Section I: General Network Security

Chapter List

Part Overview

This book is divided into two sections. In the first section, we cover the elements of security common to both wired and wireless environments. A solid foundation of security understanding is required before we can jump into the specifics of wireless operations. Before one can walk, one must learn to crawl. We begin our learning process by talking about basic threats that exist in cyberspace , the types of attacks that need to be defended against, and the issue of privacy as it applies to a business today. Our journey will take us from simply knowing what threats exist to knowing how to manage those threats by employing security controls such as access management and passwords. We will learn to set up a defense perimeter and create a strategy of layered security, known as a Defense-in-Depth strategy. We then examine several tools and techniques for detecting intruders and taking actions when their presence is discovered .

Knowledge without preparation does us very little good, so in Chapter 4 we present material that can show you how to manage a breach in your perimeter defenses, known as an incident. Proper management of incidents is a crucial step in corporate security, and it must be understood before taking any actions that could do irreparable damage to the business. Next, we look at how companies today interface with their customers using applications on the World Wide Web. These applications are vulnerable to attack and need protection. We show you how to take preventive measures that will secure these vulnerabilities and make your Web presence an integral part of your business strategy. Finally, we look at legislation as it pertains to cybersecurity and show you how serious the issue of cybersecurity has become. The actions taken by the U.S. government over the last 10 years have sent a strong message to those who would want to take on the role of cyberthief. The message is clear: do so at your peril.