Intermediary Devices

      1. Introduction
      2. Intermediary Devices
        1. Operational Layers
        2. Operating System
          1. General Attributes
          2. Access to Operating System

      3. Hub (Multiport Repeater)
      4. Bridge and Wireless Access Point
      5. Switch
        1. General Features
        2. Switch Port
        3. Switch Table
          1. Switch Table Entries
          2. Switch Learning
          3. Aging of Entries

        4. Switch Types
          1. Nonmanaged versus Managed Switches
          2. Store-and-Forward versus Cut-Through Switches
          3. Symmetric versus Asymmetric Switches
          4. Layer 2 versus Layer 3 Switches
          5. Fixed, Stackable, and Modular Switches
          6. Power over Ethernet

        5. Security Issues
          1. Safeguarding Switch Ports
          2. Port Mirroring

      6. Routers
        1. Two Primary Functions
          1. Routing Table Development and Its Update
          2. Packet Forwarding

        2. Router Components
        3. Router Ports and Naming
        4. Router Configuration
          1. Basic Features
          2. Advanced Features

      7. Switching versus Routing
        1. Data Link Layer versus Internet Layer
        2. Connection-Oriented versus Connectionless
        3. Single Delivery versus Multiple Delivery Paths

      8. Address Resolution Protocol
        1. Background
        2. ARP Usage Scenarios

      9. Choice of Intermediary Devices
      10. Collision versus Broadcast Domains
        1. Collision Domain
          1. Collision Domain Types
          2. Collision Domain and Network Design
          3. CSMA/CD

        2. Broadcast Domain

 

 

viii Contents

 

Chapter Summary Key Terms

Chapter Review Questions

Chapter 4: Elements of Data Transmissions

      1. Introduction
      2. Data Transmission Elements
        1. Digital Signaling
          1. On/Off Signaling
          2. Voltage Signaling

        2. Analog Signaling
          1. Properties of Analog Signal
          2. Modulation

        3. Signaling Devices
          1. Modem and Analog Signaling
          2. CSU/DSU and Digital Signaling

        4. Bandwidth and Related Concepts
          1. Bandwidth
          2. Baseband and Broadband

        5. Synchronous versus Asynchronous Transmissions
          1. Asynchronous Transmission
          2. Synchronous Transmission

        6. Multiplexing
          1. Frequency Division Multiplexing
          2. FDM Example: ADSL
          3. Time Division Multiplexing
          4. TDM Example: T-1 Line
          5. Spread Spectrum

        7. Digital Speed Hierarchies
          1. Digital Signal
          2. Optical Carrier/Synchronous Transport Module

      3. Networking Media
        1. Propagation Effects
          1. Attenuation
          2. Distortion

        2. Twisted Pairs
          1. UTP versus STP
          2. Cable Structure and Categories
          3. Twisted-Pair Patch Cable

        3. Optical Fibers
          1. Advantages
          2. Physical Structure
          3. Single Mode versus Multimode
          4. Fiber Patch Cable

        4. LAN Cabling Standards

      4. Structured Cabling
        1. Background
        2. Structured Cabling System Chapter Summary

Key Terms

Chapter Review Questions

 

Chapter 5: IP Address Planning and Management

      1. Introduction
      2. Governance of IP Address Space
      3. Structure of the IP Address
        1. Binary versus Decimal Value Conversion
        2. Structure of the IP Address

      4. Classful IP: Legacy
        1. Class A Network
        2. Class B Network
        3. Class C Network

      5. Classless IP: Today
      6. Special IP Address Ranges
        1. Loopback
          1. Internal Testing of TCP/IP Stack
          2. Off-Line Testing of an Application

        2. Broadcasting
          1. Limited Broadcasting
          2. Directed Broadcasting
          3. Security Risk of Directed Broadcasting

        3. Multicasting
        4. Private IP and NAT
          1. NAT: One-to-One IP Mapping
          2. NAT: Many-to-One IP Mapping
          3. Pros and Cons of NAT

      7. Subnetting
        1. Defining Subnet Boundary (Review)
        2. Subnetwork Addressing

      8. Subnet Mask
        1. Subnet Mask
        2. Subnetting Address Space
        3. Broadcasting within a Subnet

      9. Supernetting
      10. Managing IP Address SPACE
        1. Determining Number of Nodes
        2. Determining Subnets
          1. Managing Security with DMZ Subnet
          2. Developing IP Assignment Policy Chapter Summary

Key Terms

Chapter Review Questions

Hands-On Exercise: Enterprise IP Management at Atlas Co.

Chapter 6: Fundamentals of Packet Routing

      1. Introduction
      2. Routing Mechanism
      3. Routing Table
        1. Background
        2. Routing Table Elements

      4. Packet Forwarding Decision
      5. Entry Types of Routing Table
        1. Directly Connected Routes
        2. Static Routes

 

 

x Contents

 

          1. Static Routes of a Router
          2. Static Routes of a Host

        1. Dynamic Routes

      1. Dynamic Routing Protocols

        1. Protocol Categories
          1. Interior Gateway Protocols
          2. Exterior Gateway Protocols

        2. Delivery of Advertisement
        3. Determination of Dynamic Routes
        4. Security Management
        5. Static versus Dynamic Routing

      1. Inter-domain Routing
      2. Perspectives on Packet Routing Chapter Summary

Key Terms

Chapter Review Questions

Chapter 7: Ethernet LAN

      1. Introduction
      2. Standard Layers
      3. Ethernet Frame
        1. Frame Structure
        2. Addressing Modes

      4. Ethernet LAN Design
        1. Flat versus Hierarchical Design
        2. Access Layer
        3. Distribution and Core Layers
        4. Benefits of Hierarchical Design

      5. Spanning Tree Protocol
        1. Link Redundancy
        2. Protocols and Mechanism

      6. Link Aggregation Review Questions
      7. Virtual LANs (VLANs)
        1. Background: Without VLANs
        2. VLAN Concept

      8. VLAN Scenarios
        1. Without VLANs
        2. With VLANs
        3. How VLANs Work
        4. VLAN ID versus Subnet Addressing

      9. VLAN Tagging/Trunking (IEEE802.1Q)
        1. Background
        2. VLAN Tagging
        3. VLAN Tagging/Untagging Process

      10. VLAN Types
        1. Default VLAN
        2. Data VLAN
        3. 7.10.2.1 Data VLAN and Security

        4. Voice VLAN

      11. Inter-VLAN Routing
        1. A Router Interface per VLAN

 

        1. Scenario 1
        2. Scenario 2

      1. Sub-Interfaces/Ports (Advanced)

      1. VLANS and Network Management Chapter Summary

Key Terms

Chapter Review Questions

Chapter 8: Wireless LAN (WiFi)

      1. Introduction
      2. Standard Layers and Wireless Cards
      3. WiFi Setup Modes
        1. Ad Hoc Mode
        2. Infrastructure Mode

      4. Wireless Access Points
        1. AP in Infrastructure Mode
        2. AP in Non-infrastructure Modes
          1. Repeater Mode
          2. Bridge Mode

      5. SSID, BSS, and ESS
        1. Service Set Identifier
        2. BSS versus ESS
          1. Basic Service Set
          2. Extended Service Set

      6. Media Access Control
        1. CSMA/CA
        2. RTS/CTS

      7. WiFi Frames
        1. Data Frame
        2. Management Frame
        3. Control Frame

      8. WiFi and Radio Frequency
        1. Radio Spectrum
          1. Low versus High Radio Frequency
          2. Governance
          3. Licensed versus Unlicensed Radio

        2. WiFi Channels
        3. Planning Basic Service Sets

      9. Authentication and Association
        1. Three-Stage Process
        2. Authentication Methods of a Station
          1. Open Authentication
          2. Pre-shared Key Authentication
          3. Authentication Server
          4. Additional Notes on Security

      10. WiFi Standards

8.10.1 IEEE802.11n

        1. Throughput Modes
        2. 2.4/5.0 GHz Bands
        3. Single-User MIMO
        4. QoS Support

      1. IEEE802.11ac
      2.  

          1. 5.0 GHz Band
          2. Throughput Modes
          3. Multi-user MIMO

      1. WiFi Mesh Network (IEEE802.11s)
      2. WiFi Home/SOHO Network
        1. DSL/Cable Modem
        2. Wireless Access Router
        3. IP Configuration
        4. Case: Wireless Access Router Configuration Chapter Summary

Key Terms

Chapter Review Questions

Chapter 9: Wide Area Network

      1. Introduction
      2. WAN and Enterprise Networks
        1. WAN Connection Scenarios
        2. Service-Level Agreement
        3. CPE versus SPF
          1. Demarcation Point

        4. WAN Design Considerations

      3. Layers of WAN Standards
        1. Physical Layer
        2. Data Link Layer
          1. Circuit Switching
          2. Packet Switching

        3. Comparison: WAN versus LAN

      4. IP Addressing for WAN Links
        1. Leased Lines
        2. Packet Switched Data Network
          1. One Subnet between Two Locations
          2. One Subnet for All Locations

      5. Physical Layer Options: Leased Lines
        1. T-Carrier/E-Carrier
          1. T1 and T3 Circuits

        2. SONET/SDH

      6. Data Link Standard: Leased Lines
        1. PPP Frame Structure
        2. Router Authentication
          1. PAP versus CHAP

      7. Data Link Standards: PSDN
        1. General Attributes
          1. Shared Capacity
          2. Customization of Subscribed Speeds
          3. Support for Data and Voice
          4. Frame Multiplexing
          5. Unreliable Transmission

        2. Virtual Circuits
          1. WAN Switch Table
          2. PVC versus SVC
          3. Access Link Speeds

      8. Frame Relay
        1. General Characteristics
        2.  

        3. Frame Structure
        4. Data Link Connection Identifier
            1. How DLCI Works
            2. FR Switch Table
            3. Multiple VCs and DLCIs

        5. Mapping IP Addresses

      9. Asynchronous Transfer Mode
        1. Background
        2. Cell Switching
        3. Quality of Service

      10. Carrier Ethernet
        1. Background
        2. Strengths
        3. Service Transport

      11. Multi-Protocol Label Switching
        1. Labels and Label Information Base
        2. Benefits of MPLS

      12. Wireless WAN: Cellular Network
        1. General Architecture
          1. Cell
          2. Base Station
          3. Mobile Terminal Switching Office
          4. Call Channels

        2. Multiple Access Technologies
          1. Frequency Division Multiple Access
          2. Time Division Multiple Access
          3. Code Division Multiple Access
          4. Orthogonal Frequency Division Multiple Access

        3. Generations of Cellular Standards
        4. LTE and Future
          1. Long-Term Evolution
          2. What Does the Future Hold? Chapter Summary

Key Terms

Chapter Review Questions

Chapter 10: The Internet and Client–Server

Systems

      1. Introduction
      2. Internet Architecture
        1. Internet Service Provider
          1. National ISPs
          2. Regional/Local ISPs
          3. ISP Network Architecture

        2. Internet Exchange Point
        3. Autonomous System
        4. World Wide Web and Search Engine
          1. World Wide Web
          2. Deep Web

      3. VPN for Secure Communications
        1. Technology
          1. Background
          2. VPN Technology

 

        1. Benefits of VPN
          1. Cost-Effectiveness
          2. Accessibility and Scalability
          3. Flexibility

        2. Risks of VPN
          1. Reliability
          2. Security

        3. Types of VPN
          1. Remote-Access VPN
          2. Site-to-Site VPN

        4. VPN Standards
        5. IP Security
          1. Tunnel Mode
          2. Transport Mode

        6. Secure Socket Layer
          1. Broad Acceptance
          2. VPN Implementation
          3. SSL and Internet Commerce

        7. IPSec versus SSL

      1. IPv6 (IP Next Generation)

        1. Background
        2. IP Packet Structure
        3. IP Addressing
          1. Subnet Address Bits
          2. Host Address Bits

        4. Address Abbreviation
        5. IPv6 versus IPv4 Standards
        6. Transition Approaches
          1. Dual IP Stacks within a Node
          2. Direct Address Conversion
          3. Packet Tunneling

      1. Client–Server Applications
        1. Domain Name System
          1. Domain and Name Resolution
          2. Domain Hierarchy
          3. DNS Architecture

        2. Dynamic Host Configuration Protocol
          1. The Process View

      2. Server Virtualization
        1. Traditional Computing Model
        2. Virtualization Concept
        3. Virtualization Approaches
          1. Hosted Virtualization
          2. Hypervisor-Based Virtualization

        4. Shared Infrastructure
        5. Summary: Benefits Realized Chapter Summary

Key Terms

Chapter Review Questions

Chapter 11: Cybersecurity: Threats

      1. Introduction
      2. Malicious Codes: Malware

 

      1. Virus
      2. Worm
      3. Trojan
      4. Bot
      5. Other Malware Types
      6. Malware Issues

      1. Password Cracking
        1. Brute Force Method
        2. Dictionary Method

      2. Spoofing
        1. Source Address Spoofing
          1. IP Spoofing
          2. MAC Spoofing

        2. Email Spoofing
        3. Web (or HTTP) Spoofing

      3. Denial of Service
        1. Pinging and SYN Requests
          1. Pinging
          2. SYN Requests
          3. Distributed DOS

        2. MAC Address Flooding

      4. Packet Sniffing
        1. Packet Sniffing with Wireshark

      5. Port Scanning
        1. Port Scanning with Zenmap

      6. Social Engineering
      7. Man-in-the-Middle
        1. MITM with Bogus DHCP Server

      8. Spam
      9. Poisoning
        1. ARP Poisoning (ARP Spoofing)
        2. DNS Poisoning (DNS Spoofing)

      10. Zero-Day Attack
      11. WiFi Threats
        1. Wardriving
        2. Denial of Service
        3. Rogue AP
        4. MITM Chapter Summary Key Terms

Chapter Review Questions

Chapter 12: Cybersecurity: Defenses

      1. Introduction
      2. Security Requirements and Solutions
        1. Security Requirements
          1. Confidentiality (Privacy)
          2. Data Integrity
          3. Authentication
          4. Access Control/Authorization
          5. Availability

        2. Technology Solutions

      3. Principles in Architecting Defense

       

        1. Layering
        2. Limiting
        3. Simplicity

    1. Firewall
        1. Firewall and DMZ
          1. Separating Firewall and Border Router

        2. Firewall Functions and Management
          1. Firewall Functions
          2. Managing Firewall

        3. Stateless versus Stateful Filtering
          1. Stateless Filtering
          2. Stateful Filtering
          3. Scenario (XYZ Company)

    2. Access Control List
        1. How Many ACLs?
        2. ACL Filtering versus Packet Routing

    3. Cryptography
        1. Cryptography System
          1. Basic Components
          2. How It Works

        2. Symmetric-Key Cryptography
        3. Asymmetric-Key Cryptography
          1. How It Works
          2. Pros and Cons

        4. Hybrid Approach
        5. Hashing Cryptography

    4. Digital Signature
    5. Digital Certificate
        1. Digital Certificate
        2. Certificate Authority

    6. Security Protocol
        1. WiFi Security Standards
          1. Wired Equivalent Privacy
          2. WiFi Protected Access (WPA and WPA2)
          3. Enterprise Mode versus Personal Mode Chapter Summary

Key Terms

Chapter Review Questions

Glossary

Acronyms

Index

About the Author

Bongsik Shin is a professor of Management Information Systems at San Diego State University. He earned a Ph.D. from the University of Arizona and was an assistant professor at the University of Nebraska at Omaha before joining San Diego State University. He has taught computer network & cybersecurity management, business intelligence (data warehousing & data mining, statistics), decision support systems, electronic commerce, and IT management & strategy. Especially, he has been teaching computer networking and cybersecurity continuously over 20 years.

His academic activities in pursuit of teaching and research excellence have been funded by more than 25 internal and external grants. His recent research efforts have been all about cybersecurity on subjects related to cyber threat intelligence, ransomware, authentication & access control and countermeasures of phishing. Recently, his team, he as the principal investigator, has been awarded a grant by the Department of Defense of the US to conduct research on "Actionable Intelligence-Oriented Cyber Threat Modeling."

He has published more than 30 articles in such high impact journals as MIS Quarterly, IEEE Transactions on Engineering Management, IEEE Transactions on Systems, Man, and Cybernetics, Communications of the ACM, Journal of Association for Information Systems, European Journal of Information Systems, Journal of Management Information Systems, Information Systems Journal, Information & Management, and Decision Support Systems. In 2016, he served as a conference co-chair of Americas Conference on Information Systems, one of the three largest MIS conferences with attendees from 40+ countries.

Subject Categories

BISAC Subject Codes/Headings:
COM032000
COMPUTERS / Information Technology
COM043000
COMPUTERS / Networking / General