Now that you have gotten a good foundation of security understanding from the first section of this book, you are ready to tackle the concepts of security as they relate to operations in a wireless environment. With the basic elements of security now firmly set in our minds, we are prepared to jump into the "meat" of this book, wireless operations. We begin this section with a discussion of wireless networking basicsthe differences between WLANs and LANs, how they work, pros and cons, standards, and so on. Mobile security is particularly relevant because the workforce of today is constantly traveling. Attacks from conventional methods , such as social engineering, are also discussed, from the standpoint of how easy it is to get just enough information to effect a breach in a company's defenses. In wireless security, the use of encryption is essential, so an overview of various encryption schemes is presented.
From an organizational perspective, it is essential to have orderly operations. Setting clear policies for the use of wireless helps achieve this goal. In this section, we discuss how the concept of risk management applies to wireless operations and how to mitigate those risks using policy and proper enforcement techniques, and we provide some sample policies to help you along the way.
WLAN intrusions are a huge concern, and much of this section is devoted to covering the process from the point of view of an attacker. You will learn the basic elements of compromise that attackers use on a daily basis to achieve their goals. We will talk about the types of attacks they can initiate, and where and how they find weaknesses to make these attacks work. We provide ideas and techniques to mitigate these risks and explain the specialized equipment used to help companies manage WLAN environments. Finally, we present a new model called WISDOM, which can be employed at a company to help secure wireless operations. Sample worksheets are also provided to make it easy for you to jump in and operate wirelessly in your organization, knowing you have taken the proper steps to make a secure wireless connection possible.