Computer networking and communications Books
John Wiley & Sons Inc MDM Fundamentals Security and the Modern Desktop
Book SynopsisThe first major book on MDM written by Group Policy and Enterprise Mobility MVP and renowned expert, Jeremy Moskowitz! With Windows 10, organizations can create a consistent set of configurations across the modern enterprise desktopfor PCs, tablets, and phonesthrough the common Mobile Device Management (MDM) layer. MDM gives organizations a way to configure settings that achieve their administrative intent without exposing every possible setting. One benefit of MDM is that it enables organizations to apply broader privacy, security, and application management settings through lighter and more efficient tools. MDM also allows organizations to target Internet-connected devices to manage policies without using Group Policy (GP) that requires on-premises domain-joined devices. This makes MDM the best choice for devices that are constantly on the go. With Microsoft making this shift to using Mobile Device Management (MDM), a cloud-based policy-management system, IT pTable of ContentsForeword xix Introduction xxi Chapter 1 Enterprise Mobility and MDM Essentials 1 Getting Ready to Use This Book 2 Why the Need for MDM 3 Group Policy and MDM Compared 6 MDM: Guts, Protocols, and Moving Parts 9 OMA-DM: The Protocol 9 CSPs: Configuration Service Providers 9 MDM Service 11 Extending Your MDM Services with Third-Party Tools 12 Final Thoughts 13 Chapter 2 Set Up Azure AD and MDM 15 Comparative Analysis of Different MDM Services 15 Azure AD Premium, Enterprise Mobility + Security, and Microsoft 365 16 Office 365’s Built-In MDM Management 18 Microsoft Intune 20 VMware Workspace ONE 24 MobileIron 25 Setting Up Auto-Enrollment and Enrolling Your First Machines 25 Turning On MDM Enrollment 26 Add Your First User to Azure AD 33 Enroll Your First Windows 10 Machine into MDM 34 Optional Steps: Custom Domain Names and AD to AAD Synchronization 50 Custom Domain Names: Goodbye to “onmicrosoft.com” Names 50 Syncing Your On-Prem AD to Azure AD Automatically 58 Final Thoughts 73 Chapter 3 MDM Profiles, Policies, and Groups 75 MDM Policies and the Policy CSP 75 MDM: Getting Started with Policies 76 Profiles and Policies 77 What Makes an MDM Policy? 82 ADMX-Backed Policies 87 Ingesting Third-Party ADMX Files 96 Creating and Using Groups 108 Creating Assigned Groups 109 Creating Dynamic Groups 109 Advanced Dynamic Rules 111 Utilizing Groups in Intune 114 Final Thoughts 114 Chapter 4 Co-Management and Co-Policy Management 117 Co-Management of SCCM and Intune 117 Co-Policy Management: Group Policy and Your MDM Service 122 Auto-Enroll in Your MDM Service Using Group Policy 122 Co-Policy Management…Who Wins: MDM or Group Policy? 127 Final Thoughts 133 Chapter 5 MDM Migration and MDM Troubleshooting 135 MMAT: Microsoft MDM Migration and Analysis Tool 135 Troubleshooting MDM 139 MDM Service Reports, Diagnostic Logs, and Event Logs 139 Delivery Reports from Your MDM Service 140 Advanced Diagnostic Reports and Resolving Conflicts 141 Final Thoughts about the Advanced MDM Settings Report 143 Resolving Conflicts 144 Investigating Event Logs 148 Remotely Collecting Logs from Windows 10 149 Remember MdmWinsOverGP Setting and Gotchas 149 Other Miscellaneous Notes, Traps, and Gotchas 149 Final Thoughts 152 Chapter 6 Deploying Software and Scripts 153 Preparing for the Remainder of the Chapter 155 What to Download to Get Settled in for This Chapter 155 How to (Generally) Deploy Applications with Intune 157 Deploying MSI Applications with MDM 161 Deploying Your First MSI Application 161 Deploying AppX Apps via the Microsoft Store for Business 170 Getting Started with and Activating the Microsoft Store for Business 170 Acquiring AppX Packages to Distribute Using Microsoft Store for Business 172 Deploying MSIX with MDM 178 Repackaging an App with the MSIX Packaging Tool 181 Deploying Office 365 ProPlus with MDM 196 Deploying Win32 Apps with MDM 206 Microsoft Intune Win32 Content Prep Tool 207 Gathering All the Needed Items in One Place 208 Preparing the Win32 Application Contents 210 Add the .intunewin File to Intune 211 Assign the App and See Results 216 Other Win32 Deployment Examples, Troubleshooting, and Final Thoughts 217 Deploying Scripts with Your MDM Service 219 Deploying Scripts (That Deploy Software) with Intune 220 Delivering Other Software and Files with MDM (Using PolicyPak File Delivery Manager) 226 Downloading Unusual File Types 227 Downloading .EXEs, .MSIs, or Unusual Software, Then Running a Script (and Cleaning Up When You’re Done) 228 Downloading a ZIP and Automatically Unpacking Its Contents 229 Final Thoughts 231 Chapter 7 Enterprise State Roaming and OneDrive for Business 233 Pregame Setup for This Chapter 235 Get Your Azure Tennant ID 235 Enterprise State Roaming 239 Setting Up Enterprise State Roaming 241 OneDrive for Business 244 Managing the OneDrive Tenant 246 SharePoint and SharePoint Migration Tool 248 OneDrive Sync Client 257 OneDrive’s Magic Trick: Known Folder Move 268 Files Restore (from Malware or User Error) 276 Final Thoughts 279 Chapter 8 Rollouts and Refreshes with Configuration Designer and Autopilot 281 Windows Configuration Designer 282 Get WCD from the Windows Store 283 What Can You Do with WCD? (And What Shouldn’t You Do with WCD?) 284 WCD Example 284 Implementing the .PPKG File 290 Results from Using a .PPKG File 292 Final Thoughts about WCD 292 Autopilot 293 Getting Devices Registered into Autopilot 296 Creating Groups for Your Autopilot Machines 303 Setting Up Your Autopilot Deployment Profile 306 Automatically Harvesting Hardware IDs into Autopilot 317 Autopilot: Resets, Retire, Wipes, and Fresh Starts 324 Linking a Specific User to a Specific Hardware ID 329 Autopilot Self-Deploying Mode 330 Autopilot Hybrid Azure AD Join 339 Autopilot White Glove 356 Final Autopilot Resources 358 Chapter 9 Windows 10 Health and Happiness: Servicing, Readiness, Analytics, and Compliance 359 Windows, Office, and OneDrive as a Service 359 Servicing Windows 360 Servicing Office 365 Servicing OneDrive (Revisited) 367 Making Your Own Rings for Windows, Office, and OneDrive 367 Office and Application Readiness 375 Office 365 Readiness Toolkit 376 App Health Analyzer 380 Desktop Analytics 381 Introduction to Desktop Analytics 382 Prepare, Pilot, and Deploy Phases 383 Final Thoughts on Desktop Analytics 383 Device Compliance and Health Attestation 384 Getting Started with Compliance Policy 385 Final Thoughts on Windows Health and Happiness 393 Chapter 10 Security with Baselines, BitLocker, AppLocker, and Conditional Access 395 Security Baselines 396 Creating Your Security Baselines in Intune 397 Assigning Your Security Baseline to a Group 399 Syncing Your Client to Get the Baseline 400 Testing Your Baseline 401 Reporting and Monitoring Baselines 402 BitLocker: Full Disk Encryption 404 Enabling BitLocker Using Intune 404 BitLocker Key Recovery and Management 412 BitLocker Final Thoughts and Additional Resources 416 Application Whitelisting with AppLocker or PolicyPak Least Privilege Manager 417 Using AppLocker for Whitelisting 417 Using Your AppLocker Rule with Intune 420 PolicyPak Least Privilege Manager for Whitelisting 423 Conditional Access 426 Setting Up Azure Conditional Access 427 Final Thoughts on Security 434 Chapter 11 MDM Add-On Tools: Free and Pay 439 Company Portal App 439 Setting Up Company Portal Branding 440 Users Interacting with the Company Portal App 441 Microsoft Graph and the Graph Explorer 448 PolicyPak On-Prem & MDM Edition 455 Getting Started with PolicyPak 456 Using PolicyPak to Export Existing Group Policy to MDM 458 Using PolicyPak to Overcome UAC Prompts 461 Using PolicyPak to Block and Allow UWP Applications 463 Using PolicyPak to Manage Application, Browser, and Java Settings 463 Using PolicyPak to Manage Windows Features (and Optional Features) 466 PolicyPak Deployment with Intune (or Any MDM) 466 Interesting Things I Found on the Internet 467 Untested, but Seemingly Useful Scripts 467 Yodamiitti Intune Management GUI 468 Final Thoughts (on This Chapter, and about the Book!) 470 Index 473
£28.49
John Wiley & Sons Inc Penetration Testing For Dummies
Book SynopsisTarget, test, analyze, and report on security vulnerabilities with pen testing Pen Testing is necessary for companies looking to target, test, analyze, and patch the security vulnerabilities from hackers attempting to break into and compromise their organizations data. It takes a person with hacking skills to look for the weaknesses that make an organization susceptible to hacking. Pen Testing For Dummies aims to equip IT enthusiasts at various levels with the basic knowledge of pen testing. It is the go-to book for those who have some IT experience but desire more knowledge of how to gather intelligence on a target, learn the steps for mapping out a test, and discover best practices for analyzing, solving, and reporting on vulnerabilities. The different phases of a pen test from pre-engagement to completionThreat modeling and understanding riskWhen to apply vulnerability management vs penetration testingWays to keep your pen testing skills sharp, relevant, and at the top of the gam
£19.54
John Wiley & Sons Inc SCADA Security
Book SynopsisExamines the design and use of Intrusion Detection Systems (IDS) to secure Supervisory Control and Data Acquisition (SCADA) systems Cyber-attacks on SCADA systems?the control system architecture that uses computers, networked data communications, and graphical user interfaces for high-level process supervisory management?can lead to costly financial consequences or even result in loss of life. Minimizing potential risks and responding to malicious actions requires innovative approaches for monitoring SCADA systems and protecting them from targeted attacks. SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention is designed to help security and networking professionals develop and deploy accurate and effective Intrusion Detection Systems (IDS) for SCADA systems that leverage autonomous machine learning. Providing expert insights, practical advice, and up-to-date coverage of developments in SCADA security, this authoritative guide presents Table of ContentsForeword ix Preface xi Acronyms xv 1. Introduction 1 2. Background 15 3. SCADA-Based Security Testbed 25 4. Efficient k-Nearest Neighbour Approach Based on Various-Widths Clustering 63 5. SCADA Data-Driven Anomaly Detection 87 6. A Global Anomaly Threshold to Unsupervised Detection 119 7. Threshold Password-Authenticated Secret Sharing Protocols 151 8. Conclusion 179 References 185 Index 195
£90.86
John Wiley & Sons Inc Critical Infrastructure Protection in Homeland
Book SynopsisCovers critical infrastructure protection, providing a rigorous treatment of risk, resilience, complex adaptive systems, and sector dependence Wide in scope, this classroom-tested book is the only one to emphasize a scientific approach to protecting the key infrastructures components of a nation. It analyzes the complex network of entities that make up a nation''s infrastructure, and identifies vulnerabilities and risks in various sectors by combining network science, complexity theory, risk analysis, and modeling and simulation. This approach reduces the complex problem of protecting water supplies, energy pipelines, telecommunication stations, power grid, and Internet and Web networks to a much simpler problem of protecting a few critical nodes. The new third edition of Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation incorporates a broader selection of ideas and sectors than the previous book. Divided into three secTable of ContentsForeword By Sen. Mark Warner xv Foreword By Prof. Andrew Odlyzko xxi Preface xxxiii How to Use this Book xxxvii About the Companion Website xxxix 1 Origins of Critical Infrastructure Protection 1 1.1 Recognition 3 1.2 Natural Disaster Recovery 4 1.3 Definitional Phase 5 1.4 Public–Private Cooperation 8 1.5 Federalism: Whole of Government 8 1.6 Rise of the Framework 10 1.7 Implementing a Risk Strategy 12 1.7.1 Risk‐Informed Decision‐Making 13 1.7.2 Resilience‐Informed Decision‐Making 14 1.7.3 Prevention or Response? 15 1.8 Analysis 16 1.8.1 The Public–Private Partnership (PPP) Conundrum 17 1.8.2 The Information Sharing Conundrum 17 1.8.3 Climate Change Conundrum 17 1.8.4 The Funding Conundrum 17 1.8.5 Spend 80% on 20% of the Country 18 1.9 Exercises 18 1.10 Discussions 19 References 20 2 Risk Strategies 21 2.1 Expected Utility Theory 23 2.1.1 Threat–Asset Pairs 24 2.2 PRA and Fault Trees 24 2.2.1 An Example: Your Car 26 2.3 MRBA and Resource Allocation 26 2.3.1 Another Example: Redundant Power 27 2.4 Cyber Kill Chains are Fault Trees 28 2.5 PRA in the Supply Chain 29 2.6 Protection Versus Response 30 2.7 Threat is an Output 32 2.8 Bayesian Belief Networks 33 2.8.1 A Bayesian Network for Threat 33 2.8.2 Predictive Analytics 34 2.9 Risk of a Natural Disaster 35 2.9.1 Exceedence 35 2.9.2 EP vs. PML Risk 35 2.10 Earthquakes 36 2.11 Black Swans and Risk 36 2.12 Black Swan Floods 37 2.13 Are Natural Disasters Getting Worse? 38 2.14 Black Swan Al Qaeda Attacks 38 2.15 Black Swan Pandemic 39 2.16 Risk and Resilience 41 2.17 Exercises 42 2.18 Discussions 43 References 43 3 Theories of Catastrophe 44 3.1 Normal Accident Theory (NAT) 45 3.2 Blocks and Springs 46 3.3 Bak’s Punctuated Equilibrium Theory 48 3.4 Tragedy of the Commons (TOC) 51 3.4.1 The State Space Diagram 52 3.5 The US Electric Power Grid 52 3.6 Paradox of Enrichment (POE) 55 3.6.1 The Great Recessions 56 3.6.2 Too Much Money 56 3.7 Competitive Exclusion Principle (CEP) 57 3.7.1 Gause’s Law 58 3.7.2 The Self‐Organizing Internet 58 3.7.3 A Monoculture 59 3.8 Paradox of Redundancy (POR) 59 3.9 Resilience of Complex Infrastructure Systems 60 3.9.1 Expected Utility and Risk 60 3.9.2 Countering SOC 60 3.9.3 The TOC Test 61 3.9.4 POE and Nonlinearity 61 3.9.5 CEP and Loss of Redundancy 61 3.9.6 POR and Percolation 62 3.10 Emergence 62 3.10.1 Opposing Forces in Emergent CIKR 62 3.11 Exercises 63 3.12 Discussions 64 References 64 4 Complex CIKR Systems 66 4.1 CIKR as Networks 69 4.1.1 Emergence 72 4.1.2 Classes of CIKR Networks 74 4.1.3 Self‐Organized Networks 75 4.2 Cascading CIKR Systems 76 4.2.1 The Fundamental Resilience Line 80 4.2.2 Critical Factors and Cascades 81 4.2.3 Targeted Attacks 82 4.3 Network Flow Risk and Resilience 85 4.3.1 Braess’s Paradox 86 4.3.2 Flow Network Resilience 87 4.4 Paradox of Redundancy 88 4.4.1 Link Percolation and Robustness 88 4.4.2 Node Percolation and Robustness 89 4.4.3 Blocking Nodes 89 4.5 Network Risk 91 4.5.1 Crude Oil and Keystone XL 92 4.5.2 MBRA Network Resource Allocation 92 4.6 The Fragility Framework 96 4.6.1 The Hodges Fragility Framework 96 4.6.2 The Hodges Fault Tree 97 4.7 Exercises 98 4.8 Discussions 99 References 100 5 Communications 101 5.1 Early Years 102 5.2 Regulatory Structure 105 5.3 The Architecture of the Communications Sector 106 5.3.1 Physical Infrastructure 107 5.3.2 Wireless Networks 108 5.3.3 Extraterrestrial Communication 108 5.3.4 Land Earth Stations 109 5.3.5 Cellular Networks 110 5.3.6 Generations 110 5.3.7 Wi‐Fi Technology 111 5.4 Risk and Resilience Analysis 111 5.4.1 Importance of Carrier Hotels 113 5.4.2 Network Analysis 114 5.4.3 Flow Analysis 116 5.4.4 Robustness 116 5.4.5 The Submarine Cable Network 117 5.4.6 HPM Attacks 117 5.5 Cellular Network Threats 118 5.5.1 Cyber Threats 119 5.5.2 HPM‐Like Threats 120 5.5.3 Physical Threats 120 5.6 Analysis 120 5.7 Exercises 121 5.8 Discussions 122 References 122 6 Internet 123 6.1 The Internet Monoculture 125 6.1.1 The Original Sin 127 6.1.2 How TCP/IP Works 128 6.1.3 More Original Sin 130 6.2 Analyzing The Autonomous System Network 130 6.2.1 The AS500 Network 130 6.2.2 Countermeasures 132 6.3 The RFC Process 133 6.3.1 Emergence of Email 133 6.3.2 Emergence of TCP/IP 133 6.4 The Internet of Things (IOT) 134 6.4.1 Data Scraping 135 6.4.2 IoT Devices 135 6.4.3 More IoT Exploits 136 6.5 Commercialization 137 6.6 The World Wide Web 137 6.7 Internet Governance 138 6.7.1 IAB and IETF 138 6.7.2 ICANN Wars 140 6.7.3 ISOC 141 6.7.4 W3C 141 6.8 Internationalization 142 6.9 Regulation and Balkanization 142 6.10 Exercises 143 6.11 Discussions 144 7 Cyber Threats 145 7.1 Threat Surface 146 7.1.1 Script Kiddies 148 7.1.2 Black‐Hats 149 7.1.3 Weaponized Exploits 149 7.1.4 Ransomware and the NSA 150 7.2 Basic Vulnerabilities 151 7.2.1 The First Exploit 152 7.2.2 TCP/IP Flaws 153 7.2.3 Open Ports 154 7.2.4 Buffer Overflow Exploits 155 7.2.5 DDoS Attacks 155 7.2.6 Email Exploits 156 7.2.7 Flawed Application and System Software 157 7.2.8 Trojans, Worms, Viruses, and Keyloggers 158 7.2.9 Hacking the DNS 159 7.3 Botnets 159 7.3.1 Hardware Flaws 160 7.4 Cyber Risk Analysis 161 7.5 Cyber Infrastructure Risk 161 7.5.1 Blocking Node Analysis 163 7.5.2 Machine Learning Approach 165 7.5.3 Kill Chain Approach 165 7.6 Analysis 166 7.7 Exercises 166 7.8 Discussions 168 References 168 8 Information Technology (IT) 169 8.1 Principles of IT Security 171 8.2 Enterprise Systems 171 8.2.1 Loss of Service 172 8.2.2 Loss of Data 172 8.2.3 Loss of Security 172 8.3 Cyber Defense 173 8.3.1 Authenticate Users 173 8.3.2 Trusted Path 174 8.3.3 Inside the DMZ 175 8.4 Basics of Encryption 176 8.4.1 DES 177 8.4.2 3DES 177 8.4.3 AES 177 8.5 Asymmetric Encryption 177 8.5.1 Public Key Encryption 179 8.5.2 RSA Illustrated 180 8.5.3 Shor’s Algorithm 180 8.6 PKI 181 8.6.1 Definition of PKI 182 8.6.2 Certificates 182 8.6.3 Blockchain 183 8.6.4 FIDO and WebAuth 184 8.6.5 Mathematics of Passwords 184 8.7 Countermeasures 185 8.8 Exercises 187 8.9 Discussions 188 References 188 9 Hacking Social Networks 189 9.1 Web 2.0 and the Social Network 190 9.2 Social Networks Amplify Memes 193 9.3 Topology Matters 194 9.4 Computational Propaganda 194 9.5 The ECHO Chamber 197 9.6 Big Data Analytics 198 9.6.1 Algorithmic Bias 199 9.6.2 The Depths of Deep Learning 200 9.6.3 Data Brokers 200 9.7 GDPR 201 9.8 Social Network Resilience 202 9.9 The Regulated Web 203 9.9.1 The Century of Regulation 203 9.10 Exercises 204 9.11 Discussions 205 References 206 10 Supervisory Control and Data Acquisition 207 10.1 What is SCADA? 208 10.2 SCADA Versus Enterprise Computing Differences 209 10.3 Common Threats 210 10.4 Who is in Charge? 211 10.5 SCADA Everywhere 212 10.6 SCADA Risk Analysis 213 10.7 NIST‐CSF 216 10.8 SFPUC SCADA Redundancy 216 10.8.1 Redundancy as a Resiliency Mechanism 218 10.8.2 Risk Reduction and Resource Allocation 220 10.9 Industrial Control of Power Plants 221 10.9.1 Maximum PML 221 10.9.2 Recovery 221 10.9.3 Node Resilience 222 10.10 Analysis 225 10.11 Exercises 227 10.12 Discussions 228 11 Water and Water Treatment 229 11.1 From Germs to Terrorists 230 11.1.1 Safe Drinking Water Act 231 11.1.2 The WaterISAC 231 11.2 Foundations: SDWA of 1974 232 11.3 The Bioterrorism Act of 2002 232 11.3.1 Is Water for Drinking? 233 11.3.2 Climate Change and Rot: The New Threats 234 11.4 The Architecture of Water Systems 235 11.4.1 The Law of The River 235 11.5 The Hetch Hetchy Network 235 11.5.1 Bottleneck Analysis 236 11.6 Risk Analysis 238 11.6.1 Multidimensional Analysis 238 11.6.2 Blocking Nodes 239 11.7 Hetch Hetchy Investment Strategies 239 11.7.1 The Rational Actor Attacker 240 11.8 Hetch Hetchy Threat Analysis 242 11.8.1 Chem/Bio Threats 242 11.8.2 Earthquake Threats 244 11.8.3 Allocation to Harden Threat–Asset Pairs 244 11.9 Analysis 245 11.10 Exercises 246 11.11 Discussions 247 References 248 12 Energy 249 12.1 Energy Fundamentals 251 12.2 Regulatory Structure of the Energy Sector 252 12.2.1 Evolution of Energy Regulation 252 12.2.2 Other Regulations 253 12.2.3 The Energy ISAC 254 12.3 Interdependent Coal 254 12.3.1 Interdependency with Transportation 254 12.4 The Rise of Oil and the Automobile 255 12.4.1 Oil 255 12.4.2 Natural Gas 256 12.5 Energy Supply Chains 256 12.5.1 PADDs 257 12.5.2 Refineries 258 12.5.3 Transmission 258 12.5.4 Transport4 259 12.5.5 Storage 259 12.5.6 Natural Gas Supply Chains 259 12.5.7 SCADA 259 12.6 The Critical Gulf of Mexico Cluster 259 12.6.1 Refineries 260 12.6.2 Transmission Pipelines 260 12.6.3 Storage 262 12.7 Threat Analysis of the Gulf of Mexico Supply Chain 265 12.8 Network Analysis of the Gulf of Mexico Supply Chain 266 12.9 The Keystonexl Pipeline Controversy 267 12.10 The Natural Gas Supply Chain 268 12.11 Analysis 270 12.12 Exercises 270 12.13 Discussions 271 References 272 13 Electric Power 273 13.1 The Grid 274 13.2 From Death Rays to Vertical Integration 275 13.2.1 Early Regulation 276 13.2.2 Deregulation and EPACT 1992 278 13.2.3 Energy Sector ISAC 278 13.3 Out of Orders 888 and 889 Comes Chaos 279 13.3.1 Economics Versus Physics 280 13.3.2 Betweenness Increases SOC 281 13.4 The North American Grid 281 13.4.1 ACE and Kirchhoff’s Law 283 13.5 Anatomy of a Blackout 283 13.5.1 What Happened on August 14 285 13.6 Threat Analysis 286 13.6.1 Attack Scenario 1: Disruption of Fuel Supply to Power Plants 286 13.6.2 Attack Scenario 2: Destruction of Major Transformers 287 13.6.3 Attack Scenario 3: Disruption of SCADA Communications 287 13.6.4 Attack Scenario 4: Creation of a Cascading Transmission Failure 287 13.7 Risk Analysis 288 13.8 Analysis of WECC96 288 13.9 Analysis 291 13.10 Exercises 292 13.11 Discussions 294 References 294 14 Healthcare and Public Health 295 14.1 The Sector Plan 296 14.2 Roemer’s Model 297 14.2.1 Components of Roemer’s Model 298 14.3 The Complexity of Public Health 299 14.4 Risk Analysis of HPH Sector 300 14.5 Bioterrorism 300 14.5.1 Classification of Biological Agents 301 14.6 Epidemiology 303 14.6.1 The Kermack–McKendrick Model 303 14.6.2 SARS 304 14.7 Predicting Pandemics 304 14.7.1 The Levy Flight Theory of Pandemics 306 14.8 Bio‐Surveillance 307 14.8.1 HealthMap 307 14.8.2 Big Data 307 14.8.3 GeoSentinel 308 14.9 Network Pandemics 309 14.10 The World Travel Network 310 14.11 Exercises 312 14.12 Discussions 313 References 313 15 Transportation 314 15.1 Transportation Under Transformation 316 15.2 The Road to Prosperity 319 15.2.1 Economic Impact 319 15.2.2 The National Highway System (NHS) 319 15.2.3 The Interstate Highway Network Is Resilient 320 15.2.4 The NHS Is Safer 320 15.3 Rail 320 15.3.1 Birth of Regulation 322 15.3.2 Freight Trains 323 15.3.3 Passenger Rail 324 15.3.4 Commuter Rail Resiliency 324 15.4 Air 325 15.4.1 Resilience of the Hub‐and‐Spoke Network 326 15.4.2 Security of Commercial Air Travel 328 15.4.3 How Safe and Secure Is Flying in the United States? 329 15.5 Airport Games 330 15.5.1 GUARDS 330 15.5.2 Bayesian Belief Networks 331 15.6 Exercises 331 15.7 Discussions 332 References 332 16 Supply Chains 334 16.1 The World Is Flat, But Tilted 335 16.1.1 Supply‐Side Supply 336 16.1.2 The Father of Containerization 337 16.1.3 The Perils of Efficient Supply Chains 337 16.2 The World Trade Web 340 16.2.1 Economic Contagions 342 16.3 Risk Assessment 344 16.3.1 MSRAM 344 16.3.2 PROTECT 345 16.4 Analysis 346 16.5 Exercises 347 16.6 Discussions 347 References 348 17 Banking and Finance 349 17.1 The Financial System 351 17.1.1 Federal Reserve vs. US Treasury 352 17.1.2 Operating the System 353 17.1.3 Balancing the Balance Sheet 353 17.1.4 Paradox of Enrichment 354 17.2 Financial Networks 355 17.2.1 FedWire 355 17.2.2 TARGET 356 17.2.3 SWIFT 356 17.2.4 Credit Card Networks 356 17.2.5 3‐D Secure Payment 357 17.3 Virtual Currency 358 17.3.1 Intermediary PayPal 358 17.3.2 ApplePay 358 17.3.3 Cryptocurrency 359 17.4 Hacking The Financial Network 361 17.5 Hot Money 363 17.5.1 The Dutch Disease 364 17.6 The End of Stimulus? 364 17.7 Fractal Markets 365 17.7.1 Efficient Market Hypothesis (EMH) 366 17.7.2 Fractal Market Hypothesis (FMH) 366 17.7.3 Predicting Collapse 367 17.8 Exercises 369 17.9 Discussions 370 References 370 18 Strategies for a Networked Nation 371 18.1 Whole of Government 372 18.2 Risk and Resilience 373 18.3 Complex and Emergent CIKR 373 18.4 Communications and the Internet 374 18.5 Information Technology (IT) 375 18.6 Surveillance Capitalism 375 18.7 Industrial Control Systems 376 18.8 Energy and Power 376 18.9 Global Pandemics 377 18.10 Transportation and Supply Chains 377 18.11 Banking and Finance 378 18.12 Discussions 378 Appendix A: Math: Probability Primer 379 A.1 A Priori Probability 379 A.2 A Pori Probability 381 A.3 Random Networks 382 A.4 Conditional Probability 383 A.5 Bayesian Networks 384 A.6 Bayesian Reasoning 385 References 387 Further Reading 388 Appendix B: Math: Risk and Resilience 389 B.1 Expected Utility Theory 390 B.1.1 Fault Trees 390 B.1.2 Fault Tree Minimization 391 B.1.3 XOR Fault Tree Allocation Algorithm 392 B.2 Bayesian Estimation 392 B.2.1 Bayesian Networks 392 B.3 Exceedence and PML Risk 394 B.3.1 Modeling EP 394 B.3.2 Estimating EP From Data 395 B.3.3 How to Process Time‐Series Data 396 B.4 Network Risk 397 B.5 Model‐Based Risk Analysis (MBRA) 398 B.5.1 Network Resource Allocation 401 B.5.2 Simulation 402 B.5.3 Cascade Risk 402 B.5.4 Flow Risk 402 References 403 Appendix C: Math: Spectral Radius 404 C.1 Network as Matrix 404 C.2 Matrix Diagonalization 404 C.3 Relationship to Risk and Resilience 406 C.3.1 Equation 1 406 C.3.2 Equation 2 407 Reference 407 Appendix D: Math: Tragedy of the Commons 408 D.1 Lotka–Volterra Model 408 D.2 Hopf–Holling Model 408 Appendix E: Math: The DES and RSA Algorithm 410 E.1 DES Encryption 410 E.2 RSA Encryption 410 Appendix F: Glossary 412 Index 414
£105.26
John Wiley & Sons Inc Network Modeling Simulation and Analysis in
Book SynopsisThe purpose of this book is first to study MATLAB programming concepts, then the basic concepts of modeling and simulation analysis, particularly focus on digital communication simulation. The book will cover the topics practically to describe network routing simulation using MATLAB tool. It will cover the dimensions'' like Wireless network and WSN simulation using MATLAB, then depict the modeling and simulation of vehicles power network in detail along with considering different case studies. Key features of the book include: Discusses different basics and advanced methodology with their fundamental concepts of exploration and exploitation in NETWORK SIMULATION. Elaborates practice questions and simulations in MATLAB Student-friendly and Concise Useful for UG and PG level research scholar Aimed at Practical approach for network simulation with more programs with step by step comments. Based on the Latest technoTable of ContentsList of Figures xi List of Tables xv Foreword xvii Preface xix Acknowledgments xxi Acronyms xxiii 1 Introduction to Modeling, Simulations and Analysis 1 1.1 MATLAB Modeling and Simulation 2 1.2 Computer Networks Performance Modeling and Simulation 4 1.2.1 Computer-Based Models 4 1.2.2 Computer Network Simulation 5 1.3 Discrete-Event Simulation for MATLAB 6 1.3.1 Terminology and Components of Discrete-Event Simulation 7 1.3.2 The Principle of Discrete-Event Simulation 8 1.3.3 ESTA Algorithm 9 1.3.4 ANALYSIS: Determination of Time to Attain Steady State Condition for MATLAB 11 1.4 Simulation Software Selection for MATLAB 11 1.5 Simulation Tools Based on High Performance 12 1.5.1 Network Model 13 1.5.2 Network Simulators 15 1.6 Conclusion 22 References 23 2 Introduction to MATLAB Programming 25 2.1 Introduction 26 2.2 Basic Features 27 2.2.1 Features of MATLAB 27 2.2.2 Uses of MATLAB 27 2.3 Notation, Syntax, and Operations 27 2.3.1 Practical Examples for MATLAB 27 2.3.2 Use of Semicolon (;) in MATLAB 28 2.3.3 Adding Comments 29 2.3.4 Commonly Utilized Operators and Special Characters 29 2.3.5 Unique Variables and Constants 30 2.3.6 Sparing Process 30 2.3.7 MATLAB Decisions 30 2.3.8 MATLAB Loops 31 2.4 Import and Export Operations 32 2.4.1 Import Data in MATLAB 32 2.4.2 Export Data in MATLAB 38 2.5 Elements 40 2.5.1 Commands 40 2.5.2 MATLAB Basics 41 2.5.3 Creating Matrices 42 2.5.4 Framework Operations 42 2.5.5 Using M-Files 44 2.6 Plotting 47 2.6.1 Including Various Types of Graphs 48 2.6.2 Creation of a Multiple Number of Functions in a Similar Graph 49 2.6.3 Creating a Graph According to Various Colors 50 2.7 Uncommon Function 51 2.8 Executable Files Generation 52 2.9 Calling and Accumulating Executable Documents 54 2.10 Calling Objects from External Programs 55 2.11 JAVA Classes 56 2.12 The Guide 56 2.12.1 Open a New User Interface 57 2.12.2 Guide Window Size Setting 58 2.12.3 Design the User Interface 58 2.12.4 Adjust the Components 59 2.12.5 Mark the Push Buttons 60 2.12.6 Menu Items-Rundown Pop-Up 61 2.12.7 Static Test Alteration Procedure in MATLAB 61 2.12.8 Spare the Layout 62 2.12.9 Behavior of the App 63 2.12.10 Produce Data to Plot in MATLAB 63 2.12.11 Pop-Up Menu Characteristics 65 2.12.12 Behavior of Push Button 66 2.13 Effective Programming through MATLAB 67 2.13.1 Condition 68 2.13.2 Practice Programs 68 2.13.3 Specific Functions in MATLAB 69 2.14 Clones Process Using MATLAB 69 2.14.1 GNU Octave 69 2.14.2 Scilab 70 2.14.3 Sage 70 2.15 Parallel MATLAB System 71 2.15.1 Run a Batch Job 71 2.15.2 Run a Batch Parallel Loop 72 2.15.3 Current Folder Browser - Run Script as Batch Job 73 2.16 Conclusion 74 References 75 3 Digital Communication System Simulation Using MATLAB 77 3.1 Introduction to Digital Communication 78 3.1.1 Data Transmission 78 3.1.2 Example 79 3.1.3 The Conversion of Analog and Digital Signals 80 3.1.4 Information, Bandwidth, and Noise 82 3.2 Simulation of Rayleigh Fading Model 83 3.2.1 Rayleigh Fading Basics 83 3.2.2 Rayleigh Fading 84 3.3 BPSK Modulation and Demodulation 86 3.3.1 BPSK Modulation 86 3.3.2 BPSK Demodulation 87 3.4 QPSK Modulation and Demodulation 89 3.4.1 QPSK Transmitter 90 3.4.2 QPSK Receiver 93 3.4.3 Performance Simulation over AWGN 93 3.5 Image Error Rate vs Signal-to-Noise Ratio 94 3.5.1 M-QAM Modulation 94 3.5.2 Baseband Rectangular M-QAM Modulator 95 3.6 Recreation of OFDM Framework 99 3.6.1 Figuring (Es /n0) or (Eb /n0) for OFDM Framework 101 3.6.2 Impact of Cyclic Prefix on Es /n 101 3.6.3 Effect of Unused Subcarriers on Es/N 102 3.6.4 Arrangement of Subcarriers 103 3.6.5 MATLAB Sample Code 103 3.7 Conclusion 108 References 109 4 Statistical Analysis of Network Data Using MATLAB 111 4.1 Introduction to Association Networks 112 4.2 Time Series, Stationary, Time Series Decomposition, De-trending 114 4.2.1 Time Series Analysis 114 4.2.2 Stationarity 115 4.2.3 Time Series Decomposition 117 4.2.4 De-trending 118 4.3 Autocorrelation, Test for Independence, Linear Autoregressive Models 124 4.3.1 Autocorrelation 124 4.3.2 ACF and IACF Parameters 126 4.3.3 Test of Independence 128 4.3.4 Linear Autoregressive Models 135 4.3.5 Linear Prediction and Autoregressive Modeling 137 4.4 Mutual Information and Test for Independence 139 4.4.1 Testing the Significance of the Null Hypothesis I(X; Y) = 0 139 4.4.2 Producing the Mutual Information Distribution from Surrogates 141 4.5 Spurious Cross-Correlation, Vector Autoregressive Models and Dynamic Regression Models 143 4.5.1 Cross Correlation 143 4.5.2 Vector Autoregression (VAR) Models 146 4.5.3 Coupled Dynamical Systems 149 4.6 Conclusion 150 References 150 5 Network Routing Simulation Using MATLAB 155 5.1 Evaluation of Granger Causality Measures on Known Systems 156 5.1.1 A Historical Viewpoint 158 5.1.2 Application to Recreated Information 164 5.1.3 Application to FMRI BOLD Information from a Visuospatial Consideration Undertaking 170 5.2 Demand Modeling and Performance Measurement 173 5.2.1 Objectives 173 5.2.2 Approach to Model Development 174 5.2.3 Development of Models 175 5.2.4 Outline of Findings from Phase Two: Model Validation 176 5.3 Universal Algorithms and Sequential Algorithms 178 5.3.1 Genetic Algorithm for Improvement Utilizing MATLAB 178 5.3.2 Masses Diversity-Measure-Run, Prosperity Scaling 182 5.4 Acoustic-Centric and Radio-Centric Algorithms 190 5.5 AODV Routing Protocol 194 5.5.1 Keeping Up Sequence Numbers 196 5.5.2 Association Breaks 196 5.5.3 Neighborhood Repairs 197 5.5.4 Security Considerations 197 5.6 Conclusion 203 References 204 6 Wireless Network Simulation Using MATLAB 209 6.1 Radio Propagation for Shadowing Methods 210 6.1.1 Radio Propagation Modeling 210 6.1.2 Partition Dependence 210 6.1.3 Small-Scale Blurring 210 6.1.4 Free-Space Propagation 211 6.1.5 Ray Tracing 212 6.1.6 Indoor Propagation 220 6.1.7 Classic Empirical Models 221 6.1.8 COST 231-Hata Model 221 6.1.9 COST 231-Walfish-Ikegami Model 222 6.1.10 Erceg Model 224 6.1.11 Multiple Slope Models 225 6.2 Mobility: Arbitrary Waypoint Demonstrates 234 6.2.1 Random Waypoint Model 234 6.2.2 Regular Problems with Random Waypoint Model 235 6.2.3 Irregular Waypoint on the Border (RWPB) 235 6.2.4 Markovian Waypoint Model 235 6.3 PHY: SNR-Based Bundle Catches, Communication, Dynamic Transmission Rate and Power 235 6.3.1 Mac: Ieee 802.11 236 6.3.2 IEEE 802.11 RTS/CTS Exchange 237 6.4 NET: Ad Hoc Routing 238 6.4.1 Dynamic Destination Sequenced Distance Vector 240 6.4.2 Wireless Routing Protocol 243 6.4.3 Global State Routing 243 6.4.4 Fisheye State Routing 244 6.4.5 Hierarchical State Routing 244 6.4.6 Zone-Based Hierarchical Link State Routing Protocol 245 6.4.7 Clusterhead Gateway Switch Routing Protocol 246 6.4.8 Cluster-Based Routing Protocols 247 6.4.9 Ad Hoc On-Demand Distance Vector Routing 248 6.4.10 Dynamic Source Routing Protocol 249 6.4.11 Temporally Ordered Routing Algorithm 250 6.4.12 Associativity-based Routing 252 6.4.13 Signal Stability Routing 253 6.5 APP: Overlay Routing Protocols 254 6.5.1 System/Application Designs, Optimizations, and Implementations on Overlay Networks 254 6.5.2 Routing Overlays for VoIP 255 6.5.3 Measurement, Modeling, and Improvement of BitTorrent Overlays 256 6.6 Conclusion 259 References 260 7 Mobility Modeling for Vehicular Communication Networks Using MATLAB 267 7.1 Vehicle Network Toolbox 268 7.1.1 Transmit and Receive CAN Messages 268 7.1.2 Examine Received Messages 271 7.1.3 CAN Message Reception Callback Function 272 7.2 Network Management (NM) 274 7.2.1 Plan Your Network Installation 274 7.2.2 Planning Your Network Installation 275 7.2.3 Setting Up a Remote Client Access Configuration 275 7.2.4 Setting Up Local Client Access Configuration 275 7.3 Interaction Layer 277 7.3.1 Directing Protocols in MANET 278 7.3.2 Specially Appointed On-Demand Distance Vector 278 7.3.3 Dynamic Source Routing (DSR) 278 7.3.4 Diagram of Mobility Model 279 7.3.5 Results and Analysis 280 7.3.6 Association Variation Results 282 7.4 Transport Protocols 285 7.4.1 TCP Transport Protocol 285 7.4.2 User Datagram Protocol, or UDP 286 7.4.3 Reliable Data Protocol, or RDP 286 7.4.4 Transmission Control Protocol, or TCP 286 7.5 Conclusion 287 References 288 8 Case Studies and Sample Codes 291 8.1 Case Determination and Structure 292 8.1.1 Exhibiting Analysis 293 8.1.2 Case Example 293 8.1.3 The Best Strategy 293 8.1.4 Impediment of the Technique 293 8.1.5 Sorts of Contextual Investigations 294 8.1.6 Relevant Examinations in Business 294 8.1.7 Summing Up from Logical Investigations 294 8.1.8 History 295 8.1.9 Related Vocations 295 8.2 Case Study 1: Gas Online 296 8.2.1 Load Data into Project 296 8.2.2 Construct Boundary Models 296 8.3 Case Study 2 302 8.3.1 Case 1: Create a Credit Scorecard Dissent 302 8.3.2 Case 2: Binning Information 304 8.4 Case Study 3: Random Waypoint Mobility Model 306 8.5 Case Study 4: Node localization in Wireless Sensor Network 312 8.6 Case Study 5: LEACH Routing Protocol for a WSN 325 8.7 Conclusion 334 References 334
£164.66
John Wiley & Sons Inc CCSP For Dummies with Online Practice
Book SynopsisSecure your CSSP certification CCSP is the world's leading Cloud Security certification. It covers the advanced technical skills and knowledge to design, manage, and secure data, applications, and infrastructure in the cloud using best practices, policies, and procedures. If you're a cloud security professional seeking your CSSP certification, this book is a perfect way to prepare for the exam. Covering in detail all six domains, the expert advice in this book gives you key information you'll need to pass the exam. In addition to the information covered on the exam, you'll get tips on setting up a study plan, tips for exam day, and access to an online test bank of questions. Key information for all six exam domainsTest -taking and exam day tips and tricksFree online practice questions and flashcardsCoverage of the core concepts From getting familiar with the core concepts to establishing a study plan, this book is all you need to hang your hat on that certification!Table of ContentsIntroduction 1 Part 1: Starting Your CCSP Journey 7 Chapter 1: Familiarizing Yourself with (ISC) 2 and the CCSP Certification 9 Chapter 2: Identifying Information Security Fundamentals 25 Part 2: Exploring the CCSP Certification Domains 41 Chapter 3: Domain 1: Cloud Concepts, Architecture and Design 43 Chapter 4: Domain 2: Cloud Data Security 91 Chapter 5: Domain 3: Cloud Platform and Infrastructure Security 129 Chapter 6: Domain 4: Cloud Application Security 173 Chapter 7: Domain 5: Cloud Security Operations 213 Chapter 8: Domain 6: Legal, Risk and Compliance 253 Part 3: The Part of Tens 295 Chapter 9: Ten (or So) Tips to Help You Prepare for the CCSP Exam 297 Chapter 10: Ten Keys to Success on Exam Day 303 Part 4: Appendixes 307 Appendix A: Glossary 309 Appendix B: Helpful Resources 329 Index 333
£33.29
John Wiley & Sons Inc Networking For Dummies
Book SynopsisSet up a secure network at home or the office Fully revised to cover Windows 10 and Windows Server 2019, this new edition of the trusted Networking For Dummies helps both beginning network administrators and home users to set up and maintain a network. Updated coverage of broadband and wireless technologies, as well as storage and back-up procedures, ensures that you'll learn how to build a wired or wireless network, secure and optimize it, troubleshoot problems, and much more. From connecting to the Internet and setting up a wireless network to solving networking problems and backing up your datathis #1 bestselling guide covers it all. Build a wired or wireless network Secure and optimize your network Set up a server and manage Windows user accounts Use the cloudsafely Written by a seasoned technology authorand jam-packed with tons of helpful step-by-step instructionsthis is the book network administrTable of ContentsIntroduction 1 About This Book 1 Foolish Assumptions 2 Icons Used in This Book 3 Beyond the Book 3 Where to Go from Here 4 Part 1: Getting Started with Networking 5 Chapter 1: Let’s Network! 7 Defining a Network 8 Why Bother with a Network? 11 Sharing files 11 Sharing resources 11 Sharing programs 12 Sharing messages 12 Servers and Clients 13 Dedicated Servers and Peers 13 What Makes a Network Tick? 15 It’s Not a Personal Computer Anymore! 16 The Network Administrator 17 What Have They Got That You Don’t Got? 18 Chapter 2: Configuring Windows and Mac Clients 21 Configuring Windows Network Connections 22 Joining a Windows Computer to a Domain 27 Configuring Mac Network Settings 29 Joining a Mac Computer to a Domain 33 Chapter 3: Life on the Network 37 Distinguishing between Local Resources and Network Resources 38 What’s in a Name? 38 Logging on to the Network 40 Understanding Shared Folders 42 Four Good Uses for a Shared Folder 43 Store files that everybody needs 43 Store your own files 44 Make a temporary resting place for files on their way to other users 44 Back up your local hard drive 45 Oh, the Network Places You’ll Go 45 Mapping Network Drives 47 Using a Network Printer 50 Adding a network printer 51 Printing to a network printer 52 Playing with the print queue 53 Logging off the Network 55 Chapter 4: More Ways to Use Your Network 57 Sharing Your Stuff 57 Enabling File and Printer Sharing 58 Sharing a Folder 59 Using the Public Folder 61 Sharing a Printer 62 Using Microsoft Office on a Network 64 Accessing network files 64 Using workgroup templates 65 Networking an Access database 67 Working with Offline Files 68 Part 2: Designing Your Network 73 Chapter 5: Planning a Network 75 Making a Network Plan 75 Being Purposeful 76 Taking Stock 77 What you need to know 77 Programs that gather information for you 79 To Dedicate or Not to Dedicate: That Is the Question 80 File servers 81 Print servers 81 Web servers 82 Mail servers 82 Database servers 83 Application servers 83 License servers 83 Choosing a Server Operating System 83 Planning the Infrastructure 84 Drawing Diagrams 84 Chapter 6: Dealing with TCP/IP 87 Understanding Binary 88 Counting by ones 88 Doing the logic thing 89 Introducing IP Addresses 90 Networks and hosts 90 The dotted-decimal dance 91 Classifying IP Addresses 91 Class A addresses 92 Class B addresses 93 Class C addresses 93 Subnetting 94 Subnets 95 Subnet masks 96 The great subnet roundup 97 Private and public addresses 98 Understanding Network Address Translation 98 Configuring Your Network for DHCP 99 Understanding DHCP 100 DHCP servers 100 Understanding scopes 101 Feeling excluded? 102 Reservations suggested 103 How long to lease? 104 Managing a Windows Server 2019 DHCP Server 104 Configuring a Windows DHCP Client 105 Using DNS 106 Domains and domain names 106 Fully qualified domain names 108 Working with the Windows DNS Server 109 Configuring a Windows DNS Client 110 Chapter 7: Oh, What a Tangled Web We Weave: Cables and Switches 111 What Is Ethernet? 112 All about Cable 114 Cable categories 116 What’s with the pairs? 117 To shield or not to shield 117 When to use plenum cable 118 Sometimes solid, sometimes stranded 118 Installation guidelines 119 The tools you need 120 Pinouts for twisted-pair cables 121 RJ-45 connectors 122 Crossover cables 124 Wall jacks and patch panels 124 Understanding Switches 126 Comparing managed and unmanaged switches 126 Daisy-chaining switches 128 Stacking switches 128 Looking at distribution switches and access switches 129 Powering Up with Power over Ethernet 130 Looking at Three Types of Network Rooms 131 Chapter 8: Setting Up a Wireless Network 133 Diving into Wireless Networking 134 A Little High School Electronics 135 Waves and frequencies 135 Wavelength and antennas 137 Spectrums and the FCC 137 Eight-Oh-Two-Dot-Eleventy Something: Understanding Wireless Standards 139 Home on the Range 140 Using Wireless Network Adapters 141 Setting Wireless Access Points 142 Infrastructure mode 142 Multifunction WAPs 143 Roaming Capabilities 144 Wireless bridging 144 Ad-hoc networks 145 Configuring a Wireless Access Point 145 Basic configuration options 146 DHCP configuration 146 Connecting to a Wireless Network 147 Paying Attention to Wireless Network Security 149 Chapter 9: Connecting to the Internet 155 Connecting to the Internet 155 Connecting with cable or DSL 156 Connecting with high-speed private lines 157 Sharing an Internet connection 158 Securing Your Connection with a Firewall 159 Using a firewall 159 Comparing residential gateways to firewall routers 161 Looking at the built-in Windows firewall 161 Providing a Backup Internet Connection 163 Part 3: Working with Servers 165 Chapter 10: Virtualizing Your Network 167 Understanding Virtualization 167 Understanding Hypervisors 169 Understanding Virtual Disks 171 Understanding Network Virtualization 173 Looking at the Benefits of Virtualization 174 Choosing Virtualization Hosts 176 Understanding Windows Server 2019 Licensing 176 Introducing Hyper-V 178 Understanding the Hyper-V hypervisor 178 Understanding virtual disks 179 Enabling Hyper-V 180 Getting Familiar with Hyper-V 181 Creating a Virtual Switch 182 Creating a Virtual Disk 184 Creating a Virtual Machine 188 Installing an Operating System 192 Chapter 11: Setting Up a Windows Server 195 Planning a Windows Server Installation 196 Checking system requirements 196 Reading the release notes 196 Considering your licensing options 196 Deciding your TCP/IP configuration 197 Choosing workgroups or domains 197 Running Setup 198 Adding Server Roles and Features 203 Creating a New Domain 208 Chapter 12: Managing Windows User Accounts 213 Understanding How Active Directory Is Organized 214 Objects 214 Domains 215 Organizational units 215 Trees 216 Forests 216 Understanding Windows User Accounts 216 Local accounts versus domain accounts 216 User account properties 217 Creating a New User 217 Setting User Properties 220 Changing the user’s contact information 220 Setting account options 221 Specifying logon hours 223 Restricting access to certain computers 223 Setting the user’s profile information 224 Resetting User Passwords 225 Disabling and Enabling User Accounts 226 Deleting a User 226 Working with Groups 227 Creating a group 227 Adding a member to a group 228 Creating a Logon Script 230 Chapter 13: Managing Network Storage 231 Understanding Disk Storage 231 Hard disk drives 231 Solid state drives to the rescue! 234 It’s a RAID! 234 Three ways to attach disks to your servers 236 Focusing on File Servers 237 Understanding permissions 237 Understanding shares 239 Managing Your File Server 240 Using the New Share Wizard 241 Sharing a folder without the wizard 245 Granting permissions 247 Part 4: Managing Your Network 251 Chapter 14: Welcome to Network Management 253 What a Network Administrator Does 254 Choosing the Part-Time Administrator 255 The Three “Ups” of Network Management 256 Managing Network Users 257 Acquiring Software Tools for Network Administrators 258 Building a Library 259 Pursuing Certification 260 Helpful Bluffs and Excuses 261 Chapter 15: Supporting Your Users 263 Establishing the Help Desk’s Charter 264 Tracking Support Tickets 265 Deciding How to Communicate with Users 267 Using Remote Assistance 268 Enabling Remote Assistance 269 Inviting someone to help you via a Remote Assistance session 270 Responding to a Remote Assistance invitation 273 Creating a Knowledge Base 275 Creating a Self-Service Help Portal 275 Using Satisfaction Surveys 276 Tracking Help Desk Performance 278 Using Help Desk Management Software 279 Chapter 16: Using Group Policy 281 Understanding Group Policy 281 Enabling Group Policy Management on Windows Server 2019 282 Creating Group Policy Objects 283 Filtering Group Policy Objects 289 Forcing Group Policy Updates 292 Chapter 17: Managing Software Deployment 293 Understanding Software Licenses 294 Using a License Server 297 Deploying Network Software 298 Deploying software manually 298 Running Setup from a network share 299 Installing silently 300 Creating an administrative installation image 301 Pushing out software with Group Policy 302 Keeping Software Up to Date 302 Chapter 18: Managing Mobile Devices 305 The Many Types of Mobile Devices 306 Considering Security for Mobile Devices 307 Managing iOS Devices 308 Understanding the iPhone 308 Understanding the iPad 309 Integrating iOS devices with Exchange 309 Configuring an iOS device for Exchange email 311 Managing Android Devices 314 Looking at the Android OS 314 Perusing Android’s core applications 315 Integrating Android with Exchange 316 Part 5: Securing Your Network 317 Chapter 19: Welcome to Cybersecurity Network 319 Do You Need Security? 320 The Three Pillars of Cybersecurity 321 Two Approaches to Security 322 Physical Security: Locking Your Doors 323 Securing User Accounts 324 Obfuscating your usernames 324 Using passwords wisely 325 Generating passwords For Dummies 326 Secure the Administrator account 328 Managing User Security 328 User accounts 329 Built-in accounts 330 User rights 331 Permissions (who gets what) 331 Group therapy 332 User profiles 333 Logon scripts 334 Securing the Human Firewall 334 Chapter 20: Hardening Your Network 337 Firewalls 337 The Many Types of Firewalls 339 Packet filtering 339 Stateful packet inspection (SPI) 341 Circuit-level gateway 342 Application gateway 342 Next-generation firewall 343 Virus Protection 343 What is a virus? 343 Antivirus programs 345 Safe computing 346 Patching Things Up 346 Chapter 21: Securing Your Email 349 Defining Spam 350 Sampling the Many Flavors of Spam 351 Using Antispam Software 352 Understanding Spam Filters 353 Looking at Three Types of Antispam Software 356 On-premises antispam 356 Antispam appliances 357 Cloud-based antispam services 358 Minimizing Spam 359 Chapter 22: Backing Up Your Data 361 3-2-1: The Golden Rule of Backups 361 How Often Should You Back Up Your Data? 363 Choosing Where to Back Up Your Data 364 Establishing Two Key Backup Objectives 365 Backing Up to Tape 366 Understanding Backup Software 367 Examining File-Based Backups 368 Full backups 369 Copy backups 370 Incremental backups 370 Differential backups 371 Backup and Virtualization 371 Verifying Tape Reliability 373 Keeping Backup Equipment Clean and Reliable 374 Setting Backup Security 375 Chapter 23: Planning for Disaster 377 Assessing Different Types of Disasters 378 Environmental disasters 379 Deliberate disasters 379 Disruption of services 380 Equipment failure 380 Other disasters 381 Analyzing the Impact of a Disaster 381 Developing a Business Continuity Plan 382 Holding a Fire Drill 383 Part 6: More Ways to Network 385 Chapter 24: Accommodating Remote Users 387 Using Outlook Web App 388 Using a Virtual Private Network 389 Looking at VPN security 390 Understanding VPN servers and clients 391 Connecting with Remote Desktop Connection 393 Enabling Remote Desktop Connection 394 Connecting remotely 395 Using keyboard shortcuts for Remote Desktop 397 Chapter 25: Life in Cloud City 399 Introducing Cloud Computing 400 Looking at the Benefits of Cloud Computing 401 Detailing the Drawbacks of Cloud Computing 402 Examining Three Basic Kinds of Cloud Services 403 Applications 404 Platforms 404 Infrastructure 405 Public Clouds versus Private Clouds 405 Introducing Some of the Major Cloud Providers 406 Amazon 406 Google 407 Microsoft 407 Getting into the Cloud 408 Chapter 26: Going Hybrid 409 What Is a Hybrid Cloud? 409 What Are the Benefits of Hybrid Cloud? 411 Elasticity 411 Flexibility 412 Agility 412 Innovation 412 Operational efficiency 412 Integrating Identity 413 Azure Active Directory 413 Single sign-on 414 Looking at Hybrid Cloud Virtualization Platforms 416 Part 7: The Part of Tens 419 Chapter 27: Ten Networking Commandments 421 I Thou Shalt Back Up Thy Data Religiously 421 II Thou Shalt Protect Thy Network from Infidels 422 III Thou Shalt Train Up Thy Users in the Ways of Safe Computing 422 IV Thou Shalt Keepeth Thy Network Drive Pure and Cleanse It of Old Files 423 V Thou Shalt Not Tinker with Thine Network Configuration unless Thou Knowest What Thou Art Doing 423 VI Thou Shalt Not Covet Thy Neighbor’s Network 423 VII Thou Shalt Not Take Down Thy Network without Proper Notification 424 VIII Thou Shalt Keep an Adequate Supply of Spare Parts 424 IX Thou Shalt Not Steal Thy Neighbor’s Program without a License 424 X Thou Shalt Write Down Thy Network Configuration upon Tablets of Stone 425 Chapter 28: Ten Big Network Mistakes 427 Skimping on Hardware 427 Turning Off or Restarting a Server Computer While Users Are Logged On 428 Deleting Important Files on the Server 429 Copying a File from the Server, Changing It, and Then Copying It Back 429 Sending Something to the Printer Again Just Because It Didn’t Print the First Time 430 Assuming That the Server Is Safely Backed Up 430 Connecting to the Internet without Considering Security Issues 430 Plugging in a Wireless Access Point without Asking 431 Thinking You Can’t Work Just Because the Network Is Down 431 Running Out of Space on a Server 432 Always Blaming the Network 433 Chapter 29: Ten Things You Should Keep in Your Closet 435 Duct Tape 435 Tools 436 Patch Cables 436 Cable Ties and Velcro 436 Twinkies 437 Replacement Parts 437 Cheap Network Switches 438 The Complete Documentation of the Network on Tablets of Stone 438 The Network Manuals and Disks 438 Ten Copies of This Book 439 Index 441
£22.09
John Wiley & Sons Inc Networking Fundamentals
Book SynopsisA clear and concise resource on Windows networking, perfect for IT beginners Did you know that nearly 85% of IT support roles require a good understanding of networking concepts? If you are looking to advance your IT career, you will need a foundational understanding of Windows networking. Network Fundamentals covers everything you need to know about network infrastructures, hardware, protocols, and services. You will learn everything you need to gain the highly in-demand Networking Fundamentals MTA Certification. This entry-level credential could be your first step into a rewarding, stable and lucrative IT career. This new Sybex guide covers the basics of networking starting from the ground level, so no previous IT knowledge is required. Each chapter features approachable discussion of the latest networking technologies and concepts, closing with a quiz so you can test your knowledge before moving to the next section. Even if you are brand new to computers, Network Fundamentals wilTable of ContentsIntroduction xv Lesson 1 Understanding Local Area Networking 1 Examining Local Area Networks, Devices, and Data Transfer 3 Defining the LAN 3 Identifying Types of LANs 20 Getting to Know Perimeter Networks 23 Identifying Network Topologies and Standards 25 Identifying Network Topologies 25 Defining Ethernet Standards 29 Identifying the Differences Between Client/Server and Peer-to-Peer 32 Skill Summary 36 Knowledge Assessment 38 Multiple Choice 38 Fill in the Blank 40 Business Case Scenarios 41 Scenario 1-1: Planning and Documenting a Basic LAN 41 Scenario 1-2: Selecting the Correct Networking Model 41 Scenario 1-3: Selecting Network Adapters for Your LAN Computers 41 Scenario 1-4: Configuring the Correct Subnet Mask 41 Solutions to Business Case Scenarios 42 Lesson 2 Defining Networks with the OSI Model 43 Understanding OSI Basics 45 Defining the OSI Model Layers 46 Defining the Communications Subnetwork 48 Define the Physical Layer 49 Define the Data Link Layer 51 Understanding Layer 2 Switching 52 Understanding Layer 3 Switching 56 Understanding Characteristics of Switches 56 Defining the Upper OSI Layers 58 Defining the Transport Layer 59 Defining the Session Layer 62 Defining the Presentation Layer 63 Defining the Application Layer 64 Reviewing the OSI Layers 65 Defining the TCP/IP Model 67 Skill Summary 68 Knowledge Assessment 69 Multiple Choice 69 Fill in the Blank 71 Business Case Scenarios 71 Scenario 2-1: Installing the Appropriate Switch 71 Scenario 2-2: Defining the IP Address and Ports Used by Destination Servers 72 Scenario 2-3: Ensuring a Newly Created Email Account’s Logon is Encrypted 72 Scenario 2-4: Creating a Permanent ARP Table Entry 72 Lesson 3 Understanding Wired and Wireless Networks 75 Recognizing Wired Networks and Media Types 77 Identifying and Working with Twisted-Pair Cables 77 Identifying and Working with Fiber-Optic Cable 86 Understanding Wireless Networks 89 Identifying Wireless Devices 89 Identifying Wireless Networking Standards 91 Skill Summary 97 Knowledge Assessment 98 Multiple Choice 98 Fill in the Blank 100 Business Case Scenarios 100 Scenario 3-1: Selecting Channels for a WLAN 100 Scenario 3-2: Running Cable Drops Properly 100 Scenario 3-3: Selecting Network Adapters for Your WLAN Computers 101 Scenario 3-4: Securing a WLAN 101 Lesson 4 Understanding Internet Protocol 103 Working with IPV4 105 Categorizing IPv4 Addresses 105 Default Gateways and DNS Servers 114 Defining Advanced IPv4 Concepts 117 Working with IPV6 129 Understanding IPv6 130 Configuring IPv6 133 Skill Summary 140 Knowledge Assessment 142 Multiple Choice 142 Fill in the Blank 144 Business Case Scenarios 145 Scenario 4-1: Defining a Private Class C IP Network 145 Scenario 4-2: Specifying the Correct Device 145 Scenario 4-3: Implementing the Correct Class Network 145 Scenario 4-4: Implementing the Correct Subnet Mask 145 Lesson 5 Implementing TCP/IP in the Command Line 147 Using Basic TCP/IP Commands 149 Working with the Command Prompt Window 149 Using ipconfig and ping 152 Working with Advanced TCP/IP Commands 162 Using netstat and nbtstat 162 Using tracert and pathping 167 Using nslookup 170 Using ftp and telnet 171 Using Windows PowerShell 173 Using net 180 Skill Summary 188 Knowledge Assessment 189 Multiple Choice 189 Fill in the Blank 192 Business Case Scenarios 195 Scenario 5-1: Connecting to an FTP Server 195 Scenario 5-2: Troubleshooting TCP/IP Results 195 Scenario 5-3: Documenting a Basic Wide Area Network 196 Scenario 5-4: Using Advanced Ping 196 Lesson 6 Working with Networking Services 199 Setting Up Common Networking Services 201 Working with the Dynamic Host Configuration Protocol (DHCP) 202 Introducing Remote Administration 208 Enable Remote Desktop 210 Access Remote Desktop 210 Defining More Networking Services 213 Defining RRAS 213 Defining IPsec 217 Defining Name Resolution Techniques 218 Defining DNS 218 Defining WINS 222 Skill Summary 223 Knowledge Assessment 225 Multiple Choice 225 Fill in the Blank 227 Business Case Scenarios 227 Scenario 6-1: Selecting the Appropriate Services 227 Scenario 6-2: Selecting the Appropriate Services 228 Scenario 6-3: Setting Up a DHCP Server 228 Scenario 6-4: Setting Up a New DHCP and Migrating Old Computers 228 Scenario 6-5: Managing Remote Connections 228 Lesson 7 Understanding Wide Area Networks 231 Understanding Routing 233 Identifying Static and Dynamic Routing 233 Understanding Quality of Service (QOS) 237 Defining Common WAN Technologies and Connections 239 Defining Packet Switching 239 Defining T-Carriers 249 Defining Other WAN Technologies and Internet Connectivity 250 Skill Summary 252 Knowledge Assessment 254 Multiple Choice 254 Fill in the Blank 256 Business Case Scenarios 256 Scenario 7-1: Selecting the Appropriate Service and Protocol 256 Scenario 7-2: Selecting the Appropriate WAN Technology 256 Scenario 7-3: Recommending the Right Service 257 Scenario 7-4: Setting Up Routes to Other Networks 257 Lesson 8 Defining Network Infrastructures and Network Security 259 Understanding Networks Outside the LAN 261 Defining the Internet 261 Defining Intranets and Extranets 262 Configuring VPN Connections and Authentication 264 Selecting Types of VPN Protocols 265 Selecting Authentication for VPN Connections 267 Creating a VPN Connection Using the Create a VPN Connection Wizard 268 Creating a VPN Connection Using Windows 10 Settings 270 Using Connection Manager (CM) and the Connection Manager Administration Kit (CMAK) 272 Understanding Security Devices and Zones 273 Defining Firewalls and Other Perimeter Security Devices 273 Redefining the DMZ 277 Putting It All Together 278 Skill Summary 281 Knowledge Assessment 282 Multiple Choice 282 Fill in the Blank 284 Business Case Scenarios 285 Scenario 8-1: Setting Up a DMZ 285 Scenario 8-2: Selecting the Appropriate Solution 285 Scenario 8-3: Setting Up a PPTP Server 285 Scenario 8-4: Creating a WAN with VPN 286 Appendix Answer Key 289 Lesson 1: Understanding Local Area Networking 290 Answers to Knowledge Assessment 290 Answers to Business Case Scenarios 291 Lesson 2: Defining Networks with the OSI Model 292 Answers to Knowledge Assessment 292 Answers to Business Case Scenarios 293 Lesson 3: Understanding Wired and Wireless Networks 293 Answers to Knowledge Assessment 293 Answers to Business Case Scenarios 294 Lesson 4: Understanding Internet Protocol 295 Answers to Knowledge Assessment 295 Answers to Business Case Scenarios 296 Lesson 5: Implementing TCP/IP in the Command Line 297 Answers to Knowledge Assessment 297 Answers to Business Case Scenarios 298 Lesson 6: Working with Networking Services 298 Answers to Knowledge Assessment 298 Answers to Business Case Scenarios 299 Lesson 7: Understanding Wide Area Networks 301 Answers to Knowledge Assessment 301 Answers to Business Case Scenarios 302 Lesson 8: Defining Network Infrastructure and Network Security 302 Answers to Knowledge Assessment 302 Answers to Business Case Scenarios 303 Index 305
£26.34
John Wiley & Sons Inc Hacking Multifactor Authentication
Book SynopsisProtect your organization from scandalously easy-to-hack MFA security solutions Multi-Factor Authentication (MFA) isspreading like wildfire across digital environments.However, hundreds of millions of dollars have been stolen from MFA-protected online accounts.How?Mostpeoplewho usemultifactor authentication (MFA)have been told thatitis far less hackablethan other types of authentication, or eventhat it isunhackable. You might beshocked to learnthatall MFA solutions areactuallyeasyto hack.That's right: there is noperfectlysafe MFA solution.In fact, most can be hacked at leastfivedifferent ways.Hacking Multifactor Authenticationwillshow youhow MFA works behind the scenes and how poorlylinkedmulti-stepauthentication steps allowsMFA to be hacked and compromised. Thisbook coversovertwodozenwaysthatvarious MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions.You'll learn about thevarious types of MFA solutions, their strengthens and weaknesses, andhowTable of ContentsIntroduction xxv Who This Book is For xxvii What is Covered in This Book? xxvii MFA is Good xxx How to Contact Wiley or the Author xxxi Part I Introduction 1 1 Logon Problems 3 It’s Bad Out There 3 The Problem with Passwords 5 Password Basics 9 Identity 9 The Password 10 Password Registration 11 Password Complexity 11 Password Storage 12 Password Authentication 13 Password Policies 15 Passwords Will Be with Us for a While 18 Password Problems and Attacks 18 Password Guessing 19 Password Hash Cracking 23 Password Stealing 27 Passwords in Plain View 28 Just Ask for It 29 Password Hacking Defenses 30 MFA Riding to the Rescue? 31 Summary 32 2 Authentication Basics 33 Authentication Life Cycle 34 Identity 35 Authentication 46 Authorization 54 Accounting/Auditing 54 Standards 56 Laws of Identity 56 Authentication Problems in the Real World 57 Summary 58 3 Types of Authentication 59 Personal Recognition 59 Knowledge-Based Authentication 60 Passwords 60 PINS 62 Solving Puzzles 64 Password Managers 69 Single Sign-Ons and Proxies 71 Cryptography 72 Encryption 73 Public Key Infrastructure 76 Hashing 79 Hardware Tokens 81 One-Time Password Devices 81 Physical Connection Devices 83 Wireless 87 Phone-Based 89 Voice Authentication 89 Phone Apps 89 SMS 92 Biometrics 92 FIDO 93 Federated Identities and APIs 94 OAuth 94 APIs 96 Contextual/Adaptive 96 Less Popular Methods 97 Voiceover Radio 97 Paper-Based 98 Summary 99 4 Usability vs Security 101 What Does Usability Mean? 101 We Don’t Really Want the Best Security 103 Security Isn’t Usually Binary 105 Too Secure 106 Seven-Factor MFA 106 Moving ATM Keypad Numbers 108 Not as Worried as You Think About Hacking 109 Unhackable Fallacy 110 Unbreakable Oracle 113 DJB 113 Unhackable Quantum Cryptography 114 We are Reactive Sheep 115 Security Theater r 116 Security by Obscurity 117 MFA Will Cause Slowdowns 117 MFA Will Cause Downtime 118 No MFA Solution Works Everywhere 118 Summary 119 Part II Hacking MFA 121 5 Hacking MFA in General 123 MFA Dependency Components 124 Enrollment 125 User 127 Devices/Hardware 127 Software 128 API 129 Authentication Factors 129 Authentication Secrets Store 129 Cryptography 130 Technology 130 Transmission/Network Channel 131 Namespace 131 Supporting Infrastructure 131 Relying Party 132 Federation/Proxies 132 Alternate Authentication Methods/Recovery 132 Migrations 133 Deprovision 133 MFA Component Conclusion 134 Main Hacking Methods 134 Technical Attacks 134 Human Element 135 Physical 137 Two or More Hacking Methods Used 137 “You Didn’t Hack the MFA!” 137 How MFA Vulnerabilities are Found 138 Threat Modeling 138 Code Review 138 Fuzz Testing 138 Penetration Testing 139 Vulnerability Scanning 139 Human Testing 139 Accidents 140 Summary 140 6 Access Control Token Tricks 141 Access Token Basics 141 Access Control Token General Hacks142 Token Reproduction/Guessing 142 Token Theft 145 Reproducing Token Hack Examples 146 Network Session Hijacking Techniques and Examples 149 Firesheep 149 MitM Attacks 150 Access Control Token Attack Defenses 157 Generate Random, Unguessable Session IDs 157 Use Industry-Accepted Cryptography and Key Sizes 158 Developers Should Follow Secure Coding Practices 159 Use Secure Transmission Channels 159 Include Timeout Protections 159 Tie the Token to Specifi c Devices or Sites 159 Summary 161 7 Endpoint Attacks 163 Endpoint Attack Risks 163 General Endpoint Attacks 165 Programming Attacks 165 Physical Access Attacks 165 What Can an Endpoint Attacker Do? 166 Specifi c Endpoint Attack Examples 169 Bancos Trojans 169 Transaction Attacks 171 Mobile Attacks 172 Compromised MFA Keys 173 Endpoint Attack Defenses 174 MFA Developer Defenses 174 End-User Defenses 177 Summary 179 8 SMS Attacks 181 Introduction to SMS 181 SS7 184 Biggest SMS Weaknesses 186 Example SMS Attacks 187 SIM Swap Attacks 187 SMS Impersonation 191 SMS Buffer Overflow 194 Cell Phone User Account Hijacking 195 Attacks Against the Underlying Supporting Infrastructure 196 Other SMS-Based Attacks 196 SIM/SMS Attack Method Summary 197 NIST Digital Identity Guidelines Warning 198 Defenses to SMS-Based MFA Attacks 199 Developer Defenses 199 User Defenses 201 Is RCS Here to Save Mobile Messaging? 202 Is SMS-Based MFA Still Better than Passwords? 202 Summary 203 9 One-Time Password Attacks 205 Introduction to OTP 205 Seed Value-Based OTPs 208 HMAC-Based OTP 209 Event-Based OTP 211 TOTP 212 Example OTP Attacks 217 Phishing OTP Codes 217 Poor OTP Creation 219 OTP Theft, Re-Creation, and Reuse 219 Stolen Seed Database 220 Defenses to OTP Attacks 222 Developer Defenses 222 Use Reliable and Trusted and Tested OTP Algorithms 223 OTP Setup Code Must Expire 223 OTP Result Code Must Expire 223 Prevent OTP Replay 224 Make Sure Your RNG is NIST-Certified or Quantum 224 Increase Security by Requiring Additional Entry Beyond OTP Code 224 Stop Brute-Forcing Attacks224 Secure Seed Value Database 225 User Defenses 225 Summary 226 10 Subject Hijack Attacks 227 Introduction 227 Example Attacks 228 Active Directory and Smartcards 228 Simulated Demo Environment 231 Subject Hijack Demo Attack 234 The Broader Issue 240 Dynamic Access Control Example 240 ADFS MFA Bypass 241 Defenses to Component Attacks 242 Threat Model Dependency Abuse Scenarios 242 Secure Critical Dependencies 242 Educate About Dependency Abuses 243 Prevent One to Many Mappings 244 Monitor Critical Dependencies 244 Summary 244 11 Fake Authentication Attacks 245 Learning About Fake Authentication Through UAC 245 Example Fake Authentication Attacks 251 Look-Alike Websites 251 Fake Office 365 Logons 252 Using an MFA-Incompatible Service or Protocol 253 Defenses to Fake Authentication Attacks 254 Developer Defenses 254 User Defenses 256 Summary 257 12 Social Engineering Attacks 259 Introduction 259 Social Engineering Commonalities 261 Unauthenticated Communication 261 Nonphysical 262 Usually Involves Well-Known Brands 263 Often Based on Notable Current Events and Interests 264 Uses Stressors 264 Advanced: Pretexting 265 Third-Party Reliances 266 Example Social Engineering Attacks on MFA 266 Fake Bank Alert 267 Crying Babies 267 Hacking Building Access Cards 268 Defenses to Social Engineering Attacks on MFA 270 Developer Defenses to MFA 270 User Defenses to Social Engineering Attacks 271 Summary 273 13 Downgrade/Recovery Attacks 275 Introduction 275 Example Downgrade/Recovery Attacks 276 Alternate Email Address Recovery 276 Abusing Master Codes 280 Guessing Personal-Knowledge Questions 281 Defenses to Downgrade/Recovery Attacks 287 Developer Defenses to Downgrade/Recovery Attacks 287 User Defenses to Downgrade/Recovery Attacks 292 Summary 294 14 Brute-Force Attacks 295 Introduction 295 Birthday Attack Method 296 Brute-Force Attack Methods 297 Example of Brute-Force Attacks 298 OTP Bypass Brute-Force Test 298 Instagram MFA Brute-Force 299 Slack MFA Brute-Force Bypass 299 UAA MFA Brute-Force Bug 300 Grab Android MFA Brute-Force 300 Unlimited Biometric Brute-Forcing 300 Defenses Against Brute-Force Attacks 301 Developer Defenses Against Brute-Force Attacks 301 User Defenses Against Brute-Force Attacks 305 Summary 306 15 Buggy Software 307 Introduction 307 Common Types of Vulnerabilities 308 Vulnerability Outcomes 316 Examples of Vulnerability Attacks 317 Uber MFA Vulnerability 317 Google Authenticator Vulnerability 318 YubiKey Vulnerability 318 Multiple RSA Vulnerabilities 318 SafeNet Vulnerability 319 Login gov 319 ROCA Vulnerability 320 Defenses to Vulnerability Attacks 321 Developer Defenses Against Vulnerability Attacks 321 User Defenses Against Vulnerability Attacks 322 Summary 323 16 Attacks Against Biometrics 325 Introduction 325 Biometrics 326 Common Biometric Authentication Factors 327 How Biometrics Work 337 Problems with Biometric Authentication 339 High False Error Rates 340 Privacy Issues 344 Disease Transmission 345 Example Biometric Attacks 345 Fingerprint Attacks345 Hand Vein Attack 348 Eye Biometric Spoof Attacks 348 Facial Recognition Attacks 349 Defenses Against Biometric Attacks 352 Developer Defenses Against Biometric Attacks 352 User/Admin Defenses Against Biometric Attacks 354 Summary 355 17 Physical Attacks 357 Introduction 357 Types of Physical Attacks 357 Example Physical Attacks 362 Smartcard Side-Channel Attack 362 Electron Microscope Attack 364 Cold-Boot Attacks 365 Snooping On RFID-Enabled Credit Cards 367 EMV Credit Card Tricks 370 Defenses Against Physical Attacks 370 Developer Defenses Against Physical Attacks 371 User Defenses Against Physical Attacks 372 Summary 375 18 DNS Hijacking 377 Introduction 377 DNS 378 DNS Record Types 382 Common DNS Hacks 382 Example Namespace Hijacking Attacks 388 DNS Hijacking Attacks 388 MX Record Hijacks 388 Dangling CDN Hijack 389 Registrar Takeover 390 DNS Character Set Tricks 390 ASN 1 Tricks 392 BGP Hijacks 392 Defenses Against Namespace Hijacking Attacks 393 Developer Defenses 394 User Defenses 395 Summary 397 19 API Abuses 399 Introduction 399 Common Authentication Standards and Protocols Involving APIs 402 Other Common API Standards and Components 411 Examples of API Abuse 414 Compromised API Keys 414 Bypassing PayPal 2FA Using an API 415 AuthO MFA Bypass 416 Authy API Format Injection 417 Duo API As-Designed MFA Bypass 417 Microsoft OAuth Attack 419 Sign In with Apple MFA Bypass 419 Token TOTP BLOB Future Attack 420 Defenses Against API Abuses 420 Developer Defenses Against API Abuses 420 User Defenses Against API Abuses 422 Summary 423 20 Miscellaneous MFA Hacks 425 Amazon Mystery Device MFA Bypass 425 Obtaining Old Phone Numbers 426 Auto-Logon MFA Bypass 427 Password Reset MFA Bypass 427 Hidden Cameras 427 Keyboard Acoustic Eavesdropping 428 Password Hints 428 HP MFA DoS 429 Trojan TOTP 429 Hackers Turn MFA to Defeat You 430 Summary 430 21 Test: Can You Spot the Vulnerabilities? 431 Threat Modeling MFA Solutions 431 Document and Diagram the Components 432 Brainstorm Potential Attacks 432 Estimate Risk and Potential Losses 434 Create and Test Mitigations 436 Do Security Reviews 436 Introducing the Bloomberg MFA Device 436 Bloomberg, L P and the Bloomberg Terminal 437 New User B-Unit Registration and Use 438 Threat-Modeling the Bloomberg MFA Device 439 Threat-Modeling the B-Unit in a General Example 440 Specific Possible Attacks 441 Multi-Factor Authentication Security Assessment Tool 450 Summary 451 Part III Looking Forward 453 22 Designing a Secure Solution 455 Introduction 455 Exercise: Secure Remote Online Electronic Voting 457 Use Case Scenario 457 Threat Modeling 458 SDL Design 460 Physical Design and Defenses 461 Cryptography 462 Provisioning/Registration 463 Authentication and Operations 464 Verifiable/Auditable Vote 466 Communications 467 Backend Blockchain Ledger 467 Migration and Deprovisioning 470 API 470 Operational Training 470 Security Awareness Training 470 Miscellaneous 471 Summary 471 23 Selecting the Right MFA Solution 473 Introduction 473 The Process for Selecting the Right MFA Solution 476 Create a Project Team 477 Create a Project Plan 478 Educate 479 Determine What Needs to Be Protected 479 Choose Required and Desired Features 480 Research/Select Vendor Solutions 488 Conduct a Pilot Project 490 Select a Winner 491 Deploy to Production 491 Summary 491 24 The Future of Authentication 493 Cyber Crime is Here to Stay 493 Future Attacks 494 Increasing Sophisticated Automation 495 Increased Nation-State Attacks 496 Cloud-Based Threats 497 Automated Attacks Against MFA 497 What is Likely Staying 498 Passwords 498 Proactive Alerts 498 Preregistration of Sites and Devices 499 Phones as MFA Devices 500 Wireless 501 Changing/Morphing Standards 501 The Future 501 Zero Trust 502 Continuous, Adaptive, Risk-Based 503 Quantum-Resistant Cryptography 506 Interesting Newer Authentication Ideas 506 Summary 507 25 Takeaway Lessons 509 Broader Lessons 509 MFA Works 509 MFA is Not Unhackable 510 Education is Key 510 Security Isn’t Everything 511 Every MFA Solution Has Trade-Offs 511 Authentication Does Not Exist in a Vacuum 512 There is No Single Best MFA Solution for Everyone 515 There are Better MFA Solutions 515 MFA Defensive Recap 516 Developer Defense Summary 516 User Defense Summary 518 Appendix: List of MFA Vendors 521 Index 527
£24.79
John Wiley & Sons Inc Understanding Cisco Networking Technologies
Book SynopsisLeading Cisco authority Todd Lammle helps you gain insights into the new core Cisco network technologies Understanding Cisco Networking Technologies is an important resource for those preparing for the new Cisco Certified Network Associate (CCNA) certification exam as well as IT professionals looking to understand Cisco's latest networking products, services, and technologies. Written by bestselling author and internationally recognized Cisco expert Todd Lammle, this in-depth guide provides the fundamental knowledge required to implement and administer a broad range of modern networking and IT infrastructure. Cisco is the worldwide leader in network technologies80% of the routers on the Internet are Cisco. This authoritative book provides you with a solid foundation in Cisco networking, enabling you to apply your technical knowledge to real-world tasks. Clear and accurate chapters cover topics including routers, switches, controllers and other network comTable of ContentsIntroduction xvii Chapter 1 Internetworking 1 Internetworking Basics 2 Internetworking Models 10 The Layered Approach 11 Advantages of Reference Models 12 The OSI Reference Model 12 The Application Layer 14 The Presentation Layer 15 The Session Layer 16 The Transport Layer 16 The Network Layer 21 The Data Link Layer 23 The Physical Layer 26 Summary 29 Chapter 2 Ethernet Networking and Data Encapsulation 31 Ethernet Networks in Review 32 Collision Domain 32 Broadcast Domain 34 CSMA/CD 35 Half- and Full-Duplex Ethernet 36 Ethernet at the Data Link Layer 38 Ethernet at the Physical Layer 45 Ethernet Cabling 48 Straight-Through Cable 49 Crossover Cable 49 Rolled Cable 51 Fiber Optic 53 Data Encapsulation 55 The Cisco Three-Layer Hierarchical Model 59 The Core Layer 60 The Distribution Layer 60 The Access Layer 61 Summary 61 Chapter 3 Introduction to TCP/IP 63 Introducing TCP/IP 64 A Brief History of TCP/IP 64 TCP/IP and the DoD Model 65 The Process/Application Layer Protocols 66 The Host-to-Host or Transport Layer Protocols 76 The Internet Layer Protocols 85 IP Addressing 93 IP Terminology 94 The Hierarchical IP Addressing Scheme 94 Private IP Addresses (RFC 1918) 99 IPv4 Address Types 101 Layer 2 Broadcasts 101 Layer 3 Broadcasts 102 Unicast Address 102 Multicast Address 103 Summary 104 Chapter 4 Easy Subnetting 105 Subnetting Basics 106 How to Create Subnets 107 Subnet Masks 108 Classless Inter-Domain Routing (CIDR) 109 IP Subnet-Zero 111 Subnetting Class C Addresses 112 Subnetting Class B Addresses 123 Summary 131 Chapter 5 Troubleshooting IP Addressing 133 Cisco’s Way of Troubleshooting IP 134 Determining IP Address Problems 137 Summary 141 Chapter 6 Cisco’s Internetworking Operating System (IOS) 143 The IOS User Interface 144 Cisco IOS 144 Connecting to a Cisco IOS Device 145 Bringing Up a Switch 147 Command-Line Interface (CLI) 147 Entering the CLI 148 Overview of Router Modes 148 CLI Prompts 149 Editing and Help Features 151 Administrative Configurations 156 Hostnames 157 Banners 157 Setting Passwords 159 Encrypting Your Passwords 165 Descriptions 166 Router and Switch Interfaces 169 Bringing Up an Interface 172 Viewing, Saving, and Erasing Configurations 177 Deleting the Configuration and Reloading the Device 179 Verifying Your Configuration 179 Summary 192 Chapter 7 Managing a Cisco Internetwork 193 The Internal Components of a Cisco Router and Switch 194 The Router and Switch Boot Sequence 195 Backing Up and Restoring the Cisco Configuration 196 Backing Up the Cisco Configuration 197 Restoring the Cisco Configuration 199 Erasing the Configuration 199 Configuring DHCP 200 DHCP Relay 202 Verifying DHCP on Cisco IOS 202 Using Telnet 203 Telnetting into Multiple Devices Simultaneously 205 Checking Telnet Connections 205 Checking Telnet Users 206 Closing Telnet Sessions 206 Resolving Hostnames 206 Building a Host Table 207 Using DNS to Resolve Names 208 Checking Network Connectivity and Troubleshooting 210 Using the ping Command 210 Using the traceroute Command 211 Debugging 212 Using the show processes Command 215 Summary 215 Chapter 8 Managing Cisco Devices 217 Managing the Configuration Register 218 Understanding the Configuration Register Bits 218 Checking the Current Configuration Register Value 220 Boot System Commands 221 Recovering Passwords 222 Backing Up and Restoring the Cisco IOS 224 Verifying Flash Memory 226 Backing Up the Cisco IOS 227 Restoring or Upgrading the Cisco Router IOS 227 Using the Cisco IOS File System (Cisco IFS) 230 Licensing 235 Right-To-Use Licenses (Evaluation Licenses) 237 Backing Up and Uninstalling the License 240 Summary 241 Chapter 9 IP Routing 243 Routing Basics 245 The IP Routing Process 247 The Cisco Router Internal Process 253 Testing Your IP Routing Understanding 254 Configuring IP Routing 258 Corp Configuration 259 SF Configuration 261 LA Configuration 265 Configuring IP Routing in Our Network 267 Static Routing 268 Default Routing 273 Dynamic Routing 276 Routing Protocol Basics 276 Routing Information Protocol (RIP) 278 Configuring RIP Routing 279 Holding Down RIP Propagations 282 Summary 284 Chapter 10 Wide Area Networks 287 Introduction to Wide Area Networks 288 WAN Topology Options 289 Defining WAN Terms 291 WAN Connection Bandwidth 292 WAN Connection Types 293 WAN Support 294 Cabling the Serial Wide Area Network 297 Serial Transmission 297 Data Terminal Equipment and Data Communication Equipment 298 High-Level Data-Link Control (HDLC) Protocol 299 Point-to-Point Protocol (PPP) 301 Link Control Protocol (LCP) Configuration Options 303 PPP Session Establishment 303 PPP Authentication Methods 304 Configuring PPP on Cisco Routers 304 Configuring PPP Authentication 305 Verifying and Troubleshooting Serial Links 305 Multilink PPP (MLP) 311 PPP Client (PPPoE) 314 Configuring a PPPoE client 315 Summary 316 Glossary 317 Index 365
£30.39
John Wiley & Sons Inc CCNA Certification Study Guide
Book SynopsisCisco expert Todd Lammle prepares you for the NEW Cisco CCNA certification exam! Cisco, the world leader in network technologies, has released the new Cisco Certified Network Associate (CCNA) exam. This consolidated certification exam tests a candidate's ability to implement and administer a wide range of modern IT networking technologies. The CCNA Certification Study Guide: Volume 2 Exam 200-301 covers every exam objective, including network components, IP connectivity and routing, network security, virtual networking, and much more. Clear and accurate chapters provide you with real-world examples, hands-on activities, in-depth explanations, and numerous review questions to ensure that you're fully prepared on exam day. Written by the leading expert on Cisco technologies and certifications, this comprehensive exam guide includes access to the acclaimed Sybex online learning systeman interactive environment featuring practice exams, electronic flashcards,Table of ContentsIntroduction xxv Assessment Test xl Chapter 1 Network Fundamentals 1 Network Components 2 Next-Generation Firewalls and IPS 6 Network Topology Architectures 10 Physical Interfaces and Cables 17 Ethernet Cabling 19 Summary 24 Exam Essentials 24 Review Questions 26 Chapter 2 TCP/IP 29 Introducing TCP/IP 30 TCP/IP and the DoD Model 31 IP Addressing 60 IPv4 Address Types 67 Summary 71 Exam Essentials 71 Review Questions 73 Chapter 3 Easy Subnetting 75 Subnetting Basics 76 Summary 102 Exam Essentials 102 Review Questions 103 Chapter 4 Troubleshooting IP Addressing 105 Cisco’s Way of Troubleshooting IP 106 Summary 114 Exam Essentials 114 Review Questions 115 Chapter 5 IP Routing 117 Routing Basics 119 The IP Routing Process 121 Configuring IP Routing 132 Configuring IP Routing in Our Network 141 Dynamic Routing 150 Routing Information Protocol (RIP) 152 Summary 159 Exam Essentials 159 Review Questions 161 Chapter 6 Open Shortest Path First (OSPF) 163 Open Shortest Path First (OSPF) Basics 164 Configuring OSPF 171 OSPF and Loopback Interfaces 179 Verifying OSPF Configuration 182 Summary 188 Exam Essentials 188 Review Questions 189 Chapter 7 Layer 2 Switching 193 Switching Services 194 Configuring Catalyst Switches 204 Summary 215 Exam Essentials 215 Review Questions 216 Chapter 8 VLANs and Inter-VLAN Routing 219 VLAN Basics 220 Identifying VLANs 224 Routing Between VLANs 229 Configuring VLANs 231 Summary 247 Exam Essentials 247 Review Questions 248 Chapter 9 Enhanced Switched Technologies 251 Spanning Tree Protocol (STP) 252 Types of Spanning-Tree Protocols 259 Modifying and Verifying the Bridge ID 267 Spanning-Tree Failure Consequences 273 PortFast and BPDU Guard 275 EtherChannel 278 Summary 284 Exam Essentials 284 Review Questions 285 Chapter 10 Access Lists 289 Perimeter, Firewall, and Internal Routers 290 Introduction to Access Lists 291 Standard Access Lists 295 Extended Access Lists 303 Monitoring Access Lists 313 Summary 316 Exam Essentials 316 Review Questions 317 Chapter 11 Network Address Translation (NAT) 319 When Do We Use NAT? 320 Types of Network Address Translation 322 NAT Names 322 How NAT Works 323 Testing and Troubleshooting NAT 328 Summary 333 Exam Essentials 333 Review Questions 334 Chapter 12 IP Services 337 Exploring Connected Devices Using CDP and LLDP 338 Network Time Protocol (NTP) 347 SNMP 348 Syslog 352 Secure Shell (SSH) 357 Summary 358 Exam Essentials 358 Review Questions 360 Chapter 13 Security 363 Network Security Threats 365 Three Primary Network Attacks 365 Network Attacks 366 Security Program Elements 374 Layer 2 Security Features 378 Authentication Methods 381 Managing User Accounts 386 Security Password Policy Elements 389 User-Authentication Methods 398 Setting Passwords 400 Summary 407 Exam Essentials 407 Review Questions 408 Chapter 14 First Hop Redundancy Protocol (HSRP) 411 Client Redundancy Issues 412 Introducing First Hop Redundancy Protocol (FHRP) 414 Hot Standby Router Protocol (HSRP) 416 Summary 429 Exam Essentials 429 Review Questions 430 Chapter 15 Virtual Private Networks (VPNs) 433 Virtual Private Networks 434 GRE Tunnels 441 Summary 447 Exam Essentials 447 Review Questions 448 Chapter 16 Quality of Service (QoS) 451 Quality of Service 452 Trust Boundary 454 QoS Mechanisms 455 Summary 461 Exam Essentials 461 Review Questions 462 Chapter 17 Internet Protocol Version 6 (IPv6) 465 Why Do We Need IPv6? 467 The Benefits and Uses of IPv6 467 IPv6 Addressing and Expressions 469 How IPv6 Works in an Internetwork 473 IPv6 Routing Protocols 483 Configuring IPv6 on Our Internetwork 484 Configuring Routing on Our Internetwork 487 Summary 490 Exam Essentials 490 Review Questions 492 Chapter 18 Troubleshooting IP, IPv6, and VLANs 495 Endpoints 496 Servers 497 IP Config 498 Troubleshooting IP Network Connectivity 507 Troubleshooting IPv6 Network Connectivity 522 Troubleshooting VLAN Connectivity 531 Summary 544 Exam Essentials 545 Review Questions 546 Chapter 19 Wireless Technologies 549 Wireless Networks 551 Basic Wireless Devices 553 Wireless Principles 556 Nonoverlapping Wi-Fi channels 565 Radio Frequency (RF) 569 Wireless Security 581 Summary 588 Exam Essentials 588 Review Question 590 Chapter 20 Configuring Wireless Technologies 595 WLAN Deployment Models 596 Setting Up a Wireless LAN Controller (WLC) 602 Joining Access Points (APs) 607 Wireless LAN Controllers (WLC) 610 WLC Port Types 611 WLC Interface Types 614 AP Modes 629 AP and WLC Management Access Connections 633 Summary 655 Exam Essentials 655 Review Questions 657 Chapter 21 Virtualization, Automation, and Programmability 661 Virtual Machine Fundamentals 662 Virtualization Components 665 Virtualization Features 666 Virtualization Types 668 Virtualization Solutions 669 Automation Components 670 Summary 684 Exam Essentials 684 Review Questions 685 Chapter 22 SDN Controllers 689 Traditional Network Monitoring Systems (NMS) 690 Traditional Network Configuration Managers (NCM) 699 Traditional Networking 702 Introduction to SDN 706 Separating the Control Plane 709 Controller-Based Architectures 710 SDN Network Components 712 DNA Center Overview 718 Summary 736 Exam Essentials 737 Review Questions 738 Chapter 23 Configuration Management 743 Team Silos 744 DevOps 748 Infrastructure as Code (IaC) 748 Ansible 750 Ansible Tower/AWX 763 Puppet 764 Chef 772 Summary 781 Exam Essentials 782 Review Questions 783 Appendix Answer to Review Questions 787 Chapter 1: Network Fundamentals 788 Chapter 2: TCP/IP 788 Chapter 3: Easy Subnetting 789 Chapter 4: Troubleshooting IP Addressing 790 Chapter 5: IP Routing 791 Chapter 6: Open Shortest Path First (OSPF) 792 Chapter 7: Layer 2 Switching 792 Chapter 8: VLANs and Inter-VLAN Routing 794 Chapter 9: Enhanced Switched Technologies 795 Chapter 10: Access Lists 796 Chapter 11: Network Address Translation (NAT) 797 Chapter 12: IP Services 797 Chapter 13: Security 798 Chapter 14: First Hop Redundancy Protocol (HSRP) 799 Chapter 15: Virtual Private Networks (VPNs) 800 Chapter 16: Quality of Service (QoS) 801 Chapter 17: Internet Protocol Version 6 (IPv6) 802 Chapter 18: Troubleshooting IP, IPv6, and VLANs 803 Chapter 19: Wireless Technologies 803 Chapter 20: Configuring Wireless Technologies 805 Chapter 21: Virtualization, Automation, and Programmability 806 Chapter 22: SDN Controllers 806 Chapter 23: Configuration Management 808 Index 809
£45.90
John Wiley & Sons Inc PeopleCentric Skills
Book SynopsisUse your interpersonal and communication skills as a financial professional to work successfully with clients Embark on a journey to further develop your career when you read People-Centric Skills: Interpersonal and Communication Skills for Financial Professionals, 2nd Edition. Business leaders consider employee communication skills and critical thinking abilities as essential elements for success. In their work, all professionals must communicate clearly and rely on their interpersonal skills to be successful. This second edition of People-Centric Skills shares the fictional story of Dalton Zimmer, executive coach and public speaker. Dalton, all the while juggling his business, kids and social life, provides coaching and communication strategies for handling challenging situations faced by his clients. This insightful narrative will help you expand communication and soft skills as a CPA, auditor, financial planner or otherTable of ContentsForeword ix Preface xi Acknowledgments xv Chapter 1 The People-Centric Journey Begins Anew 1 Chapter 2 Reading Through People 5 Chapter 3 Emotional Intelligence 29 Chapter 4 Different Points of View: Using Self-Awareness and Empathy Effectively 47 Chapter 5 Wrong Mode = Wrong Mood: Determining the Optimal Mode of Communication 51 Chapter 6 Influencing Change Throughout Any Business 59 Chapter 7 Projecting the Real You: Public Speaking 65 Chapter 8 Coaching and Mentoring 93 Chapter 9 Presentation Skills and Body Language 99 Chapter 10 Thinking Quickly on Your Feet 125 Chapter 11 Coaching and Mentoring, Revisited 131 Chapter 12 Crisis Management 139 Epilogue 143 Appendix 145 About the Author 179 Index 181
£17.09
John Wiley & Sons Inc CCNA Certification Practice Tests
Book SynopsisTable of ContentsIntroduction xv Chapter 1 Network Fundamentals (Domain 1) 1 Chapter 2 Network Access (Domain 2) 43 Chapter 3 IP Connectivity (Domain 3) 87 Chapter 4 IP Services (Domain 4) 139 Chapter 5 Security Fundamentals (Domain 5) 161 Chapter 6 Automation and Programmability (Domain 6) 193 Chapter 7 Practice Exam 1 213 Chapter 8 Practice Exam 2 235 Appendix Answers to Practice Test Questions 255 Chapter 1: Network Fundamentals (Domain 1) 256 Chapter 2: Network Access (Domain 2) 284 Chapter 3: IP Connectivity (Domain 3) 309 Chapter 4: IP Services (Domain 4) 342 Chapter 5: Security Fundamentals (Domain 5) 355 Chapter 6: Automation and Programmability (Domain 6) 375 Chapter 7: Practice Exam 1 389 Chapter 8: Practice Exam 2 402 Index 417
£27.75
John Wiley & Sons Inc CCNA Certification Study Guide and Practice Tests
Book Synopsis
£61.75
John Wiley & Sons Inc Cisco CCNA Certification 2 Volume Set
Book Synopsis
£66.50
John Wiley & Sons Inc Networking AllinOne For Dummies
Book SynopsisTable of ContentsIntroduction 1 Book 1: Getting Started with Networking 5 Chapter 1: Welcome to Networking 7 Chapter 2: Network Infrastructure 23 Chapter 3: Switches, Routers, and VLANs 39 Chapter 4: Cybersecurity 55 Chapter 5: Servers and Virtualization 67 Chapter 6: Cloud Computing 79 Book 2: Understanding Network Protocols 89 Chapter 1: Network Protocols and Standards 91 Chapter 2: TCP/IP and the Internet 115 Chapter 3: IP Addresses 123 Chapter 4: Routing 145 Chapter 5: Dhcp 155 Chapter 6: Dns 173 Chapter 7: TCP/IP Tools and Commands 207 Book 3: Planning a Network 235 Chapter 1: Local Area Networks 237 Chapter 2: Wide Area Networks 253 Chapter 3: Server Architecture 267 Chapter 4: Virtualization Architecture 277 Chapter 5: Storage Architecture 289 Chapter 6: Backup Architecture 301 Chapter 7: Hyperconverged Infrastructure 319 Book 4: Implementing a Network 331 Chapter 1: Network Hardware 333 Chapter 2: Wireless Networks 345 Chapter 3: Windows Clients 365 Chapter 4: Mac Networking 375 Chapter 5: Network Printers 383 Chapter 6: Virtual Private Networks 389 Book 5: Implementing Virtualization 395 Chapter 1: Hyper-V 397 Chapter 2: VMware 417 Chapter 3: Azure 429 Chapter 4: Amazon Web Services 445 Chapter 5: Desktop Virtualization 463 Book 6: Implementing Windows Server 2019 471 Chapter 1: Installing Windows Server 2019 473 Chapter 2: Configuring Windows Server 2019 489 Chapter 3: Configuring Active Directory 499 Chapter 4: Configuring User Accounts 511 Chapter 5: Configuring a File Server 533 Chapter 6: Using Group Policy 549 Chapter 7: Typing Windows Commands 561 Chapter 8: Using PowerShell 589 Book 7: Administering Microsoft Office 365 609 Chapter 1: Getting Started with Office 365 Administration 611 Chapter 2: Configuring Exchange Online 631 Chapter 3: Administering Teams 651 Book 8: Implementing Linux 667 Chapter 1: Installing a Linux Server 669 Chapter 2: Linux Administration 683 Chapter 3: Basic Linux Network Configuration 715 Chapter 4: Running DHCP and DNS 727 Chapter 5: Doing the Samba Dance 739 Chapter 6: Running Apache 747 Chapter 7: Running Postfix 761 Chapter 8: Linux Commands 771 Book 9: Managing a Network 801 Chapter 1: Welcome to Network Administration 803 Chapter 2: Managing Remotely 817 Chapter 3: Managing Network Assets 835 Chapter 4: Solving Network Problems 847 Chapter 5: Managing Software Deployment 863 Chapter 6: Managing Mobile Devices 875 Book 10: Dealing with Cybersecurity 889 Chapter 1: Securing Your Users 891 Chapter 2: Managing Firewalls and Virus Protection 901 Chapter 3: Dealing with Spam 921 Chapter 4: Managing Disaster Recovery and Business Continuity Planning 935 Appendixes 943 Appendix A: Directory of Useful Websites 945 Appendix B: Glossary 953 Index 975
£44.81
John Wiley & Sons Inc IP Address Management Second Edition IEEE Press
Book SynopsisTable of ContentsPreface xix Acknowledgments xxiii About the Authors xxv Part I IPAM Introduction 1 1 Introduction 3 IP Networking Overview 3 IP Routing 6 IP Addresses 7 Protocol Layering 12 OSI and TCP/IP Layers 14 TCP/UDP Ports 15 Intra-Link Communications 15 Are We on the Same Link? 17 Limiting Broadcast Domains 18 Interlink Communications 19 Worldwide IP Communications 20 Dynamic Routing 22 Routers and Subnets 24 Assigning IP addresses 25 The Human Element 26 Why Manage IP Space? 26 Basic IPAM Approaches 27 Early History 27 Today’s IP Networks and IP Management Challenges 28 2 IP Addressing 31 Internet Protocol History 31 The Internet Protocol, Take 1 32 Class-Based Addressing 32 Internet Growing Pains 35 Private Address Space 38 Classless Addressing 40 Special Use IPv4 Addresses 40 The Internet Protocol, Take 2 41 IPv6 Address Types and Structure 42 IPv6 Address Notation 43 Address Structure 45 IPv6 Address Allocations 46 2000::/3 – Global Unicast Address Space 47 fc00::/7 – Unique Local Address Space 47 fe80::/10 – Link Local Address Space 47 ff00::/8 – Multicast Address Space 48 Special Use IPv6 Addresses 48 IPv4–IPv6 Coexistence 49 3 IP Address Assignment 51 Address Planning 51 Regional Internet Registries 51 RIR Address Allocation 53 Address Allocation Efficiency 54 Multi-Homing and IP Address Space 55 Endpoint Address Allocation 58 Server-based Address Allocation Using DHCP 58 DHCP Servers and Address Assignment 61 Device Identification by Class 62 DHCP Options 62 DHCP for IPv6 (DHCPv6) 62 DHCP Comparison IPv4 vs. IPv6 63 DHCPv6 Address Assignment 64 DHCPv6 Prefix Delegation 65 Device Unique Identifiers (DUIDs) 66 Identity Associations (IAs) 66 DHCPv6 Options 67 IPv6 Address Autoconfiguration 67 Neighbor Discovery 68 Modified EUI-64 Interface Identifiers 69 Opaque Interface IDs 69 Reserved Interface IDs 72 Duplicate Address Detection (DAD) 72 4 Navigating the Internet with DNS 75 Domain Hierarchy 75 Name Resolution 76 Resource Records 80 Zones and Domains 81 Dissemination of Zone Information 83 Reverse Domains 84 IPv6 Reverse Domains 89 Additional Zones 91 Root Hints 91 Localhost Zones 92 DNS Update 92 5 IPAM Technology Applications 93 DHCP Applications 93 Device Type Specific Configuration 94 Broadband Subscriber Provisioning 95 Related Lease Assignment or Limitation Applications 101 Pre-Boot Execution Environment (PXE) clients 102 PPP/RADIUS Environments 103 Mobile IP 104 Popular DNS Applications 105 Host Name and IP Address Resolution 106 A – IPv4 Address Record 107 AAAA – IPv6 address record 107 PTR – Pointer Record 107 Alias Host Name Resolutions 108 CNAME – Canonical Name Record 108 Network Services Location 108 SRV – Services Location Record 109 Textual Information Lookup 110 TXT – Text Record 110 Many More Applications 110 Part II IPAM Mechanics 111 6 IP Management Core Tasks 113 IPAM Is Foundational 113 Impacts of Inadequate IPAM Practice 114 IPAM Is Core to Network Management 115 FCAPS Summary 116 Configuration Management 117 Address Allocation Considerations 118 Address Allocation Tasks 120 IP Address Assignment 133 Address Deletion Tasks 135 Address Renumbering or Movement Tasks 136 Network Services Configuration 140 Fault Management 143 Monitoring and Fault Detection 143 Troubleshooting and Fault Resolution 144 Accounting Management 147 Inventory Assurance 147 Performance Management 151 Services Monitoring 151 Address Capacity Management 152 Auditing and Reporting 152 Security Management 153 ITIL® Process Mappings 153 ITIL Practice Areas 154 Conclusion 162 7 IPv6 Deployment 163 IPv6 Deployment Process Overview 164 IPv6 Address Plan Objectives 165 IPv6 Address Plan Examples 166 Case 1 166 Observations 168 Case 2 169 Observations 169 General IPv6 Address Plan Guidelines 170 ULA Considerations 171 Renumbering Impacts 172 IPv4–IPv6 Coexistence Technologies 173 Dual Stack Approach 173 Dual Stack Deployment 174 DNS Considerations 174 DHCP Considerations 175 Tunneling Approaches 176 Tunneling Scenarios for IPv6 Packets over IPv4 Networks 176 Dual-Stack Lite 177 Lightweight 4over6 181 Mapping of Address and Port with Encapsulation (MAP-E) 181 Additional Tunneling Approaches 183 Translation Approaches 184 IP/ICMP Translation 185 Address Translation 186 Packet Fragmentation Considerations 187 IP Header Translation Algorithm 188 Bump in the Host (BIH) 189 Network Address Translation for IPv6–IPv4 (NAT64) 192 NAT64 and DNS64 193 464XLAT 195 Mapping of Address and Port with Translation (MAP-T) 195 Other Translation Techniques 196 Planning Your IPv6 Deployment Process 197 8 IPAM for the Internet of Things 201 IoT Architectures 201 6LoWPAN 203 Summary 209 9 IPAM in the Cloud 211 IPAM VNFs 212 Cloud IPAM Concepts 212 IP Initialization Process 212 IP Initialization Implementation 213 DHCP Method 214 Private Cloud Static Method 216 Public Cloud Static Method 218 Cloud Automation with APIs 218 Multi-Cloud IPAM 220 Private Cloud Automation 221 Public Cloud Automation 223 IPAM Automation Benefits 223 Unifying IPAM Automation 224 Streamlined Subnet Allocation Workflow 226 Workflow Realization 230 Tips for Defining Workflows 233 Automation Scenarios 234 Intra-IPAM Automation 234 DHCP Server Configuration 235 DNS Server Configuration 236 Subnet Assignment 236 IP Address Assignment Request 236 Extra-IPAM Workflow Examples 237 Regional Internet Registry Reporting 237 Router Configuration Provisioning 238 Customer Provisioning 238 Asset Inventory Integration 238 Trouble Ticket Creation 239 Summary 239 Part III IPAM and Security 241 10 IPAM Services Security 243 Securing DHCP 244 DHCP Service Availability 244 DHCP Server/OS Attacks 244 DHCP Server/OS Attack Mitigation 245 DHCP Service Threats 245 DHCP Threat Mitigation 246 DHCP Authentication and Encryption 247 DNS Infrastructure Risks and Attacks 248 DNS Service Availability 249 DNS Server/OS Attacks 249 DNS Server/OS Attack Mitigation 250 DNS Service Denial 250 Distributed Denial of Service 251 Bogus Domain Queries 251 Pseudorandom Subdomain Attacks 252 Denial of Service Mitigation 253 Reflector Style Attacks 253 Reflector Attack Mitigation 254 Authoritative Poisoning 254 Authoritative Poisoning Mitigation 255 Resolver Redirection Attacks 256 Resolver Attack Defenses 256 Securing DNS Transactions 257 Cache Poisoning Style Attacks 257 Cache Poisoning Mitigation 259 DNSSEC Overview 259 The DNSSEC Resolution Process 260 Negative Trust Anchors 262 DNSSEC Deployment 263 Last Mile Protection 264 DNS Cookies 264 DNS Encryption 264 DNS Over TLS (DoT) 264 DNS Over HTTPS (DoH) 265 Encryption Beyond the Last Mile 267 11 IPAM and Network Security 269 Securing Network Access 269 Discriminatory Address Assignment with DHCP 269 DHCP Lease Query 274 Alternative Access Control Approaches 275 Layer 2 Switch Alerting 275 802.1X 276 Securing the Network Using IPAM 277 IP-Based Security Policies (ACLs, etc.) 277 Malware Detection Using DNS 277 Malware Proliferation Techniques 278 Phishing 279 Spear Phishing 279 Software Downloads 279 File Sharing 279 Email Attachments 280 Watering Hole Attack 280 Replication 280 Brute Force 280 Malware Examples 280 Malware Mitigation 281 DNS Firewall 282 DNS Firewall Policy Precedence 284 Logging Configuration 285 Other Attacks that Leverage DNS 285 Network Reconnaissance 285 Network Reconnaissance Defenses 286 DNS Rebinding Attack 287 Data Exfiltration 287 Data Exfiltration Mitigation 287 DNS as Data Transport (Tunneling) 288 Advanced Persistent Threats 289 Advanced Persistent Threats Mitigation 290 12 IPAM and Your Internet Presence 291 IP Address Space Integrity 291 Publicizing Your Public Namespace 292 Domain Registries and Registrars 292 DNS Hosting Providers 294 Signing Your Public Namespace 295 DNSSEC Zone Signing 295 Key Rollover 296 Prepublish Rollover 297 Dual Signature Rollover 298 Algorithm Rollover 299 Key Security 301 Enhancing Internet Application Encryption Integrity 302 DNS-Based Authentication of Named Entities (DANE) 303 Securing Email with DNS 305 Email and DNS 305 DNS Block Listing 306 Sender Policy Framework (SPF) 307 Domain Keys Identified Mail (DKIM) 307 Domain-Based Message Authentication, Reporting, and Conformance (DMARC) 308 Part IV IPAM in Practice 311 13 IPAM Use Case 313 Introduction 313 IPv4 Address Allocation 316 First-Level Allocation 317 Second-Layer Allocation 318 Address Allocation Layer 3 320 Core Address Space 323 External Extensions of Address Space 323 Allocation Trade-Offs and Tracking 324 IPAM Worldwide’s Public IPv4 Address Space 325 IPAM Worldwide’s IPv6 Allocations 326 External Extensions Address Space 329 IP Address Tracking 332 DNS and IP Address Management 334 14 IPAM Deployment Strategies 337 General Deployment Principles for DHCP/DNS 337 Disaster Recovery/Business Continuity 338 DHCP Deployment 339 DHCP Server Platforms 339 DHCP Servers 339 Virtualized DHCP Deployment 339 DHCP Appliances 339 DHCP Deployment Approaches 340 Centralized DHCP Server Deployment 340 Distributed DHCP Server Deployment 342 DHCP Services Deployment Design Considerations 344 DHCP Deployment on Edge Devices 347 DNS Deployment 348 DNS Trust Sectors 349 External DNS Trust Sector 350 Extranet DNS Trust Sector 355 Recursive DNS Trust Sector 357 Internal DNS Trust Sector 361 Deploying DNS Servers with Anycast Addresses 362 Anycast Addressing Benefits 362 Anycast Caveats 364 Configuring Anycast Addressing 365 IPAM Deployment Summary 366 High Availability 366 Multiple Vendors 366 Sizing and Scalability 367 Load Balancers 367 Lab Deployment 367 15 The Business Case for IPAM 369 IPAM Business Benefits 369 Automation 370 Outage Reduction 370 Rapid Trouble Resolution 370 Accurate IPAM Inventory and Reporting 371 Expanded IP Services 371 Distributed Administration 371 Enhanced Security 371 Business Case Overview 372 Business Case Cost Basis 373 Address Block Management 374 Subnet Management 381 IP Address Assignment – Moves, Adds, and Changes 383 Inventory Assurance 386 Address Capacity Management 387 Auditing and Reporting 392 Server Upgrade Management 392 Outage and Security Recovery Costs 393 IPAM System Administration Costs 396 Cost Basis Summary 399 Savings with IPAM Deployment 399 Business Case Expenses 403 Netting it Out: Business Case Results 403 Conclusion 405 16 IPAM Evolution/Trends 407 Security Advancements 407 Intent-Based Networking 409 Artificial Intelligence Applied to IPAM 410 IP Address Capacity Management 412 DNS Query and Response Analytics 412 DNS Malware Detection 413 Network Address Intrusions 413 IPAM Administration Activity Analysis 414 AI Summary 414 Edge Computing 414 Identifier/Locator Networking 415 Information Centric Networking 416 Part V IPAM Reference 419 17 IP Addressing Reference 421 IP Version 4 421 The IPv4 Header 421 IP Version 6 423 The IPv6 Header 423 IPv6 Multicast Addressing 424 Flags 425 Special Case Multicast Addresses 429 Solicited Node Multicast Address 429 Node Information Query Address 429 IPv6 Addresses with Embedded IPv4 Addresses 430 Reserved Subnet Anycast Addresses 430 18 DHCP Reference 433 DHCPv6 Protocol 433 DHCPv6 Packet Format 433 DHCPv6 Message Types 433 DHCPv6 Failover Overview 437 DHCPv6 Options 439 DHCP for IPv4 454 DHCP Packet Format 454 DHCPv4 Message Types 456 DHCP Options 474 19 DNS Reference 475 DNS Message Format 475 Encoding of Domain Names 475 Name Compression 476 Internationalized Domain Names 478 DNS Message Format 479 Message Header 480 Question Section 482 Answer Section 485 Authority Section 487 Additional Section 487 DNS Update Messages 487 DNS Extensions (EDNS0) 489 The DNS Resolution Process Revisited 494 DNS Resolution Privacy Extension 501 DNS Resolver Configuration 502 DNS Applications and Resource Records 504 Resource Record Format 504 Host Name and IP Address Resolution 506 A – IPv4 Address Record 506 AAAA – IPv6 Address Record 506 PTR – Pointer Record 507 Alias Host and Domain Name Resolutions 507 CNAME – Canonical Name Record 507 DNAME – Domain Alias Record 508 Network Services Location 508 SRV – Services Location Record 508 AFSDB – DCE or AFS Server Record (Experimental) 509 WKS – Well Known Service Record (Historic) 510 Host and Textual Information Lookup 510 TXT – Text Record 510 HINFO – Host Information Record 510 DNS Protocol Operational Record Types 512 SOA – Start of Authority Record 512 NS – Name Server Record 513 Dynamic DNS Update Uniqueness Validation 514 DHCID – Dynamic Host Configuration Identifier Record 514 Telephone Number Resolution 515 NAPTR – Naming Authority Pointer Record 517 Email and Anti-spam Management 518 Email and DNS 519 MX – Mail Exchanger Record 519 Allow or Block Listing 523 Sender Policy Framework (SPF) 523 SPF – Sender Policy Framework Formatting for a TXT Record 524 Mechanisms 524 Modifiers 526 Macros 527 Macro Examples 528 Sender ID (Historical) 528 Domain Keys Identified Mail (DKIM) 529 DKIM Signature Email Header Field 530 DKIM TXT Record 531 DMARC TXT Record 532 Historic Email Resource Record Types 533 MR – Mail Rename Record 533 MB – Mailbox Record 533 MG – Mail Group Member Record 534 MINFO – Mailbox/Mailing List Information 534 Security Applications 534 Securing Name Resolution – DNSSEC Resource Record Types 534 DNSKEY – DNS Key Record 534 DS – Delegation Signer Record 536 NSEC – Next Secure Record 536 NSEC3 – NSEC3 Record 537 NSEC3PARAM – NSEC3 Parameters Record 538 RRSIG – Resource Record Set Signature Record 539 Other Security-oriented DNS Resource Record Types 540 TA – Trust Authority Record 540 CERT – Certificate Record 540 IPSECKEY – Public Key for IPSec Record 541 KEY – Key Record 542 KX – Key Exchanger Record 543 SIG – Signature Record 543 SSHFP – Secure Shell Fingerprint Record 544 Geographical Location Lookup 544 GPOS – Geographical Position Record 544 LOC – Location Resource Record 545 Non-IP Host-Address Lookups 545 ISDN – Integrated Services Digital Network Record (Experimental) 545 NSAP – Network Service Access Point Record 545 NSAP-PTR – Network Service Access Point Reverse Record 546 PX – Pointer for X.400 546 X25 – X.25 PSDN Address Record (Experimental) 546 RT – Route Through 547 The Null Record Type 547 NULL 547 Experimental Name-Address Lookup Records 547 IPv6 Address Chaining – The A6 Record (Experimental) 547 APL – Address Prefix List Record (Experimental) 548 DNS Resource Record Summary 549 20 RFC Reference 555 Glossary 583 Bibliography 585 Index 601
£98.06
John Wiley & Sons Inc Mastering Microsoft Teams
Book SynopsisGet the most out of Microsoft Teams with this comprehensive and insightful resource Mastering Microsoft Teams: Creating a Hub for Successful Teamwork in Office 365shows readers howto communicate intelligently and effectively within Microsoft's powerful Office 365.This book covers all the topics required for a full and comprehensive understanding of collaborating within the Microsoft suite of software, including: Architecture Implementing Teams Teams and Channels Chats, Calls and Meetings Extending Teams with Custom Apps Conferencing Security and Compliance Best Practices for Organizational Success Written for IT administrators, managers, supervisors,and team members who participate or want to participate in a Microsoft Teams environment,Mastering Microsoft Teamsintroduces readers to the architecture and structure of the software before showing, in a straightforward and simpTable of ContentsIntroduction xv Chapter 1 Getting to Know Microsoft Teams 1 Overview of Microsoft Teams 1 Key Benefits of Microsoft Teams 2 Teams for Work 3 Teams for Home 10 Teams for Education 11 Microsoft Teams Collaboration and Acknowledgment 17 Environmental Readiness and User Adoption 18 Teams Adoption 18 Teams Architecture 21 Teams and Microsoft 365 21 The Bottom Line 22 Chapter 2 Teams, Channels, Chats, and Apps 25 Overview of Teams, Channels, Chats, and Apps 25 Teams and Channels 25 Chats 33 Teams Apps 37 Best Practices 40 Team Membership and Roles 41 Creating and Managing Teams 42 Org-wide Teams 43 Team Settings 45 Best Practices 56 Working with Channels 59 Creating Channels 59 Channel Moderation 59 Sending Messages in a Channel 60 Sending Announcements in a Channel 60 Cross-Post a Channel Conversation 63 Best Practices 63 Teams Templates 66 User Presence in Microsoft Teams 70 Status Duration Setting 70 The Bottom Line 72 Chapter 3 Meetings and Conferencing 73 Overview of Meetings and Conferencing 73 Meetings and Conferencing Prerequisites 74 Meetings in Teams 74 Private Meetings vs. Channel Meetings 74 Scheduling a Meeting 78 Joining a Meeting 83 Using Video in Microsoft Teams 87 Recording a Meeting 91 Meeting Notes 93 Meeting Etiquette and Tips 94 Calls in Teams 95 Turn a Chat into a Call 95 Adding Additional People to Call Started from Chat 96 See Your Call History 97 Recommendations and Tips 98 Live Events 98 Event Group Roles 98 Live Event Permissions 100 Scheduling 101 Production 101 Streaming Platform 102 Enterprise Content Delivery Network 103 Attendee Experience 103 Live Event Usage Report 103 Webinars 103 Breakout Rooms 104 Audio Conferencing 105 What Is Audio Conferencing? 105 Conferencing Bridges and Phone Numbers 105 The Bottom Line 105 Chapter 4 Extending Teams with Apps 107 Teams App Platform 107 Core Workloads and Extensible Platform 107 Types of Apps in Microsoft Teams 108 Understanding Apps in Teams 109 Teams App Capabilities 109 Apps Scope 117 Personal Apps 117 Microsoft Apps 117 Third-Party Apps 118 Extending with Custom Apps 121 Teams App Templates 121 Power Platform (Low/No Code) 133 Microsoft Teams App Development Platform 146 The Bottom Line 147 Chapter 5 Administering Teams 149 Teams Administrator Roles 149 Teams Admin Center 150 Teams Menu 150 Teams Policies 154 Update Policies 157 Teams Templates 157 Template Policies 159 Meetings Menu 160 Conference Bridges 161 Meeting Policies 161 Meeting Settings 166 Live Events 168 Messaging Policies Menu 169 Users Menu 171 Guest Access and External Access 171 Teams Settings 172 Teams Apps Menu 176 Manage Apps 176 Permission Policies 177 Setup Policies 180 Customize Store 181 Analytics & Reports Menu 187 The Bottom Line 188 Chapter 6 Security, Compliance, and Governance 191 Security 191 Identity Models and Authentication 191 Multi-Factor Authentication 192 Safe Links 192 Compliance and Governance 195 Information Retention 196 Information Barriers 197 Retention Policies 198 Retention Policies for Microsoft Teams 199 Communication Compliance 200 Communication Compliance in Microsoft Teams 201 Policy-Based Recording for Calls and Meetings 204 Sensitivity Labels 205 Data Loss Prevention 212 Privacy and Microsoft Teams 218 Data Location in Microsoft Teams 218 The Bottom Line 219 Appendix A Accessing Teams 221 Microsoft Teams App 221 Browser Client 221 Desktop Client 225 Mobile Client 230 Appendix B The Bottom Line 235 Chapter 1: Getting to Know Microsoft Teams 235 Chapter 2: Teams, Channels, Chats, and Apps 236 Chapter 3: Meetings and Conferencing 237 Chapter 4: Extending Teams with Apps 239 Chapter 5: Administering Teams 239 Chapter 6: Security, Compliance, and Governance 240 Index 241
£26.24
John Wiley & Sons Inc Linux Command Line and Shell Scripting Bible
Book SynopsisTable of ContentsAcknowledgments xi Part I: The Linux Command Line 1 Chapter 1: Starting with Linux Shells 3 Investigating Linux 3 Looking into the Linux kernel 4 System memory management 5 Software program management 6 Hardware management 8 Filesystem management 8 The GNU utilities 9 The core GNU utilities 10 The shell 10 The Linux desktop environment 11 The X Window software 12 The KDE Plasma desktop 12 The GNOME desktop 13 Other desktops 15 Examining Linux Distributions 17 Core Linux distributions 18 Specialized Linux distributions 19 Summary 20 Chapter 2: Getting to the Shell 21 Reaching the Command Line 21 Console terminals 22 Graphical terminals 22 Accessing CLI via a Linux Console Terminal 23 Accessing CLI via Graphical Terminal Emulation 26 Using the GNOME Terminal Emulator 27 Accessing GNOME Terminal 27 The menu bar 32 Using the Konsole Terminal Emulator 36 Accessing Konsole 36 The menu bar 38 Using the xterm Terminal Emulator 42 Accessing xterm 43 Command-line parameters 44 Summary 45 Chapter 3: Basic Bash Shell Commands 47 Starting the Shell 47 Using the Shell Prompt 48 Interacting with the Bash Manual 49 Navigating the Filesystem 53 Looking at the Linux filesystem 53 Traversing directories 57 Using absolute directory references 57 Using relative directory references 59 Listing Files and Directories 60 Displaying a basic listing 61 Displaying a long listing 63 Filtering listing output 64 Handling Files 66 Creating files 66 Copying files 66 Using command-line completion 69 Linking files 69 Renaming files 71 Deleting files 73 Managing Directories 74 Creating directories 74 Deleting directories 75 Viewing File Contents 77 Viewing the file type 77 Viewing the whole file 78 Using the cat command 78 Using the more command 78 Using the less command 80 Viewing parts of a file 80 Using the tail command 80 Using the head command 82 Summary 82 Chapter 4: More Bash Shell Commands 85 Monitoring Programs 85 Peeking at the processes 85 Unix-style parameters 86 BSD-style parameters 89 The GNU long parameters 91 Real-time process monitoring 93 Stopping processes 95 The kill command 95 The pkill command 96 Monitoring Disk Space 96 Mounting media 97 The mount command 97 The umount command 99 Using the df command 100 Using the du command 101 Working with Data Files 102 Sorting data 102 Searching for data 106 Compressing data 108 Archiving data 109 Summary 111 Chapter 5: Understanding the Shell 113 Investigating Shell Types 113 Exploring Parent and Child Shell Relationships 117 Looking at process lists 121 Creatively using subshells 123 Investigating background mode 123 Putting process lists into the background 125 Looking at co-processing 126 Understanding External and Built-In Commands 127 Looking at external commands 128 Looking at built-in commands 129 Using the history command 130 Using command aliases 134 Summary 135 Chapter 6: Using Linux Environment Variables 137 Exploring Environment Variables 137 Looking at global environment variables 138 Looking at local environment variables 140 Setting User-Defined Variables 141 Setting local user-defined variables 141 Setting global environment variables 142 Removing Environment Variables 144 Uncovering Default Shell Environment Variables 145 Setting the PATH Environment Variable 150 Locating System Environment Variables 152 Understanding the login shell process 152 Viewing the /etc/profi le file 152 Viewing the $HOME startup files 156 Understanding the interactive shell process 157 Understanding the noninteractive shell process 158 Making environment variables persistent 159 Learning about Variable Arrays 159 Summary 161 Chapter 7: Understanding Linux File Permissions 163 Exploring Linux Security 163 The /etc/passwd file 164 The /etc/shadow file 165 Adding a new user 166 Removing a user 169 Modifying a user 169 usermod 170 passwd and chpasswd 170 chsh, chfn, and chage 171 Using Linux Groups 173 The /etc/group file 173 Creating new groups 174 Modifying groups 175 Decoding File Permissions 176 Using file permission symbols 176 Default file permissions 178 Changing Security Settings 179 Changing permissions 180 Changing ownership 181 Sharing Files 182 Access Control Lists 184 Summary 186 Chapter 8: Managing Filesystems 189 Exploring Linux Filesystems 189 Exploring the Linux filesystem evolution 190 Looking at the ext filesystem 190 Looking at the ext2 filesystem 190 Digging into journaling filesystems 191 Looking at the ext3 filesystem 191 Looking at the ext4 filesystem 191 Looking at the JFS filesystem 192 Looking at ReiserFS 192 Looking at XFS 192 Understanding the volume-managing filesystems 192 Looking at the ZFS filesystem 193 Looking at the Btrfs filesystem 193 Looking at the Stratis filesystem 193 Working with Filesystems 194 Creating partitions 194 Looking at the fdisk utility 194 Working with gdisk 197 The GNU parted command 198 Creating a filesystem 199 Checking and repairing a filesystem 201 Managing Logical Volumes 202 Exploring LVM layout 203 Physical volume 203 Volume group 203 Logical volume 203 Understanding the LVM in Linux 203 Create the PVs 204 Create a VG 204 Create an LV 205 Using the Linux LVM 206 Format and mount an LV 206 Growing or shrinking your VGs and LVs 206 Summary 207 Chapter 9: Installing Software 209 Exploring Package Management 209 Inspecting the Debian-Based Systems 210 Managing packages with apt 211 Installing software packages with apt 213 Upgrading software with apt 215 Uninstalling software with apt 216 The apt repositories 218 The Red Hat–Based Systems 220 Listing installed packages 220 Installing software with dnf 221 Upgrading software with dnf 223 Uninstalling software with dnf 223 Dealing with broken dependencies 223 RPM repositories 224 Managing Software Using Containers 225 Using snap containers 225 Using flatpak containers 227 Installing from Source Code 229 Summary 232 Chapter 10: Working with Editors 235 Visiting the vim Editor 235 Checking your vim package 236 Exploring vim basics 237 Editing data 240 Copying and pasting 240 Searching and substituting 241 Navigating the nano Editor 242 Exploring the Emacs Editor 244 Checking your Emacs package 245 Using Emacs on the console 246 Exploring the basics of Emacs 247 Editing data 248 Copying and pasting 249 Searching and replacing 249 Using buffers in Emacs 250 Using windows in console mode Emacs 251 Using Emacs in a GUI 252 Exploring the KDE Family of Editors 253 Looking at the KWrite editor 253 Looking at the Kate editor 259 Exploring the GNOME Editor 263 Starting gedit 264 Understanding basic gedit features 265 Managing plugins 268 Summary 271 Part II: Shell Scripting Basics 273 Chapter 11: Basic Script Building 275 Using Multiple Commands 275 Creating a Script File 276 Displaying Messages 278 Using Variables 279 Environment variables 280 User variables 281 Command substitution 283 Redirecting Input and Output 284 Output redirection 285 Input redirection 285 Employing Pipes 287 Performing Math 289 The expr command 290 Using brackets 292 A floating-point solution 293 The basics of bc 293 Using bc in scripts 295 Exiting the Script 297 Checking the exit status 297 The exit command 298 Working through a Practical Example 300 Summary 301 Chapter 12: Using Structured Commands 303 Working with the if-then Statement 303 Exploring the if-then-else Statement 306 Nesting ifs 307 Trying the test Command 311 Using numeric comparisons 313 Using string comparisons 314 Looking at string equality 315 Looking at string order 316 Looking at string size 318 Using file comparisons 320 Checking directories 320 Checking whether an object exists 321 Checking for a file 322 Checking for read access 324 Checking for empty files 325 Checking whether you can write to a file 326 Checking whether you can run a file 327 Checking ownership 328 Checking default group membership 329 Checking file date 330 Considering Compound Testing 331 Working with Advanced if-then Features 332 Using single parentheses 332 Using double parentheses 333 Using double brackets 335 Considering the case Command 335 Working through a Practical Example 337 Summary 343 Chapter 13: More Structured Commands 345 Looking at the for Command 345 Reading values in a list 346 Reading complex values in a list 347 Reading a list from a variable 349 Reading values from a command 350 Changing the field separator 351 Reading a directory using wildcards 352 Trying the C-Style for Command 354 The C language for command 355 Using multiple variables 356 Exploring the while Command 357 Basic while format 357 Using multiple test commands 358 Using the until Command 359 Nesting Loops 361 Looping on File Data 364 Controlling the Loop 365 The break command 365 Breaking out of a single loop 365 Breaking out of an inner loop 366 Breaking out of an outer loop 367 The continue command 368 Processing the Output of a Loop 371 Working through a Few Practical Examples 372 Finding executable files 373 Creating multiple user accounts 374 Summary 375 Chapter 14: Handling User Input 377 Passing Parameters 377 Reading parameters 377 Reading the script name 380 Testing parameters 381 Using Special Parameter Variables 382 Counting parameters 382 Grabbing all the data 384 Being Shifty 386 Working with Options 388 Finding your options 388 Processing simple options 388 Separating options from parameters 389 Processing options with values 391 Using the getopt command 392 Looking at the command format 392 Using getopt in your scripts 393 Advancing to getopts 395 Standardizing Options 398 Getting User Input 399 Reading basics 399 Timing Out 401 Reading with no display 402 Reading from a file 403 Working through a Practical Example 404 Summary 408 Chapter 15: Presenting Data 411 Understanding Input and Output 411 Standard file descriptors 412 STDIN 412 STDOUT 413 STDERR 414 Redirecting errors 414 Redirecting errors only 414 Redirecting errors and data 415 Redirecting Output in Scripts 416 Temporary redirections 416 Permanent redirections 417 Redirecting Input in Scripts 418 Creating Your Own Redirection 419 Creating output file descriptors 419 Redirecting file descriptors 420 Creating input file descriptors 421 Creating a read/write file descriptor 422 Closing file descriptors 423 Listing Open File Descriptors 424 Suppressing Command Output 426 Using Temporary Files 427 Creating a local temporary file 427 Creating a temporary file in /tmp 428 Creating a temporary directory 429 Logging Messages 430 Working through a Practical Example 431 Summary 433 Chapter 16: Script Control 435 Handling Signals 435 Signaling the Bash shell 435 Generating signals 436 Interrupting a process 436 Pausing a process 437 Trapping signals 438 Trapping a script exit 440 Modifying or removing a trap 441 Running Scripts in Background Mode 443 Running in the background 443 Running multiple background jobs 445 Running Scripts without a Hang-up 447 Controlling the Job 448 Viewing jobs 448 Restarting stopped jobs 450 Being Nice 451 Using the nice command 452 Using the renice command 453 Running like Clockwork 454 Scheduling a job using the at command 454 Understanding the at command format 454 Retrieving job output 455 Listing pending jobs 457 Removing jobs 457 Scheduling regular scripts 458 Looking at the cron table 458 Building the cron table 459 Viewing cron directories 460 Looking at the anacron program 460 Starting scripts with a new shell 462 Working through a Practical Example 463 Summary 469 Part III: Advanced Shell Scripting 471 Chapter 17: Creating Functions 473 Exploring Basic Script Functions 473 Creating a function 474 Using functions 474 Returning a Value from a Function 477 The default exit status 477 Using the return command 478 Using function output 479 Using Variables in Functions 480 Passing parameters to a function 480 Handling variables in a function 482 Global variables 483 Local variables 484 Investigating Array Variables and Functions 485 Passing arrays to functions 485 Returning arrays from functions 487 Considering Function Recursion 488 Creating a Library 489 Using Functions on the Command Line 491 Creating functions on the command line 491 Defining functions in the bashrc file 492 Directly defining functions 492 Sourcing function files 493 Working Through a Practical Example 494 Downloading and installing 494 Building the library 495 The shtool library functions 496 Using the library 497 Summary 497 Chapter 18: Writing Scripts for Graphical Desktops 499 Creating Text Menus 499 Create the menu layout 499 Create the menu functions 501 Add the menu logic 502 Putting it all together 502 Using the select command 504 Doing Windows 505 The dialog package 506 The msgbox widget 507 The yesno widget 508 The inputbox widget 508 The textbox widget 510 The menu widget 511 The fselect widget 512 The dialog options 513 Using the dialog command in a script 515 Getting Graphic 516 The KDE environment 517 kdialog widgets 517 Using kdialog 519 The GNOME environment 521 zenity Widgets 521 Using zenity in scripts 523 Working Through a Practical Example 525 Summary 529 Chapter 19: Introducing sed and gawk 531 Manipulating Text 531 Getting to know the sed editor 532 Defining an editor command in the command line 533 Using multiple editor commands in the command line 534 Reading editor commands from a file 534 Getting to know the gawk program 535 Visiting the gawk command format 536 Reading the program script from the command line 536 Using data field variables 537 Using multiple commands in the program script 538 Reading the program from a file 539 Running scripts before processing data 539 Running scripts after processing data 540 Looking at the sed Editor Basic Commands 542 Introducing more substitution options 542 Substituting flags 542 Replacing characters 543 Using addresses 544 Addressing the numeric line 544 Using text pattern filters 545 Grouping commands 546 Deleting lines 547 Inserting and appending text 549 Changing lines 551 Transforming characters 552 Printing revisited 553 Printing lines 554 Printing line numbers 555 Listing lines 555 Using files with sed 556 Writing to a file 556 Reading data from a file 557 Working Through a Practical Example 559 Summary 564 Chapter 20: Regular Expressions 565 Exploring Regular Expressions 565 A definition 565 Types of regular expressions 567 Defining BRE Patterns 567 Plain text 567 Special characters 569 Anchor characters 570 Starting at the beginning 570 Looking for the ending 571 Combining anchors 572 The dot character 572 Character classes 573 Negating character classes 575 Using ranges 576 Special character classes 577 The asterisk 578 Trying Out Extended Regular Expressions 579 The question mark 579 The plus sign 580 Using braces 581 The pipe symbol 582 Grouping expressions 583 Working Through Some Practical Examples 584 Counting directory files 584 Validating a phone number 585 Parsing an email address 587 Summary 589 Chapter 21: Advanced sed 591 Looking at Multiline Commands 591 Navigating the next command 592 Using the single-line next command 592 Combining lines of text 593 Navigating the multiline delete command 595 Navigating the multiline print command 596 Holding Space 598 Negating a Command 599 Changing the Flow 602 Branching 603 Testing 605 Replacing via a Pattern 606 Using the ampersand 606 Replacing individual words 607 Placing sed Commands in Scripts 608 Using wrappers 608 Redirecting sed output 609 Creating sed Utilities 610 Spacing with double lines 610 Spacing files that may have blanks 611 Numbering lines in a file 612 Printing last lines 613 Deleting lines 614 Deleting consecutive blank lines 615 Deleting leading blank lines 616 Deleting trailing blank lines 616 Removing HTML tags 617 Working Through a Practical Example 619 Summary 624 Chapter 22: Advanced gawk k 627 Using Variables 627 Built-in variables 628 The field and record separator variables 628 Data variables 631 User-defined variables 634 Assigning variables in scripts 634 Assigning variables on the command line 635 Working with Arrays 636 Defining array variables 636 Iterating through array variables 637 Deleting array variables 638 Considering Patterns 638 Regular expressions 639 The matching operator 639 Mathematical expressions 640 Structured Commands 641 The if statement 641 The while statement 643 The do-while statement 644 The for statement 645 Printing with Formats 645 Using Built-in Functions 648 Mathematical functions 649 String functions 650 Time functions 652 Trying Out User-Defined Functions 653 Defining a function 653 Using your functions 654 Creating a function library 654 Working Through a Practical Example 655 Summary 657 Chapter 23: Working with Alternative Shells 659 Considering the Dash Shell 659 Looking at the Dash Shell Features 661 The Dash command-line parameters 661 The Dash environment variables 662 Default environment variables 662 Positional parameters 663 User-defined environment variables 663 The Dash built-in commands 664 Scripting in Dash 665 Creating Dash scripts 665 Things that won’t work 665 Using arithmetic 666 The test command 666 The function command 667 Exploring the zsh Shell 668 Viewing Parts of the zsh shell 668 Shell options 669 Built-in commands 670 Core built-in commands 670 Add-in modules 673 Viewing, adding, and removing modules 673 Scripting with zsh 674 Mathematical operations 674 Performing calculations 674 Mathematical functions 675 Structured commands 676 Functions 677 Working Through a Practical Example 677 Summary 678 Part IV: Creating and Managing Practical Scripts 679 Chapter 24: Writing Simple Script Utilities 681 Performing Backups 681 Backing up files daily 682 Obtaining the required functions 682 Creating a daily archive location 685 Creating a daily backup script 686 Running the daily archive script 688 Creating an hourly archive script 689 Running the hourly archive script 692 Managing Account Deletion 693 Obtaining the required functions 693 Getting the correct account name 693 Creating a function to get the correct account name 695 Verifying the entered account name 696 Determining whether the account exists 698 Removing any account processes 699 Finding account files 702 Removing the account 702 Creating the script 703 Running the script 708 Monitoring Your System 710 Obtaining the default shell audit functions 710 Obtaining the permission audit functions 714 Creating the script 716 Running the script 719 Summary 721 Chapter 25: Getting Organized 723 Understanding Version Control 723 Working directory 724 Staging area 725 Looking at the local repository 725 Exploring a remote repository 726 Branching 726 Cloning 726 Using Git for VCS 727 Setting Up Your Git Environment 727 Committing with Git 732 Summary 739 Appendix A: Quick Guide to Bash Commands 741 Appendix B: Quick Guide to sed and gawk 755 Index 767
£32.00
John Wiley & Sons Inc Business Data Communications and Networking
Book SynopsisTable of ContentsAbout the Authors v Preface vi Part One Introduction 1 Chapter 1 Introduction to Data Communications 1 1.1 Introduction 1 1.2 Data Communications Networks 5 1.2.1 Components of a Network 6 1.2.2 Types of Networks 7 1.3 Network Models 8 1.3.1 Open Systems Interconnection Reference Model 9 1.3.2 Internet Model 10 1.3.3 Message Transmission Using Layers 12 1.4 Network Standards 14 1.4.1 The Importance of Standards 14 1.4.2 The Standards-Making Process 15 1.4.3 Common Standards 17 1.5 Future Trends 18 1.5.1 Wireless LAN and BYOD 18 1.5.2 The Internet of Things 18 1.5.3 Massively Online 19 1.6 Implications for Cyber Security 20 Part Two Fundamental Concepts 27 Chapter 2 Application Layer 27 2.1 Introduction 27 2.2 Application Architectures 28 2.2.1 Host-Based Architectures 29 2.2.2 Client-Based Architectures 30 2.2.3 Client–Server Architectures 30 2.2.4 Cloud Computing Architectures 33 2.2.5 Peer-to-Peer Architectures 35 2.2.6 Choosing Architectures 36 2.3 World Wide Web 37 2.3.1 How the Web Works 37 2.3.2 Inside an HTTP Request 38 2.3.3 Inside an HTTP Response 39 2.4 Electronic Mail 41 2.4.1 How Email Works 41 2.4.2 Inside an SMTP Packet 44 2.4.3 Attachments in Multipurpose Internet Mail Extension 45 2.5 Other Applications 45 2.5.1 Telnet 46 2.5.2 Videoconferencing 47 2.6 Implications for Cyber Security 48 Chapter 3 Physical Layer 59 3.1 Introduction 59 3.2 Circuits 61 3.2.1 Circuit Configuration 61 3.2.2 Data Flow 62 3.2.3 Multiplexing 62 3.3 Communication Media 65 3.3.1 Twisted-Pair Cable 65 3.3.2 Coaxial Cable 65 3.3.3 Fiber-Optic Cable 66 3.3.4 Radio 67 3.3.5 Microwave 68 3.3.6 Satellite 68 3.3.7 Media Selection 70 3.4 Digital Transmission of Digital Data 71 3.4.1 Coding 71 3.4.2 Transmission Modes 72 3.4.3 Digital Transmission 73 3.4.4 How Ethernet Transmits Data 74 3.5 Analog Transmission of Digital Data 75 3.5.1 Modulation 75 3.5.2 Capacity of a Circuit 78 3.5.3 How Modems Transmit Data 78 3.6 Digital Transmission of Analog Data 79 3.6.1 Translating from Analog to Digital 79 3.6.2 How Telephones Transmit Voice Data 80 3.6.3 How Instant Messenger Transmits Voice Data 81 3.6.4 Voice over Internet Protocol (VoIP) 82 3.7 Implications for Cyber Security 83 Chapter 4 Data Link Layer 91 4.1 Introduction 91 4.2 Media Access Control 92 4.2.1 Contention 92 4.2.2 Controlled Access 92 4.2.3 Relative Performance 93 4.3 Error Control 94 4.3.1 Sources of Errors 94 4.3.2 Error Prevention 96 4.3.3 Error Detection 97 4.3.4 Error Correction via Retransmission 98 4.3.5 Forward Error Correction 98 4.3.6 Error Control in Practice 99 4.4 Data Link Protocols 100 4.4.1 Asynchronous Transmission 101 4.4.2 Synchronous Transmission 101 4.5 Transmission Efficiency 104 4.6 Implications for Cyber Security 106 Chapter 5 Network and Transport Layers 114 5.1 Introduction 114 5.2 Transport and Network Layer Protocols 116 5.2.1 Transmission Control Protocol (TCP) 116 5.2.2 Internet Protocol (IP) 117 5.3 Transport Layer Functions 118 5.3.1 Linking to the Application Layer 118 5.3.2 Segmenting 119 5.3.3 Session Management 120 5.4 Addressing 123 5.4.1 Assigning Addresses 124 5.4.2 Address Resolution 129 5.5 Routing 131 5.5.1 Types of Routing 132 5.5.2 Routing Protocols 134 5.5.3 Multicasting 136 5.5.4 The Anatomy of a Router 137 5.6 TCP/IP Example 138 5.6.1 Known Addresses 140 5.6.2 Unknown Addresses 141 5.6.3 TCP Connections 142 5.6.4 TCP/IP and Network Layers 143 5.7 Implications for Cyber Security 145 Part Three Network Technologies 162 Chapter 6 Network Design 162 6.1 Introduction 162 6.1.1 Network Architecture Components 163 6.1.2 The Traditional Network Design Process 164 6.1.3 The Building-Block Network Design Process 166 6.2 Needs Analysis 166 6.2.1 Network Architecture Component 168 6.2.2 Application Systems 169 6.2.3 Network Users 169 6.2.4 Categorizing Network Needs 170 6.2.5 Deliverables 171 6.3 Technology Design 171 6.3.1 Designing Clients and Servers 171 6.3.2 Designing Circuits 171 6.3.3 Network Design Tools 174 6.3.4 Deliverables 174 6.4 Cost Assessment 174 6.4.1 Request for Proposal 175 6.4.2 Selling the Proposal to Management 175 6.4.3 Deliverables 176 6.5 Implications for Cyber Security 176 Chapter 7 Wired and Wireless Local Area Networks 182 7.1 Introduction 182 7.2 LAN Components 183 7.2.1 Network Interface Cards 183 7.2.2 Network Circuits 184 7.2.3 Network Hubs, Switches, and Access Points 185 7.2.4 Network Operating Systems 188 7.3 Wired Ethernet 189 7.3.1 Topology 190 7.3.2 Media Access Control 192 7.3.3 Types of Ethernet 193 7.4 Wireless Ethernet 194 7.4.1 Topology 194 7.4.2 Media Access Control 194 7.4.3 Wireless Ethernet Frame Layout 196 7.4.4 Types of Wireless Ethernet 196 7.4.5 Security 198 7.5 The Best Practice LAN Design 199 7.5.1 Designing User Access with Wired Ethernet 200 7.5.2 Designing User Access with Wireless Ethernet 200 7.5.3 Designing the Data Center 203 7.5.4 Designing the e-Commerce Edge 206 7.5.5 Designing the SOHO Environment 206 7.6 Improving LAN Performance 207 7.6.1 Improving Server Performance 208 7.6.2 Improving Circuit Capacity 210 7.6.3 Reducing Network Demand 210 7.7 Implications for Cyber Security 210 Chapter 8 Backbone Networks 220 8.1 Introduction 220 8.2 Switched Backbones 221 8.3 Routed Backbones 224 8.4 Virtual LANs 227 8.4.1 Benefits of VLANs 227 8.4.2 How VLANs Work 229 8.5 The Best Practice Backbone Design 232 8.6 Improving Backbone Performance 233 8.6.1 Improving Device Performance 233 8.6.2 Improving Circuit Capacity 234 8.6.3 Reducing Network Demand 234 8.7 Implications for Cyber Security 234 Chapter 9 Wide Area Networks 243 9.1 Introduction 243 9.2 Dedicated-Circuit Networks 244 9.2.1 Basic Architecture 245 9.2.2 T-Carrier Services 248 9.2.3 SONET Services 249 9.3 Packet-Switched Networks 250 9.3.1 Basic Architecture 250 9.3.2 Frame Relay Services 251 9.3.3 MPLS Services 252 9.3.4 Ethernet Services 252 9.4 Virtual Private Networks 254 9.4.1 Basic Architecture 254 9.4.2 VPN Types 255 9.4.3 How VPNs Work 256 9.5 The Best Practice WAN Design 258 9.5.1 Software Defined WAN 258 9.5.2 Choosing WAN Circuits 259 9.6 Improving WAN Performance 261 9.6.1 Improving Device Performance 261 9.6.2 Improving Circuit Capacity 261 9.6.3 Reducing Network Demand 262 9.7 Implications for Cyber Security 262 Chapter 10 The Internet 274 10.1 Introduction 274 10.2 How the Internet Works 275 10.2.1 Basic Architecture 275 10.2.2 Connecting to an ISP 277 10.2.3 The Internet Today 278 10.3 Internet Access Technologies 279 10.3.1 Digital Subscriber Line 279 10.3.2 Cable Modem 280 10.3.3 Fiber to the Home 282 10.4 The Future of the Internet 283 10.4.1 Internet Governance 283 10.4.2 Building the Future 284 10.5 Implications for Cyber Security 285 Part Four Network Management 292 Chapter 11 Network Security 292 11.1 Introduction 292 11.1.1 Why Networks Need Security 294 11.1.2 Types of Security Threats 294 11.1.3 Network Controls 295 11.2 Risk Assessment 296 11.2.1 Develop Risk Measurement Criteria 297 11.2.2 Inventory IT Assets 298 11.2.3 Identify Threats 299 11.2.4 Document Existing Controls 301 11.2.5 Identify Improvements 304 11.3 Ensuring Business Continuity 304 11.3.1 Virus Protection 304 11.3.2 Denial-of-Service Protection 305 11.3.3 Theft Protection 308 11.3.4 Device Failure Protection 309 11.3.5 Disaster Protection 310 11.4 Intrusion Prevention 313 11.4.1 Security Policy 314 11.4.2 Perimeter Security and Firewalls 314 11.4.3 Server and Client Protection 320 11.4.4 Encryption 323 11.4.5 User Authentication 329 11.4.6 Preventing Social Engineering 332 11.4.7 Intrusion Prevention Systems 333 11.4.8 Intrusion Recovery 335 11.5 Best Practice Recommendations 336 11.6 Implications for Your Cyber Security 338 Chapter 12 Network Management 352 12.1 Introduction 352 12.2 Designing for Network Performance 353 12.2.1 Managed Networks 353 12.2.2 Managing Network Traffic 357 12.2.3 Reducing Network Traffic 358 12.3 Configuration Management 361 12.3.1 Configuring the Network and Client Computers 361 12.3.2 Documenting the Configuration 362 12.4 Performance and Fault Management 364 12.4.1 Network Monitoring 364 12.4.2 Failure Control Function 366 12.4.3 Performance and Failure Statistics 368 12.4.4 Improving Performance 370 12.5 End User Support 371 12.5.1 Resolving Problems 371 12.5.2 Providing End User Training 372 12.6 Cost Management 373 12.6.1 Sources of Costs 373 12.6.2 Reducing Costs 375 12.7 Implications for Cyber Security 377 Appendices (Online) Glossary (Online) Index I-1
£101.53
John Wiley & Sons Inc Recommender System with Machine Learning and
Book SynopsisThis book is a multi-disciplinary effort that involves world-wide experts from diverse fields, such as artificial intelligence, human computer interaction, information technology, data mining, statistics, adaptive user interfaces, decision support systems, marketing, and consumer behavior. It comprehensively covers the topic of recommender systems, which provide personalized recommendations of items or services to the new users based on their past behavior. Recommender system methods have been adapted to diverse applications including social networking, movie recommendation, query log mining, news recommendations, and computational advertising. This book synthesizes both fundamental and advanced topics of a research area that has now reached maturity. Recommendations in agricultural or healthcare domains and contexts, the context of a recommendation can be viewed as important side information that affects the recommendation goals. Different types of context such as temporal dTable of ContentsPreface xix Acknowledgment xxiii Part 1: Introduction to Recommender Systems 1 1 An Introduction to Basic Concepts on Recommender Systems 3Pooja Rana, Nishi Jain and Usha Mittal 1.1 Introduction 4 1.2 Functions of Recommendation Systems 5 1.3 Data and Knowledge Sources 6 1.4 Types of Recommendation Systems 8 1.4.1 Content-Based 8 1.4.1.1 Advantages of Content-Based Recommendation 11 1.4.1.2 Disadvantages of Content-Based Recommendation 11 1.4.2 Collaborative Filtering 12 1.5 Item-Based Recommendation vs. User-Based Recommendation System 14 1.5.1 Advantages of Memory-Based Collaborative Filtering 15 1.5.2 Shortcomings 16 1.5.3 Advantages of Model-Based Collaborative Filtering 17 1.5.4 Shortcomings 17 1.5.5 Hybrid Recommendation System 17 1.5.6 Advantages of Hybrid Recommendation Systems 18 1.5.7 Shortcomings 18 1.5.8 Other Recommendation Systems 18 1.6 Evaluation Metrics for Recommendation Engines 19 1.7 Problems with Recommendation Systems and Possible Solutions 20 1.7.1 Advantages of Recommendation Systems 23 1.7.2 Disadvantages of Recommendation Systems 24 1.8 Applications of Recommender Systems 24 References 25 2 A Brief Model Overview of Personalized Recommendation to Citizens in the Health-Care Industry 27Subhasish Mohapatra and Kunal Anand 2.1 Introduction 28 2.2 Methods Used in Recommender System 29 2.2.1 Content-Based 29 2.2.2 Collaborative Filtering 32 2.2.3 Hybrid Filtering 33 2.3 Related Work 33 2.4 Types of Explanation 34 2.5 Explanation Methodology 35 2.5.1 Collaborative-Based 36 2.5.2 Content-Based 36 2.5.3 Knowledge and Utility-Based 37 2.5.4 Case-Based 37 2.5.5 Demographic-Based 38 2.6 Proposed Theoretical Framework for Explanation-Based Recommender System in Health-Care Domain 39 2.7 Flowchart 39 2.8 Conclusion 41 References 41 3 2Es of TIS: A Review of Information Exchange and Extraction in Tourism Information Systems 45Malik M. Saad Missen, Mickaël Coustaty, Hina Asmat, Amnah Firdous, Nadeem Akhtar, Muhammad Akram and V. B. Surya Prasath 3.1 Introduction 46 3.2 Information Exchange 49 3.2.1 Exchange of Tourism Objects Data 49 3.2.1.1 Semantic Clashes 50 3.2.1.2 Structural Clashes 50 3.2.2 Schema.org—The Future 51 3.2.2.1 Schema.org Extension Mechanism 52 3.2.2.2 Schema.org Tourism Vocabulary 52 3.2.3 Exchange of Tourism-Related Statistical Data 53 3.3 Information Extraction 55 3.3.1 Opinion Extraction 56 3.3.2 Opinion Mining 57 3.4 Sentiment Annotation 57 3.4.1 SentiML 58 3.4.1.1 SentiML Example 58 3.4.2 OpinionMiningML 59 3.4.2.1 OpinionMiningML Example 60 3.4.3 EmotionML 61 3.4.3.1 EmotionML Example 61 3.5 Comparison of Different Annotations Schemes 62 3.6 Temporal and Event Extraction 64 3.7 TimeML 65 3.8 Conclusions 67 References 67 Part 2: Machine Learning-Based Recommender Systems 71 4 Concepts of Recommendation System from the Perspective of Machine Learning 73Sumanta Chandra Mishra Sharma, Adway Mitra and Deepayan Chakraborty 4.1 Introduction 73 4.2 Entities of Recommendation System 74 4.2.1 User 74 4.2.2 Items 75 4.2.3 Action 75 4.3 Techniques of Recommendation 76 4.3.1 Personalized Recommendation System 77 4.3.2 Non-Personalized Recommendation System 77 4.3.3 Content-Based Filtering 77 4.3.4 Collaborative Filtering 78 4.3.5 Model-Based Filtering 80 4.3.6 Memory-Based Filtering 80 4.3.7 Hybrid Recommendation Technique 81 4.3.8 Social Media Recommendation Technique 82 4.4 Performance Evaluation 82 4.5 Challenges 83 4.5.1 Sparsity of Data 84 4.5.2 Scalability 84 4.5.3 Slow Start 84 4.5.4 Gray Sheep and Black Sheep 84 4.5.5 Item Duplication 84 4.5.6 Privacy Issue 84 4.5.7 Biasness 85 4.6 Applications 85 4.7 Conclusion 85 References 85 5 A Machine Learning Approach to Recommend Suitable Crops and Fertilizers for Agriculture 89Govind Kumar Jha, Preetish Ranjan and Manish Gaur 5.1 Introduction 90 5.2 Literature Review 91 5.3 Methodology 93 5.4 Results and Analysis 96 5.5 Conclusion 97 References 98 6 Accuracy-Assured Privacy-Preserving Recommender System Using Hybrid-Based Deep Learning Method 101Abhaya Kumar Sahoo and Chittaranjan Pradhan 6.1 Introduction 102 6.2 Overview of Recommender System 103 6.3 Collaborative Filtering-Based Recommender System 106 6.4 Machine Learning Methods Used in Recommender System 107 6.5 Proposed RBM Model-Based Movie Recommender System 110 6.6 Proposed CRBM Model-Based Movie Recommender System 113 6.7 Conclusion and Future Work 115 References 118 7 Machine Learning-Based Recommender System for Breast Cancer Prognosis 121G. Kanimozhi, P. Shanmugavadivu and M. Mary Shanthi Rani 7.1 Introduction 122 7.2 Related Works 124 7.3 Methodology 125 7.3.1 Experimental Dataset 125 7.3.2 Feature Selection 127 7.3.3 Functional Phases of MLRS-BC 128 7.3.4 Prediction Algorithms 129 7.4 Results and Discussion 131 7.5 Conclusion 138 Acknowledgment 139 References 139 8 A Recommended System for Crop Disease Detection and Yield Prediction Using Machine Learning Approach 141Pooja Akulwar 8.1 Introduction 142 8.2 Machine Learning 143 8.2.1 Overview 143 8.2.2 Machine Learning Algorithms 145 8.2.3 Machine Learning Methods 146 8.2.3.1 Artificial Neural Network 146 8.2.3.2 Support Vector Machines 146 8.2.3.3 K-Nearest Neighbors (K-NN) 147 8.2.3.4 Decision Tree Learning 147 8.2.3.5 Random Forest 148 8.2.3.6 Gradient Boosted Decision Tree (GBDT) 149 8.2.3.7 Regularized Greedy Forest (RGF) 150 8.3 Recommender System 151 8.3.1 Overview 151 8.4 Crop Management 153 8.4.1 Yield Prediction 153 8.4.2 Disease Detection 154 8.4.3 Weed Detection 156 8.4.4 Crop Quality 159 8.5 Application—Crop Disease Detection and Yield Prediction 159 References 162 Part 3: Content-Based Recommender Systems 165 9 Content-Based Recommender Systems 167Poonam Bhatia Anand and Rajender Nath 9.1 Introduction 167 9.2 Literature Review 168 9.3 Recommendation Process 172 9.3.1 Architecture of Content-Based Recommender System 172 9.3.2 Profile Cleaner Representation 175 9.4 Techniques Used for Item Representation and Learning User Profile 176 9.4.1 Representation of Content 176 9.4.2 Vector Space Model Based on Keywords 177 9.4.3 Techniques for Learning Profiles of User 179 9.4.3.1 Probabilistic Method 179 9.4.3.2 Rocchio’s and Relevance Feedback Method 180 9.4.3.3 Other Methods 181 9.5 Applicability of Recommender System in Healthcare and Agriculture 182 9.5.1 Recommendation System in Healthcare 182 9.5.2 Recommender System in Agriculture 184 9.6 Pros and Cons of Content-Based Recommender System 186 9.7 Conclusion 187 References 188 10 Content (Item)-Based Recommendation System 197R. Balamurali 10.1 Introduction 198 10.2 Phases of Content-Based Recommendation Generation 198 10.3 Content-Based Recommendation Using Cosine Similarity 199 10.4 Content-Based Recommendations Using Optimization Techniques 204 10.5 Content-Based Recommendation Using the Tree Induction Algorithm 208 10.6 Summary 212 References 213 11 Content-Based Health Recommender Systems 215Soumya Prakash Rana, Maitreyee Dey, Javier Prieto and Sandra Dudley 11.1 Introduction 216 11.2 Typical Health Recommender System Framework 217 11.3 Components of Content-Based Health Recommender System 218 11.4 Unstructured Data Processing 220 11.5 Unsupervised Feature Extraction & Weighting 221 11.5.1 Bag of Words (BoW) 221 11.5.2 Word to Vector (Word2Vec) 222 11.5.3 Global Vectors for Word Representations (Glove) 222 11.6 Supervised Feature Selection & Weighting 222 11.7 Feedback Collection 225 11.7.1 Medication & Therapy 225 11.7.2 Healthy Diet Plan 225 11.7.3 Suggestions 225 11.8 Training & Health Recommendation Generation 226 11.8.1 Analogy-Based ML in CBHRS 227 11.8.2 Specimen-Based ML in CBHRS 227 11.9 Evaluation of Content Based Health Recommender System 228 11.10 Design Criteria of CBHRS 229 11.10.1 Micro-Level & Lucidity 230 11.10.2 Interactive Interface 230 11.10.3 Data Protection 230 11.10.4 Risk & Uncertainty Management 231 11.10.5 Doctor-in-Loop (DiL) 231 11.11 Conclusions and Future Research Directions 231 References 233 12 Context-Based Social Media Recommendation System 237R. Sujithra Kanmani and B. Surendiran 12.1 Introduction 237 12.2 Literature Survey 240 12.3 Motivation and Objectives 241 12.3.1 Architecture 241 12.3.2 Modules 242 12.3.3 Implementation Details 243 12.4 Performance Measures 243 12.5 Precision 243 12.6 Recall 243 12.7 F- Measure 244 12.8 Evaluation Results 244 12.9 Conclusion and Future Work 247 References 248 13 Netflix Challenge—Improving Movie Recommendations 251Vasu Goel 13.1 Introduction 251 13.2 Data Preprocessing 252 13.3 MovieLens Data 253 13.4 Data Exploration 255 13.5 Distributions 256 13.6 Data Analysis 257 13.7 Results 265 13.8 Conclusion 266 References 266 14 Product or Item-Based Recommender System 269Jyoti Rani, Usha Mittal and Geetika Gupta 14.1 Introduction 270 14.2 Various Techniques to Design Food Recommendation System 271 14.2.1 Collaborative Filtering Recommender Systems 271 14.2.2 Content-Based Recommender Systems (CB) 272 14.2.3 Knowledge-Based Recommender Systems 272 14.2.4 Hybrid Recommender Systems 273 14.2.5 Context Aware Approaches 273 14.2.6 Group-Based Methods 273 14.2.7 Different Types of Food Recommender Systems 273 14.3 Implementation of Food Recommender System Using Content-Based Approach 276 14.3.1 Item Profile Representation 277 14.3.2 Information Retrieval 278 14.3.3 Word2vec 278 14.3.4 How are word2vec Embedding’s Obtained? 278 14.3.5 Obtaining word2vec Embeddings 279 14.3.6 Dataset 280 14.3.6.1 Data Preprocessing 280 14.3.7 Web Scrapping For Food List 280 14.3.7.1 Porter Stemming All Words 280 14.3.7.2 Filtering Our Ingredients 280 14.3.7.3 Final Data Frame with Dishes and Their Ingredients 281 14.3.7.4 Hamming Distance 281 14.3.7.5 Jaccard Distance 282 14.4 Results 282 14.5 Observations 283 14.6 Future Perspective of Recommender Systems 283 14.6.1 User Information Challenges 283 14.6.1.1 User Nutrition Information Uncertainty 283 14.6.1.2 User Rating Data Collection 284 14.6.2 Recommendation Algorithms Challenges 284 14.6.2.1 User Information Such as Likes/ Dislikes Food or Nutritional Needs 284 14.6.2.2 Recipe Databases 284 14.6.2.3 A Set of Constraints or Rules 285 14.6.3 Challenges Concerning Changing Eating Behavior of Consumers 285 14.6.4 Challenges Regarding Explanations and Visualizations 286 14.7 Conclusion 286 Acknowledgements 287 References 287 Part 4: Blockchain & IoT-Based Recommender Systems 291 15 A Trust-Based Recommender System Built on IoT Blockchain Network With Cognitive Framework 293S. Porkodi and D. Kesavaraja 15.1 Introduction 294 15.1.1 Today and Tomorrow 294 15.1.2 Vision 294 15.1.3 Internet of Things 294 15.1.4 Blockchain 295 15.1.5 Cognitive Systems 296 15.1.6 Application 296 15.2 Technologies and its Combinations 297 15.2.1 IoT–Blockchain 297 15.2.2 IoT–Cognitive System 298 15.2.3 Blockchain–Cognitive System 298 15.2.4 IoT–Blockchain–Cognitive System 298 15.3 Crypto Currencies With IoT–Case Studies 299 15.4 Trust-Based Recommender System 299 15.4.1 Requirement 299 15.4.2 Things Management 302 15.4.3 Cognitive Process 303 15.5 Recommender System Platform 304 15.6 Conclusion and Future Directions 307 References 307 16 Development of a Recommender System HealthMudra Using Blockchain for Prevention of Diabetes 313Rashmi Bhardwaj and Debabrata Datta 16.1 Introduction 314 16.2 Architecture of Blockchain 317 16.2.1 Definition of Blockchain 318 16.2.2 Structure of Blockchain 318 16.3 Role of HealthMudra in Diabetic 322 16.4 Blockchain Technology Solutions 324 16.4.1 Predictive Models of Health Data Analysis 325 16.5 Conclusions 325 References 326 Part 5: Healthcare Recommender Systems 329 17 Case Study 1: Health Care Recommender Systems 331Usha Mittal, Nancy Singla and Geetika Gupta 17.1 Introduction 332 17.1.1 Health Care Recommender System 332 17.1.2 Parkinson’s Disease: Causes and Symptoms 333 17.1.3 Parkinson’s Disease: Treatment and Surgical Approaches 334 17.2 Review of Literature 335 17.2.1 Machine Learning Algorithms for Parkinson’s Data 337 17.2.2 Visualization 340 17.3 Recommender System for Parkinson’s Disease (PD) 341 17.3.1 How Will One Know When Parkinson’s has Progressed? 342 17.3.2 Dataset for Parkinson’s Disease (PD) 342 17.3.3 Feature Selection 343 17.3.4 Classification 343 17.3.4.1 Logistic Regression 343 17.3.4.2 K Nearest Neighbor (KNN) 343 17.3.4.3 Support Vector Machine (SVM) 344 17.3.4.4 Decision Tree 344 17.3.5 Train and Test Data 344 17.3.6 Recommender System 344 17.4 Future Perspectives 345 17.5 Conclusions 346 References 348 18 Temporal Change Analysis-Based Recommender System for Alzheimer Disease Classification 351S. Naganandhini, P. Shanmugavadivu and M. Mary Shanthi Rani 18.1 Introduction 352 18.2 Related Work 352 18.3 Mechanism of TCA-RS-AD 353 18.4 Experimental Dataset 354 18.5 Neural Network 357 18.6 Conclusion 370 References 370 19 Regularization of Graphs: Sentiment Classification 373R.S.M. Lakshmi Patibandla 19.1 Introduction 373 19.2 Neural Structured Learning 374 19.3 Some Neural Network Models 375 19.4 Experimental Results 377 19.4.1 Base Model 379 19.4.2 Graph Regularization 382 19.5 Conclusion 383 References 384 20 TSARS: A Tree-Similarity Algorithm-Based Agricultural Recommender System 387Madhusree Kuanr, Puspanjali Mohapatra and Sasmita Subhadarsinee Choudhury 20.1 Introduction 388 20.2 Literature Survey 390 20.3 Research Gap 393 20.4 Problem Definitions 393 20.5 Methodology 393 20.6 Results & Discussion 394 20.6.1 Performance Evaluation 394 20.6.2 Time Complexity Analysis 396 20.7 Conclusion & Future Work 397 References 399 21 Influenceable Targets Recommendation Analyzing Social Activities in Egocentric Online Social Networks 401Soumyadeep Debnath, Dhrubasish Sarkar and Dipankar Das 21.1 Introduction 402 21.2 Literature Review 403 21.3 Dataset Collection Process with Details 404 21.3.1 Main User’s Activities Data 405 21.3.2 Network Member’s Activities Data 405 21.3.3 Tools and Libraries for Data Collection 405 21.3.4 Details of the Datasets 406 21.4 Primary Preprocessing of Data 406 21.4.1 Language Detection and Translation 406 21.4.2 Tagged Tweeters Collection 407 21.4.3 Textual Noise Removal 407 21.4.4 Textual Spelling and Correction 407 21.5 Influence and Social Activities Analysis 407 21.5.1 Step 1: Targets Selection From OSMs 408 21.5.2 Step 3: Categories Classification of Social Contents 408 21.5.3 Step 4: Sentiments Analysis of Social Contents 408 21.6 Recommendation System 409 21.6.1 Secondary Preprocessing of Data 409 21.6.2 Recommendation Analyzing Contents of Social Activities 411 21.7 Top Most Influenceable Targets Evaluation 413 21.8 Conclusion 414 21.9 Future Scope 415 References 415 Index 417
£164.66
John Wiley & Sons Inc Kali Linux Penetration Testing Bible
Book SynopsisTable of ContentsIntroduction xx Chapter 1 Mastering the Terminal Window 1 Kali Linux File System 2 Terminal Window Basic Commands 3 Tmux Terminal Window 6 Starting Tmux 6 Tmux Key Bindings 7 Tmux Session Management 7 Navigating Inside Tmux 9 Tmux Commands Reference 9 Managing Users and Groups in Kali 10 Users Commands 10 Groups Commands 14 Managing Passwords in Kali 14 Files and Folders Management in Kali Linux 15 Displaying Files and Folders 15 Permissions 16 Manipulating Files in Kali 19 Searching for Files 20 Files Compression 21 Manipulating Directories in Kali 23 Mounting a Directory 23 Managing Text Files in Kali Linux 24 Vim vs. Nano 26 Searching and Filtering Text 27 Remote Connections in Kali 29 Remote Desktop Protocol 29 Secure Shell 30 SSH with Credentials 30 Passwordless SSH 32 Kali Linux System Management 34 Linux Host Information 36 Linux OS Information 36 Linux Hardware Information 36 Managing Running Services 38 Package Management 39 Process Management 41 Networking in Kali Linux 42 Network Interface 42 IPv4 Private Address Ranges 42 Static IP Addressing 43 DNS 45 Established Connections 46 File Transfers 47 Summary 48 Chapter 2 Bash Scripting 49 Basic Bash Scripting 50 Printing to the Screen in Bash 50 Variables 52 Commands Variable 54 Script Parameters 54 User Input 56 Functions 56 Conditions and Loops 57 Conditions 58 Loops 60 File Iteration 61 Summary 63 Chapter 3 Network Hosts Scanning 65 Basics of Networking 65 Networking Protocols 66 TCP 66 UDP 67 Other Networking Protocols 67 IP Addressing 69 IPv4 69 Subnets and CIDR 69 IPv6 70 Port Numbers 71 Network Scanning 72 Identifying Live Hosts 72 Ping 73 ARP 73 Nmap 73 Port Scanning and Services Enumeration 74 TCP Port SYN Scan 75 UDP 75 Basics of Using Nmap Scans 76 Services Enumeration 77 Operating System Fingerprinting 79 Nmap Scripting Engine 80 NSE Category Scan 82 NSE Arguments 84 DNS Enumeration 84 DNS Brute-Force 85 DNS Zone Transfer 86 DNS Subdomains Tools 87 Fierce 87 Summary 88 Chapter 4 Internet Information Gathering 89 Passive Footprinting and Reconnaissance 90 Internet Search Engines 90 Shodan 91 Google Queries 92 Information Gathering Using Kali Linux 94 Whois Database 95 TheHarvester 97 DMitry 99 Maltego 99 Summary 103 Chapter 5 Social Engineering Attacks 105 Spear Phishing Attacks 105 Sending an E-mail 106 The Social Engineer Toolkit 106 Sending an E-mail Using Python 108 Stealing Credentials 109 Payloads and Listeners 110 Bind Shell vs. Reverse Shell 111 Bind Shell 111 Reverse Shell 112 Reverse Shell Using SET 113 Social Engineering with the USB Rubber Ducky 115 A Practical Reverse Shell Using USB Rubber Ducky and PowerShell 117 Generating a PowerShell Script 118 Starting a Listener 118 Hosting the PowerShell Script 119 Running PowerShell 120 Download and Execute the PS Script 120 Reverse Shell 121 Replicating the Attack Using the USB Rubber Ducky 122 Summary 122 Chapter 6 Advanced Enumeration Phase 125 Transfer Protocols 126 FTP (Port 21) 126 Exploitation Scenarios for an FTP Server 126 Enumeration Workflow 127 Service Scan 127 Advanced Scripting Scan with Nmap 128 More Brute-Forcing Techniques 129 SSH (Port 22) 130 Exploitation Scenarios for an SSH Server 130 Advanced Scripting Scan with Nmap 131 Brute-Forcing SSH with Hydra 132 Advanced Brute-Forcing Techniques 133 Telnet (Port 23) 134 Exploitation Scenarios for Telnet Server 135 Enumeration Workflow 135 Service Scan 135 Advanced Scripting Scan 136 Brute-Forcing with Hydra 136 E-mail Protocols 136 SMTP (Port 25) 137 Nmap Basic Enumeration 137 Nmap Advanced Enumeration 137 Enumerating Users 138 POP3 (Port 110) and IMAP4 (Port 143) 141 Brute-Forcing POP3 E-mail Accounts 141 Database Protocols 142 Microsoft SQL Server (Port 1433) 142 Oracle Database Server (Port 1521) 143 MySQL (Port 3306) 143 CI/CD Protocols 143 Docker (Port 2375) 144 Jenkins (Port 8080/50000) 145 Brute-Forcing a Web Portal Using Hydra 147 Step 1: Enable a Proxy 148 Step 2: Intercept the Form Request 149 Step 3: Extracting Form Data and Brute-Forcing with Hydra 150 Web Protocols 80/443 151 Graphical Remoting Protocols 152 RDP (Port 3389) 152 RDP Brute-Force 152 VNC (Port 5900) 153 File Sharing Protocols 154 SMB (Port 445) 154 Brute-Forcing SMB 156 SNMP (Port UDP 161) 157 SNMP Enumeration 157 Summary 159 Chapter 7 Exploitation Phase 161 Vulnerabilities Assessment 162 Vulnerability Assessment Workflow 162 Vulnerability Scanning with OpenVAS 164 Installing OpenVAS 164 Scanning with OpenVAS 165 Exploits Research 169 SearchSploit 171 Services Exploitation 173 Exploiting FTP Service 173 FTP Login 173 Remote Code Execution 174 Spawning a Shell 177 Exploiting SSH Service 178 SSH Login 178 Telnet Service Exploitation 179 Telnet Login 179 Sniffing for Cleartext Information 180 E-mail Server Exploitation 183 Docker Exploitation 185 Testing the Docker Connection 185 Creating a New Remote Kali Container 186 Getting a Shell into the Kali Container 187 Docker Host Exploitation 188 Exploiting Jenkins 190 Reverse Shells 193 Using Shells with Metasploit 194 Exploiting the SMB Protocol 196 Connecting to SMB Shares 196 SMB Eternal Blue Exploit 197 Summary 198 Chapter 8 Web Application Vulnerabilities 199 Web Application Vulnerabilities 200 Mutillidae Installation 200 Apache Web Server Installation 200 Firewall Setup 201 Installing PHP 201 Database Installation and Setup 201 Mutillidae Installation 202 Cross-Site Scripting 203 Reflected XSS 203 Stored XSS 204 Exploiting XSS Using the Header 205 Bypassing JavaScript Validation 207 SQL Injection 208 Querying the Database 208 Bypassing the Login Page 211 Execute Database Commands Using SQLi 211 SQL Injection Automation with SQLMap 215 Testing for SQL Injection 216 Command Injection 217 File Inclusion 217 Local File Inclusion 218 Remote File Inclusion 219 Cross-Site Request Forgery 220 The Attacker Scenario 221 The Victim Scenario 222 File Upload 223 Simple File Upload 223 Bypassing Validation 225 Encoding 227 OWASP Top 10 228 Summary 229 Chapter 9 Web Penetration Testing and Secure Software Development Lifecycle 231 Web Enumeration and Exploitation 231 Burp Suite Pro 232 Web Pentest Using Burp Suite 232 More Enumeration 245 Nmap 246 Crawling 246 Vulnerability Assessment 247 Manual Web Penetration Testing Checklist 247 Common Checklist 248 Special Pages Checklist 248 Secure Software Development Lifecycle 250 Analysis/Architecture Phase 251 Application Threat Modeling 251 Assets 251 Entry Points 252 Third Parties 252 Trust Levels 252 Data Flow Diagram 252 Development Phase 252 Testing Phase 255 Production Environment (Final Deployment) 255 Summary 255 Chapter 10 Linux Privilege Escalation 257 Introduction to Kernel Exploits and Missing Configurations 258 Kernel Exploits 258 Kernel Exploit: Dirty Cow 258 SUID Exploitation 261 Overriding the Passwd Users File 263 CRON Jobs Privilege Escalation 264 CRON Basics 265 Crontab 265 Anacrontab 266 Enumerating and Exploiting CRON 266 sudoers 268 sudo Privilege Escalation 268 Exploiting the Find Command 268 Editing the sudoers File 269 Exploiting Running Services 270 Automated Scripts 270 Summary 271 Chapter 11 Windows Privilege Escalation 273 Windows System Enumeration 273 System Information 274 Windows Architecture 275 Listing the Disk Drives 276 Installed Patches 276 Who Am I? 276 List Users and Groups 277 Networking Information 279 Showing Weak Permissions 282 Listing Installed Programs 283 Listing Tasks and Processes 283 File Transfers 284 Windows Host Destination 284 Linux Host Destination 285 Windows System Exploitation 286 Windows Kernel Exploits 287 Getting the OS Version 287 Find a Matching Exploit 288 Executing the Payload and Getting a Root Shell 289 The Metasploit PrivEsc Magic 289 Exploiting Windows Applications 293 Running As in Windows 295 PSExec Tool 296 Exploiting Services in Windows 297 Interacting with Windows Services 297 Misconfigured Service Permissions 297 Overriding the Service Executable 299 Unquoted Service Path 299 Weak Registry Permissions 301 Exploiting the Scheduled Tasks 302 Windows PrivEsc Automated Tools 302 PowerUp 302 WinPEAS 303 Summary 304 Chapter 12 Pivoting and Lateral Movement 305 Dumping Windows Hashes 306 Windows NTLM Hashes 306 SAM File and Hash Dump 307 Using the Hash 308 Mimikatz 308 Dumping Active Directory Hashes 310 Reusing Passwords and Hashes 310 Pass the Hash 311 Pivoting with Port Redirection 312 Port Forwarding Concepts 312 SSH Tunneling and Local Port Forwarding 314 Remote Port Forwarding Using SSH 315 Dynamic Port Forwarding 316 Dynamic Port Forwarding Using SSH 316 Summary 317 Chapter 13 Cryptography and Hash Cracking 319 Basics of Cryptography 319 Hashing Basics 320 One-Way Hash Function 320 Hashing Scenarios 321 Hashing Algorithms 321 Message Digest 5 321 Secure Hash Algorithm 323 Hashing Passwords 323 Securing Passwords with Hash 324 Hash-Based Message Authenticated Code 325 Encryption Basics 326 Symmetric Encryption 326 Advanced Encryption Standard 326 Asymmetric Encryption 328 Rivest Shamir Adleman 329 Cracking Secrets with Hashcat 331 Benchmark Testing 332 Cracking Hashes in Action 334 Attack Modes 336 Straight Mode 336 Combinator 337 Mask and Brute-Force Attacks 339 Brute-Force Attack 342 Hybrid Attacks 342 Cracking Workflow 343 Summary 344 Chapter 14 Reporting 345 Overview of Reports in Penetration Testing 345 Scoring Severities 346 Common Vulnerability Scoring System Version 3.1 346 Report Presentation 349 Cover Page 350 History Logs 350 Report Summary 350 Vulnerabilities Section 350 Summary 351 Chapter 15 Assembly Language and Reverse Engineering 353 CPU Registers 353 General CPU Registers 354 Index Registers 355 Pointer Registers 355 Segment Registers 355 Flag Registers 357 Assembly Instructions 358 Little Endian 360 Data Types 360 Memory Segments 361 Addressing Modes 361 Reverse Engineering Example 361 Visual Studio Code for C/C++ 362 Immunity Debugger for Reverse Engineering 363 Summary 368 Chapter 16 Buffer/Stack Overflow 369 Basics of Stack Overflow 369 Stack Overview 370 PUSH Instruction 370 POP Instruction 371 C Program Example 371 Buffer Analysis with Immunity Debugger 372 Stack Overflow 376 Stack Overflow Mechanism 377 Stack Overflow Exploitation 378 Lab Overview 379 Vulnerable Application 379 Phase 1: Testing 379 Testing the Happy Path 379 Testing the Crash 381 Phase 2: Buffer Size 382 Pattern Creation 382 Offset Location 382 Phase 3: Controlling EIP 383 Adding the JMP Instruction 384 Phase 4: Injecting the Payload and Getting a Remote Shell 386 Payload Generation 386 Bad Characters 386 Shellcode Python Script 387 Summary 388 Chapter 17 Programming with Python 389 Basics of Python 389 Running Python Scripts 390 Debugging Python Scripts 391 Installing VS Code on Kali 391 Practicing Python 392 Python Basic Syntaxes 393 Python Shebang 393 Comments in Python 393 Line Indentation and Importing Modules 394 Input and Output 394 Printing CLI Arguments 395 Variables 395 Numbers 395 Arithmetic Operators 397 Strings 397 String Formatting 397 String Functions 398 Lists 399 Reading Values in a List 399 Updating List Items 399 Removing a list item 400 Tuples 400 Dictionary 400 More Techniques in Python 400 Functions 400 Returning Values 401 Optional Arguments 401 Global Variables 402 Changing Global Variables 402 Conditions 403 if/else Statement 403 Comparison Operators 403 Loop Iterations 404 while Loop 404 for Loop 405 Managing Files 406 Exception Handling 407 Text Escape Characters 407 Custom Objects in Python 408 Summary 409 Chapter 18 Pentest Automation with Python 411 Penetration Test Robot 411 Application Workflow 412 Python Packages 414 Application Start 414 Input Validation 415 Code Refactoring 417 Scanning for Live Hosts 418 Ports and Services Scanning 420 Attacking Credentials and Saving the Results 423 Summary 426 Appendix A Kali Linux Desktop at a Glance 427 Downloading and Running a VM of Kali Linux 428 Virtual Machine First Boot 428 Kali Xfce Desktop 429 Kali Xfce Menu 430 Search Bar 430 Favorites Menu Item 430 Usual Applications 432 Other Menu Items 433 Kali Xfce Settings Manager 433 Advanced Network Configuration 435 Appearance 436 Desktop 439 Display 441 File Manager 442 Keyboard 445 MIME Type Editor 447 Mouse and Touchpad 448 Panel 449 Workspaces 450 Window Manager 451 Practical Example of Desktop Customization 454 Edit the Top Panel 454 Adding a New Bottom Panel 454 Changing the Desktop Look 457 Installing Kali Linux from Scratch 458 Summary 466 Appendix B Building a Lab Environment Using Docker 467 Docker Technology 468 Docker Basics 468 Docker Installation 468 Images and Registries 469 Containers 470 Dockerfile 472 Volumes 472 Networking 473 Mutillidae Docker Container 474 Summary 475 Index 477
£25.60
John Wiley & Sons Inc Game Theory and Machine Learning for Cyber
Book SynopsisGAME THEORY AND MACHINE LEARNING FOR CYBER SECURITY Move beyond the foundations of machine learning and game theory in cyber security to the latest research in this cutting-edge field In Game Theory and Machine Learning for Cyber Security, a team of expert security researchers delivers a collection of central research contributions from both machine learning and game theory applicable to cybersecurity. The distinguished editors have included resources that address open research questions in game theory and machine learning applied to cyber security systems and examine the strengths and limitations of current game theoretic models for cyber security. Readers will explore the vulnerabilities of traditional machine learning algorithms and how they can be mitigated in an adversarial machine learning approach. The book offers a comprehensive suite of solutions to a broad range of technical issues in applying game theory and machine learning to solve cyber security challenges. Beginning with an introduction to foundational concepts in game theory, machine learning, cyber security, and cyber deception, the editors provide readers with resources that discuss the latest in hypergames, behavioral game theory, adversarial machine learning, generative adversarial networks, and multi-agent reinforcement learning. Readers will also enjoy: A thorough introduction to game theory for cyber deception, including scalable algorithms for identifying stealthy attackers in a game theoretic framework, honeypot allocation over attack graphs, and behavioral games for cyber deceptionAn exploration of game theory for cyber security, including actionable game-theoretic adversarial intervention detection against advanced persistent threatsPractical discussions of adversarial machine learning for cyber security, including adversarial machine learning in 5G security and machine learning-driven fault injection in cyber-physical systemsIn-depth examinations of generative models for cyber security Perfect for researchers, students, and experts in the fields of computer science and engineering, Game Theory and Machine Learning for Cyber Security is also an indispensable resource for industry professionals, military personnel, researchers, faculty, and students with an interest in cyber security.Table of ContentsEditor biographies Contributors Foreword Preface Chapter 1: Introduction Christopher D. Kiekintveld, Charles A. Kamhoua, Fei Fang, Quanyan Zhu Part 1: Game Theory for Cyber Deception Chapter 2: Introduction to Game Theory Fei Fang, Shutian Liu, Anjon Basak, Quanyan Zhu, Christopher Kiekintveld, Charles A. Kamhoua Chapter 3: Scalable Algorithms for Identifying Stealthy Attackers in a Game Theoretic Framework Using Deception Anjon Basak, Charles Kamhoua, Sridhar Venkatesan, Marcus Gutierrez, Ahmed H. Anwar, Christopher Kiekintveld Chapter 4: Honeypot Allocation Game over Attack Graphs for Cyber Deception Ahmed H. Anwar, Charles Kamhoua, Nandi Leslie, Christopher Kiekintveld Chapter 5: Evaluating Adaptive Deception Strategies for Cyber Defense with Human Experimentation Palvi Aggarwal, Marcus Gutierrez, Christopher Kiekintveld, Branislav Bosansky, Cleotilde Gonzalez Chapter 6: A Theory of Hypergames on Graphs for Synthesizing Dynamic Cyber Defense with Deception Jie Fu, Abhishek N. Kulkarni Part 2: Game Theory for Cyber Security Chapter 7: Minimax Detection (MAD) for Computer Security: A Dynamic Program Characterization Muhammed O. Sayin, Dinuka Sahabandu, Muhammad Aneeq uz Zaman, Radha Poovendran, Tamer Başar Chapter 8: Sensor Manipulation Games in Cyber Security João P. Hespanha Chapter 9: Adversarial Gaussian Process Regression in Sensor Networks Yi Li, Xenofon Koutsoukos, Yevgeniy Vorobeychik Chapter 10: Moving Target Defense Games for Cyber Security: Theory and Applications Abdelrahman Eldosouky, Shamik Sengupta Chapter 11: Continuous Authentication Security Games Serkan Saritas, Ezzeldin Shereen, Henrik Sandberg, Gyorgy Dan Chapter 12: Cyber Autonomy in Software Security: Techniques and Tactics Tiffany Bao, Yan Shoshitaishvili Part 3: Adversarial Machine Learning for Cyber Security Chapter 13: A Game Theoretic Perspective on Adversarial Machine Learning and Related Cybersecurity Applications Yan Zhou, Murat Kantarcioglu, Bowei Xi Chapter 14: Adversarial Machine Learning in 5G Communications Security Yalin Sagduyu, Tugba Erpek, Yi Shi Chapter 15: Machine Learning in the Hands of a Malicious Adversary: A Near Future If Not Reality Keywhan Chung, Xiao Li, Peicheng Tang, Zeran Zhu, Zbigniew T. Kalbarczyk, Thenkurussi Kesavadas, Ravishankar K. Iyer Chapter 16: Trinity: Trust, Resilience and Interpretability of Machine Learning Models Susmit Jha, Anirban Roy, Brian Jalaian, Gunjan Verma Part 4: Generative Models for Cyber Security Chapter 17: Evading Machine Learning based Network Intrusion Detection Systems with GANs Bolor-Erdene Zolbayar, Ryan Sheatsley, Patrick McDaniel, Mike Weisman Chapter 18: Concealment Charm (ConcealGAN): Automatic Generation of Steganographic Text using Generative Models to Bypass Censorship Nurpeiis Baimukan, Quanyan Zhu Part 5: Reinforcement Learning for Cyber Security Chapter 19: Manipulating Reinforcement Learning: Stealthy Attacks on Cost Signals Yunhan Huang, Quanyan Zhu Chapter 20: Resource-Aware Intrusion Response based on Deep Reinforcement Learning for Software-Defined Internet-of-Battle-Things Seunghyun Yoon, Jin-Hee Cho, Gaurav Dixit, Ing-Ray Chen Part 6: Other Machine Learning approach to Cyber Security Chapter 21: Smart Internet Probing: Scanning Using Adaptive Machine Learning Armin Sarabi, Kun Jin, Mingyan Liu Chapter 22: Semi-automated Parameterization of a Probabilistic Model using Logistic Regression - A Tutorial Stefan Rass, Sandra König, Stefan Schauer Chapter 23: Resilient Distributed Adaptive Cyber-Defense using Blockchain George Cybenko, Roger A. Hallman Chapter 24: Summary and Future Work Quanyan Zhu, Fei Fang
£101.66
John Wiley & Sons Inc CWNA Certified Wireless Network Administrator
Book SynopsisTable of ContentsForeword xxxv Introduction xxxvii Assessment Test lvi Chapter 1 Overview of Wireless Standards, Organizations, and Fundamentals 1 History of Wireless Local Area Networks 3 Standards Organizations 5 Institute of Electrical and Electronics Engineers 8 Core, Distribution, and Access 22 Communications Fundamentals 24 Summary 33 Exam Essentials 33 Review Questions 34 Chapter 2 IEEE 802.11 Standard and Amendments 39 Original IEEE 802.11 Standard 42 IEEE 802.11-2020 Ratified Amendments 44 IEEE 802.11 Draft Amendments 63 Defunct Amendments 66 IEEE Task Group m 68 Summary 69 Exam Essentials 69 Review Questions 70 Chapter 3 Radio Frequency Fundamentals 75 What Is a Radio Frequency Signal? 77 Radio Frequency Characteristics 78 Radio Frequency Behaviors 87 Summary 103 Exam Essentials 103 Review Questions 104 Chapter 4 Radio Frequency Components, Measurements, and Mathematics 109 Components of RF Communications 112 Units of Power and Comparison 115 RF Mathematics 123 Noise Floor 130 Signal-to-Noise Ratio 130 Received Signal Strength Indicator 131 Link Budget 135 Summary 140 Exam Essentials 142 Review Questions 143 Chapter 5 Radio Frequency Signal and Antenna Concepts 147 Azimuth and Elevation Charts (Antenna Radiation Envelopes) 150 Interpreting Polar Charts 152 Beamwidth 155 Antenna Types 157 Visual Line of Sight 169 RF Line of Sight 169 Fresnel Zone 170 Earth Bulge 174 Antenna Polarization 175 Antenna Diversity 176 Multiple-Input, Multiple-Output 177 Antenna Connection and Installation 179 Antenna Accessories 187 Regulatory Compliance 192 Summary 194 Exam Essentials 194 Review Questions 195 Chapter 6 Wireless Networks and Spread Spectrum Technologies 199 Throughput vs. Bandwidth 201 Narrowband and Spread Spectrum 202 Frequency-Hopping Spread Spectrum 205 Direct-Sequence Spread Spectrum 208 Orthogonal Frequency-Division Multiplexing 211 Industrial, Scientific, and Medical Bands 218 5 GHz Unlicensed National Information Infrastructure Bands 220 60 GHz for Wi-Fi 223 Below 1 GHz 224 2.4 GHz Channels 224 5 GHz Channels 227 6 GHz Channels 232 Summary 239 Exam Essentials 239 Review Questions 240 Chapter 7 Wireless LAN Topologies 245 Wireless Networking Topologies 247 802.11 Stations 251 802.11 Service Sets 255 802.11 Configuration Modes 267 Summary 269 Exam Essentials 269 Review Questions 271 Chapter 8 802.11 Medium Access 275 CSMA/CA vs. CSMA/CD 276 Collision Detection 277 Distributed Coordination Function 278 Hybrid Coordination Function 286 Wi-Fi Multimedia 288 Airtime Fairness 290 Summary 292 Exam Essentials 292 Review Questions 293 Chapter 9 802.11 MAC 297 Packets, Frames, and Bits 299 Data-Link Layer 300 Physical Layer 301 802.11 and 802.3 Interoperability 302 802.11 MAC Header 303 802.11 Frame Body 315 802.11 Trailer 316 802.11 State Machine 317 Management Frames 318 Control Frames 333 Data Frames 341 Power Management 344 Summary 350 Exam Essentials 350 Review Questions 352 Chapter 10 MIMO Technology: HT and VHT 357 MIMO 360 Multi-User MIMO 371 Channels 376 Guard Interval 382 256-QAM Modulation 384 802.11n/ac PPDUs 388 802.11n/ac MAC 390 HT/VHT Protection Mechanisms 399 Wi-Fi Alliance Certification 400 Summary 403 Exam Essentials 403 Review Questions 405 Chapter 11 WLAN Architecture 409 WLAN Client Devices 411 Management, Control, and Data Planes 421 WLAN Architecture 423 Specialty WLAN Infrastructure 437 Cloud Networking 445 Application Programming Interface 448 Infrastructure Management 451 Summary 456 Exam Essentials 457 Review Questions 458 Chapter 12 Power over Ethernet (PoE) 463 History of PoE 464 PoE Devices 467 Planning and Deploying PoE 484 Summary 490 Exam Essentials 491 Review Questions 492 Chapter 13 WLAN Design Concepts 497 WLAN Coverage Design 499 Roaming Design 505 Channel Design 512 Capacity Design 534 Voice vs. Data 546 Dual 5 GHz and Software-Defined Radios 548 6 GHz WLAN Design 551 Physical Environment 557 Antennas 558 Outdoor Design 562 Summary 563 Exam Essentials 564 Review Questions 565 Chapter 14 Site Survey and Validation 569 WLAN Site Survey and Design Interview 572 Vertical Market Considerations 582 Legacy AP-on-a-Stick Survey 585 Hybrid Survey 595 Validation Survey 599 Site Survey Tools 604 Documents and Reports 609 Summary 614 Exam Essentials 615 Review Questions 616 Chapter 15 WLAN Troubleshooting 621 Five Tenets of WLAN Troubleshooting 623 Layer 1 Troubleshooting 629 Layer 2 Troubleshooting 636 Security Troubleshooting 648 Roaming Troubleshooting 661 Channel Utilization 665 Layers 3–7 Troubleshooting 667 WLAN Troubleshooting Tools 671 Summary 679 Exam Essentials 679 Review Questions 680 Chapter 16 Wireless Attacks, Intrusion Monitoring, and Policy 687 Wireless Attacks 688 Intrusion Monitoring 706 Wireless Security Policies 712 Summary 716 Exam Essentials 717 Review Questions 718 Chapter 17 802.11 Network Security Architecture 723 802.11 Security Basics 725 Legacy 802.11 Security 729 Robust Security 736 Management Frame Protection 757 WPA 2 757 WPA 3 758 Enhanced Open 761 6 GHz Wi-Fi Security 762 Traffic Segmentation 763 VPN Wireless Security 766 Summary 770 Exam Essentials 770 Review Questions 772 Chapter 18 Bring Your Own Device (BYOD) and Guest Access 777 Mobile Device Management 780 Company-Issued Devices vs. Personal Devices 781 Self-Service Device Onboarding for Employees 795 Guest WLAN Access 798 Hotspot 2.0 and Passpoint 811 Network Access Control 816 Summary 824 Exam Essentials 825 Review Questions 826 Chapter 19 802.11ax: High Efficiency (HE) 831 802.11ax = Wi-Fi 6 833 Wi-Fi Traffic Congestion 834 HE Overview 836 Multi-User 837 OFDMA 838 MU-MIMO 851 BSS Color and Spatial Reuse 855 Target Wake Time 861 Additional 802.11ax PHY and MAC Capabilities 862 Wi-Fi 6 Key Questions 867 Wi-Fi CERTIFIED 6 873 Summary 874 Review Questions 875 Chapter 20 WLAN Deployment and Vertical Markets 879 Deployment Considerations for Commonly Supported WLAN Applications and Devices 881 Corporate Data Access and End-User Mobility 885 Network Extension to Remote Areas 886 Bridging: Building-to-Building Connectivity 887 Wireless ISP: Last-Mile Data Delivery 888 Small Office/Home Office 888 Temporary Office Networking 889 Branch Offices 890 Teleworker Wi-Fi 890 Educational/Classroom Use 891 Industrial: Warehousing and Manufacturing 892 Retail 892 Healthcare 894 Municipal Networks 895 Hotspots: Public Network Access 895 Stadium Networks 897 Transportation Networks 897 Law Enforcement Networks 898 First-Responder Networks 899 Managed Service Providers 900 Fixed Mobile Convergence 900 WLAN and Health 901 Internet of Things 901 WLAN Vendors 902 Summary 904 Exam Essentials 904 Review Questions 905 Appendix A Answers to Review Questions 909 Chapter 1: Overview of Wireless Standards, Organizations, and Fundamentals 910 Chapter 2: IEEE 802.11 Standard and Amendments 911 Chapter 3: Radio Frequency Fundamentals 914 Chapter 4: Radio Frequency Components, Measurements, and Mathematics 915 Chapter 5: Radio Frequency Signal and Antenna Concepts 918 Chapter 6: Wireless Networks and Spread Spectrum Technologies 919 Chapter 7: Wireless LAN Topologies 922 Chapter 8: 802.11 Medium Access 924 Chapter 9: 802.11 Mac 926 Chapter 10: MIMO Technology: HT and VHT 929 Chapter 11: WLAN Architecture 932 Chapter 12: Power over Ethernet (PoE) 934 Chapter 13: WLAN Design Concepts 937 Chapter 14: Site Survey and Validation 940 Chapter 15: WLAN Troubleshooting 943 Chapter 16: Wireless Attacks, Intrusion Monitoring, and Policy 946 Chapter 17: 802.11 Network Security Architecture 948 Chapter 18: Bring Your Own Device (BYOD) and Guest Access 951 Chapter 19: 802.11ax: High Efficiency (HE) 954 Chapter 20: WLAN Deployment and Vertical Markets 957 Appendix B Abbreviations and Acronyms 961 Certifications 962 Organizations and Regulations 962 Measurements 963 Technical Terms 964 Index 981
£41.60
John Wiley & Sons Inc Shaping Future 6g Networks
Book SynopsisTable of ContentsEditor Biographies xiii List of Contributors xv Foreword Henning Schulzrinne xix Foreword Peter Stuckmann xxi Foreword Akihiro Nakao xxiii Acronyms xxv 1 Toward 6G – Collecting the Research Visions 1 Emmanuel Bertin, Thomas Magedanz, and Noel Crespi 1.1 Time to Start Shaping 6G 1 1.2 Early Directions for Shaping 6G 2 1.2.1 Future Services 2 1.2.2 Moving from 5G to 6G 2 1.2.3 Renewed Value Chain and Collaborations 3 1.3 Book Outline and Main Topics 4 1.3.1 Use Cases and Requirements for 6G 4 1.3.2 Standardization Processes for 6G 4 1.3.3 Energy Consumption and Social Acceptance 4 1.3.4 New Technologies for Radio Access 5 1.3.5 New Technologies for Network Infrastructure 5 1.3.6 New Perspectives for Network Architectures 6 1.3.7 New Technologies for Network Management and Operation 7 1.3.8 Post-Shannon Perspectives 8 2 6G Drivers for B2B Market: E2E Services and Use Cases 9 Marco Giordani, Michele Polese, Andres Laya, Emmanuel Bertin, and Michele Zorzi 2.1 Introduction 9 2.2 Relevance of the B2B market for 6G 10 2.3 Use Cases for the B2B Market 11 2.3.1 Industry and Manufacturing 11 2.3.2 Teleportation 13 2.3.3 Digital Twin 15 2.3.4 Smart Transportation 15 2.3.5 Public Safety 16 2.3.6 Health and Well-being 17 2.3.7 Smart-X IoT 19 2.3.8 Financial World 20 2.4 Conclusions 22 3 6G: The Path Toward Standardization 23 Guy Redmill and Emmanuel Bertin 3.1 Introduction 23 3.2 Standardization: A Long-Term View 24 3.3 IMTs Have Driven Multiple Approaches to Previous Mobile Generations 25 3.4 Stakeholder Ecosystem Fragmentation and Explosion 26 3.5 Shifting Sands: Will Politics Influence Future Standardization Activities? 28 3.6 Standards, the Supply Chain, and the Emergence of Open Models 30 3.7 New Operating Models 32 3.8 Research – What Is the Industry Saying? 33 3.9 Can We Define and Deliver a New Generation of Standards by 2030? 34 3.10 Conclusion 34 4 Greening 6G: New Horizons 39 Zhisheng Niu, Sheng Zhou, and Noel Crespi 4.1 Introduction 39 4.2 Energy Spreadsheet of 6G Network and Its Energy Model 40 4.2.1 Radio Access Network Energy Consumption Model 40 4.2.2 Edge Computing and Learning: Energy Consumption Models and Their Impacts 41 4.2.2.1 Energy Consumption Models in Edge Computing 41 4.2.2.2 Energy Consumption Models in Edge Learning 41 4.3 Greening 6G Radio Access Networks 42 4.3.1 Energy-Efficient Network Planning 42 4.3.1.1 BS Deployment Densification with Directional Transmissions 42 4.3.1.2 Network with Reconfigurable Intelligent Surfaces (RISs) 43 4.3.2 Energy-Efficient Radio Resource Management 44 4.3.2.1 Model-free 44 4.3.2.2 Less Computation Complexity 44 4.3.3 Energy-Efficient Service Provisioning with NFV and SFC 46 4.3.3.1 VNF Consolidation 47 4.3.3.2 Exploiting Renewable Energy 47 4.4 Greening Artificial Intelligence (AI) in 6G Network 47 4.4.1 Energy-Efficient Edge Training 48 4.4.2 Distributed Edge Co-inference and the Energy Trade-off 49 4.5 Conclusions 50 5 “Your 6G or Your Life”: How Can Another G Be Sustainable? 55 Isabelle Dabadie, Marc Vautier, and Emmanuel Bertin 5.1 Introduction 55 5.2 A World in Crisis 56 5.2.1 Ecological Crisis 56 5.2.2 Energy Crises 57 5.2.3 Technological Innovation and Rebound Effect: A Dead End? 57 5.3 A Dilemma for Service Operators 59 5.3.1 Incentives to Reduce Consumption: Shooting Ourselves in the Foot? 59 5.3.2 Incentives to Reduce Overconsumption: Practical Solutions 60 5.3.3 Opportunities. . . and Risks 61 5.4 A Necessary Paradigm Shift 62 5.4.1 The Status Quo Is Risky, Too 62 5.4.2 Creating Value with 6G in the New Paradigm 63 5.4.3 Empowering Consumers to Achieve the “2T CO2/Year/Person” Objective 64 5.5 Summary and Prospects 64 5.5.1 Two Drivers, Three Levels of Action 64 5.5.2 Which Regulation for Future Use of Technologies? 65 5.5.3 Hopes and Prospects for a Sustainable 6G 65 6 Catching the 6G Wave by Using Metamaterials: A Reconfigurable Intelligent Surface Paradigm 69 Marco Di Renzo and Alexis I. Aravanis 6.1 Smart Radio Environments Empowered by Reconfigurable Intelligent Surfaces 69 6.1.1 Reconfigurable Intelligent Surfaces 70 6.2 Types of RISs, Advantages, and Limitations 72 6.2.1 Advantages and Limitations 74 6.3 Experimental Activities 78 6.3.1 Large Arrays of Inexpensive Antennas 78 6.3.1.1 RFocus 78 6.3.1.2 The ScatterMIMO Prototype 79 6.3.2 Metasurface Approaches 80 6.4 RIS Research Areas and Challenges in the 6G Ecosystem 82 7 Potential of THz Broadband Systems for Joint Communication, Radar, and Sensing Applications in 6G 89 Robert Müller and Markus Landmann 8 Non-Terrestrial Networks in 6G 101 Thomas Heyn, Alexander Hofmann, Sahana Raghunandan, and Leszek Raschkowski 8.1 Introduction 101 8.2 Non-Terrestrial Networks in 5G 101 8.3 Innovations in Telecom Satellites 103 8.4 Extended Non-Terrestrial Networks in 6G 105 8.4.1 Motivation 105 8.4.2 Heterogeneous and Dynamic Networks in 6G 107 8.5 Research Challenges Toward 6G-NTN 107 8.5.1 Heterogeneous Non-Terrestrial 6G Networks 109 8.5.2 Required RAN Architecture in 6G to Support NTN 109 8.5.3 Coexistence and Spectrum Sharing 110 8.5.3.1 Regulatory Aspects 111 8.5.3.2 Techniques for Coexistence 111 8.5.4 Energy-Efficient Waveforms 112 8.5.5 Scalable RF Carrier Bandwidth 113 8.6 Conclusion 114 9 Rethinking the IP Framework 117 David Zhe Luo and Noel Crespi 9.1 Introduction 117 9.2 Emerging Applications and Network Requirements 118 9.3 State of the Art 120 9.4 Next-Generation Internet Protocol Framework: Features and Capabilities 122 9.4.1 High-Precision and Deterministic Services 122 9.4.2 Semantic and Flexible Addressing 124 9.4.3 ManyNets Support 125 9.4.4 Intrinsic Security and Privacy 126 9.4.5 High Throughput 126 9.4.6 User-Defined Network Operations 127 9.5 Flexible Addressing System Example 127 9.6 Conclusion 129 10 Computing in the Network: The Core-Edge Continuum in 6G Network 133 Marie-José Montpetit and Noel Crespi 10.1 Introduction 133 10.2 A Few Stops on the Road to Programmable Networks 134 10.2.1 Active Networks 134 10.2.2 Information-centric Networking 135 10.2.3 Compute-first Networking 135 10.2.4 Software-defined Networking 136 10.3 Beyond Softwarization and Clouderization: The Computerization of Networks 137 10.3.1 A New End-to-End Paradigm 137 10.3.2 Computing in the Network Basic Concepts 138 10.3.3 Related Impacts 140 10.3.3.1 The Need for Resource Discovery 140 10.3.3.2 Power Savings for Eco-conscious Networking 141 10.3.3.3 Transport is Still Needed! 141 10.3.3.4 How About Security? 141 10.4 Computing Everywhere: The Core-Edge Continuum 143 10.4.1 A Common Data Layer 143 10.4.2 The New Programmable Data Plane 145 10.4.3 Novel Architectures Using Computing in the Network 147 10.4.3.1 The Newest and Boldest: Quantum Networking 148 10.4.3.2 Creating the Tactile and the Automated Internet: FlexNGIA 148 10.5 Making it Real: Use Cases 149 10.5.1 Computing in the Data Center 150 10.5.1.1 Data and Flow Aggregation 150 10.5.1.2 Key-value Storage and In-network Caching 151 10.5.1.3 Consensus 151 10.5.2 Next-generation IoT and Intelligence Everywhere 152 10.5.2.1 The Internet of Intelligent Things 152 10.5.2.2 Industrial Automation: From Factories to Farms 153 10.5.3 Computing Support for Networked Multimedia 154 10.5.3.1 Video Analytics 154 10.5.3.2 Extended Reality and Multimedia 154 10.5.4 Melding AI and Computing for Measuring and Managing the Network 155 10.5.4.1 Telemetry 155 10.5.4.2 AI/ML for Network Management 156 10.5.5 Network Coding 157 10.6 Conclusion: 6G, the Network, and Computing 158 11 An Approach to Automated Multi-domain Service Production for Future 6G Networks 167 Mohamed Boucadair, Christian Jacquenet, and Emmanuel Bertin 11.1 Introduction 167 11.1.1 Background 167 11.1.2 The Need for Multi-domain 6G Networks 168 11.1.3 Challenges of Multi-domain Service Production and Operation 169 11.2 Framework and Assumptions 170 11.2.1 Terminology 170 11.2.2 Assumptions 171 11.2.2.1 SDN-enabled Domains 171 11.2.2.2 On-service Orchestrators 172 11.2.2.3 Any Kind of Multi-domain Service, Whatever the Vertical 172 11.2.3 Roles 173 11.2.4 Possible Multi-domain Service Delivery Frameworks 174 11.2.4.1 A Set of Bilateral Agreements 174 11.2.4.2 A Set of Bilateral Agreements by Means of a Marketplace 174 11.2.4.3 A Set of Bilateral Agreements by Means of a Broker 175 11.3 Automating the Delivery of Multi-domain Services 175 11.3.1 General Considerations 175 11.3.2 Discovering Partnering Domains and Communicating with Partnering SDN Controllers 176 11.3.3 Multi-domain Service Subscription Framework 178 11.3.4 Multi-domain Service Delivery Procedure 179 11.4 An Example: Dynamic Enforcement of Differentiated, Multi-domainService Traffic Forwarding Policies by Means of Service Function Chaining 181 11.4.1 SFC Control Plane 181 11.4.2 Consistency of Operation 182 11.4.3 Design Considerations 182 11.5 Research Challenges 183 11.5.1 Security of Operations 184 11.5.2 Consistency of Decisions 184 11.5.3 Consistency of Data 184 11.5.4 Performance and Scalability 185 11.6 Conclusion 185 12 6G Access and Edge Computing – ICDT Deep Convergence 187 Chih-Lin I, Jinri Huang, and Noel Crespi 12.1 Introduction 187 12.2 True ICT Convergence: RAN Evolution to 5G 187 12.2.1 C-RAN: Centralized, Cooperative, Cloud, and Clean 190 12.2.1.1 NGFI: From Backhaul to xHaul 191 12.2.1.2 From Cloud to Fog 194 12.2.2 A Turbocharged Edge: MEC 195 12.2.3 Virtualization and Cloud Computing 197 12.3 Deep ICDT Convergence Toward 6G 198 12.3.1 Open and Smart: Two Major Trends Since 5G 198 12.3.1.1 RAN Intelligence – Enabled with Wireless Big Data 199 12.3.1.2 OpenRAN 202 12.3.1.3 Scope of RAN Intelligence Use Cases 205 12.3.2 An OpenRAN Architecture with Native AI: RAN Intelligent Controller (RIC) 208 12.3.2.1 NRT-RIC Functions 209 12.3.2.2 nRT-RIC Functions 211 12.3.3 Key Challenges and Potential Solutions 212 12.3.3.1 Customized Data Collection and Control 212 12.3.3.2 Radio Resource Management and Air Interface Protocol Processing Decoupling 213 12.3.3.3 Open API for xApp 214 12.4 Ecosystem Progress from 5G to 6G 214 12.4.1 O-RAN Alliance 214 12.4.2 Telecom Infrastructure Project 215 12.4.3 GSMA Open Networking Initiative 216 12.4.4 Open-source Communities 216 12.5 Conclusion 217 13 “One Layer to Rule Them All”: Data Layer-oriented 6G Networks 221 Marius Corici and Thomas Magedanz 13.1 Perspective 221 13.2 Motivation 222 13.3 Requirements 223 13.4 Benefits/Opportunities 225 13.5 Data Layer High-level Functionality 227 13.6 Instead of Conclusions 231 14 Long-term Perspectives: Machine Learning for Future Wireless Networks 235 Sławomir Stańczak, Alexander Keller, Renato L.G. Cavalcante, Nikolaus Binder, and Soma Velayutham 14.1 Introduction 235 14.2 Why Machine Learning in Communication? 236 14.2.1 Machine Learning in a Nutshell 237 14.2.1.1 Kernel-based Learning with Projections 237 14.2.1.2 Deep Learning 238 14.2.1.3 Reinforcement Learning 241 14.2.2 Choosing the Right Tool for the Job 242 14.3 Machine Learning in Future Wireless Networks 243 14.3.1 Robust Traffic Prediction for Energy-saving Optimization 244 14.3.2 Fingerprinting-based Localization 244 14.3.3 Joint Power and Beam Optimization 245 14.3.4 Collaborative Compressive Classification 245 14.3.5 Designing Neural Architectures for Sparse Estimation 247 14.3.6 Online Loss Map Reconstruction 248 14.3.7 Learning Non-Orthogonal Multiple Access and Beamforming 248 14.3.8 Simulating Radiative Transfer 250 14.4 The Soul of 6G will be Machine Learning 251 14.5 Conclusion 252 15 Managing the Unmanageable: How to Control Open and Distributed 6G Networks 255 Imen Grida Ben Yahia, Zwi Altman, Joanna Balcerzak, Yosra Ben Slimen, and Emmanuel Bertin 15.1 Introduction 255 15.2 Managing Open and Distributed Radio Access Networks 256 15.2.1 Radio Access Network 256 15.2.2 Innovation in the Standardization Arena 258 15.2.2.1 RAN 258 15.3 Core Network and End-to- End Network Management 260 15.3.1 Network Architecture and Management 260 15.3.2 Changes in Architecture and Network Management from Standardization Perspective 262 15.3.3 Quality of Service and Experience 263 15.3.4 Standardization Effort in Data Analytics 264 15.4 Trends in Machine Learning Suitable to Network Data and 6G 265 15.4.1 Federated Learning 265 15.4.2 Auto-Labeling Techniques and Network Actuations 266 15.5 Conclusions 268 16 6G and the Post-Shannon Theory 271 Juan A. Cabrera, Holger Boche, Christian Deppe, Rafael F. Schaefer, Christian Scheunert, and Frank H. P. Fitzek 16.1 Introduction 271 16.2 Message Identification for Post-Shannon Communication 273 16.2.1 Explicit Construction of RI Codes 277 16.2.2 Secrecy for Free 279 16.2.3 Message Identification Without Randomness 280 16.3 Resources Considered Useless Become Relevant 281 16.3.1 Common Randomness for Nonsecure Communication 281 16.3.2 Feedback in Identification and the Additivity of Bundled Channels 282 16.4 Physical Layer Service Integration 283 16.4.1 Motivation and Requirements 283 16.4.2 Detectability of Denial-of-Service Attacks 284 16.4.3 Further Limits for Computer-Aided Approaches 288 16.5 Other Implementations of Post-Shannon Communication 288 16.5.1 Post-Shannon in Multi-Code CDMA 288 16.5.2 Waveform Coding in MIMO Systems 289 16.6 Conclusions: A Call to Academia and Standardization Bodies 290 Index 295
£104.36
John Wiley & Sons Inc Corporate Cybersecurity
Book SynopsisCORPORATE CYBERSECURITY An insider's guide showing companies how to spot and remedy vulnerabilities in their security programs A bug bounty program is offered by organizations for people to receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Corporate Cybersecurity gives cyber and application security engineers (who may have little or no experience with a bounty program) a hands-on guide for creating or managing an effective bug bounty program. Written by a cyber security expert, the book is filled with the information, guidelines, and tools that engineers can adopt to sharpen their skills and become knowledgeable in researching, configuring, and managing bug bounty programs. This book addresses the technical aspect of tooling and managing a bug bounty program and discusses common issues that engineers may run into on a daily basis. The author includes information on the often-overlTable of ContentsForeword xiii Acknowledgments xv Part 1 Bug Bounty Overview 1 1 The Evolution of Bug Bounty Programs 3 1.1 Making History 3 1.2 Conservative Blockers 4 1.3 Increased Threat Actor Activity 4 1.4 Security Researcher Scams 5 1.5 Applications Are a Small Consideration 5 1.6 Enormous Budgetary Requirements 5 1.7 Other Security Tooling as a Priority 6 1.8 Vulnerability Disclosure Programs vs Bug Bounty Programs 6 1.8.1 Vulnerability Disclosure Programs 6 1.8.2 Bug Bounty Programs 7 1.9 Program Managers 7 1.10 The Law 7 1.11 Redefining Security Research 8 1.12 Taking Action 8 1.12.1 Get to Know Security Researchers 9 1.12.2 Fair and Just Resolution 9 1.12.3 Managing Disclosure 9 1.12.4 Corrections 9 1.12.5 Specific Community Involvement 9 Part 2 Evaluating Programs 11 2 Assessing Current Vulnerability Management Processes 13 2.1 Who Runs a Bug Bounty Program? 13 2.2 Determining Security Posture 13 2.3 Management 14 2.3.1 Software Engineering Teams 14 2.3.2 Security Departments (Security Operations, Fraud Prevention, Governance/Risk/Compliance, Edge Controls, Vulnerability Management, Endpoint Detection, and Response) 14 2.3.3 Infrastructure Teams 14 2.3.4 Legal Department 14 2.3.5 Communications Team 14 2.4 Important Questions 15 2.5 Software Engineering 15 2.5.1 Which Processes Are in Place for Secure Coding? Do the Software Engineers Understand the Importance of Mitigating the Risks Associated with Vulnerable Code? 15 2.5.2 How Effective Are Current Communication Processes? Will Vulnerabilities Be Quickly Resolved If Brought to Their Attention? 15 2.5.3 Is the Breadth of Our Enterprise’s Web and Mobile Applications Immense? Which Processes Are Engineers Using for Development in the Software Development Lifecycle? 16 2.6 Security Departments 16 2.6.1 How Does Security Operations Manage Incidents? Will Employee Assistance Be Provided from the Security Operations Team If a Threat Actor Manages to Exploit an Application Vulnerability? Which Tools Do They Have in Place? 16 2.6.2 What Does the Fraud Prevention Team Do to Prevent Malicious Activities? How Many Occurrences Do They See of Issues such as Account Takeover, and Could They Potentially Create Application Vulnerabilities? 16 2.6.3 Are There Any Compliance Practices in Place and, If So, How Do They Affect the Vulnerability Management Process? What Does the Application Security Team Have to Do to Assist in Enterprise Compliance? 17 2.6.4 What Edge Tooling is in Place to Prevent Attacks? Are Any of the Enterprise Applications at Risk of Being Exploited due to an IoT (Internet of Things) Device? 17 2.6.5 How Often Does Our Vulnerability Management Team Push for Updates? How Does the Vulnerability Management Team Ensure Servers in which Enterprise Applications Reside Are Secure? 17 2.7 Infrastructure Teams 17 2.7.1 What Are Infrastructure Teams Doing to Ensure Best Security Practices Are Enabled? How Long Will It Take the Infrastructure Team to Resolve a Serious Issue When a Server-side Web Application is Exploited, or During a Subdomain Takeover Vulnerability? 17 2.7.2 Is There Effective Communication between Infrastructure, Vulnerability Management, Security Operations, and Endpoint Detection and Response? 18 2.8 Legal Department 18 2.8.1 How Well Refined is the Relationship between the Application Security Team and the Legal Department? 18 2.8.2 What Criteria Are/Will Be Set Out for the Escalation of Issues? 18 2.8.3 Does the Legal Department Understand the Necessity of Bug Bounty Program Management? 18 2.9 Communications Team 18 2.9.1 Has the Communications Team Dealt with Security Researchers Before? is the Importance Understood? 18 2.9.2 Was the Communications Team Informed of Bug Bounty Program Expectations? 19 2.10 Engineers 19 2.11 Program Readiness 19 3 Evaluating Program Operations 21 3.1 One Size Does Not Fit All 21 3.2 Realistic Program Scenarios 21 3.3 Ad Hoc Program 22 3.4 Note 24 3.5 Applied Knowledge 24 3.5.1 Applied Knowledge #1 24 3.5.1.1 Private Programs 25 3.5.2 Applied Knowledge #2 25 3.5.2.1 Public Programs 25 3.5.3 Applied Knowledge #3 26 3.5.3.1 Hybrid Models 26 3.6 Crowdsourced Platforms 27 3.7 Platform Pricing and Services 28 3.8 Managed Services 28 3.9 Opting Out of Managed Services 29 3.10 On-demand Penetration Tests 29 Part 3 Program Setup 31 4 Defining Program Scope and Bounties 33 4.1 What is a Bounty? 33 4.2 Understanding Scope 33 4.3 How to Create Scope 34 4.3.1 Models 34 4.4 Understanding Wildcards 34 4.4.1 Subdomain 35 4.4.2 Domain 35 4.4.3 Specific Domain Path or Specific Subdomain Path 35 4.5 Determining Asset Allocation 36 4.6 Asset Risk 37 4.7 Understanding Out of Scope 37 4.8 Vulnerability Types 38 4.8.1 Denial of Service (DOS) or Distributed Denial of Service (DDoS) Attacks 38 4.8.2 Social Engineering Attacks 38 4.8.3 Brute Force or Rate Limiting 38 4.8.4 Account and Email Enumeration 38 4.8.5 Self-XSS 39 4.8.6 Clickjacking 39 4.8.7 Miscellaneous 39 4.9 When is an Asset Really Out of Scope? 39 4.10 The House Wins – Or Does It? 40 4.11 Fair Judgment on Bounties 42 4.12 Post-mortem 43 4.13 Awareness and Reputational Damage 43 4.14 Putting It All Together 44 4.15 Bug Bounty Payments 44 4.15.1 Determining Payments 45 4.15.2 Bonus Payments 46 4.15.3 Nonmonetary Rewards 46 5 Understanding Safe Harbor and Service Level Agreements 49 5.1 What is “Safe Harbor”? 49 5.1.1 The Reality of Safe Harbor 49 5.1.2 Fear and Reluctance 49 5.1.3 Writing Safe Harbor Agreements 50 5.1.4 Example Safe Harbor Agreement 50 5.2 Retaliation against a Rogue Researcher (Cybercriminal or Threat/Bad Actor) 51 5.3 Service Level Agreements (SLAs) 52 5.3.1 Resolution Times 53 5.3.2 Triage Times 53 6 Program Configuration 55 6.1 Understanding Options 55 6.2 Bugcrowd 55 6.2.1 Creating the Program 55 6.2.2 Program Overview 61 6.2.2.1 The Program Dashboard 61 6.2.2.2 The Crowd Control Navbar 63 Summary 63 Submissions 63 Researchers 64 Rewards 65 Insights Dashboard 65 Reports 66 6.2.3 Advanced Program Configuration and Modification 66 6.2.3.1 Program Brief 66 6.2.3.2 Scope and Rewards 67 6.2.3.3 Integrations 72 6.2.3.4 Announcements 73 6.2.3.5 Manage Team 74 6.2.3.6 Submissions 75 6.2.4 Profile Settings 76 6.2.4.1 The Profile and Account 78 6.2.4.2 Security 78 6.2.4.3 Notification Settings 79 6.2.4.4 API Credentials 80 6.2.5 Enterprise “Profile” Settings 81 6.2.5.1 Management and Configuration 81 6.2.5.2 Organization Details 81 6.2.5.3 Team Members 81 6.2.5.4 Targets 81 6.2.5.5 Authentication 81 6.2.5.6 Domains 82 6.2.5.7 Accounting 83 6.3 HackerOne 84 6.3.1 Program Settings 85 6.3.1.1 General 85 6.3.1.2 Information 86 6.3.1.3 Product Edition 86 6.3.1.4 Authentication 87 6.3.1.5 Verified Domains 88 6.3.1.6 Credential Management 89 6.3.1.7 Group Management 89 6.3.1.8 User Management 90 6.3.1.9 Audit Log 91 6.3.2 Billing 92 6.3.2.1 Overview 92 6.3.2.2 Credit Card 92 6.3.2.3 Prepayment 92 6.3.3 Program 93 6.3.3.1 Policy 93 6.3.3.2 Scope 93 6.3.3.3 Submit Report Form 95 6.3.3.4 Response Targets 96 6.3.3.5 Metrics Display 97 6.3.3.6 Email Notifications 97 6.3.3.7 Inbox Views 98 6.3.3.8 Disclosure 98 6.3.3.9 Custom Fields 98 6.3.3.10 Invitations 99 6.3.3.11 Submission 100 6.3.3.12 Message Hackers 101 6.3.3.13 Email Forwarding 102 6.3.3.14 Embedded Submission Form 102 6.3.3.15 Bounties 103 6.3.3.16 Swag 103 6.3.3.17 Common Responses 104 6.3.3.18 Triggers 106 6.3.3.19 Integrations 107 6.3.3.20 API 107 6.3.3.21 Hackbot 107 6.3.3.22 Export Reports 108 6.3.3.23 Profile Settings 108 6.3.4 Inbox 108 6.3.4.1 Report Details 109 6.3.4.2 Timeline 109 6.4 Summary 110 Part 4 Vulnerability Reports and Disclosure 111 7 Triage and Bug Management 113 7.1 Understanding Triage 113 7.1.1 Validation 113 7.1.2 Lessons Learned 115 7.1.3 Vulnerability Mishaps 115 7.1.4 Managed Services 115 7.1.5 Self-service 116 7.2 Bug Management 116 7.2.1 Vulnerability Priority 116 7.2.2 Vulnerability Examples 117 7.2.2.1 Reflected XSS on a login portal 117 Report and Triage 117 Validation 117 7.2.2.2 Open redirect vulnerability 117 Report and Triage 117 Validation 118 7.2.2.3 Leaked internal Structured Query Language (SQL) server credentials 118 Report and Triage 118 Validation 118 7.3 Answers 118 7.3.1 Vulnerability Rating-test Summary 119 7.3.1.1 Reflected XSS in a login portal 118 7.3.1.2 Open redirect vulnerability 118 7.3.1.3 Leaked internal SQL server credentials 118 7.3.2 Complexity vs Rating 119 7.3.3 Projected Ratings 120 7.3.4 Ticketing and Internal SLA 120 7.3.4.1 Creating Tickets 120 8 Vulnerability Disclosure Information 123 8.1 Understanding Public Disclosure 123 8.1.1 Making the Decision 123 8.1.1.1 Private Programs 123 The Bottom Line 124 8.1.1.2 Public Programs 125 The Bottom Line 126 8.2 CVE Responsibility 126 8.2.1 What are CVEs? 126 8.2.2 Program Manager Responsibilities 126 8.2.3 Hardware CVEs 126 8.2.4 Software and Product CVEs 128 8.2.5 Third-party CVEs 128 8.3 Submission Options 130 8.3.1 In-house Submissions 130 8.3.2 Program Managed Submissions and Hands-off Submissions 130 8.3.2.1 Program Managed Submissions 130 8.3.2.2 Hands-off Submissions 131 Part 5 Internal and External Communication 133 9 Development and Application Security Collaboration 135 9.1 Key Role Differences 135 9.1.1 Application Security Engineer 135 9.1.2 Development 135 9.2 Facing a Ticking Clock 136 9.3 Meaningful Vulnerability Reporting 136 9.4 Communicating Expectations 137 9.5 Pushback, Escalations, and Exceptions 138 9.5.1 Internal steps 138 9.5.2 External steps 139 9.5.2 Escalations 139 9.5.3 Summary 140 9.6 Continuous Accountability 141 9.6.1 Tracking 141 9.6.2 Missed Deadlines 141 10 Hacker and Program Interaction Essentials 143 10.1 Understanding the Hacker 143 10.1.1 Money, Ethics, or Both? 143 10.1.2 Case Study Analysis 145 10.2 Invalidating False Positives 145 10.2.1 Intake Process and Breaking the News 145 10.2.2 Dealing with a Toxic Hacker 147 10.3 Managed Program Considerations 147 10.4 In-house Programs 148 10.5 Blackmail or Possible Threat Actor 151 10.6 Public Threats or Disclosure 151 10.7 Program Warning Messages 153 10.8 Threat Actor or Security Researcher? 153 10.9 Messaging Researchers 155 10.9.1 Security Researcher Interviews 155 10.9.2 Bug Bounty Program Manager Interviews 159 10.10 Summary 164 Part 6 Assessments and Expansions 165 11 Internal Assessments 167 11.1 Introduction to Internal Assessments 167 11.2 Proactive Vs Reactive Testing 167 11.3 Passive Assessments 168 11.3.1 Shodan 168 11.3.1.1 Using Shodan 168 11.3.2 Amass/crt.sh 171 11.3.2.1 Amass 172 11.3.2.2 crt.sh 173 11.4 Active Assessments 173 11.4.1 nmapAutomator.sh 173 11.4.2 Sn1per 175 11.4.3 Owasp Zap 175 11.4.4 Dalfox 177 11.4.5 Dirsearch 179 11.5 Passive/Active Summary 180 11.6 Additional Considerations: Professional Testing and Third-Party Risk 180 12 Expanding Scope 181 12.1 Communicating with the Team 181 12.2 Costs of Expansion 182 12.3 When to Expand Scope 182 12.4 Alternatives to Scope Expansion 183 12.5 Managing Expansion 183 13 Public Release 185 13.1 Understanding the Public Program 185 13.2 The “Right” Time 185 13.3 Recommended Release 186 13.3.1 Requirements 186 13.4 Rolling Backwards 186 13.5 Summary 187 Index 189
£84.56
John Wiley & Sons Inc Cybersecurity in Intelligent Networking Systems
Book SynopsisCYBERSECURITY IN INTELLIGENT NETWORKING SYSTEMS Help protect your network system with this important reference work on cybersecurity Cybersecurity and privacy are critical to modern network systems. As various malicious threats have been launched that target critical online servicessuch as e-commerce, e-health, social networks, and other major cyber applicationsit has become more critical to protect important information from being accessed. Data-driven network intelligence is a crucial development in protecting the security of modern network systems and ensuring information privacy. Cybersecurity in Intelligent Networking Systems provides a background introduction to data-driven cybersecurity, privacy preservation, and adversarial machine learning. It offers a comprehensive introduction to exploring technologies, applications, and issues in data-driven cyber infrastructure. It describes a proposed novel, data-driven network intelligence system that helps provide robust and trustworthy safeguards with edge-enabled cyber infrastructure, edge-enabled artificial intelligence (AI) engines, and threat intelligence. Focusing on encryption-based security protocol, this book also highlights the capability of a network intelligence system in helping target and identify unauthorized access, malicious interactions, and the destruction of critical information and communication technology. Cybersecurity in Intelligent Networking Systems readers will also find: Fundamentals in AI for cybersecurity, including artificial intelligence, machine learning, and security threats Latest technologies in data-driven privacy preservation, including differential privacy, federated learning, and homomorphic encryption Key areas in adversarial machine learning, from both offense and defense perspectives Descriptions of network anomalies and cyber threats Background information on data-driven network intelligence for cybersecurity Robust and secure edge intelligence for network anomaly detection against cyber intrusions Detailed descriptions of the design of privacy-preserving security protocols Cybersecurity in Intelligent Networking Systems is an essential reference for all professional computer engineers and researchers in cybersecurity and artificial intelligence, as well as graduate students in these fields.Table of ContentsContents Preface xiii Acknowledgments xvii Acronyms xix 1 Cybersecurity in the Era of Artificial Intelligence 1 1.1 Artificial Intelligence for Cybersecurity . 2 1.1.1 Artificial Intelligence 2 1.1.2 Machine Learning 4 1.1.3 Data-Driven Workflow for Cybersecurity . 6 1.2 Key Areas and Challenges 7 1.2.1 Anomaly Detection . 8 1.2.2 Trustworthy Artificial Intelligence . 10 1.2.3 Privacy Preservation . 10 1.3 Toolbox to Build Secure and Intelligent Systems . 11 1.3.1 Machine Learning and Deep Learning . 12 1.3.2 Privacy-Preserving Machine Learning . 14 1.3.3 Adversarial Machine Learning . 15 1.4 Data Repositories for Cybersecurity Research . 16 1.4.1 NSL-KDD . 17 1.4.2 UNSW-NB15 . 17 v 1.4.3 EMBER 18 1.5 Summary 18 2 Cyber Threats and Gateway Defense 19 2.1 Cyber Threats . 19 2.1.1 Cyber Intrusions . 20 2.1.2 Distributed Denial of Services Attack . 22 2.1.3 Malware and Shellcode . 23 2.2 Gateway Defense Approaches 23 2.2.1 Network Access Control 24 2.2.2 Anomaly Isolation 24 2.2.3 Collaborative Learning . 24 2.2.4 Secure Local Data Learning 25 2.3 Emerging Data-Driven Methods for Gateway Defense 26 2.3.1 Semi-Supervised Learning for Intrusion Detection 26 2.3.2 Transfer Learning for Intrusion Detection 27 2.3.3 Federated Learning for Privacy Preservation . 28 2.3.4 Reinforcement Learning for Penetration Test 29 2.4 Case Study: Reinforcement Learning for Automated Post-Breach Penetration Test . 30 2.4.1 Literature Review 30 2.4.2 Research Idea 31 2.4.3 Training Agent using Deep Q-Learning 32 2.5 Summary 34 vi 3 Edge Computing and Secure Edge Intelligence 35 3.1 Edge Computing . 35 3.2 Key Advances in Edge Computing . 38 3.2.1 Security 38 3.2.2 Reliability . 41 3.2.3 Survivability . 42 3.3 Secure Edge Intelligence . 43 3.3.1 Background and Motivation 44 3.3.2 Design of Detection Module 45 3.3.3 Challenges against Poisoning Attacks . 48 3.4 Summary 49 4 Edge Intelligence for Intrusion Detection 51 4.1 Edge Cyberinfrastructure . 51 4.2 Edge AI Engine 53 4.2.1 Feature Engineering . 53 4.2.2 Model Learning . 54 4.2.3 Model Update 56 4.2.4 Predictive Analytics . 56 4.3 Threat Intelligence 57 4.4 Preliminary Study . 57 4.4.1 Dataset 57 4.4.2 Environment Setup . 59 4.4.3 Performance Evaluation . 59 vii 4.5 Summary 63 5 Robust Intrusion Detection 65 5.1 Preliminaries 65 5.1.1 Median Absolute Deviation . 65 5.1.2 Mahalanobis Distance 66 5.2 Robust Intrusion Detection . 67 5.2.1 Problem Formulation 67 5.2.2 Step 1: Robust Data Preprocessing 68 5.2.3 Step 2: Bagging for Labeled Anomalies 69 5.2.4 Step 3: One-Class SVM for Unlabeled Samples . 70 5.2.5 Step 4: Final Classifier . 74 5.3 Experiment and Evaluation . 76 5.3.1 Experiment Setup 76 5.3.2 Performance Evaluation . 81 5.4 Summary 92 6 Efficient Preprocessing Scheme for Anomaly Detection 93 6.1 Efficient Anomaly Detection . 93 6.1.1 Related Work . 95 6.1.2 Principal Component Analysis . 97 6.2 Efficient Preprocessing Scheme for Anomaly Detection . 98 6.2.1 Robust Preprocessing Scheme . 99 6.2.2 Real-Time Processing 103 viii 6.2.3 Discussions 103 6.3 Case Study . 104 6.3.1 Description of the Raw Data 105 6.3.2 Experiment 106 6.3.3 Results 108 6.4 Summary 109 7 Privacy Preservation in the Era of Big Data 111 7.1 Privacy Preservation Approaches 111 7.1.1 Anonymization 111 7.1.2 Differential Privacy . 112 7.1.3 Federated Learning . 114 7.1.4 Homomorphic Encryption 116 7.1.5 Secure Multi-Party Computation . 117 7.1.6 Discussions 118 7.2 Privacy-Preserving Anomaly Detection . 120 7.2.1 Literature Review 121 7.2.2 Preliminaries . 123 7.2.3 System Model and Security Model 124 7.3 Objectives and Workflow . 126 7.3.1 Objectives . 126 7.3.2 Workflow . 128 7.4 Predicate Encryption based Anomaly Detection . 129 7.4.1 Procedures 129 ix 7.4.2 Development of Predicate . 131 7.4.3 Deployment of Anomaly Detection 132 7.5 Case Study and Evaluation . 134 7.5.1 Overhead . 134 7.5.2 Detection . 136 7.6 Summary 137 8 Adversarial Examples: Challenges and Solutions 139 8.1 Adversarial Examples . 139 8.1.1 Problem Formulation in Machine Learning 140 8.1.2 Creation of Adversarial Examples . 141 8.1.3 Targeted and Non-Targeted Attacks . 141 8.1.4 Black-Box and White-Box Attacks 142 8.1.5 Defenses against Adversarial Examples 142 8.2 Adversarial Attacks in Security Applications 143 8.2.1 Malware 143 8.2.2 Cyber Intrusions . 143 8.3 Case Study: Improving Adversarial Attacks Against Malware Detectors 144 8.3.1 Background 144 8.3.2 Adversarial Attacks on Malware Detectors 145 8.3.3 MalConv Architecture 147 8.3.4 Research Idea 148 8.4 Case Study: A Metric for Machine Learning Vulnerability to Adversarial Examples . 149 8.4.1 Background 149 8.4.2 Research Idea 150 8.5 Case Study: Protecting Smart Speakers from Adversarial Voice Commands . 153 8.5.1 Background 153 8.5.2 Challenges 154 8.5.3 Directions and Tasks 155 8.6 Summary 157 xi
£92.70
John Wiley & Sons Inc 5g Wireless Network Security and Privacy
Book Synopsis5G WIRELESS NETWORK An expert presentation of 5G security, privacy, and network performance In 5G Wireless Network Security and Privacy, a team of veteran engineers delivers a robust and accessible discussion of 5G security solutions, including physical layer security, authentication, and mobility management. In the book, the authors expertly cover the requirements of 5G wireless network security and privacy, with explorations of existing solutions and vulnerabilities from security architecture and mechanism perspectives. Readers will learn how to enhance the security and network performance of 5G wireless networks in contexts like vehicle-to-vehicle and vehicle-to-infrastructure communications, industrial automation, health services, smart cities, and smart homes. They will develop a comprehensive understanding of 5G wireless network security as they move through the book's 11 insightful chapters, developing in-depth knowledge on the current state of 5G security and coming developmenTable of ContentsAbout the Authors ix Preface xi Acknowledgments xiii Introduction xv 1 Introduction to 5G Wireless Systems 1 1.1 Motivations and Objectives of 5G Wireless Networks 1 1.2 Security Drives and Requirements 2 1.3 5GWireless Network Architecture 4 1.3.1 Overview of the 5G Wireless Network Architecture 4 1.3.2 Comparison Between the Legacy Cellular Network and the 5GWireless Network 5 1.4 Conclusion 6 2 Security from Legacy Wireless Systems to 5G Networks 7 2.1 Network Security for Legacy Systems 7 2.2 Security Attacks and Security Services in 5G Wireless Networks 9 2.2.1 Security Attacks 9 2.2.2 Security Services 11 2.2.2.1 Authentication 12 2.2.2.2 Confidentiality 12 2.2.2.3 Availability 13 2.2.2.4 Integrity 14 2.3 The Evolution of Wireless Security Architectures from 3G to 5G 14 2.3.1 3G Security Architecture 14 2.3.2 4G Security Architecture 15 2.3.3 5GWireless Security Architecture 16 2.3.3.1 Overview of the Proposed 5G Wireless Security Architecture 16 2.3.3.2 Security Domains 17 2.4 Summary 18 3 Security Services and Mechanisms in 5G Wireless Systems 19 3.1 Cryptographic Approaches and Physical Layer Security 19 3.2 Authentication 22 3.3 Availability 27 3.4 Data Confidentiality 29 3.5 Key Management 33 3.6 Privacy 35 3.7 Conclusion 36 4 An Efficient Security Solution Based on Physical Layer Security in 5G Wireless Networks 37 4.1 Enhancing 5G Security Through Artificial Noise and Interference Utilization 37 4.2 A HetNet System Model and Security Analysis 38 4.2.1 System Model and Threat Model 38 4.2.2 Security Analysis 40 4.3 Problem Formulation and Analysis 42 4.3.1 Maximum Secrecy Rate 43 4.3.2 The Proposed Algorithm 43 4.4 Numerical and Simulation Results 46 4.5 Conclusion 49 5 Flexible and Efficient Security Schemes for IoT Applications in 5G Wireless Systems 51 5.1 IoT Application Models and Current Security Challenges 51 5.2 A General System Model for IoT Applications Over 5G 52 5.2.1 System Architecture 52 5.2.2 Trust Models 54 5.2.3 Threat Models and Design Objectives 55 5.3 The 5G Authentication and Secure Data Transmission Scheme 56 5.3.1 Overview of the 5G Authentication and Secure Data Transmission Scheme 56 5.3.2 The Detailed Scheme 57 5.3.2.1 Phase 1 -- System Initialization 57 5.3.2.2 Phase 2 -- Authentication and Initial Session Key Agreement 58 5.3.2.3 Phase 3 -- Data Transmission 58 5.3.2.4 Phase 4 -- Data Receiving 59 5.3.2.5 Phase 5 -- T2 IoT Devices Authentication and Initial Session Key Agreement 59 5.4 Security Analysis 60 5.4.1 Protocol Verification 61 5.4.2 Security Objectives 61 5.4.2.1 Mutual Authentication 61 5.4.2.2 Initial Session Key Agreement 62 5.4.2.3 Data Confidentiality and Integrity 62 5.4.2.4 Contextual Privacy 62 5.4.2.5 Forward Security 62 5.4.2.6 End-to-End Security 63 5.4.2.7 Key Escrow Resilience 63 5.5 Performance Evaluation 63 5.5.1 Security Services 63 5.5.2 Computational Overhead 63 5.5.3 Communication Overhead 66 5.6 Conclusion 67 6 Secure and Efficient Mobility Management in 5G Wireless Networks 71 6.1 Handover Issues and Requirements Over 5G Wireless Networks 71 6.2 A 5G CN Model and HetNet System Model 72 6.3 5G Handover Scenarios and Procedures 75 6.3.1 Handover Scenarios 75 6.3.2 Handover Procedures 76 6.4 A New Authentication Protocol for 5G Networks 79 6.4.1 Assumptions 80 6.4.2 Pre-Authentication 80 6.4.3 Full Authentication 81 6.4.4 Fast Authentication 83 6.4.4.1 Handover Between APs 83 6.4.4.2 Handover Between BSs 84 6.5 Security Analysis of the New 5G Authentication Protocols 84 6.6 Performance Evaluations 85 6.6.1 Communication Overhead 86 6.6.2 Computation Overhead 86 6.7 Conclusion 87 7 Open Issues and Future Research Directions for Security and Privacy in 5G Networks 89 7.1 New Trust Models 89 7.2 New Security Attack Models 90 7.3 Privacy Protection 90 7.4 Unified Security Management 91 References 93 Index 103
£91.80
John Wiley & Sons Inc Cybersecurity and Local Government
Book SynopsisCYBERSECURITY AND LOCAL GOVERNMENT Learn to secure your local government's networks with this one-of-a-kind resource In Cybersecurity and Local Government, a distinguished team of researchers delivers an insightful exploration of cybersecurity at the level of local government. The book makes a compelling argument that every local government official, elected or otherwise, must be reasonably knowledgeable about cybersecurity concepts and provide appropriate support for it within their governments. It also lays out a straightforward roadmap to achieving those objectives, from an overview of cybersecurity definitions to descriptions of the most common security challenges faced by local governments. The accomplished authors specifically address the recent surge in ransomware attacks and how they might affect local governments, along with advice as to how to avoid and respond to these threats. They also discuss the cybersecurity law, cybersecurity policies that local government should adopt, the future of cybersecurity, challenges posed by Internet of Things, and much more. Throughout, the authors provide relevant field examples, case studies of actual local governments, and examples of policies to guide readers in their own application of the concepts discussed within. Cybersecurity and Local Government also offers: A thorough introduction to cybersecurity generally, including definitions of key cybersecurity terms and a high-level overview of the subject for non-technologists. A comprehensive exploration of critical information for local elected and top appointed officials, including the typical frequencies and types of cyberattacks. Practical discussions of the current state of local government cybersecurity, with a review of relevant literature from 2000 to 2021. In-depth examinations of operational cybersecurity policies, procedures and practices, with recommended best practices. Perfect for local elected and top appointed officials and staff as well as local citizens, Cybersecurity and Local Government will also earn a place in the libraries of those studying or working in local government with an interest in cybersecurity.Table of ContentsPreface ix About the Authors xi 1 Why Local Government Cybersecurity? 1 2 What is Cybersecurity? 17 3 Cybersecurity 101 for Local Governments 27 4 What the Literature Says About Local Government Cybersecurity 47 5 Cyberattacks: Targetting Local Government 67 6 Managing Local Government Cybersecurity 85 7 Cybersecurity Policies for Local Government 113 8 People: The Root of The Problem 143 9 The NIST Cybersecurity Framework Demystified 151 10 Cybersecurity Law and Regulation for Local Government 167 11 Important Questions to Ask 187 12 The Future of Local Government Cybersecurity 201 13 Summary and Recommendations 227 Index 235
£81.86
John Wiley & Sons Inc Cloud Security for Dummies
Book SynopsisTable of ContentsIntroduction 1 About This Book 2 Foolish Assumptions 3 Icons Used in This Book 3 Beyond the Book 3 Where to Go from Here 4 Part 1: Getting Started with Cloud Security 5 Chapter 1: Clouds Aren’t Bulletproof 7 Knowing Your Business 8 Discovering the company jewels 8 Initiating your plan 8 Automating the discovery process 8 Knowing Your SLA Agreements with Service Providers 10 Where is the security? 10 Knowing your part 11 Building Your Team 11 Finding the right people 12 Including stakeholders 12 Creating a Risk Management Plan 13 Identifying the risks 14 Assessing the consequences of disaster 15 Pointing fingers at the right people 15 Disaster planning 16 When Security Is Your Responsibility 17 Determining which assets to protect 17 Knowing your possible threat level 20 Van Gogh with it (paint a picture of your scenario) 21 Setting up a risk assessment database 22 Avoiding Security Work with the Help of the Cloud 24 Having someone else ensure physical security 25 Making sure providers have controls to separate customer data 25 Recognizing that cloud service providers can offer better security 25 Chapter 2: Getting Down to Business 27 Negotiating the Shared Responsibility Model 28 Coloring inside the lines 29 Learning what to expect from a data center 29 Taking responsibility for your 75 percent 31 SaaS, PaaS, IaaS, AaaA! 31 SaaS 31 SaaS security 32 PaaS 32 PaaS security 33 IaaS 33 IaaS security 34 FaaS 34 SaaS, PaaS, IaaS, FaaS responsibilities 34 Managing Your Environment 35 Restricting access 36 Assessing supply chain risk 36 Managing virtual devices 38 Application auditing 38 Managing Security for Devices Not Under Your Control 39 Inventorying devices 39 Using a CASB solution 40 Applying Security Patches 41 Looking Ahead 42 Chapter 3: Storing Data in the Cloud 43 Dealing with the Data Silo Dilemma 44 Cataloging Your Data 45 Selecting a data catalog software package 46 Three steps to building a data catalog 46 Controlling data access 47 Working with labels 49 Developing label-based security 50 Applying sensitivity levels 50 Assessing impact to critical functions 50 Working with Sample Classification Systems 51 Tokenizing Sensitive Data 54 Defining data tokens 54 Isolating your tokenization system 55 Accessing a token system 55 Segmenting Data 56 Anonymizing Data 56 Encrypting Data in Motion, in Use, and at Rest 58 Securing data in motion 59 Encrypting stored data 59 Protecting data in use by applications 60 Creating Data Access Security Levels 60 Controlling User Access 61 Restricting IP access 61 Limiting device access 62 Building the border wall and other geofencing techniques 63 Getting rid of stale data 64 Chapter 4: Developing Secure Software 65 Turbocharging Development 65 No more waterfalls 66 CI/CD: Continuous integration/continuous delivery 68 Shifting left and adding security in development 68 Tackling security sooner rather than later 69 Putting security controls in place first 70 Circling back 70 Implementing DevSecOps 71 Automating Testing during Development 71 Using static and dynamic code analysis 72 Taking steps in automation 73 Leveraging software composition analysis 74 Proving the job has been done right 76 Logging and monitoring 76 Ensuring data accountability, data assurance, and data dependability 77 Running Your Applications 78 Taking advantage of cloud agnostic integration 79 Recognizing the down sides of cloud agnostic development 80 Getting started down the cloud agnostic path 81 Like DevOps but for Data 82 Testing, 1-2-3 84 Is this thing working? 85 Working well with others 85 Baking in trust 85 DevSecOps for DataOps 86 Considering data security 87 Ending data siloes 88 Developing your data store 89 Meeting the Challenges of DataSecOps 90 Understanding That No Cloud Is Perfect 92 Chapter 5: Restricting Access 95 Determining the Level of Access Required 95 Catching flies with honey 96 Determining roles 97 Auditing user requirements 97 Understanding Least Privilege Policy 98 Granting just-in-time privileges 99 The need-to-know strategy 99 Granting access to trusted employees 99 Restricting access to contractors 100 Implementing Authentication 101 Multifactor authentication (Or, who’s calling me now?) 101 Authenticating with API keys 102 Using Firebase authentication 102 Employing OAuth 103 Google and Facebook authentication methods 103 Introducing the Alphabet Soup of Compliance 104 Global compliance 104 Complying with PCI 105 Complying with GDPR 106 HIPAA compliance 107 Government compliance 109 Compliance in general 110 Maintaining Compliance and CSPM 110 Discovering and remediating threats with CSPM applications 112 Automating Compliance 113 Integrating with DevOps 113 Controlling Access to the Cloud 114 Using a cloud access security broker (CASB) 115 Middleware protection systems 117 Getting Certified 121 ISO 27001 Compliance 121 SOC 2 compliance 122 PCI certification 124 Part 2: Acceptance 125 Chapter 6: Managing Cloud Resources 127 Defending Your Cloud Resources from Attack 128 Living in a Virtual World 129 Moving to virtualization 130 Addressing VM security concerns 130 Using containers 131 Securing Cloud Resources with Patch Management 132 Patching VMs and containers 133 Implementing patch management 133 Keeping Your Cloud Assets Straight in Your Mind 134 Keeping Tabs with Logs 136 Using Google Cloud Management software 136 Using AWS log management 137 Using Azure log management 139 Working with third-party log management software 139 Logging containers 140 Building Your Own Defenses 141 Creating your development team 141 Using open-source security 142 Protecting your containers 143 Protecting your codebase 143 Chapter 7: The Role of AIOps in Cloud Security 145 Taking the AIOps Route 146 Detecting the problem 148 Using dynamic thresholds 149 Catching attacks early in the Cyber Kill chain 149 Prioritizing incidents 150 Assigning tasks 150 Diagnosing the root problem 151 Reducing time to MTTR 151 Spotting transitory problems 152 Digging into the past 152 Solving the problem 153 Achieving resolution 154 Automating security responses 154 Continually improving 155 Making Things Visible 155 Implementing resource discovery 155 Automating discovery 156 Managing Resources, CMDB-Style 157 Seeing potential impacts 157 Adding configuration items 158 Employing CSDM 158 Using AIOps 159 Gaining insights 159 Examining a wireless networking use case 159 Using Splunk to Manage Clouds 161 Observability 161 Alerts 162 Splunk and AIOps 163 Predictive analytics 163 Adaptive thresholding 163 Views of everything 164 Deep Dive in Splunk 164 Event Analytics in Splunk 164 Splunk On-Call 165 Phantom 166 Putting ServiceNow Through Its Paces 167 AIOps require an overhead view 167 React to problems 167 Gauge system health 168 Automation makes it all happen 169 Getting the Job Done with IT Service Management 170 How ITSM is different 170 Performance analytics 170 Changing Your Team 171 A (Not So Final) Word 172 Chapter 8: Implementing Zero Trust 173 Making the Shift from Perimeter Security 174 Examining the Foundations of Zero Trust Philosophy 175 Two-way authentication 175 Endpoint device management 176 End-to-end encryption 177 Policy based access 179 Accountability 181 Least privilege 182 Network access control and beyond 182 CSPM risk automation 184 Dealing with Zero Trust Challenges 185 Choose a roadmap 186 Take a simple, step-by-step approach 186 Keep in mind some challenges you face in implementing zero trust 190 Chapter 9: Dealing with Hybrid Cloud Environments 195 Public Clouds Make Pretty Sunsets 196 Controlling your environment 197 Optimizing for speed 197 Managing security 198 Private Clouds for Those Special Needs 199 Wrapping Your Mind around Hybrid Cloud Options 200 Hybrid storage solution 201 Tiered data storage 202 Gauging the Advantages of the Hybrid Cloud Setup 203 It’s scalable 203 The costs 203 You maintain control 203 The need for speed 204 Overcoming data silos 204 Compliance 206 Struggling with Hybrid Challenges 207 Handling a larger attack surface 207 Data leakage 207 Data transport times 208 Complexity 208 Risks to your service level agreements 208 Overcoming Hybrid Challenges 209 Asset management 209 SAM 210 HAM 211 IT asset management 211 Latency issues 212 On the Move: Migrating to a Hybrid Cloud 213 Data migration readiness 213 Making a plan 213 Picking the right cloud service 214 Using a migration calendar 215 Making it happen 215 Dealing with compatibility issues 215 Using a Package 216 HPE Hybrid Cloud Solution 216 Amazon Web Services 216 Microsoft Azure 217 Chapter 10: Data Loss and Disaster Recovery 219 Linking Email with Data Loss 220 Data loss from malware 221 The nefarious ransomware 222 Ransomware and the cloud 223 Crafting Data Loss Prevention Strategies 224 Backing up your data 226 Tiered backups 226 Minimizing Cloud Data Loss 229 Why Cloud DLP? 229 Cloud access security brokers 229 Recovering from Disaster 232 Recovery planning 232 Business continuity 232 RTO and RPO 233 Coming up with the recovery plan itself 233 Chaos Engineering 235 Practical chaos engineering 236 Listing what could go wrong 238 Seeing how bad it can get 239 Attaining resiliency 239 Part 3: Business as Usual 241 Chapter 11: Using Cloud Security Services 243 Customizing Your Data Protection 244 Validating Your Cloud 244 Multifactor authentication 245 One-time passwords 245 Managing file transfers 250 HSM: Hardware Security Modules for the Big Kids 251 Looking at HSM cryptography 252 Managing keys with an HSM 253 Building in tamper resistance 255 Using HSMs to manage your own keys 255 Meeting financial data security requirements with HSMs 256 DNSSEC 256 OpenDNSSEC 257 Evaluating HSM products 258 Looking at cloud HSMs 259 KMS: Key Management Services for Everyone Else 259 SSH compliance 260 The encryption-key lifecycle 262 Setting Up Crypto Service Gateways 263 Chapter 12: When Things Go Wrong 265 Finding Your Focus 265 Stealing Data 101 266 Landing, expanding, and exfiltrating 267 Offboarding employees 273 Preventing the Preventable and Managing Employee Security 276 Navigating Cloud Native Breaches 280 Minimizing employee error 281 Guarding against insider data thefts 283 Preventing employee data spillage 284 Cleaning up after the spill 285 Chapter 13: Security Frameworks 289 Looking at Common Frameworks 290 COBIT 290 SABSA 291 Federal Financial Institutions Examination Council (FFIEC) Cyber Assessment Tool (CAT) 292 Federal Risk and Authorization Management Program (FEDRAMP) 292 Personal Information Protection and Electronic Documents Act (PIPEDA) 293 Payment Card Industry — Data Security Standard (PCI–DSS) 293 GLBA 293 SCF 294 DFARS 252.204-7012/ NIST 800-171 294 ISO/IEC 27000 Series 295 CIS Critical Security Controls 295 CIS Benchmarks 295 Common Criteria 296 FDA regulations on electronic records and signatures 296 ITIL 297 Introducing SASE Architecture 298 The sassy side of SASE 299 Sassy makeup 300 The Cloud Native Application Protection Platform 303 Working with CWPP 304 Managing with CSPM 305 NIST Risk Management Framework 305 Federal Information Security Modernization Act 306 Cybersecurity Strategy and Implementation Plan 307 Chapter 14: Security Consortiums 311 Doing the Right Thing 311 Membership in the Cloud Security Alliance 313 Company membership 314 Individual membership 315 Getting that Stamp of Approval 317 CCSK Certification 317 CISA: Certified Security Information Systems Auditor 317 CRISC: Certified Risk and Information Systems Control 318 CCAK: Certificate of Cloud Auditing Knowledge 318 Advanced Cloud Security Practitioner 318 GDPR Lead Auditor and Consultant 319 Information Security Alliances, Groups, and Consortiums 319 Words for the Road 321 Part 4: The Part of Tens 323 Chapter 15: Ten Steps to Better Cloud Security 325 Scoping Out the Dangers 326 Inspiring the Right People to Do the Right Thing 327 Keeping Configuration Management on the Straight and Narrow 328 Adopting AIOps 329 Getting on board with DataOps 330 Befriending Zero Trust 330 Keeping the Barn Door Closed 331 Complying with Compliance Mandates 332 Joining the Cloud Security Club 333 Preparing for the Future 333 Chapter 16: Cloud Security Solutions 335 Checkpoint CloudGuard 335 CloudPassage Halo 336 Threat Stack Cloud Security Platform 336 Symantec Cloud Workload Protection 336 Datadog Monitoring Software 337 Azure AD 338 Palo Alto Prisma 338 Fortinet Cloud Security 338 ServiceNow AIOps 339 Lacework 340 Index 341
£22.94
John Wiley & Sons Inc CASP CompTIA Advanced Security Practitioner Study
Book SynopsisPrepare to succeed in your new cybersecurity career with the challenging and sought-after CASP+ credential In the newly updated Fourth Edition ofCASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004,risk management and compliance expert Jeff Parker walks you through critical security topicsand hands-on labsdesigned to prepare you for thenew CompTIA Advanced Security Professional exam and a career in cybersecurityimplementation.Contentand chapter structure ofthisFourtheditionwasdeveloped and restructuredtorepresenttheCAS-004ExamObjectives. From operations and architecture concepts, techniques and requirements torisk analysis, mobile and small-form factor device security, secure cloud integration, and cryptography,you'lllearn the cybersecurity technical skills you'll need tosucceed on the new CAS-004 exam, impress interviewers during your job search, and excel in your new career in cybersecurity implementation. This comprehensive book offers: Efficient preparation for a challengingand rewarding career in implementing specific solutions within cybersecurity policies and frameworksA robust grounding in thetechnicalskills you'll need toimpress duringcybersecurityinterviewsContent delivered through scenarios,a strongfocusof theCAS-004ExamAccess to an interactive online test bank and study tools, including bonus practice exam questions, electronic flashcards, and a searchable glossary of keyterms Perfect for anyonepreparing for the CASP+ (CAS-004) exam and a new career in cybersecurity,CASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004is also an ideal resource for current IT professionalswantingtopromotetheir cybersecurity skills or prepare for acareer transition into enterprise cybersecurity.Table of ContentsIntroduction xxv Assessment Test xxxv Chapter 1 Risk Management 1 Risk Terminology 4 The Risk Assessment Process 6 Asset Identification 6 Information Classification 8 Risk Assessment 9 Risk Assessment Options 14 Implementing Controls 16 Policies Used to Manage Employees 17 Pre-Employment Policies 18 Employment Policies 18 End of Employment and Termination Procedures 20 Cost-Benefit Analysis 21 Continuous Monitoring 22 Enterprise Security Architecture Frameworks and Governance 23 Training and Awareness for Users 24 Best Practices for Risk Assessments 25 Business Continuity Planning and Disaster Recovery 27 Reviewing the Effectiveness of Existing Security Controls 28 Conducting Lessons Learned and After-Action Reviews 30 Creation, Collection, and Analysis of Metrics 31 Metrics 31 Trend Data 32 Analyzing Security Solutions to Ensure They Meet Business Needs 32 Testing Plans 33 Internal and External Audits 34 Using Judgment to Solve Difficult Problems 35 Summary 35 Exam Essentials 36 Review Questions 38 Chapter 2 Configure and Implement Endpoint Security Controls 43 Hardening Techniques 45 Address Space Layout Randomization Use 47 Hardware Security Module and Trusted Platform Module 48 Trusted Operating Systems 52 Compensating Controls 55 Summary 57 Exam Essentials 58 Review Questions 59 Chapter 3 Security Operations Scenarios 63 Threat Management 66 Types of Intelligence 66 Threat Hunting 67 Threat Emulation 67 Actor Types 67 Intelligence Collection Methods 71 Open-Source Intelligence 71 Human Intelligence and Social Engineering 73 Frameworks 74 MITRE Adversarial Tactics, Techniques and Common Knowledge 74 ATT&CK for Industrial Control Systems 75 Cyber Kill Chain 76 Diamond Model of Intrusion Analysis 76 Indicators of Compromise 77 Reading the Logs 77 Intrusion Detection and Prevention 78 Notifications and Responses to IoCs 79 Response 80 Summary 85 Exam Essentials 85 Review Questions 86 Chapter 4 Security Ops: Vulnerability Assessments and Operational Risk 91 Terminology 97 Vulnerability Management 98 Security Content Automation Protocol 103 Self-Assessment vs. Third-Party Vendor Assessment 105 Patch Management 108 Information Sources 110 Tools 112 Assessments 124 Penetration Testing 129 Assessment Types 131 Vulnerabilities 134 Buffer Overflow 134 Integer Overflow 135 Memory Leaks 136 Race Conditions (TOC/TOU) 136 Resource Exhaustion 137 Data Remnants 138 Use of Third-Party Libraries 138 Code Reuse 138 Cryptographic Vulnerabilities 138 Broken Authentication 139 Security Misconfiguration 140 Inherently Vulnerable System/Application 140 Client-Side Processing vs. Server-Side Processing 141 Attacks 145 Proactive Detection 153 Incident Response 153 Countermeasures 153 Deceptive Technology 154 USB Key Drops 155 Simulation 155 Security Data Analytics 155 Application Control 156 Allow and Block Lists 157 Security Automation 157 Physical Security 158 Summary 159 Exam Essentials 160 Review Questions 161 Chapter 5 Compliance and Vendor Risk 165 Shared Responsibility in Cloud Computing 168 Cloud Service/Infrastructure Models 169 Cloud Computing Providers and Hosting Options 169 Benefits of Cloud Computing 171 Security of On-Demand/Elastic Cloud Computing 174 Geographic Location 175 Infrastructure 175 Compute 175 Storage 175 Networking 176 Managing and Mitigating Risk 182 Security Concerns of Integrating Diverse Industries 185 Regulations, Accreditations, and Standards 187 PCI DSS 187 GDPR 190 ISO 192 CMMI 193 NIST 194 COPPA 195 CSA-STAR 196 HIPAA, SOX, and GLBA 197 Contract and Agreement Types 198 Third-Party Attestation of Compliance 202 Legal Considerations 203 Summary 204 Exam Essentials 205 Review Questions 206 Chapter 6 Cryptography and PKI 211 The History of Cryptography 216 Cryptographic Goals and Requirements 217 Supporting Security Requirements 218 Compliance and Policy Requirements 219 Privacy and Confidentiality Requirements 219 Integrity Requirements 220 Nonrepudiation 220 Risks with Data 221 Data at Rest 221 Data in Transit 222 Data in Process/Data in Use 222 Hashing 223 Message Digest 225 Secure Hash Algorithm 225 Message Authentication Code 226 Hashed Message Authentication Code 226 RACE Integrity Primitives Evaluation Message Digest 226 Poly1305 226 Symmetric Algorithms 227 Data Encryption Standard 230 Triple DES 231 Rijndael and the Advanced Encryption Standard 231 ChaCha 232 Salsa20 232 International Data Encryption Algorithm 232 Rivest Cipher Algorithms 233 Counter Mode 233 Asymmetric Encryption 233 Diffie–Hellman 235 RSA 236 Elliptic Curve Cryptography 237 ElGamal 238 Hybrid Encryption and Electronic Data Exchange (EDI) 238 Public Key Infrastructure Hierarchy 239 Certificate Authority 240 Registration Authority 241 Digital Certificates 241 Certificate Revocation List 243 Certificate Types 243 Certificate Distribution 244 The Client’s Role in PKI 245 Implementation of Cryptographic Solutions 247 Application Layer Encryption 248 Transport Layer Encryption 249 Internet Layer Controls 250 Additional Authentication Protocols 251 Cryptocurrency 252 Digital Signatures 252 Recognizing Cryptographic Attacks 254 Troubleshooting Cryptographic Implementations 256 Summary 259 Exam Essentials 259 Review Questions 261 Chapter 7 Incident Response and Forensics 265 The Incident Response Framework 268 Event Classifications 268 Triage Events 269 Pre-Escalation Tasks 270 The Incident Response Process 270 Response Playbooks and Processes 273 Communication Plan and Stakeholder Management 274 Forensic Concepts 277 Principles, Standards, and Practices 278 The Forensic Process 279 Forensic Analysis Tools 283 File Carving Tools 284 Binary Analysis Tools 284 Analysis Tools 286 Imaging Tools 288 Hashing Utilities 289 Live Collection vs. Postmortem Tools 290 Summary 294 Exam Essentials 294 Review Questions 295 Chapter 8 Security Architecture 301 Security Requirements and Objectives for a Secure Network Architecture 310 Services 310 Segmentation 334 Deperimeterization/Zero Trust 344 Merging Networks from Various Organizations 352 Software-Defined Networking 357 Organizational Requirements for Infrastructure Security Design 358 Scalability 358 Resiliency 359 Automation 359 Containerization 360 Virtualization 361 Content Delivery Network 361 Integrating Applications Securely into an Enterprise Architecture 362 Baseline and Templates 362 Software Assurance 367 Considerations of Integrating Enterprise Applications 370 Integrating Security into the Development Life Cycle 373 Data Security Techniques for Securing Enterprise Architecture 384 Data Loss Prevention 384 Data Loss Detection 387 Data Classification, Labeling, and Tagging 388 Obfuscation 390 Anonymization 390 Encrypted vs. Unencrypted 390 Data Life Cycle 391 Data Inventory and Mapping 391 Data Integrity Management 391 Data Storage, Backup, and Recovery 392 Security Requirements and Objectives for Authentication and Authorization Controls 394 Credential Management 394 Password Policies 396 Federation 398 Access Control 399 Protocols 401 Multifactor Authentication 403 One-Time Passwords 404 Hardware Root of Trust 404 Single Sign-On 405 JavaScript Object Notation Web Token 405 Attestation and Identity Proofing 406 Summary 406 Exam Essentials 407 Review Questions 410 Chapter 9 Secure Cloud and Virtualization 415 Implement Secure Cloud and Virtualization Solutions 418 Virtualization Strategies 419 Deployment Models and Considerations 425 Service Models 429 Cloud Provider Limitations 433 Extending Appropriate On-Premises Controls 433 Storage Models 439 How Cloud Technology Adoption Impacts Organization Security 445 Automation and Orchestration 445 Encryption Configuration 445 Logs 446 Monitoring Configurations 447 Key Ownership and Location 448 Key Life-Cycle Management 448 Backup and Recovery Methods 449 Infrastructure vs. Serverless Computing 450 Software-Defined Networking 450 Misconfigurations 451 Collaboration Tools 451 Bit Splitting 461 Data Dispersion 461 Summary 461 Exam Essentials 462 Review Questions 463 Chapter 10 Mobility and Emerging Technologies 467 Emerging Technologies and Their Impact on Enterprise Security and Privacy 471 Artificial Intelligence 472 Machine Learning 472 Deep Learning 472 Quantum Computing 473 Blockchain 473 Homomorphic Encryption 474 Distributed Consensus 475 Big Data 475 Virtual/Augmented Reality 475 3D Printing 476 Passwordless Authentication 476 Nano Technology 477 Biometric Impersonation 477 Secure Enterprise Mobility Configurations 478 Managed Configurations 479 Deployment Scenarios 486 Mobile Device Security Considerations 487 Security Considerations for Technologies, Protocols, and Sectors 495 Embedded Technologies 495 ICS/Supervisory Control and Data Acquisition 496 Protocols 498 Sectors 499 Summary 500 Exam Essentials 500 Review Questions 501 Appendix Answers to Review Questions 505 Chapter 1: Risk Management 506 Chapter 2: Configure and Implement Endpoint Security Controls 507 Chapter 3: Security Operations Scenarios 509 Chapter 4: Security Ops: Vulnerability Assessments and Operational Risk 511 Chapter 5: Compliance and Vendor Risk 513 Chapter 6: Cryptography and PKI 514 Chapter 7: Incident Response and Forensics 516 Chapter 8: Security Architecture 519 Chapter 9: Secure Cloud and Virtualization 522 Chapter 10: Mobility and Emerging Technologies 524 Index 529
£40.00
John Wiley & Sons Inc Threat Hunting in the Cloud
Book SynopsisTable of ContentsForeword xxxi Introduction xxxiii Part I Threat Hunting Frameworks 1 Chapter 1 Introduction to Threat Hunting 3 The Rise of Cybercrime 4 What Is Threat Hunting? 6 The Key Cyberthreats and Threat Actors 7 Phishing 7 Ransomware 8 Nation State 10 The Necessity of Threat Hunting 14 Does the Organization’s Size Matter? 17 Threat Modeling 19 Threat-Hunting Maturity Model 23 Organization Maturity and Readiness 23 Level 0: INITIAL 24 Level 1: MINIMAL 25 Level 2: PROCEDURAL 25 Level 3: INNOVATIVE 25 Level 4: LEADING 25 Human Elements of Threat Hunting 26 How Do You Make the Board of Directors Cyber-Smart? 27 Threat-Hunting Team Structure 30 External Model 30 Dedicated Internal Hunting Team Model 30 Combined/Hybrid Team Model 30 Periodic Hunt Teams Model 30 Urgent Need for Human-Led Threat Hunting 31 The Threat Hunter’s Role 31 Summary 33 Chapter 2 Modern Approach to Multi-Cloud Threat Hunting 35 Multi-Cloud Threat Hunting 35 Multi-Tenant Cloud Environment 38 Threat Hunting in Multi-Cloud and Multi-Tenant Environments 39 Building Blocks for the Security Operations Center 41 Scope and Type of SOC 43 Services, Not Just Monitoring 43 SOC Model 43 Define a Process for Identifying and Managing Threats 44 Tools and Technologies to Empower SOC 44 People (Specialized Teams) 45 Cyberthreat Detection, Threat Modeling, and the Need for Proactive Threat Hunting Within SOC 46 Cyberthreat Detection 46 Threat-Hunting Goals and Objectives 49 Threat Modeling and SOC 50 The Need for a Proactive Hunting Team Within SOC 50 Assume Breach and Be Proactive 51 Invest in People 51 Develop an Informed Hypothesis 52 Cyber Resiliency and Organizational Culture 53 Skillsets Required for Threat Hunting 54 Security Analysis 55 Data Analysis 56 Programming Languages 56 Analytical Mindset 56 Soft Skills 56 Outsourcing 56 Threat-Hunting Process and Procedures 57 Metrics for Assessing the Effectiveness of Threat Hunting 58 Foundational Metrics 58 Operational Metrics 59 Threat-Hunting Program Effectiveness 61 Summary 62 Chapter 3 Exploration of MITRE Key Attack Vectors 63 Understanding MITRE ATT&CK 63 What Is MITRE ATT&CK Used For? 64 How Is MITRE ATT&CK Used and Who Uses It? 65 How Is Testing Done According to MITRE? 65 Tactics 67 Techniques 67 Threat Hunting Using Five Common Tactics 69 Privilege Escalation 71 Case Study 72 Credential Access 73 Case Study 74 Lateral Movement 75 Case Study 75 Command and Control 77 Case Study 77 Exfiltration 79 Case Study 79 Other Methodologies and Key Threat-Hunting Tools to Combat Attack Vectors 80 Zero Trust 80 Threat Intelligence and Zero Trust 83 Build Cloud-Based Defense-in-Depth 84 Analysis Tools 86 Microsoft Tools 86 Connect To All Your Data 87 Workbooks 88 Analytics 88 Security Automation and Orchestration 90 Investigation 91 Hunting 92 Community 92 AWS Tools 93 Analyzing Logs Directly 93 SIEMs in the Cloud 94 Summary 95 Resources 96 Part II Hunting in Microsoft Azure 99 Chapter 4 Microsoft Azure Cloud Threat Prevention Framework 101 Introduction to Microsoft Security 102 Understanding the Shared Responsibility Model 102 Microsoft Services for Cloud Security Posture Management and Logging/Monitoring 105 Overview of Azure Security Center and Azure Defender 105 Overview of Microsoft Azure Sentinel 108 Using Microsoft Secure and Protect Features 112 Identity & Access Management 113 Infrastructure & Network 114 Data & Application 115 Customer Access 115 Using Azure Web Application Firewall to Protect a Website Against an “Initial Access” TTP 116 Using Microsoft Defender for Office 365 to Protect Against an “Initial Access” TTP 118 Using Microsoft Defender Endpoint to Protect Against an “Initial Access” TTP 121 Using Azure Conditional Access to Protect Against an “Initial Access” TTP 123 Microsoft Detect Services 127 Detecting “Privilege Escalation” TTPs 128 Using Azure Security Center and Azure Sentinel to Detect Threats Against a “Privilege Escalation” TTP 128 Detecting Credential Access 131 Using Azure Identity Protection to Detect Threats Against a “Credential Access” TTP 132 Steps to Configure and Enable Risk Polices (Sign-in Risk and User Risk) 134 Using Azure Security Center and Azure Sentinel to Detect Threats Against a “Credential Access” TTP 137 Detecting Lateral Movement 139 Using Just-in-Time in ASC to Protect and Detect Threats Against a “Lateral Movement” TTP 139 Using Azure Security Center and Azure Sentinel to Detect Threats Against a “Lateral Movement” TTP 144 Detecting Command and Control 145 Using Azure Security Center and Azure Sentinel to Detect Threats Against a “Command and Control” TTP 146 Detecting Data Exfiltration 147 Using Azure Information Protection to Detect Threats Against a “Data Exfiltration” TTP 148 Discovering Sensitive Content Using AIP 149 Using Azure Security Center and Azure Sentinel to Detect Threats Against a “Data Exfiltration” TTP 153 Detecting Threats and Proactively Hunting with Microsoft 365 Defender 154 Microsoft Investigate, Response, and Recover Features 155 Automating Investigation and Remediation with Microsoft Defender for Endpoint 157 Using Microsoft Threat Expert Support for Remediation and Investigation 159 Targeted Attack Notification 159 Experts on Demand 161 Automating Security Response with MCAS and Microsoft Flow 166 Step 1: Generate Your API Token in Cloud App Security 167 Step 2: Create Your Trigger in Microsoft Flow 167 Step 3: Create the Teams Message Action in Microsoft Flow 168 Step 4: Generate an Email in Microsoft Flow 168 Connecting the Flow in Cloud App Security 169 Performing an Automated Response Using Azure Security Center 170 Using Machine Learning and Artificial Intelligence in Threat Response 172 Overview of Fusion Detections 173 Overview of Azure Machine Learning 174 Summary 182 Chapter 5 Microsoft Cybersecurity Reference Architecture and Capability Map 183 Introduction 183 Microsoft Security Architecture versus the NIST Cybersecurity Framework (CSF) 184 Microsoft Security Architecture 185 The Identify Function 186 The Protect Function 187 The Detect Function 188 The Respond Function 189 The Recover Function 189 Using the Microsoft Reference Architecture 190 Microsoft Threat Intelligence 190 Service Trust Portal 192 Security Development Lifecycle (SDL) 193 Protecting the Hybrid Cloud Infrastructure 194 Azure Marketplace 194 Private Link 195 Azure Arc 196 Azure Lighthouse 197 Azure Firewall 198 Azure Web Application Firewall (WAF) 200 Azure DDOS Protection 200 Azure Key Vault 201 Azure Bastion 202 Azure Site Recovery 204 Azure Security Center (ASC) 205 Microsoft Azure Secure Score 205 Protecting Endpoints and Clients 206 Microsoft Endpoint Manager (MEM) Configuration Manager 207 Microsoft Intune 208 Protecting Identities and Access 209 Azure AD Conditional Access 210 Passwordless for End-to-End Secure Identity 211 Azure Active Directory (aka Azure AD) 211 Azure MFA 211 Azure Active Directory Identity Protection 212 Azure Active Directory Privilege Identity Management (PIM) 213 Microsoft Defender for Identity 214 Azure AD B2B and B2C 215 Azure AD Identity Governance 215 Protecting SaaS Apps 216 Protecting Data and Information 219 Azure Purview 220 Microsoft Information Protection (MIP) 221 Azure Information Protection Unified Labeling Scanner (File Scanner) 222 The Advanced eDiscovery Solution in Microsoft 365 223 Compliance Manager 224 Protecting IoT and Operation Technology 225 Security Concerns with IoT 226 Understanding That IoT Cybersecurity Starts with a Threat Model 227 Microsoft Investment in IoT Technology 229 Azure Sphere 229 Azure Defender 229 Azure Defender for IoT 230 Threat Modeling for the Azure IoT Reference Architecture 230 Azure Defender for IoT Architecture (Agentless Solutions) 233 Azure Defender for IoT Architecture (Agent-based solutions) 234 Understanding the Security Operations Solutions 235 Understanding the People Security Solutions 236 Attack Simulator 237 Insider Risk Management (IRM) 237 Communication Compliance 239 Summary 240 Part III Hunting in AWS 241 Chapter 6 AWS Cloud Threat Prevention Framework 243 Introduction to AWS Well-Architected Framework 244 The Five Pillars of the Well-Architected Framework 245 Operational Excellence 246 Security 246 Reliability 246 Performance Efficiency 246 Cost Optimization 246 The Shared Responsibility Model 246 AWS Services for Monitoring, Logging, and Alerting 248 AWS CloudTrail 249 Amazon CloudWatch Logs 251 Amazon VPC Flow Logs 252 Amazon GuardDuty 253 AWS Security Hub 254 AWS Protect Features 256 How Do You Prevent Initial Access? 256 How Do You Protect APIs from SQL Injection Attacks Using API Gateway and AWS WAF? 256 Prerequisites 257 Create an API 257 Create and Configure an AWS WAF 259 AWS Detection Features 263 How Do You Detect Privilege Escalation? 263 How Do You Detect the Abuse of Valid Account to Obtain High-Level Permissions? 264 Prerequisites 264 Configure GuardDuty to Detect Privilege Escalation 265 Reviewing the Findings 266 How Do You Detect Credential Access? 269 How Do You Detect Unsecured Credentials? 269 Prerequisites 270 Reviewing the Findings 274 How Do You Detect Lateral Movement? 276 How Do You Detect the Use of Stolen Alternate Authentication Material? 277 Prerequisites 277 How Do You Detect Potential Unauthorized Access to Your AWS Resources? 277 Reviewing the Findings 278 How Do You Detect Command and Control? 280 How Do You Detect the Communications to a Command and Control Server Using the Domain Name System (DNS)? 281 Prerequisites 281 How Do You Detect EC2 Instance Communication with a Command and Control (C&C) Server Using DNS 281 Reviewing the Findings 282 How Do You Detect Data Exfiltration? 284 Prerequisites 285 How Do You Detect the Exfiltration Using an Anomalous API Request? 285 Reviewing the Findings 286 How Do You Handle Response and Recover? 289 Foundation of Incident Response 289 How Do You Create an Automated Response? 290 Automating Incident Responses 290 Options for Automating Responses 291 Cost Comparisons in Scanning Methods 293 Event-Driven Responses 294 How Do You Automatically Respond to Unintended Disabling of CloudTrail Logging? 295 Prerequisites 296 Creating a Trail in CloudTrail 296 Creating an SNS Topic to Send Emails 299 Creating Rules in Amazon EventBridge 302 How Do You Orchestrate and Recover? 305 Decision Trees 305 Use Alternative Accounts 305 View or Copy Data 306 Sharing Amazon EBS Snapshots 306 Sharing Amazon CloudWatch Logs 306 Use Immutable Storage 307 Launch Resources Near the Event 307 Isolate Resources 308 Launch Forensic Workstations 309 Instance Types and Locations 309 How Do You Automatically Recover from Unintended Disabling of CloudTrail Logging? 310 Prerequisites 311 Aggregate and View Security Status in AWS Security Hub 311 Reviewing the Findings 312 Create Lambda Function to Orchestrate and Recover 314 How Are Machine Learning and Artificial Intelligence Used? 317 Summary 318 References 319 Chapter 7 AWS Reference Architecture 321 AWS Security Framework Overview 322 The Identify Function Overview 323 The Protect Function Overview 324 The Detect Function Overview 325 The Respond Function Overview 325 The Recover Function Overview 325 AWS Reference Architecture 326 The Identify Function 326 Security Hub 328 AWS Config 329 AWS Organizations 330 AWS Control Tower 331 AWS Trusted Advisor 332 AWS Well-Architected Tool 333 AWS Service Catalog 334 AWS Systems Manager 335 AWS Identity and Access Management (IAM) 337 AWS Single Sign-On (SSO) 338 AWS Shield 340 AWS Web Application Firewall (WAF) 340 AWS Firewall Manager 342 AWS Cloud HSM 343 AWS Secrets Manager 345 AWS Key Management Service (KMS) 345 AWS Certificate Manager 346 AWS IoT Device Defender 347 Amazon Virtual Private Cloud 347 AWS PrivateLink 349 AWS Direct Connect 349 AWS Transit Gateway 350 AWS Resource Access Manager 351 The Detect and Respond Functions 353 GuardDuty 354 Amazon Detective 356 Amazon Macie 357 Amazon Inspector 358 Amazon CloudTrail 359 Amazon CloudWatch 360 Amazon Lambda 361 AWS Step Functions 362 Amazon Route 53 363 AWS Personal Health Dashboard 364 The Recover Functions 365 Amazon Glacier 366 AWS CloudFormation 366 CloudEndure Disaster Recovery 367 AWS OpsWorks 368 Summary 369 Part IV The Future 371 Chapter 8 Threat Hunting in Other Cloud Providers 373 The Google Cloud Platform 374 Google Cloud Platform Security Architecture alignment to NIST 376 The Identify Function 376 The Protect Function 378 The Detect Function 380 The Respond Function 382 The Recover Function 383 The IBM Cloud 385 Oracle Cloud Infrastructure Security 386 Oracle SaaS Cloud Security Threat Intelligence 387 The Alibaba Cloud 388 Summary 389 References 389 Chapter 9 The Future of Threat Hunting 391 Artificial Intelligence and Machine Learning 393 How ML Reduces False Positives 395 How Machine Intelligence Applies to Malware Detection 395 How Machine Intelligence Applies to Risk Scoring in a Network 396 Advances in Quantum Computing 396 Quantum Computing Challenges 398 Preparing for the Quantum Future 399 Advances in IoT and Their Impact 399 Growing IoT Cybersecurity Risks 401 Preparing for IoT Challenges 403 Operational Technology (OT) 405 Importance of OT Security 406 Blockchain 406 The Future of Cybersecurity with Blockchain 407 Threat Hunting as a Service 407 The Evolution of the Threat-Hunting Tool 408 Potential Regulatory Guidance 408 Summary 409 References 409 Part V Appendices 411 Appendix A MITRE ATT&CK Tactics 413 Appendix B Privilege Escalation 415 Appendix C Credential Access 421 Appendix D Lateral Movement 431 Appendix E Command and Control 435 Appendix F Data Exfiltration 443 Appendix G MITRE Cloud Matrix 447 Initial Access 447 Drive-by Compromise 447 Exploiting a Public-Facing Application 450 Phishing 450 Using Trusted Relationships 451 Using Valid Accounts 452 Persistence 452 Manipulating Accounts 452 Creating Accounts 453 Implanting a Container Image 454 Office Application Startup 454 Using Valid Accounts 455 Privilege Escalation 456 Modifying the Domain Policy 456 Using Valid Accounts 457 Defense Evasion 457 Modifying Domain Policy 457 Impairing Defenses 458 Modifying the Cloud Compute Infrastructure 459 Using Unused/Unsupported Cloud Regions 459 Using Alternate Authentication Material 460 Using Valid Accounts 461 Credential Access 461 Using Brute Force Methods 461 Forging Web Credentials 462 Stealing an Application Access Token 462 Stealing Web Session Cookies 463 Using Unsecured Credentials 464 Discovery 464 Manipulating Account Discovery 464 Manipulating Cloud Infrastructure Discovery 465 Using a Cloud Service Dashboard 466 Using Cloud Service Discovery 466 Scanning Network Services 467 Discovering Permission Groups 467 Discovering Software 468 Discovering System Information 468 Discovering System Network Connections 469 Lateral Movement 469 Internal Spear Phishing 469 Using Alternate Authentication Material 470 Collection 471 Collecting Data from a Cloud Storage Object 471 Collecting Data from Information Repositories 471 Collecting Staged Data 472 Collecting Email 473 Data Exfiltration 474 Detecting Exfiltration 474 Impact 475 Defacement 475 Endpoint Denial of Service 475 Resource Hijacking 477 Appendix H Glossary 479 Index 489
£28.49
John Wiley & Sons Inc CompTIA Network Review Guide
Book SynopsisPrep for success on the Network+ N10-008examandfor yournew career in network administrationwith thismust-have resource Inthe newly updated Fifth Edition of theCompTIA Network+ Review Guide: Exam: N10-008,a leading expert in Network Operations, Jon Buhagiar, deliversa focused and concisehandbookfor anyonepreparing for thenewNetwork+N10-008 exam or for a career in network administration. This guide isorganizedinto five parts, with each part corresponding to one of the 5 objective domain areas of the Network+ exam: Fundamentals, Implementations, Operations, Security, and Troubleshooting. You'llhandilylearncrucial IT skills like designing and implementing functional networks, configuring and managing essential network devices,using switches and routers to segment network traffic, and securing existing networks.This book also allows you to: Quickly and comprehensively prepare forthe Network+ N10-008 exam with intuitively organized infoand eTable of ContentsIntroduction xvii Chapter 1 Domain 1.0: Networking Fundamentals 1 1.1 Compare and contrast the Open Systems Interconnection (OSI) model layers and encapsulation concepts 11 OSI Model 12 Protocol Data Units 21 Data Encapsulation and Decapsulation 22 Exam Essentials 26 1.2 Explain the characteristics of network topologies and network types 28 Wired Topologies 28 Types 33 Service- Related Entry Point 39 Virtualization 40 Virtual Networking Components 40 Service Type 43 Service Delivery 48 Exam Essentials 50 1.3 Summarize the types of cables and connectors and explain which is the appropriate type for a solution 51 Media Types 51 Connector Types 55 Transceivers 60 Media Converters 62 Characteristics of Fiber Transceivers 63 Termination Points 65 Copper Cabling Standards 70 Copper Termination Standards 73 Ethernet Deployment Standards 76 Exam Essentials 78 1.4 Given a scenario, configure a subnet and use appropriate IP addressing schemes 80 Private vs. Public 80 Nat/pat 81 IPv4 Concepts 84 IPv6 Concepts 88 Address Assignments 93 Subnetting 99 Virtual IP (VIP) 107 Exam Essentials 108 1.5 Explain common ports and protocols, their application, and encrypted alternatives 110 Protocols and Ports 110 IP Protocol Types 117 Connection- Oriented vs. Connectionless 121 Exam Essentials 122 1.6 Explain the use and purpose of network services 123 Dns 123 DHCP Service 132 Ntp 137 Exam Essentials 137 1.7 Explain basic corporate and datacenter network architecture 139 Three- Tiered Model 139 Software- Defined Networking 140 Spine and Leaf 142 Traffic Flows 143 Host Locations 144 Network Storage Types 145 Connection Type 147 Exam Essentials 150 1.8 Summarize cloud concepts and connectivity options 151 Characteristics of a Cloud 151 Cloud Delivery Models 152 Types of Services 155 Infrastructure as Code 157 Connectivity Methods 160 Multitenancy 161 Elasticity 161 Scalability 162 Security Implications/Considerations 162 Relationship Between Local and Cloud Resources 163 Exam Essentials 163 Review Questions 165 Chapter 2 Domain 2.0: Network Implementations 169 2.1 Compare and contrast various devices, their features, and their appropriate placement on the network 173 Network Devices 173 Exam Essentials 203 2.2 Compare and contrast routing technologies and bandwidth management concepts 204 Routing 204 Bandwidth Management 212 Exam Essentials 215 2.3 Given a scenario, configure and deploy common Ethernet switching features 216 Characteristics of Ethernet and IP Communications 216 Basic Switch Functions 220 Segmentation and Interface Properties 227 Switching Features 231 Exam Essentials 234 2.4 Given a scenario, install and configure the appropriate wireless standards and technologies 235 802.11 Standards 235 Frequencies 238 Wireless Considerations 239 Wireless Modes of Operation 245 Wireless Security 248 Cellular 252 Exam Essentials 254 Review Questions 256 Chapter 3 Domain 3.0: Network Operations 261 3.1 Given a scenario, use the appropriate statistics and sensors to ensure network availability 265 Performance Metrics 265 Snmp 270 Network Device Logs 274 Interface Statistics/Status 279 Interface Errors or Alerts 286 Environmental Factors and Sensors 289 Performance Baselines 291 NetFlow Data 292 Uptime/Downtime 293 Exam Essentials 294 3.2 Explain the purpose of organizational documents and policies 296 Plans and Procedures 296 Hardening and Security Policies 303 Common Documentation 307 Common Agreements 315 Exam Essentials 316 3.3 Explain high availability and disaster recovery concepts and summarize which is the best solution 318 Load Balancing 318 Multipathing 318 Network Interface Card (NIC) Teaming 320 Redundant Hardware/Clusters 320 Facilities and Infrastructure Support 326 Redundancy and High Availability (HA) Concepts 330 Backups 334 Exam Essentials 336 Review Questions 338 Chapter 4 Domain 4.0: Network Security 343 4.1 Explain common security concepts 348 Confidentiality, Integrity, Availability (CIA) 348 Threats 349 Vulnerabilities 350 Exploits 351 Least Privilege 351 Role- Based Access 352 Zero Trust 352 Defense in Depth 353 Authentication Methods 357 Security Assessments 364 Security Information and Event Management (SIEM) 366 Exam Essentials 366 4.2 Compare and contrast common types of attacks 368 Technology- Based 368 Human and Environmental 378 Exam Essentials 379 4.3 Given a scenario, apply network hardening techniques 381 Best Practices 381 Wireless Security 390 IOT Considerations 395 Exam Essentials 396 4.4 Compare and contrast remote access methods and security implications 397 Vpn 397 Remote Desktop Connection 400 Remote Desktop Gateway 401 Ssh 401 Virtual Network Computing (VNC) 402 Virtual Desktop 402 Authentication and Authorization Considerations 403 In- Band vs. Out- of- Band Management 403 Exam Essentials 405 4.5 Explain the importance of physical security 406 Detection Methods 407 Prevention Methods 410 Asset Disposal 413 Exam Essentials 415 Review Questions 416 Chapter 5 Domain 5.0: Network Troubleshooting 421 5.1 Explain the network troubleshooting methodology 427 Identify the Problem 428 Establish a Theory of Probable Cause 430 Test the Theory to Determine the Cause 431 Establish a Plan of Action to Resolve the Problem and Identify Potential Effects 432 Implement the Solution or Escalate as Necessary 432 Verify Full System Functionality and, If Applicable, Implement Preventive Measures 433 Document Findings, Actions, Outcomes, and Lessons Learned 433 Exam Essentials 433 5.2 Given a scenario, troubleshoot common cable connectivity issues and select the appropriate tools 434 Specifications and Limitations 434 Cable Considerations 435 Cable Application 437 Common Issues 439 Common Tools 445 Exam Essentials 456 5.3 Given a scenario, use the appropriate network software tools and commands 458 Software Tools 458 Command- Line Tools 466 Basic Network Platform Commands 481 Exam Essentials 485 5.4 Given a scenario, troubleshoot common wireless connectivity issues 486 Specifications and Limitations 486 Considerations 489 Common Issues 493 Exam Essentials 498 5.5 Given a scenario, troubleshoot general networking issues 499 Considerations 499 Common Issues 501 Exam Essentials 530 Review Questions 532 Appendix Answers to Review Questions 537 Chapter 1: Domain 1.0: Networking Fundamentals 538 Chapter 2: Domain 2.0: Network Implementations 541 Chapter 3: Domain 3.0: Network Operations 544 Chapter 4: Domain 4.0: Network Security 547 Chapter 5: Domain 5.0: Network Troubleshooting 550 Index 553
£20.40
John Wiley & Sons Inc CompTIA Network Practice Tests
Book SynopsisAssessand improve your networking skillset with provenSybexpracticetests In the freshlyrevisedSecond Edition ofCompTIA Network+ Practice Tests Exam N10-008, IT expert and author CraigZackerdeliversa set ofaccessibleand useful practice tests for the updated Network+ Exam N10-008.You'llprepare for the exam, learn the information you need in an industry interview, and get ready to excel in your first networking role. These practice tests will gauge your skills in deploying wired and wireless devices;understanding network documentation and the purpose of network services;work with datacenter, cloud, and virtual networking concepts;monitor networkactivity;and more. Further, this book offers: Comprehensive coverage of all five domain areas of the updated Network+ exam, including networking fundamentals, implementations, operations, security, andtroubleshooting Practical and efficient preparation for the Network+ exam with hundreds of domain-by-domain questions Access to theSybexinteractive learning environment and online test bank Perfect for anyone preparing for the CompTIA Network+ Exam N10-008, theCompTIA Network+ Practice Tests Exam N10-008is also an indispensable resource fornetwork administrators seeking to enhance their skillset with new, foundational skills in a certification endorsed by industry leaders around the world.Table of ContentsIntroduction xi Chapter 1 Networking Fundamentals 1 Chapter 2 Network Implementations 69 Chapter 3 Network Operations 111 Chapter 4 Network Security 147 Chapter 5 Network Troubleshooting 191 Chapter 6 Practice Exam 1 255 Chapter 7 Practice Exam 2 283 Appendix Answers to Review Questions 311 Chapter 1: Networking Fundamentals 312 Chapter 2: Network Implementations 346 Chapter 3: Network Operations 371 Chapter 4: Network Security 391 Chapter 5: Network Troubleshooting 418 Chapter 6: Practice Exam 1 448 Chapter 7: Practice Exam 2 462 Index 477
£24.00
John Wiley & Sons Inc Cybersecurity and ThirdParty Risk
Book SynopsisTable of ContentsForeword xvi Introduction xviii Section 1 Cybersecurity Third-Party Risk Chapter 1 What is the Risk? 1 The SolarWinds Supply-Chain Attack 4 The VGCA Supply-Chain Attack 6 The Zyxel Backdoor Attack 9 Other Supply-Chain Attacks 10 Problem Scope 12 Compliance Does Not Equal Security 15 Third-Party Breach Examples 17 Third-Party Risk Management 24 Cybersecurity and Third-Party Risk 27 Cybersecurity Third-Party Risk as a Force Multiplier 32 Conclusion 33 Chapter 2 Cybersecurity Basics 35 Cybersecurity Basics for Third-Party Risk 38 Cybersecurity Frameworks 46 Due Care and Due Diligence 53 Cybercrime and Cybersecurity 56 Types of Cyberattacks 59 Analysis of a Breach 63 The Third-Party Breach Timeline: Target 66 Inside Look: Home Depot Breach 68 Conclusion 72 Chapter 3 What the COVID-19 Pandemic Did to Cybersecurity and Third-Party Risk 75 The Pandemic Shutdown 77 Timeline of the Pandemic Impact on Cybersecurity 80 Post-Pandemic Changes and Trends 84 Regulated Industries 98 An Inside Look: P&N Bank 100 SolarWinds Attack Update 102 Conclusion 104 Chapter 4 Third-Party Risk Management 107 Third-Party Risk Management Frameworks 113 ISO 27036:2013+ 114 NIST 800-SP 116 NIST 800-161 Revision 1: Upcoming Revision 125 NISTIR 8272 Impact Analysis Tool for Interdependent Cyber Supply-Chain Risks 125 The Cybersecurity and Third-Party Risk Program Management 127 Kristina Conglomerate (KC) Enterprises 128 KC Enterprises’ Cyber Third-Party Risk Program 131 Inside Look: Marriott 140 Conclusion 141 Chapter 5 Onboarding Due Diligence 143 Intake 145 Data Privacy 146 Cybersecurity 147 Amount of Data 149 Country Risk and Locations 149 Connectivity 150 Data Transfer 150 Data Location 151 Service-Level Agreement or Recovery Time Objective 151 Fourth Parties 152 Software Security 152 KC Enterprises Intake/Inherent Risk Cybersecurity Questionnaire 153 Cybersecurity in Request for Proposals 154 Data Location 155 Development 155 Identity and Access Management 156 Encryption 156 Intrusion Detection/Prevention System 157 Antivirus and Malware 157 Data Segregation 158 Data Loss Prevention 158 Notification 158 Security Audits 159 Cybersecurity Third-Party Intake 160 Data Security Intake Due Diligence 161 Next Steps 167 Ways to Become More Efficient 173 Systems and Organization Controls Reports 174 Chargebacks 177 Go-Live Production Reviews 179 Connectivity Cyber Reviews 179 Inside Look: Ticketmaster and Fourth Parties 182 Conclusion 183 Chapter 6 Ongoing Due Diligence 185 Low-Risk Vendor Ongoing Due Diligence 189 Moderate-Risk Vendor Ongoing Due Diligence 193 High-Risk Vendor Ongoing Due Diligence 196 “Too Big to Care” 197 A Note on Phishing 200 Intake and Ongoing Cybersecurity Personnel 203 Ransomware: A History and Future 203 Asset Management 205 Vulnerability and Patch Management 206 802.1x or Network Access Control (NAC) 206 Inside Look: GE Breach 207 Conclusion 208 Chapter 7 On-site Due Diligence 211 On-site Security Assessment 213 Scheduling Phase 214 Investigation Phase 215 Assessment Phase 217 On-site Questionnaire 221 Reporting Phase 227 Remediation Phase 227 Virtual On-site Assessments 229 On-site Cybersecurity Personnel 231 On-site Due Diligence and the Intake Process 233 Vendors Are Partners 234 Consortiums and Due Diligence 235 Conclusion 237 Chapter 8 Continuous Monitoring 239 What is Continuous Monitoring? 241 Vendor Security-Rating Tools 241 Inside Look: Health Share of Oregon’s Breach 251 Enhanced Continuous Monitoring 252 Software Vulnerabilities/Patching Cadence 253 Fourth-Party Risk 253 Data Location 254 Connectivity Security 254 Production Deployment 255 Continuous Monitoring Cybersecurity Personnel 258 Third-Party Breaches and the Incident Process 258 Third-Party Incident Management 259 Inside Look: Uber’s Delayed Data Breach Reporting 264 Inside Look: Nuance Breach 265 Conclusion 266 Chapter 9 Offboarding 267 Access to Systems, Data, and Facilities 270 Physical Access 274 Return of Equipment 275 Contract Deliverables and Ongoing Security 275 Update the Vendor Profile 276 Log Retention 276 Inside Look: Morgan Stanley Decommissioning Process Misses 277 Inside Look: Data Sanitization 279 Conclusion 283 Section 2 Next Steps Chapter 10 Securing the Cloud 285 Why is the Cloud So Risky? 287 Introduction to NIST Service Models 288 Vendor Cloud Security Reviews 289 The Shared Responsibility Model 290 Inside Look: Cloud Controls Matrix by the Cloud Security Alliance 295 Security Advisor Reports as Patterns 298 Inside Look: The Capital One Breach 312 Conclusion 313 Chapter 11 Cybersecurity and Legal Protections 315 Legal Terms and Protections 317 Cybersecurity Terms and Conditions 321 Offshore Terms and Conditions 324 Hosted/Cloud Terms and Conditions 327 Privacy Terms and Conditions 331 Inside Look: Heritage Valley Health vs. Nuance 334 Conclusion 335 Chapter 12 Software Due Diligence 337 The Secure Software Development Lifecycle 340 Lessons from SolarWinds and Critical Software 342 Inside Look: Juniper 344 On-Premises Software 346 Cloud Software 348 Open Web Application Security Project Explained 350 OWASP Top 10 350 OWASP Web Security Testing Guide 352 Open Source Software 353 Software Composition Analysis 355 Inside Look: Heartbleed 355 Mobile Software 357 Testing Mobile Applications 358 Code Storage 360 Conclusion 362 Chapter 13 Network Due Diligence 365 Third-Party Connections 368 Personnel Physical Security 368 Hardware Security 370 Software Security 371 Out-of-Band Security 372 Cloud Connections 374 Vendor Connectivity Lifecycle Management 375 Zero Trust for Third Parties 379 Internet of Things and Third Parties 385 Trusted Platform Module and Secure Boot 388 Inside Look: The Target Breach (2013) 390 Conclusion 391 Chapter 14 Offshore Third-Party Cybersecurity Risk 393 Onboarding Offshore Vendors 397 Ongoing Due Diligence for Offshore Vendors 399 Physical Security 399 Offboarding Due Diligence for Offshore Vendors 402 Inside Look: A Reminder on Country Risk 404 Country Risk 405 KC’s Country Risk 406 Conclusion 409 Chapter 15 Transform to Predictive 411 The Data 414 Vendor Records 415 Due Diligence Records 416 Contract Language 416 Risk Acceptances 417 Continuous Monitoring 417 Enhanced Continuous Monitoring 417 How Data is Stored 418 Level Set 418 A Mature to Predictive Approach 420 The Predictive Approach at KC Enterprises 420 Use Case #1: Early Intervention 423 Use Case #2: Red Vendors 425 Use Case #3: Reporting 426 Conclusion 427 Chapter 16 Conclusion 429 Advanced Persistent Threats Are the New Danger 431 Cybersecurity Third-Party Risk 435 Index 445
£26.40
John Wiley & Sons Inc CASP CompTIA Advanced Security Practitioner
Book SynopsisPrepare for success on the challenging CASP+ CAS-004 exam Inthe newly updated Second Edition ofCASP+ CompTIA Advanced Security Practitioner Practice Tests Exam CAS-004,accomplished cybersecurityexpertNadean Tannerdeliversan extensive collection of CASP+preparation materials, including hundreds of domain-by-domain test questions and two additional practice exams. Prepare for the new CAS-004 exam, as well asa new career in advanced cybersecurity, with Sybex's proven approach tocertification success.You'll get ready for the exam, to impressyour next interviewer, and excel at your first cybersecurity job. This book includes: Comprehensive coverage of allexam CAS-004 objectivedomains, including security architecture, operations, engineering, cryptography, and governance, risk, and complianceIn-depthpreparation for test success with 1000 practice exam questionsAccess to the Sybex interactive learning environment and online test bank Perfect for anyone studying for the CASP+ Exam CAS-004,CASP+ CompTIA Advanced Security Practitioner Practice Tests Exam CAS-004is also an ideal resource for anyone with IT security experience who seeks to brush up on their skillset or seek a valuable new CASP+ certification.Table of ContentsIntroduction xix Chapter 1 Security Architecture 1 Chapter 2 Security Operations 61 Chapter 3 Security Engineering and Cryptography 123 Chapter 4 Governance, Risk, and Compliance 175 Chapter 5 Practice Test 1 207 Chapter 6 Practice Test 2 227 Appendix Answers to Review Questions 247 Chapter 1: Security Architecture 248 Chapter 2: Security Operations 278 Chapter 3: Security Engineering and Cryptography 308 Chapter 4: Governance, Risk, and Compliance 333 Chapter 5: Practice Test 1 346 Chapter 6: Practice Test 2 353 Index 363
£26.40
John Wiley & Sons Inc Cybersecurity Risk Management
Book SynopsisCybersecurity Risk Management In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, veteran technology analyst Cynthia Brumfield, with contributions from cybersecurity expert Brian Haugli, delivers a straightforward and up-to-date exploration of the fundamentals of cybersecurity risk planning and management. The book offers readers easy-to-understand overviews of cybersecurity risk management principles, user, and network infrastructure planning, as well as the tools and techniques for detecting cyberattacks. The book also provides a roadmap to the development of a continuity of operations plan in the event of a cyberattack. With incisive insights into the Framework for Improving Cybersecurity of Critical Infrastructure produced by the United States National Institute of Standards and Technology (NIST), Cybersecurity Risk Management presents the gold standard in practical guidance for the implementation of risk mTable of ContentsAcademic Foreword xiii Acknowledgments xv Preface – Overview of the NIST Framework xvii Background on the Framework xviii Framework Based on Risk Management xix The Framework Core xix Framework Implementation Tiers xxi Framework Profile xxii Other Aspects of the Framework Document xxiii Recent Developments At Nist xxiii Chapter 1 Cybersecurity Risk Planning and Management 1 Introduction 2 I. What Is Cybersecurity Risk Management? 2 A. Risk Management Is a Process 3 II. Asset Management 4 A. Inventory Every Physical Device and System You Have and Keep the Inventory Updated 5 B. Inventory Every Software Platform and Application You Use and Keep the Inventory Updated 9 C. Prioritize Every Device, Software Platform, and Application Based on Importance 10 D. Establish Personnel Security Requirements Including Third-Party Stakeholders 11 III. Governance 13 A. Make Sure You Educate Management about Risks 13 IV. Risk Assessment and Management 15 A. Know Where You’re Vulnerable 15 B. Identify the Threats You Face, Both Internally and Externally 16 C. Focus on the Vulnerabilities and Threats That Are Most Likely AND Pose the Highest Risk to Assets 17 D. Develop Plans for Dealing with the Highest Risks 18 Summary 20 Chapter Quiz 20 Essential Reading on Cybersecurity Risk Management 22 Chapter 2 User and Network Infrastructure Planning and Management 23 I. Introduction 24 II. Infrastructure Planning and Management Is All about Protection, Where the Rubber Meets the Road 24 A. Identity Management, Authentication, and Access Control 25 1. Always Be Aware of Who Has Access to Which System, for Which Period of Time, and from Where the Access Is Granted 27 2. Establish, Maintain, and Audit an Active Control List and Process for Who Can Physically Gain Access to Systems 28 3. Establish Policies, Procedures, and Controls for Who Has Remote Access to Systems 28 4. Make Sure That Users Have the Least Authority Possible to Perform Their Jobs and Ensure That at Least Two Individuals Are Responsible for a Task 29 5. Implement Network Security Controls on All Internal Communications, Denying Communications among Various Segments Where Necessary 31 A Word about Firewalls 31 6. Associate Activities with a Real Person or a Single Specific Entity 32 7. Use Single- or Multi-Factor Authentication Based on the Risk Involved in the Interaction 33 III. Awareness and Training 34 A. Make Sure That Privileged Users and Security Personnel Understand Their Roles and Responsibilities 35 IV. Data Security 35 A. Protect the Integrity of Active and Archived Databases 35 B. Protect the Confidentiality and Integrity of Corporate Data Once It Leaves Internal Networks 36 C. Assure That Information Can Only Be Accessed by Those Authorized to Do So and Protect Hardware and Storage Media 37 D. Keep Your Development and Testing Environments Separate from Your Production Environment 38 E. Implement Checking Mechanisms to Verify Hardware Integrity 39 V. Information Protection Processes and Procedures 39 A. Create a Baseline of IT and OT Systems 40 B. Manage System Configuration Changes in a Careful, Methodical Way 41 A Word about Patch Management 42 C. Perform Frequent Backups and Test Your Backup Systems Often 43 D. Create a Plan That Focuses on Ensuring That Assets and Personnel Will Be Able to Continue to Function in the Event of a Crippling Attack or Disaster 43 VI. Mainte nance 44 A. Perform Maintenance and Repair of Assets and Log Activities Promptly 45 B. Develop Criteria for Authorizing, Monitoring, and Controlling All Maintenance and Diagnostic Activities for Third Parties 45 VII. Protective Technology 46 A. Restrict the Use of Certain Types of Media On Your Systems 46 B. Wherever Possible, Limit Functionality to a Single Function Per Device (Least Functionality) 47 C. Implement Mechanisms to Achieve Resilience on Shared Infrastructure 48 Summary 49 Chapter Quiz 50 Essential Reading on Network Management 51 Chapter 3 Tools and Techniques for Detecting Cyber Incidents 53 Introduction 54 What Is an Incident? 55 I. Detect 56 A. Anomalies and Events 56 1. Establish Baseline Data for Normal, Regular Traffic Activity and Standard Configuration for Network Devices 57 2. Monitor Systems with Intrusion Detection Systems and Establish a Way of Sending and Receiving Notifications of Detected Events; Establish a Means of Verifying, Assessing, and Tracking the Source of Anomalies 58 A Word about Antivirus Software 60 3. Deploy One or More Centralized Log File Monitors and Configure Logging Devices throughout the Organization to Send Data Back to the Centralized Log Monitor 61 4. Determine the Impact of Events Both Before and After they Occur 61 5. Develop a Threshold for How Many Times an Event Can Occur Before You Take Action 62 B. Continuous Monitoring 62 1. Develop Strategies for Detecting Breaches as Soon as Possible, Emphasizing Continuous Surveillance of Systems through Network Monitoring 63 2. Ensure That Appropriate Access to the Physical Environment Is Monitored, Most Likely through Electronic Monitoring or Alarm Systems 64 3. Monitor Employee Behavior in Terms of Both Physical and Electronic Access to Detect Unauthorized Access 65 4. Develop a System for Ensuring That Software Is Free of Malicious Code through Software Code Inspection and Vulnerability Assessments 65 5. Monitor Mobile Code Applications (e.g., Java Applets) for Malicious Activity by Authenticating the Codes’ Origins, Verifying their Integrity, and Limiting the Actions they Can Perform 66 6. Evaluate a Provider’s Internal and External Controls’ Adequacy and Ensure they Develop and Adhere to Appropriate Policies, Procedures, and Standards; Consider the Results of Internal and External Audits 66 7. Monitor Employee Activity for Security Purposes and Assess When Unauthorized Access Occurs 67 8. Use Vulnerability Scanning Tools to Find Your Organization’s Weaknesses 68 C. Detection Processes 68 1. Establish a Clear Delineation between Network and Security Detection, with the Networking Group and the Security Group Having Distinct and Different Responsibilities 69 2. Create a Formal Detection Oversight and Control Management Function; Define Leadership for a Security Review, Operational Roles, and a Formal Organizational Plan; Train Reviewers to Perform Their Duties Correctly and Implement the Review Process 70 3. Test Detection Processes Either Manually or in an Automated Fashion in Conformance with the Organization’s Risk Assessment 71 4. Inform Relevant Personnel Who Must Use Data or Network Security Information about What Is Happening and Otherwise Facilitate Organizational Communication 71 5. Document the Process for Event Detection to Improve the Organization’s Detection Systems 72 Summary 72 Chapter Quiz 73 Essential Reading for Tools and Techniques for Detecting a Cyberattack 74 Chapter 4 Developing a Continuity of Operations Plan 75 Introduction 77 A. One Size Does Not Fit All 77 I. Response 77 A. Develop an Executable Response Plan 79 B. Understand the Importance of Communications in Incident Response 80 C. Prepare for Corporate-Wide Involvement During Some Cybersecurity Attacks 81 II. Analysis 82 A. Examine Your Intrusion Detection System in Analyzing an Incident 82 B. Understand the Impact of the Event 83 C. Gather and Preserve Evidence 84 D. Prioritize the Treatment of the Incident Consistent with Your Response Plan 84 E. Establish Processes for Handling Vulnerability Disclosures 85 III. Mitigation 86 A. Take Steps to Contain the Incident 86 B. Decrease the Threat Level by Eliminating or Intercepting the Adversary as Soon as the Incident Occurs 87 C. Mitigate Vulnerabilities or Designate Them as Accepted Risk 88 IV. Recover 88 A. Recovery Plan Is Executed During or After a Cybersecurity Incident 89 B. Update Recovery Procedures Based on New Information as Recovery Gets Underway 91 C. Develop Relationships with Media to Accurately Disseminate Information and Engage in Reputational Damage Limitation 92 Summary 92 Chapter Quiz 93 Essential Reading for Developing a Continuity of Operations Plan 94 Chapter 5 Supply Chain Risk Management 95 Introduction 96 I. NIST Special Publication 800-161 96 II. Software Bill of Materials 97 III. NIST Revised Framework Incorporates Major Supply Chain Category 98 A. Identify, Establish, and Assess Cyber Supply Chain Risk Management Processes and Gain Stakeholder Agreement 98 B. Identify, Prioritize, and Assess Suppliers and Third-Party Partners of Suppliers 99 C. Develop Contracts with Suppliers and Third-Party Partners to Address Your Organization’s Supply Chain Risk Management Goals 100 D. Routinely Assess Suppliers and Third-Party Partners Using Audits, Test Results, and Other Forms of Evaluation 101 E. Test to Make Sure Your Suppliers and Third-Party Providers Can Respond to and Recover from Service Disruption 102 Summary 103 Chapter Quiz 103 Essential Reading for Supply Chain Risk Management 104 Chapter 6 Manufacturing and Industrial Control Systems Security 105 Essential Reading on Manufacturing and Industrial Control Security 110 Appendix A: Helpful Advice for Small Organizations Seeking to Implement Some of the Book’s Recommendations 111 Appendix B: Critical Security Controls Version 8.0 Mapped to NIST CSF v1.1 113 Answers to Chapter Quizzes 121 Index 131
£79.16
John Wiley & Sons Inc CEH v11
Book SynopsisMaster CEH v11 and identify your weak spots CEH: Certified Ethical Hacker Version11Practice Testsare the ideal preparation for this high-stakes exam. Five complete, unique practice tests are designed to help you identify weak spots in your understanding, so you can direct your preparation efforts efficiently and gain the confidenceand skillsyou need to pass. These tests cover allsectionsections of the examblueprint, allowing you to test your knowledge ofBackground,Analysis/Assessment, Security, Tools/Systems/Programs, Procedures/Methodology, Regulation/Policy, and Ethics. Coverage aligns with CEH version11, including materialto test your knowledge ofreconnaissance and scanning,cloud, tablet, and mobileand wirelesssecurity and attacks, the latest vulnerabilities, and the new emphasis on Internet of Things (IoT). The exams are designed to familiarize CEH candidates with the test format, allowing them to become more comfortableapply their knowledge and skills in a high-pressure test setting. The ideal companion for the SybexCEH v11 Study Guide, this book is an invaluable tool for anyone aspiring to thishighly-regardedcertification. Offered by the International Council of Electronic Commerce Consultants, the Certified Ethical Hacker certification is unique in the penetration testingsphere, andrequires preparation specific to the CEH exam more than general IT security knowledge. This book of practice tests help you steer your study where it needs to go by giving you a glimpse of exam day while there's still time to prepare. Practice allsevensections of the CEH v11 examTest your knowledge of security, tools, procedures, and regulationsGauge your understanding ofvulnerabilities and threatsMaster the material well in advance of exam day By getting inside the mind ofan attacker, you gain a one-of-a-kind perspective that dramatically boosts your marketability and advancement potential. If you're ready to attempt this unique certification, the CEH: Certified Ethical Hacker Version 11 Practice Tests are the major preparation tool you should not be without.Table of ContentsIntroduction vi Chapter 1 Practice Test 1 1 Chapter 2 Practice Test 2 27 Chapter 3 Practice Test 3 55 Chapter 4 Practice Test 4 81 Chapter 5 Practice Test 5 107 Appendix Answers to Practice Tests 133 Chapter 1: Practice Test 1 134 Chapter 2: Practice Test 2 145 Chapter 3: Practice Test 3 157 Chapter 4: Practice Test 4 169 Chapter 5: Practice Test 5 180 Index 191
£24.79
John Wiley and Sons Ltd Distributed Systems
Book SynopsisDistributed Systems Comprehensive textbook resource on distributed systemsintegrates foundational topics with advanced topics of contemporary importance within the field Distributed Systems: Theory and Applications is organized around three layers of abstractions: networks, middleware tools, and application framework. It presents data consistency models suited for requirements of innovative distributed shared memory applications. The book also focuses on distributed processing of big data, representation of distributed knowledge and management of distributed intelligence via distributed agents. To aid in understanding how these concepts apply to real-world situations, the work presents a case study on building a P2P Integrated E-Learning system. Downloadable lecture slides are included to help professors and instructors convey key concepts to their students. Additional topics discussed in Distributed Systems: Theory and Applications include: Table of ContentsAbout the Authors xv Preface xvii Acknowledgments xxi Acronyms xxiii 1 Introduction 1 1.1 Advantages of Distributed Systems 1 1.2 Defining Distributed Systems 3 1.3 Challenges of a Distributed System 5 1.4 Goals of Distributed System 6 1.4.1 Single System View 7 1.4.2 Hiding Distributions 7 1.4.3 Degrees and Distribution of Hiding 9 1.4.4 Interoperability 10 1.4.5 Dynamic Reconfiguration 10 1.5 Architectural Organization 11 1.6 Organization of the Book 12 Bibliography 13 2 The Internet 15 2.1 Origin and Organization 15 2.1.1 ISPs and the Topology of the Internet 17 2.2 Addressing the Nodes 17 2.3 Network Connection Protocol 20 2.3.1 IP Protocol 22 2.3.2 Transmission Control Protocol 22 2.3.3 User Datagram Protocol 22 2.4 Dynamic Host Control Protocol 23 2.5 Domain Name Service 24 2.5.1 Reverse DNS Lookup 27 2.5.2 Client Server Architecture 30 2.6 Content Distribution Network 32 2.7 Conclusion 34 Exercises 34 Bibliography 35 3 Process to Process Communication 37 3.1 Communication Types and Interfaces 38 3.1.1 Sequential Type 38 3.1.2 Declarative Type 39 3.1.3 Shared States 40 3.1.4 Message Passing 41 3.1.5 Communication Interfaces 41 3.2 Socket Programming 42 3.2.1 Socket Data Structures 43 3.2.2 Socket Calls 44 3.3 Remote Procedure Call 48 3.3.1 Xml RPC 52 3.4 Remote Method Invocation 55 3.5 Conclusion 59 Exercises 59 Additional Web Resources 61 Bibliography 61 4 Microservices, Containerization, and MPI 63 4.1 Microservice Architecture 64 4.2 REST Requests and APIs 66 4.2.1 Weather Data Using REST API 67 4.3 Cross Platform Applications 68 4.4 Message Passing Interface 78 4.4.1 Process Communication Models 78 4.4.2 Programming with MPI 81 4.5 Conclusion 87 Exercises 88 Additional Internet Resources 89 Bibliography 89 5 Clock Synchronization and Event Ordering 91 5.1 The Notion of Clock Time 92 5.2 External Clock Based Mechanisms 93 5.2.1 Cristian’s Algorithm 93 5.2.2 Berkeley Clock Protocol 94 5.2.3 Network Time Protocol 95 5.2.3.1 Symmetric Mode of Operation 96 5.3 Events and Temporal Ordering 97 5.3.1 Causal Dependency 99 5.4 Logical Clock 99 5.5 Causal Ordering of Messages 106 5.6 Multicast Message Ordering 107 5.6.1 Implementing FIFO Multicast 110 5.6.2 Implementing Causal Ordering 112 5.6.3 Implementing Total Ordering 113 5.6.4 Reliable Multicast 114 5.7 Interval Events 115 5.7.1 Conceptual Neighborhood 116 5.7.2 Spatial Events 118 5.8 Conclusion 120 Exercises 121 Bibliography 123 6 Global States and Termination Detection 127 6.1 Cuts and Global States 127 6.1.1 Global States 132 6.1.2 Recording of Global States 134 6.1.3 Problem in Recording Global State 138 6.2 Liveness and Safety 140 6.3 Termination Detection 143 6.3.1 Snapshot Based Termination Detection 144 6.3.2 Ring Method 145 6.3.3 Tree Method 148 6.3.4 Weight Throwing Method 151 6.4 Conclusion 153 Exercises 154 Bibliography 156 7 Leader Election 157 7.1 Impossibility Result 158 7.2 Bully Algorithm 159 7.3 Ring-Based Algorithms 160 7.3.1 Circulate IDs All the Way 161 7.3.2 As Far as an ID Can Go 162 7.4 Hirschberg and Sinclair Algorithm 163 7.5 Distributed Spanning Tree Algorithm 167 7.5.1 Single Initiator Spanning Tree 167 7.5.2 Multiple Initiators Spanning Tree 170 7.5.3 Minimum Spanning Tree 176 7.6 Leader Election in Trees 176 7.6.1 Overview of the Algorithm 176 7.6.2 Activation Stage 177 7.6.3 Saturation Stage 178 7.6.4 Resolution Stage 179 7.6.5 Two Nodes Enter SATURATED State 180 7.7 Leased Leader Election 182 7.8 Conclusion 184 Exercises 185 Bibliography 187 8 Mutual Exclusion 189 8.1 System Model 190 8.2 Coordinator-Based Solution 192 8.3 Assertion-Based Solutions 192 8.3.1 Lamport’s Algorithm 192 8.3.2 Improvement to Lamport’s Algorithm 195 8.3.3 Quorum-Based Algorithms 196 8.4 Token-Based Solutions 203 8.4.1 Suzuki and Kasami’s Algorithm 203 8.4.2 Singhal’s Heuristically Aided Algorithm 206 8.4.3 Raymond’s Tree-Based Algorithm 212 8.5 Conclusion 214 Exercises 215 Bibliography 216 9 Agreements and Consensus 219 9.1 System Model 220 9.1.1 Failures in Distributed System 221 9.1.2 Problem Definition 222 9.1.3 Agreement Problem and Its Equivalence 223 9.2 Byzantine General Problem (BGP) 225 9.2.1 BGP Solution Using Oral Messages 228 9.2.2 Phase King Algorithm 232 9.3 Commit Protocols 233 9.3.1 Two-Phase Commit Protocol 234 9.3.2 Three-Phase Commit 238 9.4 Consensus 239 9.4.1 Consensus in Synchronous Systems 239 9.4.2 Consensus in Asynchronous Systems 241 9.4.3 Paxos Algorithm 242 9.4.4 Raft Algorithm 244 9.4.5 Leader Election 246 9.5 Conclusion 248 Exercises 249 Bibliography 250 10 Gossip Protocols 253 10.1 Direct Mail 254 10.2 Generic Gossip Protocol 255 10.3 Anti-entropy 256 10.3.1 Push-Based Anti-Entropy 257 10.3.2 Pull-Based Anti-Entropy 258 10.3.3 Hybrid Anti-Entropy 260 10.3.4 Control and Propagation in Anti-Entropy 260 10.4 Rumor-mongering Gossip 261 10.4.1 Analysis of Rumor Mongering 262 10.4.2 Fault-Tolerance 265 10.5 Implementation Issues 265 10.5.1 Network-Related Issues 266 10.6 Applications of Gossip 267 10.6.1 Peer Sampling 267 10.6.2 Failure Detectors 270 10.6.3 Distributed Social Networking 271 10.7 Gossip in IoT Communication 273 10.7.1 Context-Aware Gossip 273 10.7.2 Flow-Aware Gossip 274 10.7.2.1 Fire Fly Gossip 274 10.7.2.2 Trickle 275 10.8 Conclusion 278 Exercises 279 Bibliography 280 11 Message Diffusion Using Publish and Subscribe 283 11.1 Publish and Subscribe Paradigm 284 11.1.1 Broker Network 285 11.2 Filters and Notifications 287 11.2.1 Subscription and Advertisement 288 11.2.2 Covering Relation 288 11.2.3 Merging Filters 290 11.2.4 Algorithms 291 11.3 Notification Service 294 11.3.1 Siena 294 11.3.2 Rebeca 295 11.3.3 Routing of Notification 296 11.4 MQTT 297 11.5 Advanced Message Queuing Protocol 299 11.6 Effects of Technology on Performance 301 11.7 Conclusions 303 Exercises 304 Bibliography 305 12 Peer-to-Peer Systems 309 12.1 The Origin and the Definition of P2P 310 12.2 P2P Models 311 12.2.1 Routing in P2P Network 312 12.3 Chord Overlay 313 12.4 Pastry 321 12.5 Can 325 12.6 Kademlia 327 12.7 Conclusion 331 Exercises 332 Bibliography 333 13 Distributed Shared Memory 337 13.1 Multicore and S-DSM 338 13.1.1 Coherency by Delegation to a Central Server 339 13.2 Manycore Systems and S-DSM 340 13.3 Programming Abstractions 341 13.3.1 MapReduce 341 13.3.2 OpenMP 343 13.3.3 Merging Publish and Subscribe with DSM 345 13.4 Memory Consistency Models 347 13.4.1 Sequential Consistency 349 13.4.2 Linearizability or Atomic Consistency 351 13.4.3 Relaxed Consistency Models 352 13.4.3.1 Release Consistency 356 13.4.4 Comparison of Memory Models 357 13.5 DSM Access Algorithms 358 13.5.1 Central Sever Algorithm 359 13.5.2 Migration Algorithm 360 13.5.3 Read Replication Algorithm 361 13.5.4 Full Replication Algorithm 362 13.6 Conclusion 364 Exercises 364 Bibliography 367 14 Distributed Data Management 371 14.1 Distributed Storage Systems 372 14.1.1 Raid 372 14.1.2 Storage Area Networks 372 14.1.3 Cloud Storage 373 14.2 Distributed File Systems 375 14.3 Distributed Index 376 14.4 NoSQL Databases 377 14.4.1 Key-Value and Document Databases 378 14.4.1.1 MapReduce Algorithm 380 14.4.2 Wide Column Databases 381 14.4.3 Graph Databases 382 14.4.3.1 Pregel Algorithm 384 14.5 Distributed Data Analytics 386 14.5.1 Distributed Clustering Algorithms 388 14.5.1.1 Distributed K-Means Clustering Algorithm 388 14.5.2 Stream Clustering 391 14.5.2.1 BIRCH Algorithm 392 14.6 Conclusion 393 Exercises 394 Bibliography 395 15 Distributed Knowledge Management 399 15.1 Distributed Knowledge 400 15.2 Distributed Knowledge Representation 401 15.2.1 Resource Description Framework (RDF) 401 15.2.2 Web Ontology Language (OWL) 406 15.3 Linked Data 407 15.3.1 Friend of a Friend 407 15.3.2 DBpedia 408 15.4 Querying Distributed Knowledge 409 15.4.1 SPARQL Query Language 410 15.4.2 SPARQL Query Semantics 411 15.4.3 SPARQL Query Processing 413 15.4.4 Distributed SPARQL Query Processing 414 15.4.5 Federated and Peer-to-Peer SPARQL Query Processing 416 15.5 Data Integration in Distributed Sensor Networks 421 15.5.1 Semantic Data Integration 422 15.5.2 Data Integration in Constrained Systems 424 15.6 Conclusion 427 Exercises 428 Bibliography 429 16 Distributed Intelligence 433 16.1 Agents and Multi-Agent Systems 434 16.1.1 Agent Embodiment 436 16.1.2 Mobile Agents 436 16.1.3 Multi-Agent Systems 437 16.2 Communication in Agent-Based Systems 438 16.2.1 Agent Communication Protocols 439 16.2.2 Interaction Protocols 440 16.2.2.1 Request Interaction Protocol 441 16.3 Agent Middleware 441 16.3.1 FIPA Reference Model 442 16.3.2 FIPA Compliant Middleware 443 16.3.2.1 JADE: Java Agent Development Environment 443 16.3.2.2 MobileC 443 16.3.3 Agent Migration 444 16.4 Agent Coordination 445 16.4.1 Planning 447 16.4.1.1 Distributed Planning Paradigms 447 16.4.1.2 Distributed Plan Representation and Execution 448 16.4.2 Task Allocation 450 16.4.2.1 Contract-Net Protocol 450 16.4.2.2 Allocation of Multiple Tasks 452 16.4.3 Coordinating Through the Environment 453 16.4.3.1 Construct-Ant-Solution 455 16.4.3.2 Update-Pheromone 456 16.4.4 Coordination Without Communication 456 16.5 Conclusion 456 Exercises 457 Bibliography 459 17 Distributed Ledger 461 17.1 Cryptographic Techniques 462 17.2 Distributed Ledger Systems 464 17.2.1 Properties of Distributed Ledger Systems 465 17.2.2 A Framework for Distributed Ledger Systems 466 17.3 Blockchain 467 17.3.1 Distributed Consensus in Blockchain 468 17.3.2 Forking 470 17.3.3 Distributed Asset Tracking 471 17.3.4 Byzantine Fault Tolerance and Proof of Work 472 17.4 Other Techniques for Distributed Consensus 473 17.4.1 Alternative Proofs 473 17.4.2 Non-linear Data Structures 474 17.4.2.1 Tangle 474 17.4.2.2 Hashgraph 476 17.5 Scripts and Smart Contracts 480 17.6 Distributed Ledgers for Cyber-Physical Systems 483 17.6.1 Layered Architecture 484 17.6.2 Smart Contract in Cyber-Physical Systems 486 17.7 Conclusion 486 Exercises 487 Bibliography 488 18 Case Study 491 18.1 Collaborative E-Learning Systems 492 18.2 P2P E-Learning System 493 18.2.1 Web Conferencing Versus P2P-IPS 495 18.3 P2P Shared Whiteboard 497 18.3.1 Repainting Shared Whiteboard 497 18.3.2 Consistency of Board View at Peers 498 18.4 P2P Live Streaming 500 18.4.1 Peer Joining 500 18.4.2 Peer Leaving 503 18.4.3 Handling “Ask Doubt” 504 18.5 P2P-IPS for Stored Contents 504 18.5.1 De Bruijn Graphs for DHT Implementation 505 18.5.2 Node Information Structure 507 18.5.2.1 Join Example 510 18.5.3 Leaving of Peers 510 18.6 Searching, Sharing, and Indexing 511 18.6.1 Pre-processing of Files 511 18.6.2 File Indexing 512 18.6.3 File Lookup and Download 512 18.7 Annotations and Discussion Forum 513 18.7.1 Annotation Format 513 18.7.2 Storing Annotations 514 18.7.3 Audio and Video Annotation 514 18.7.4 PDF Annotation 514 18.7.5 Posts, Comments, and Announcements 514 18.7.6 Synchronization of Posts and Comments 515 18.7.6.1 Epidemic Dissemination 516 18.7.6.2 Reconciliation 516 18.8 Simulation Results 516 18.8.1 Live Streaming and Shared Whiteboard 517 18.8.2 De Bruijn Overlay 518 18.9 Conclusion 520 Bibliography 521 Index 525
£75.15
John Wiley & Sons Inc Modeling and Optimization of Optical
Book SynopsisMODELING and OPTIMIZATION of OPTICAL COMMUNICATION NETWORKS Optical networks are an integral part of many of the technologies that we use every day. It is a constantly changing and evolving area, with new materials, processes, and applications coming online almost daily. This book provides a basis for discussing open principles, methods and research problems in the modeling of optical communication networks. It also provides a systematic overview of the state-of-the-art research efforts and potential research directions dealing with optical communication metworks. It also simultaneously focuses on extending the limits of currently used systems encompassing optical and wireless domains and explores novel research on wireless and optical techniques and systems, describing practical implementation activities, results and issues. A handbook on applications for both academia and industry, this exciting new volume includes detailed discussions on real-world case studTable of ContentsPreface xv 1 Investigation on Optical Sensors for Heart Rate Monitoring 1V. Vijeya Kaveri, V. Meenakshi, N. Kousika and A. Pushpalatha 1.1 Introduction 2 1.2 Overview of PPG 2 1.2.1 PPG Waveform 2 1.2.2 Photoplethysmography Waveforms Based on the Origin of Optical Concern 2 1.2.3 Photoplethysmography’s Early on and Modern Records 3 1.2.4 Building Blocks of Photoplethysmography 4 1.2.5 Protocol Measurement and Reproducibility 6 1.3 Clinical Application – Heart Rate Monitoring 7 1.4 Summary 8 References 8 2 Adopting a Fusion Approach for Optical Amplification 11E. Francy Irudaya Rani, T. Lurthu Pushparaj and E. Fantin Irudaya Raj 2.1 Introduction 12 2.2 The Mechanism Involved 13 2.3 Types of Amplifier 14 2.3.1 Semiconductor Optical Amplifiers 14 2.3.1.1 Various Phases and Progress of SOA 15 2.3.2 Fiber Raman Amplifiers 16 2.3.3 Fiber Brillouin Amplifiers 17 2.3.4 Doped-Fiber Amplifiers 17 2.4 Hybrid Optical Amplifiers 19 2.4.1 EDFA and SOA Hybrid 21 2.4.2 EDFA and FRA Hybrid 21 2.4.3 RFA and SOA Hybrid 22 2.4.4 Combination of EYDWA as well as SOA 23 2.4.5 EDFA–EYCDFA Hybrid 23 2.4.6 TDFA Along with RFA Hybrid 23 2.4.7 EDFA and TDFA Hybrid 23 2.5 Applications 24 2.5.1 Telecom Infrastructure Optical Power Amplifier 26 2.6 Current Scenario 27 2.7 Discussion 28 2.8 Conclusions 30 References 30 3 Optical Sensors 35M. Shanthi, R. Niraimathi, V. Chamundeeswari and Mahaboob Subahani Akbarali 3.1 Introduction 35 3.2 Glass Fibers 36 3.3 Plastic Fibers 37 3.4 Optical Fiber Sensors Advantages Over Traditional Sensors 37 3.5 Fiber Optic Sensor Principles 38 3.6 Classification of Fiber Optic Sensors 38 3.6.1 Intrinsic Fiber Optic Sensor 39 3.6.2 Extrinsic Fiber Optic Sensor 39 3.6.3 Intensity-Modulated Sensors 40 3.6.3.1 Intensity Type Fiber Optic Sensor Using Evanescent Wave Coupling 41 3.6.3.2 Intensity Type Fiber Optic Sensor Using Microbend Sensor 41 3.6.4 Phase Modulated Fiber Optic Sensors 42 3.6.4.1 Fiber Optic Gyroscope 43 3.6.4.2 Fiber-Optic Current Sensor 43 3.6.5 Polarization Modulated Fiber Optic Sensors 43 3.6.6 Physical Sensor 44 3.6.6.1 Temperature Sensors 44 3.6.6.2 Proximity Sensor 45 3.6.6.3 Depth/Pressure Sensor 45 3.6.7 Chemical Sensor 45 3.6.8 Bio-Medical Sensor 46 3.7 Optical Fiber Sensing Applications 49 3.7.1 Application in the Medicinal Field 50 3.7.2 Application in the Agriculture Field 50 3.7.3 Application in Civil Infrastructure 50 3.8 Conclusion 51 References 51 4 Defective and Failure Sensor Detection and Removal in a Wireless Sensor Network 53Prasannavenkatesan Theerthagiri 4.1 Introduction 53 4.2 Related Works 55 4.3 Proposed Detection and Elimination Approach 56 4.3.1 Scanning Algorithm for Cut Tracking (SCT) 63 4.3.2 Eliminate Faulty Sensor Algorithm (EFS) 64 4.4 Results and Discussion 66 4.5 Performance Evaluation 68 4.6 Conclusion 70 References 71 5 Optical Fiber and Prime Optical Devices for Optical Communication 75Srividya P. 5.1 Introduction 76 5.2 Optic Fiber Systems Development 77 5.3 Optical Fiber Transmission Link 77 5.4 Optical Sources Suited for Optical Fiber Communication 79 5.5 LED as Optical Source 80 5.6 Laser as Light Source 84 5.7 Optical Fiber 86 5.8 Fiber Materials 89 5.9 Benefits of Optical Fiber 90 5.10 Drawbacks of Optical Fiber 90 5.11 Recent Advancements in Fiber Technology 90 5.12 Photodetector 92 5.13 Future of Optical Fiber Communication 95 5.14 Applications of Optical Fibers in the Industry 96 5.15 Conclusion 97 References 97 6 Evaluation of Lower Layer Parameters in Body Area Networks 99Abhilash Hedge and Durga Prasad 6.1 Introduction 100 6.2 Problem Definition 101 6.3 Baseline MAC in IEEE 802.15.6 102 6.4 Ultra Wideband (UWB) PHY 103 6.5 Castalia 103 6.5.1 Features 103 6.6 Methodology 105 6.6.1 Simulation Method in Castalia 105 6.6.2 Hardware Methodology 105 6.7 Results and Discussion 106 6.8 Hardware Setup Using Bluetooth Module 118 6.9 Hardware Setup Using ESP 12-E 118 6.10 Conclusions 122 References 122 7 Analyzing a Microstrip Antenna Sensor Design for Achieving Biocompatibity 125Sonam Gour, Abha Sharma and Amit Rathi 7.1 Introduction 125 7.2 Designing of Biomedical Antenna 126 7.3 Sensing Device for Biomedical Application 128 7.4 Conclusion 133 References 133 8 Photonic Crystal Based Routers for All Optical Communication Networks 137T. Sridarshini, Shanmuga Sundar Dhanabalan, V.R. Balaji, A. Manjula, S. Indira Gandhi and A. Sivanantha Raja 8.1 Introduction 138 8.2 Photonic Crystals 140 8.2.1 1D Photonic Crystals 140 8.2.2 2D Photonic Crystals 141 8.2.3 3D Photonic Crystals 142 8.2.4 Photonic Bandgap 142 8.2.5 Applications 144 8.3 Routers 145 8.4 Micro Ring Resonators 145 8.5 Optical Routers 147 8.5.1 Routers Based on PCRR 147 8.5.2 N x N Router Structures 149 8.5.2.1 3 x 3 Router 150 8.5.2.2 4 x 4 Router 151 8.5.2.3 6 x 6 Router 154 8.5.3 Routers Based on PC Line Defect 157 8.6 Summary 159 References 160 9 Fiber Optic Communication: Evolution, Technology, Recent Developments, and Future Trends 163Dankan G. Veeranna, M. Nagabushanam, Sridhara S. Boraiah, Ramesha Muniyappa and Devananda S. Narayanappa 9.1 Introduction 164 9.2 Basic Principles 167 9.3 Future Trends in Fiber Optics Communication 171 9.4 Advantages 174 9.5 Conclusion 176 References 177 10 Difficulties of Fiber Optic Setup and Maintenance in a Developing Nation 179Dankan G. Veeranna, M. Nagabushanam, Sridhara S. Boraiah, Ramesha Muniyappa and Devananda S. Narayanappa 10.1 Introduction 180 10.2 Related Works 181 10.3 Fiber Optic Cable 182 10.3.1 Single-Mode Cable 182 10.3.2 Multimode Cable 183 10.3.2.1 Step-Index Multimode Fiber 183 10.3.2.2 Graded-Index Multimode Fiber 183 10.3.3 Deployed Fiber Optics Cable 184 10.4 Fiber Optics Cable Deployment Strategies 184 10.4.1 Aerial Installation 184 10.4.2 Underground Installation 185 10.4.2.1 Direct-Buried 185 10.4.2.2 Installation in Duct 185 10.5 Deployment of Fiber Optics Throughout the World 186 10.5.1 Fiber Optics Deployment in India 187 10.5.2 Submarine Fiber Optic in India 187 10.5.3 Installation of Fiber Optic Cable in the Inland 188 10.6 Fiber Deployment Challenges 188 10.6.1 Deploying Fiber has a Number of Technical Difficulties 188 10.6.2 Right of Way 189 10.6.3 Administrative Challenges 189 10.6.4 Post-Fiber Deployment Management 190 10.6.5 Fiber Optic Cable Deployment and Management Standards and Best Practices 191 10.7 Conclusion 191 References 191 11 Machine Learning-Enabled Flexible Optical Transport Networks 193Sridhar Iyer, Rahul Jashvantbhai Pandya, N. Jeyakkannan and C. Karthik 11.1 Introduction 194 11.2 Review of SDM-EON Physical Models 198 11.2.1 Optical Fibers for SDM-EON 198 11.2.2 Switching Techniques for SDM-EON 200 11.3 Review of SDM-EON Resource Assignment Techniques 205 11.4 Research Challenges in SDM-EONs 209 11.5 Conclusion 210 References 211 12 Role of Wavelength Division Multiplexing in Optical Communication 217P. Gunasekaran, A. Azhagu Jaisudhan Pazhani, A. Rameshbabu and B. Kannan 12.1 Introduction 218 12.2 Modules of an Optical Communication System 219 12.2.1 How a Fiber Optic Communication Works? 220 12.2.2 Codes of Fiber Optic Communication System 220 12.2.2.1 Dense Light Source 221 12.2.2.2 Low Loss Optical Fiber 221 12.2.3 Photo Detectors 223 12.3 Wavelength-Division Multiplexing (WDM) 223 12.3.1 Transceivers – Transmitting Data as Light 224 12.3.2 Multiplexers Enhancing the Use of Fiber Channels 225 12.3.3 Categories of WDM 225 12.4 Modulation Formats in WDM Systems 226 12.4.1 Optical Modulator 227 12.4.1.1 Direct Modulation 227 12.4.1.2 External Modulation 227 12.4.2 Modulation Formats 228 12.4.2.1 Non Return to Zero (NRZ) 229 12.4.2.2 Return to Zero (RZ) 230 12.4.2.3 Chirped RZ (CRZ) 231 12.4.2.4 Carrier Suppressed RZ (CSRZ) 232 12.4.2.5 Differential Phase Shift Key (DPSK) 232 12.4.3 Uses of Wavelength Division Multiplexing 233 References 233 13 Optical Ultra-Sensitive Nanoscale Biosensor Design for Water Analysis 235Shaikh Afzal and Manju Devi 13.1 Introduction 236 13.2 Related Work or Literature Survey 237 13.2.1 B. Cereus Spores’ Study for Water Quality 237 13.2.2 History Use of Optical Property for Biosensing 238 13.2.3 Photonic Crystal 239 13.3 Tools and Techniques 240 13.3.1 Opti FDTD 240 13.3.2 EM Wave Equation 240 13.3.3 Optical Ring Resonator 241 13.3.4 Output Power Computation 242 13.4 Proposed Design 243 13.4.1 Circular Resonator PHC Biosensor 243 13.4.2 Triangular Structure PHC Biosensor 244 13.5 Simulation 244 13.6 Result and Analysis 244 13.7 Conclusion and Future Scope 248 References 249 14 A Study on Connected Cars–V2V Communication 251Chandra Singh, Sachin C. N. Shetty, Manjunatha Badiger and Nischitha 14.1 Introduction 251 14.2 Literature Survey 252 14.3 Software Description 255 14.4 Methodology 256 14.5 Working 257 14.6 Advantages and Applications 263 14.7 Conclusion and Future Scope 263 Future Scope 264 References 264 15 Broadband Wireless Network Era in Wireless Communication – Routing Theory and Practices 267R. Prabha, G. A. Senthil, S. K. B. Sangeetha, S.U. Suganthi and D. Roopa 15.1 Introduction 268 15.2 Outline of Broadband Wireless Networking 270 15.2.1 Type of Broadband Wireless Networks 270 15.2.1.1 Fixed Networks 270 15.2.1.2 The Broadband Mobile Wireless Networks 271 15.2.2 BWN Network Structure 272 15.2.3 Wireless Broadband Applications 273 15.2.4 Promising Approaches Beyond BWN 273 15.3 Routing Mechanisms 274 15.4 Security Issues and Mechanisms in BWN 276 15.4.1 DoS Attack 276 15.4.2 Distributed Flooding DoS 277 15.4.3 Rogue and Selfish Backbone Devices 277 15.4.4 Authorization Flooding on Backbone Devices 277 15.4.5 Node Deprivation Attack 278 15.5 Conclusion 278 References 278 16 Recent Trends in Optical Communication, Challenges and Opportunities 281S. Kannadhasan and R. Nagarajan 16.1 Introduction 281 16.2 Optical Fiber Communication 284 16.3 Applications of Optical Communication 286 16.4 Various Sectors of Optical Communication 291 16.5 Conclusion 301 References 302 17 Photonic Communication Systems and Networks 303Naitik S.T., J.V. Gorabal, Shailesh Shetty, Srinivas P.M. and Girish S. 17.1 Introduction 304 17.2 History of LiFi 305 17.3 LiFi Standards 306 17.4 Related Work 308 17.5 Methodology 324 17.6 Proposed Model 325 17.7 Experiment and Results 326 17.8 Applications 326 17.9 Conclusion 328 Acknowledgment 328 References 328 18 RSA-Based Encryption Approach for Preserving Confidentiality Against Factorization Attacks 331Raghunandan K. R. 18.1 Introduction 331 18.2 Related Work 333 18.3 Mathematical Preliminary 335 18.4 Proposed System 337 18.5 Performance Analysis 339 18.6 Conclusion 345 References 346 19 Sailfish Optimizer Algorithm (SFO) for Optimized Clustering in Internet of Things (IoT) Related to the Healthcare Industry 349Battina Srinuvasu Kumar, S.G. Santhi and S. Narayana 19.1 Introduction 350 19.2 Related Works 351 19.3 Proposed Method 352 19.4 System Model 353 19.5 Energy Model 353 19.6 Cluster Formation Using SFO 354 19.7 Results and Discussion 357 19.8 Conclusions 361 References 362 20 Li-Fi Technology and Its Applications 365Sumiksha Shetty, Smitha A.B. and Roshan Rai 20.1 Introduction 365 20.2 Technology Portrayal 367 20.2.1 Li-Fi Modulation Methods 367 20.3 Distinctive Modulation of Li-Fi 369 20.4 Antiquity of Improvements and Li-Fi Innovation 370 20.5 Li-Fi Technology and Its Advantages 371 20.5.1 Free Spectrum 371 20.5.2 Efficiency 371 20.5.3 Accessibility 372 20.5.4 Complexity 372 20.5.5 Security 372 20.5.6 Safety 372 20.5.7 No Fading 373 20.5.8 Cost-Effective 373 20.6 Confines of Li-Fi Innovation 373 20.6.1 Obstructions 374 20.6.2 High Path Forfeiture 374 20.6.3 Uplink Problems 374 20.6.4 NLOS Problems 374 20.7 Application of Li-Fi Technology 375 20.7.1 Spaces wherein Exploiting of RF would be Controlled 375 20.7.1.1 Hospitals 375 20.7.1.2 Airplanes 375 20.7.1.3 Sensitive Floras 375 20.7.2 Traffic Flow Management 376 20.7.3 Submerged Applications 376 20.7.4 Outdoor Permission to the Cyberspace 376 20.7.5 Educational Tenacities 377 20.7.6 Amalgamation of Wi-Fi vs. Li-Fi 377 20.7.7 Optical Attocell 377 20.7.8 Multiple User Permission 378 References 379 21 Smart Emergency Assistance Using Optics 381Chandra Singh, Sachin C. N. Shetty, Manjunatha Badiger and Nischitha 21.1 Introduction 381 21.2 Literature Survey 382 21.3 Methodology 385 21.3.1 Block Diagram Description 386 21.3.2 Concept and Overview 387 21.4 Design and Implementation 388 21.5 Results & Discussion 393 21.6 Conclusion 394 References 394 About the Editors 397 Index 399
£153.00
John Wiley & Sons Inc 6G Key Technologies
Book Synopsis6G Key Technologies An accessible and integrated roadmap to the technologies enabling 6G development In 6G Key Technologies: A Comprehensive Guide, two internationally well-recognized experts deliver a thoroughly original and comprehensive exploration of the technologies enabling and contributing to the development of 6G. The book presents the vision of 6G by reviewing the evolution of communications technologies toward 6G and examining the factors driving that development, as well as their requirements, use cases, key performance indicators, and more. Readers will discover: Thorough introductions to the standardization and technology evolution toward 6G, as well as the vision behind the development of 6G in terms of architectures, algorithms, protocols, and applications. In-depth explorations of full-spectrum wireless technologies in 6G, including enhanced millimeter wave technologies, terahertz-based communications and networking, viTable of ContentsPreface xv List of Abbreviations xxi Part I The Vision of 6G and Technical Evolution 1 1 Standards History of Cellular Systems Toward 6G 3 1.1 0G: Pre-Cellular Systems 4 1.2 1G: The Birth of Cellular Network 6 1.2.1 Nordic Mobile Telephone (NMT) 7 1.2.2 Advanced Mobile Phone System (AMPS) 8 1.3 2G: From Analog to Digital 9 1.3.1 Global System for Mobile communications (GSM) 10 1.3.2 Digital Advanced Mobile Phone System (D-AMPS) 11 1.3.3 Interim Standard 95 (IS-95) 11 1.3.4 Personal Digital Cellular (PDC) 12 1.3.5 General Packet Radio Service (GPRS) 12 1.3.6 Enhanced Data Rates for GSM Evolution (EDGE) 14 1.4 3G: From Voice to Data-Centric 15 1.4.1 Wideband Code-Division Multiple Access (WCDMA) 16 1.4.2 Code-Division Multiple Access 2000 (CDMA2000) 18 1.4.3 Time Division-Synchronous Code-Division Multiple Access (TD-SCDMA) 21 1.4.4 Worldwide Interoperability for Microwave Access (WiMAX) 22 1.5 4G: Mobile Internet 23 1.5.1 Long-Term Evolution-Advanced (LTE-Advanced) 25 1.5.2 WirelessMAN-Advanced 28 1.6 5G: From Human to Machine 30 1.7 Beyond 5G 37 1.8 Conclusions 39 References 39 2 Pre-6G Technology and System Evolution 43 2.1 1G –AMPS 44 2.1.1 System Architecture 44 2.1.2 Key Technologies 46 2.1.2.1 Frequency Reuse 46 2.1.2.2 Cell Splitting 47 2.1.2.3 Sectorization 48 2.1.2.4 Handover 48 2.1.2.5 Frequency-Division Multiple Access 49 2.2 2G –GSM 49 2.2.1 System Architecture 50 2.2.1.1 Mobile Station Subsystem 50 2.2.1.2 Bases Station Subsystem 50 2.2.1.3 Network and Switching Subsystem 51 2.2.1.4 Operation and Support Subsystem 51 2.2.1.5 General Packet Radio Service 52 2.2.1.6 Gateway GPRS Support Node 53 2.2.2 Key Technologies 53 2.2.2.1 Time-Division Multiple Access 53 2.2.2.2 Frequency Hopping 54 2.2.2.3 Speech Compression 55 2.2.2.4 Channel Coding 55 2.2.2.5 Digital Modulation 56 2.2.2.6 Discontinuous Transmission (DXT) 56 2.3 3G –WCDMA 56 2.3.1 System Architecture 57 2.3.1.1 User Equipment 57 2.3.1.2 UMTS Terrestrial Radio Access Network 58 2.3.1.3 Core Network 59 2.3.2 Key Technologies 60 2.3.2.1 Code-Division Multiple Access 60 2.3.2.2 Rake Receiver 63 2.3.2.3 Turbo Codes 63 2.4 4G – LTE 64 2.4.1 System Architecture 65 2.4.1.1 Evolved Universal Terrestrial Radio Access Network 65 2.4.1.2 Evolved Packet Core 65 2.4.2 Key Technologies 68 2.4.2.1 Orthogonal Frequency-Division Multiplexing 70 2.4.2.2 Carrier Aggregation 71 2.4.2.3 Relaying 71 2.4.2.4 Heterogeneous Network 72 2.4.2.5 Coordinated Multi-Point Transmission and Reception 73 2.4.2.6 Device-to-Device Communications 73 2.4.2.7 License-Assisted Access 74 2.5 5G –New Radio 75 2.5.1 System Architecture 76 2.5.1.1 5G Core Network 77 2.5.1.2 Next Generation Radio Access Network 79 2.5.2 Key Technologies 81 2.5.2.1 Massive MIMO 81 2.5.2.2 MillimeterWave 82 2.5.2.3 Non-Orthogonal Multiple Access 83 2.5.2.4 SDN/NFV 84 2.5.2.5 Network Slicing 85 2.5.2.6 Polar Codes 86 2.6 Conclusions 87 References 87 3 The Vision of 6G: Drivers, Enablers, Uses, and Roadmap 89 3.1 Background 90 3.2 Explosive Mobile Traffic 92 3.3 Use Cases 94 3.4 Usage Scenarios 98 3.5 Performance Requirements 102 3.6 Research Initiatives and Roadmap 107 3.6.1 ITU 108 3.6.2 Third Generation Partnership Project 110 3.6.3 Industry 110 3.6.4 Europe 110 3.6.5 The United States 113 3.6.6 China 116 3.6.7 Japan 116 3.6.8 South Korea 117 3.7 Key Technologies 117 3.7.1 MillimeterWave 118 3.7.2 Terahertz Communications 118 3.7.3 Optical Wireless Communications 119 3.7.4 Massive MIMO 120 3.7.5 Intelligent Reflecting Surfaces 121 3.7.6 Next-Generation Multiple Access 122 3.7.7 Open Radio Access Network 123 3.7.8 Non-Terrestrial Networks 124 3.7.9 Artificial Intelligence 125 3.7.10 Communication-Computing-Sensing Convergence 127 3.8 Conclusions 128 References 128 Part II Full-Spectra Wireless Communications in 6G 131 4 Enhanced Millimeter-Wave Wireless Communications in 6G 133 4.1 Spectrum Shortage 134 4.2 mmWave Propagation Characteristics 136 4.2.1 Large-Scale Propagation Effects 137 4.2.1.1 Free-Space Propagation Loss 137 4.2.1.2 NLOS Propagation and Shadowing 139 4.2.1.3 Atmospheric Attenuation 141 4.2.2 Small-Scale Propagation Effects 143 4.2.3 Delay Spread and Coherence Bandwidth 145 4.2.4 Doppler Spread and Coherence Bandwidth 146 4.2.5 Angular Spread 149 4.3 Millimeter-Wave Channel Models 152 4.3.1 Large-Scale Fading 152 4.3.2 3GPP Channel Models 155 4.3.2.1 Urban Micro Scenario 155 4.3.2.2 Urban Macro Scenario 156 4.3.2.3 Indoor Scenario 157 4.3.3 Small-Scale Fading 159 4.4 mmWave Transmission Technologies 163 4.4.1 Beamforming 163 4.4.1.1 Digital Beamforming 164 4.4.1.2 Analog Beamforming 168 4.4.1.3 Hybrid Beamforming 169 4.4.1.4 3D Beamforming 173 4.4.2 Initial Access 175 4.4.2.1 Multi-Beam Synchronization and Broadcasting 176 4.4.2.2 Conventional Initial Access in LTE 178 4.4.2.3 Beam-Sweeping Initial Access in NR 181 4.4.3 Omnidirectional Beamforming 183 4.4.3.1 Random Beamforming 185 4.4.3.2 Enhanced Random Beamforming 187 4.4.3.3 Complementary Random Beamforming 190 4.5 Summary 192 References 193 5 Terahertz Technologies and Systems for 6G 195 5.1 Potential of Terahertz Band 196 5.1.1 Spectrum Limit 196 5.1.2 The Need of Exploiting Terahertz Band 198 5.1.3 Spectrum Regulation on Terahertz Band 203 5.2 Terahertz Applications 205 5.2.1 Terahertz Wireless Communications 205 5.2.1.1 Terabit Cellular Hotspot 205 5.2.1.2 Terabit Wireless Local-Area Network 206 5.2.1.3 Terabit Device-To-Device Link 206 5.2.1.4 Secure Wireless Communication 207 5.2.1.5 Terabit Wireless Backhaul 207 5.2.1.6 Terahertz Nano-Communications 208 5.2.2 Non-Communication Terahertz Applications 209 5.2.2.1 Terahertz Sensing 209 5.2.2.2 Terahertz Imaging 210 5.2.2.3 Terahertz Positioning 212 5.3 Challenges of Terahertz Communications 212 5.3.1 High Free-Space Path Loss 213 5.3.2 Atmospheric Attenuation 215 5.3.3 Weather Effects 222 5.3.4 Blockage 224 5.3.5 High Channel Fluctuation 226 5.4 Array-of-Subarrays Beamforming 228 5.5 Lens Antenna 231 5.5.1 Refraction of RadioWaves 232 5.5.2 Lens Antenna Array 233 5.6 Case Study – IEEE 802.15.3d 236 5.6.1 IEEE 802.15.3d Usage Scenarios 237 5.6.2 Physical Layer 240 5.6.2.1 Channelization 240 5.6.2.2 Modulation 242 5.6.2.3 Forward Error Correction 242 5.6.3 Medium Access Control 244 5.6.4 Frame Structure 246 5.6.4.1 Preamble 247 5.6.4.2 PHY Header 247 5.6.4.3 MAC Header 248 5.6.4.4 Construction Process of Frame Header 248 5.7 Summary 250 References 251 6 Optical and Visible Light Wireless Communications in 6G 253 6.1 The Optical Spectrum 254 6.1.1 Infrared 254 6.1.2 Visible Light 256 6.1.3 Ultraviolet 257 6.2 Advantages and Challenges 258 6.3 OWC Applications 262 6.4 Evolution of Optical Wireless Communications 264 6.4.1 Wireless Infrared Communications 265 6.4.2 Visible Light Communications 266 6.4.3 Wireless Ultraviolet Communications 267 6.4.4 Free-Space Optical Communications 268 6.5 Optical Transceiver 268 6.6 Optical Sources and Detectors 271 6.6.1 Light-Emitting Diode 273 6.6.2 Laser Diode 276 6.6.3 Photodiode 280 6.7 Optical Link Configuration 283 6.8 Optical MIMO 286 6.8.1 Spatial Multiplexing 286 6.8.2 Spatial Modulation 289 6.9 Summary 292 References 292 Part III Smart Radio Networks and Air Interface Technologies for 6G 295 7 Intelligent Reflecting Surface-Aided Communications for 6G 297 7.1 Basic Concept 298 7.2 IRS-Aided Single-Antenna Transmission 302 7.2.1 Signal Model 303 7.2.2 Passive Beamforming 306 7.2.3 Product-Distance Path Loss 309 7.3 IRS-Aided Multi-Antenna Transmission 310 7.3.1 Joint Active and Passive Beamforming 310 7.3.1.1 SDR Solution 312 7.3.1.2 Alternating Optimization 314 7.3.2 Joint Precoding and Reflecting 315 7.4 Dual-Beam Intelligent Reflecting Surface 318 7.4.1 Dual Beams Over Hybrid Beamforming 318 7.4.2 Dual-Beam IRS 321 7.4.3 Optimization Design 322 7.5 IRS-Aided Wideband Communications 325 7.5.1 Cascaded Frequency-Selective Channel 325 7.5.2 IRS-Aided OFDM System 327 7.5.3 Rate Maximization 330 7.6 Multi-User IRS Communications 331 7.6.1 Multiple Access Model 332 7.6.2 Orthogonal Multiple Access 333 7.6.2.1 Time-Division Multiple Access 334 7.6.2.2 Frequency-Division Multiple Access 336 7.6.3 Non-Orthogonal Multiple Access 337 7.7 Channel Aging and Prediction 339 7.7.1 Outdated Channel State Information 341 7.7.1.1 Doppler Shift 341 7.7.1.2 Phase Noise 343 7.7.2 Impact of Channel Aging on IRS 343 7.7.3 Classical Channel Prediction 345 7.7.3.1 Autoregressive Model 345 7.7.3.2 Parametric Model 347 7.7.4 Recurrent Neural Network 348 7.7.5 RNN-Based Channel Prediction 351 7.7.5.1 Flat-Fading Channel Prediction 352 7.7.5.2 Frequency-Selective Fading Channel Prediction 353 7.7.6 Long-Short Term Memory 355 7.7.7 Deep Learning-Based Channel Prediction 358 7.8 Summary 359 References 359 8 Multiple Dimensional and Antenna Techniques for 6G 363 8.1 Spatial Diversity 364 8.2 Receive Combining 366 8.2.1 Selection Combining 368 8.2.2 Maximal Ratio Combining 370 8.2.3 Equal-Gain Combining 373 8.3 Space-Time Coding 374 8.3.1 Repetition Coding 375 8.3.2 Space-Time Trellis Codes 377 8.3.3 Alamouti Coding 379 8.3.4 Space-Time Block Codes 381 8.4 Transmit Antenna Selection 383 8.5 Beamforming 386 8.5.1 Classical Beamforming 386 8.5.2 Single-Stream Precoding 390 8.6 Spatial Multiplexing 393 8.6.1 Single-User MIMO 394 8.6.2 MIMO Precoding 400 8.6.2.1 Full CSI at the Transmitter 400 8.6.2.2 Limited CSI at the Transmitter 403 8.6.3 MIMO Detection 406 8.6.3.1 Maximum-Likelihood Detection 406 8.6.3.2 Linear Detection 407 8.6.3.3 Successive Interference Cancelation 410 8.7 Summary 413 References 413 9 Cellular and Cell-Free Massive MIMO Techniques in 6G 417 9.1 Multi-User MIMO 418 9.1.1 Broadcast and Multiple-Access Channels 419 9.1.2 Multi-User Sum Capacity 422 9.1.3 Dirty Paper Coding 425 9.1.4 Zero-Forcing Precoding 428 9.1.5 Block Diagonalization 429 9.2 Massive MIMO 432 9.2.1 CSI Acquisition 433 9.2.2 Linear Detection in Uplink 435 9.2.2.1 Matched Filtering 436 9.2.2.2 ZF Detection 436 9.2.2.3 MMSE Detection 437 9.2.3 Linear Precoding in Downlink 437 9.2.3.1 Conjugate Beamforming 438 9.2.3.2 ZF Precoding 438 9.2.3.3 Regularized ZF Precoding 439 9.3 Multi-Cell Massive MIMO 439 9.3.1 Pilot Contamination 441 9.3.2 Uplink Data Transmission 444 9.3.3 Downlink Data Transmission 446 9.4 Cell-Free Massive MIMO 447 9.4.1 Cell-Free Network Layout 448 9.4.2 Uplink Training 449 9.4.3 Uplink Signal Detection 451 9.4.3.1 Matched Filtering 452 9.4.3.2 ZF Detection 452 9.4.3.3 MMSE Detection 452 9.4.4 Conjugate Beamforming 453 9.4.5 Zero-Forcing Precoding 455 9.4.6 Impact of Channel Aging 457 9.4.6.1 Channel Aging 457 9.4.6.2 Performance Degradation 460 9.5 Opportunistic Cell-Free Communications 464 9.5.1 Cell-free Massive Wideband Systems 464 9.5.2 Opportunistic AP Selection 466 9.5.3 Spectral Efficiency Analysis 468 9.6 Summary 472 References 472 10 Adaptive and Non-Orthogonal Multiple Access Systems in 6G 475 10.1 Frequency-Selective Fading Channel 476 10.2 Multi-Carrier Modulation 480 10.2.1 The Synthesis and Analysis Filters 480 10.2.2 Polyphase Implementation 483 10.2.3 Filter Bank Multi-Carrier 486 10.3 Orthogonal Frequency-Division Multiplexing 487 10.3.1 DFT Implementation 491 10.3.2 Cyclic Prefix 493 10.3.3 Frequency-Domain Signal Processing 496 10.3.4 Out-of-Band Emission 499 10.4 Orthogonal Frequency-Division Multiple Access 503 10.4.1 Orthogonal Frequency-Division Multiple Access 503 10.4.2 Single-Carrier Frequency-Division Multiple Access 505 10.4.3 Cyclic Delay Diversity 507 10.4.4 Multi-Cell OFDMA 510 10.5 Cell-Free Massive MIMO-OFDMA 512 10.5.1 The System Model 513 10.5.2 The Communication Process 516 10.5.2.1 Uplink Training 516 10.5.2.2 Uplink Payload Data Transmission 518 10.5.2.3 Downlink Payload Data Transmission 518 10.5.3 User-Specific Resource Allocation 519 10.6 Non-Orthogonal Multiple Access 520 10.6.1 Fundamentals of NOMA 521 10.6.1.1 Downlink Non-Orthogonal Multiplexing 522 10.6.1.2 Uplink Non-Orthogonal Multiple Access 525 10.6.2 Multi-User Superposition Coding 528 10.6.3 Uplink Grant-Free Transmission 531 10.6.4 Code-Domain NOMA 533 10.6.4.1 Low-Density Signature-CDMA/OFDM 533 10.6.4.2 Sparse Code Multiple Access 536 10.7 Summary 538 References 538 Index 541
£97.20
John Wiley & Sons Inc ISC2 SSCP Systems Security Certified Practitioner
Book SynopsisTable of ContentsIntroduction xi Chapter 1 Security Operations and Administration (Domain 1) 1 Chapter 2 Access Controls (Domain 2) 21 Chapter 3 Risk Identification, Monitoring, and Analysis (Domain 3) 37 Chapter 4 Incident Response and Recovery (Domain 4) 61 Chapter 5 Cryptography (Domain 5) 79 Chapter 6 Network and Communications Security (Domain 6) 95 Chapter 7 Systems and Application Security (Domain 7) 119 Chapter 8 Practice Test 1 141 Chapter 9 Practice Test 2 169 Appendix Answers to Review Questions 197 Chapter 1: Security Operations and Administration (Domain 1) 198 Chapter 2: Access Controls (Domain 2) 204 Chapter 3: Risk Identification, Monitoring, and Analysis (Domain 3) 212 Chapter 4: Incident Response and Recovery (Domain 4) 221 Chapter 5: Cryptography (Domain 5) 229 Chapter 6: Network and Communications Security (Domain 6) 235 Chapter 7: Systems and Application Security (Domain 7) 246 Chapter 8: Practice Test 1 255 Chapter 9: Practice Test 2 269 Index 283
£25.60
John Wiley & Sons Inc Fight Fire with Fire
Book SynopsisOrganizations around the world are in a struggle for survival, racing to transform themselves in a herculean effort to adapt to the digital age, all while protecting themselves from headline-grabbing cybersecurity threats. As organizations succeed or fail, the centrality and importance of cybersecurity and the role of the CISOChief Information Security Officerbecomes ever more apparent. It''s becoming clear that the CISO, which began as a largely technical role, has become nuanced, strategic, and a cross-functional leadership position. Fight Fire with Fire: Proactive Cybersecurity Strategies for Today''s Leaders explores the evolution of the CISO''s responsibilities and delivers a blueprint to effectively improve cybersecurity across an organization. Fight Fire with Fire draws on the deep experience of its many all-star contributors. For example: Learn how to talk effectively with the Board from engineer-turned-executive Marianne Bailey, a toTable of ContentsIntroduction 1 Part One People 3 Chapter 1 From Technologist to Strategist 9Sanju Misra Chapter 2 Communicating with the Board 21Marianne Bailey Chapter 3 Building a Culture of Security 29Susan Koski Chapter 4 Who Is Behind the Evolving Threat Landscape? 43Jenny Menna Chapter 5 Addressing the Skills and Diversity Gap 59Lisa Donnan Part Two Process 69 Chapter 6 Effective Cyber Risk Management Requires Broad Collaboration 75Suzanne Hartin and Maria S Thompson Chapter 7 Blending NOC and SOC 91Mel T Migriño Chapter 8 Security by Design: Strategies for a Shift-Left Culture 103Anne Marie Zettlemoyer Chapter 9 From Enforcer to Strategic Partner: The Changing Role of Governance, Risk, and Compliance 117Beth-Anne Bygum Chapter 10 Don’t Let Cyber Supply Chain Security Be Your Weakest Link 135Terry Roberts Part Three Technology 155 Chapter 11 Cybersecurity in the Cloud 161Fatima Boolani Chapter 12 The Convergence of Cyber and Physical: IoT and Edge Security 169Sonia E Arista Chapter 13 Security-Driven Networking 181Laura Deaner Chapter 14 Achieving End-to-End Security 193Renee Tarun Glossary 205 Resources We Rely On 215 Index 223
£19.54
John Wiley & Sons Inc ISC2 SSCP Systems Security Certified Practitioner
Book SynopsisTable of ContentsIntroduction xxv Assessment Test xlviii Part I Getting Started as an SSCP 1 Chapter 1 The Business Case for Decision Assurance and Information Security 3 Information: The Lifeblood of Business 4 Policy, Procedure, and Process: How Business Gets Business Done 10 Who Runs the Business? 20 Summary 24 Exam Essentials 24 Review Questions 26 Chapter 2 Information Security Fundamentals 33 The Common Needs for Privacy, Confidentiality, Integrity, and Availability 34 Training and Educating Everybody 47 SSCPs and Professional Ethics 47 Summary 49 Exam Essentials 50 Review Questions 54 Part II Integrated Risk Management and Mitigation 61 Chapter 3 Integrated Information Risk Management 63 It’s a Dangerous World 64 The Four Faces of Risk 75 Getting Integrated and Proactive with Information Defense 83 Risk Management: Concepts and Frameworks 89 Risk Assessment 95 Four Choices for Limiting or Containing Damage 107 Summary 114 Exam Essentials 114 Review Questions 120 Chapter 4 Operationalizing Risk Mitigation 127 From Tactical Planning to Information Security Operations 128 Operationalizing Risk Mitigation: Step by Step 134 The Ongoing Job of Keeping Your Baseline Secure 164 Ongoing, Continuous Monitoring 174 Reporting to and Engaging with Management 182 Summary 183 Exam Essentials 183 Review Questions 189 Part III The Technologies of Information Security 197 Chapter 5 Communications and Network Security 199 Trusting Our Communications in a Converged World 200 Internet Systems Concepts 206 Two Protocol Stacks, One Internet 218 Wireless Network Technologies 240 IP Addresses, DHCP, and Subnets 243 IPv4 vs. IPv6: Important Differences and Options 248 CIANA Layer by Layer 251 Securing Networks as Systems 262 Summary 273 Exam Essentials 273 Review Questions 280 Chapter 6 Identity and Access Control 285 Identity and Access: Two Sides of the Same CIANA+PS Coin 286 Identity Management Concepts 288 Access Control Concepts 295 Network Access Control 305 Implementing and Scaling IAM 310 User and Entity Behavior Analytics (UEBA) 329 Zero Trust Architectures 332 Summary 333 Exam Essentials 334 Review Questions 343 Chapter 7 Cryptography 349 Cryptography: What and Why 350 Building Blocks of Digital Cryptographic Systems 358 Keys and Key Management 367 “Why Isn’t All of This Stuff Secret?” 373 Cryptography and CIANA+PS 375 Public Key Infrastructures 381 Applying Cryptography to Meet Different Needs 399 Managing Cryptographic Assets and Systems 405 Measures of Merit for Cryptographic Solutions 407 Attacks and Countermeasures 408 PKI and Trust: A Recap 418 On the Near Horizon 420 Summary 423 Exam Essentials 424 Review Questions 429 Chapter 8 Hardware and Systems Security 435 Infrastructure Security Is Baseline Management 437 Securing the Physical Context 442 Infrastructures 101 and Threat Modeling 444 Endpoint Security 457 Malware: Exploiting the Infrastructure’s Vulnerabilities 462 Privacy and Secure Browsing 466 “The Sin of Aggregation” 469 Updating the Threat Model 469 Managing Your Systems’ Security 470 Summary 471 Exam Essentials 472 Review Questions 478 Chapter 9 Applications, Data, and Cloud Security 483 It’s a Data-Driven World…At the Endpoint 484 Software as Appliances 487 Applications Lifecycles and Security 490 CIANA+PS and Applications Software Requirements 498 Application Vulnerabilities 504 “Shadow IT:” The Dilemma of the User as Builder 507 Information Quality and Information Assurance 511 Protecting Data in Motion, in Use, and at Rest 514 Into the Clouds: Endpoint App and Data Security Considerations 522 Legal and Regulatory Issues 533 Countermeasures: Keeping Your Apps and Data Safe and Secure 535 Summary 536 Exam Essentials 537 Review Questions 548 Part IV People Power: What Makes or Breaks Information Security 555 Chapter 10 Incident Response and Recovery 557 Defeating the Kill Chain One Skirmish at a Time 558 Harsh Realities of Real Incidents 564 Incident Response Framework 566 Preparation 571 Detection and Analysis 578 Containment and Eradication 584 Recovery: Getting Back to Business 587 Post-Incident Activities 590 Summary 594 Exam Essentials 595 Review Questions 601 Chapter 11 Business Continuity via Information Security and People Power 607 What Is a Disaster? 608 Surviving to Operate: Plan for It! 609 Timelines for BC/DR Planning and Action 615 Options for Recovery 617 Cloud- Based “Do- Over” Buttons for Continuity, Security, and Resilience 623 People Power for BC/DR 626 Security Assessment: For BC/DR and Compliance 633 Converged Communications: Keeping Them Secure During BC/DR Actions 634 Summary 637 Exam Essentials 637 Review Questions 641 Chapter 12 Cross-Domain Challenges 647 Operationalizing Security Across the Immediate and Longer Term 648 Supply Chains, Security, and the SSCP 657 Other Dangers on the Web and Net 662 On Our Way to the Future 666 Enduring Lessons 672 Your Next Steps 677 At the Close 678 Exam Essentials 678 Review Questions 683 Appendix Answers to Review Questions 689 Chapter 1: The Business Case for Decision Assurance and Information Security 690 Chapter 2: Information Security Fundamentals 693 Chapter 3: Integrated Information Risk Management 695 Chapter 4: Operationalizing Risk Mitigation 698 Chapter 5: Communications and Network Security 701 Chapter 6: Identity and Access Control 704 Chapter 7: Cryptography 707 Chapter 8: Hardware and Systems Security 709 Chapter 9: Applications, Data, and Cloud Security 712 Chapter 10: Incident Response and Recovery 715 Chapter 11: Business Continuity via Information Security and People Power 718 Chapter 12: Cross- Domain Challenges 722 Index 727
£38.00
John Wiley & Sons Inc Software Defined Networks
Book SynopsisSOFTWARE DEFINED NETWORKS Software defined networking suggests an alternative worldview, one that comes with a new software stack to which this book is organized, with the goal of presenting a top-to-bottom tour of SDN without leaving any significant gaps that the reader might suspect can only be filled with magic or proprietary code. Software defined networking (SDN) is an architecture designed to make a network more flexible and easier to manage. SDN has been widely adopted across data centers, WANs, and access networks and serves as a foundational element of a comprehensive intent-based networking (IBN) architecture. Although SDN has so far been limited to automated provisioning and configuration, IBN now adds translation and assurance so that the complete network cycle can be automated, continuously aligning the network to business needs. In 14 chapters, this book provides a comprehensive understanding of an SDN-based network as a scalable distributed system Table of ContentsPreface xxi 1 Introduction to Software Defined Networking 1Subhra Priyadarshini Biswal and Sanjeev Patel 1.1 Introduction 2 1.2 Terminology and Architecture 5 1.2.1 Infrastructure Layer 9 1.2.2 Southbound Interfaces Layer 11 1.2.3 Network Hypervisors Layer 11 1.2.4 Controller Layer 12 1.2.5 Northbound Interfaces 13 1.3 The Role of Network Operating Systems 14 1.4 SDN Versus NFV 16 1.5 The Role of NFV into SDN-Based IoT Systems 17 1.6 Challenges and Future Directions 19 1.7 Applications of SDN in IT Industries 21 1.8 Conclusion and Future Scope 23 References 24 2 Software-Defined Networks: Perspectives and Applications 29Inderjeet Kaur, Anupama Sharma, Amita Agnihotri and Charu Agarwal 2.1 Introduction 30 2.2 SDN Architecture 32 2.2.1 Key Takeaways of SDN Architecture 35 2.2.2 Open Flow 36 2.3 Functionalities of SDN 39 2.3.1 SDN Benefits 40 2.4 SDN vs. Traditional Hardware-Based Network 41 2.5 Load Balancing in SDN 44 2.5.1 SDN-Based Load Balancer in Cloud Computing 47 2.5.2 SDN Without Cloud Computing 49 2.6 SDN Security 49 2.6.1 Security Threats and Attacks 51 2.7 SDN Applications 53 2.8 Research Directions 55 2.9 Conclusion 55 References 56 3 Software-Defined Networks and Its Applications 63Rajender Kumar, Alankrita Aggarwal, Karun Handa, Punit Soni and Mukesh Kumar 3.1 Introduction 64 3.2 SDN vs Traditional Networks 65 3.3 SDN Working: A Functional Overview 67 3.4 Components and Implementation Architecture 68 3.4.1 Components of an SDN 68 3.4.1.1 SDN Application 68 3.4.1.2 SDN Controller 69 3.4.1.3 SDN Datapath 69 3.4.1.4 SDN Control to Data-Plane Interface (CDPI) 69 3.4.1.5 SDN Northbound Interfaces (NBI) 69 3.4.1.6 SDN Control Plane: Incorporated-Hierarchical-Distributed 69 3.4.1.7 Controller Placement 70 3.4.1.8 OpenFlow and Open Source in SDN Architecture 70 3.4.2 SDN Design 70 3.4.2.1 Northward APIs 71 3.4.2.2 Southward APIs 71 3.4.2.3 Orchestrator 71 3.4.2.4 Controller 71 3.4.2.5 Compute 71 3.5 Implementation Architecture 72 3.6 Pros and Cons of SDN 72 3.6.1 SDN Misconceptions 73 3.6.2 Pros of SDN 73 3.6.2.1 Centralized Network Provisioning 73 3.6.2.2 Holistic Enterprise Management 73 3.6.2.3 More Granular Security 74 3.6.2.4 Lower Operating Costs 74 3.6.2.5 Hardware-Savings and Reduced Capital Expenditures 74 3.6.2.6 Cloud Abstraction 75 3.6.2.7 Guaranteed Content Delivery 75 3.6.3 Cons of SDN 75 3.6.3.1 Latency 75 3.6.3.2 Maintenance 75 3.6.3.3 Complexity 75 3.6.3.4 Configuration 76 3.6.3.5 Device Security 76 3.7 SDN Applications 76 3.7.1 SDN Environment for Applications 76 3.7.1.1 Internal SDN Applications 77 3.7.1.2 External SDN Applications 77 3.7.1.3 Security Services 77 3.7.1.4 Network Monitoring and Intelligence 77 3.7.1.5 Data Transmission Management 78 3.7.1.6 Content Availability 78 3.7.1.7 Guideline and Compliance-Bound Applications 78 3.7.1.8 Elite Applications 79 3.7.1.9 Circulated Application Control and Cloud Integration 79 3.7.2 Common Application of SDN in Enterprise Networks 79 3.7.2.1 Further Developed Security 80 3.7.2.2 Diminished Working Expenses 80 3.7.2.3 A Superior Client Experience 81 3.7.3 SDN Drives in the Enterprise 81 3.7.3.1 Bringing Together and Improving on the Administration Plane 81 3.7.3.2 Accomplishing Programmability of the Control Plane 81 3.7.3.3 Simple Client Onboarding 82 3.7.3.4 Simple Endpoint Security 82 3.7.3.5 Simple Traffic Checking 82 3.7.3.6 SES Client Onboarding 83 3.7.3.7 Client Onboarding 83 3.7.3.8 SES Simple Endpoint Security: Distinguishing Dubious Traffic 83 3.7.3.9 SES Simple Traffic Observing 84 3.7.3.10 Synopsis 84 3.7.4 SDN Stream Sending (SDN) 84 3.7.4.1 Proactive Versus Reactive Versus Hybrid 84 3.7.4.2 DMN 85 3.7.4.3 SD-WAN 85 3.7.4.4 SD-LAN 85 3.7.4.5 Security Using the SDN Worldview 85 3.7.5 Security Utilizing the SDN Paradigm 86 3.7.6 Gathering Data Delivery Using SDN 87 3.7.7 Relationship of SDN to NFV 87 3.8 Future Research Directions of SDN 88 3.9 Conclusion & Future Scope 89 References 90 4 Latency-Based Routing for SDN-OpenFlow Networks 97Hima Bindu Valiveti, Meenakshi K, Swaraja K, Jagannadha Swamy Tata, Chaitanya Duggineni, Swetha Namburu and Sri Indrani Kotamraju 4.1 Introduction to Generations of Networks 98 4.2 Features of 5G Systems 99 4.3 Software-Defined Networking (SDN) 102 4.4 Proposed Work 105 4.4.1 Path Selection Algorithm 106 4.4.2 Optimized Path Selection 106 4.4.2.1 Forwarding Node Selection 106 4.4.2.2 Priority Scheduling 108 4.4.2.3 Priority Classification 108 4.5 Experimentation and Results 109 4.5.1 Implementation of Traffic Streaming 109 4.6 Performance Analysis 113 4.7 Conclusion and Future Scope 116 References 116 5 QoS Improvement Evaluation With An Effective Switch Assignment to the Controller in Real-Time SDN Environment 119Jehad Ali and Byeong-hee Roh 5.1 Introduction 120 5.1.1 Objectives 121 5.2 Architecture of SDN 121 5.2.1 Data Plane 123 5.2.2 Southbound (SB) APIs 123 5.2.3 NB API 124 5.2.4 Management Plane 125 5.2.5 Control Plane 125 5.3 Controller Placement Effect on the QoS 125 5.4 Communication between the Control and Data Planes 126 5.5 Related Works 128 5.6 Parameters for Computing E2E Delay 129 5.6.1 Path Discovery Delay (PD) 129 5.6.2 Actual Delay (AD) 129 5.7 Clustering Based on the Latency of the Emulated Mininet Network 130 5.8 Results and Discussion 131 5.9 Conclusion and Future Directions 133 References 134 6 An Insight into Traffic Engineering in Software-Defined Networks 137Prabu U. and Geetha V. 6.1 Introduction 138 6.2 Related Works 142 6.3 Review on Traffic Engineering Techniques in SDN 145 6.4 Review on Traffic Engineering Techniques in Hybrid SDN 163 6.5 Review on Traffic Matrix Estimation and Measurement Techniques in SDN 169 6.6 Analysis and Research Direction 177 6.7 Conclusion and Future Scope 179 References 179 7 Network Functions Virtualization and SDN 191Priyanka Kujur and Sanjeev Patel 7.1 Introduction 192 7.2 Types of Virtualizations 194 7.2.1 Server Virtualization 194 7.2.2 Network Virtualization 195 7.2.3 Application Virtualization 195 7.2.4 Desktop Virtualization 197 7.2.5 Storage Virtualization 197 7.3 Wireless Network Virtualization 198 7.3.1 Radio Spectrum Resources 198 7.3.2 Wireless Network Infrastructure 199 7.3.3 Wireless Virtual Resources 200 7.3.3.1 Spectrum-Level Slicing 200 7.3.3.2 Infrastructure-Level Slicing 200 7.3.3.3 Network-Level Slicing 200 7.3.3.4 Flow-Level Slicing 200 7.3.4 Wireless Virtualization Controller 201 7.4 Network Functions Virtualization and Software-Defined Network 201 7.4.1 Network Virtualization 201 7.4.2 Network Functions Virtualization 201 7.4.2.1 Network Functions Virtualization Infrastructure 202 7.4.2.2 Virtual Network Functions 203 7.4.2.3 Network Functions Virtualization Management and Orchestration 203 7.4.2.4 NFV Challenges 204 7.4.3 Benefits of NFV 204 7.4.3.1 Coexistence of Dissimilar Network 204 7.4.3.2 Encouraging Network Innovation 204 7.4.3.3 Deployment of Agile Network Capabilities 204 7.4.3.4 Provisioning of Independent and Diverse Networks 205 7.4.3.5 Resource Optimization 205 7.4.3.6 Deployment of Distinct Network Services 205 7.4.4 Software-Defined Networking (SDN) 205 7.4.4.1 Traditional Networks 205 7.4.4.2 Need for New Network Architecture 206 7.4.4.3 Introduction to SDN 206 7.4.4.4 SDN Implementation 208 7.4.4.5 SDN Design 208 7.4.4.6 SDN Operation 209 7.4.5 Open Flow 210 7.4.5.1 Open Flow Architecture 211 7.4.5.2 Defining Flow in Open Flow 212 7.4.5.3 Flow and Group Table 213 7.4.6 SDN Benefits 214 7.4.6.1 Centralized Network 214 7.4.6.2 Programmability of the Network 214 7.4.6.3 Rise of Virtualization 214 7.4.6.4 Lower Operating Cost 215 7.4.6.5 Device Configuration and Troubleshooting 215 7.4.7 SDN Challenges 215 7.4.7.1 Reliability 215 7.4.7.2 Scalability 215 7.4.7.3 Performance Under Latency Constraints 216 7.4.7.4 Use of Low-Level Interface Between the Controller and the Network Device 216 7.4.7.5 Controller Placement Problem 216 7.4.7.6 Security 217 7.4.8 SDN versus Traditional Network 217 7.4.9 Network Function Virtualization versus SDN 218 7.5 SDN Architecture 219 7.5.1 Data Plane 219 7.5.2 Control Plane 220 7.5.3 Application Layer 220 7.6 Software-Defined Networking Application 220 7.6.1 Adaptive Routing 220 7.6.2 Load Balancing 221 7.6.3 Boundless Roaming 221 7.6.4 Network Maintenance 222 7.6.5 Network Security 222 7.6.6 SDN for Cloud Computing 222 7.6.7 Internet of Things 224 7.7 Conclusion and Future Scope 224 References 225 8 SDN-Enabled Network Virtualization and Its Applications 231Anil Kumar Rangsietti and Siva Sairam Prasad Kodali 8.1 Introduction 232 8.2 Traditional Cloud Data Centers 234 8.2.1 SDN for Enabling Innovative Traffic Engineering Tasks in Cloud Data Centers 236 8.2.1.1 Optimal Routing Mechanisms 236 8.2.1.2 Flexible Traffic Steering During Network Failure Recovery 238 8.2.1.3 Improved Topology Management Mechanisms 238 8.2.1.4 Innovative Traffic Analysis and Monitoring Mechanisms 239 8.2.1.5 General Challenges in Adopting SDN 239 8.2.2 SDN Role in Flexible Network Virtualization 241 8.2.2.1 Sharing of Physical Infrastructure and Enforcing Multiple Customer Policies 242 8.2.2.2 Strict Customer Policies Enforcement and Service Level Agreements (SLA) Guarantee 243 8.2.2.3 Failures of Devices or Links 243 8.2.2.4 Optimal Utilization of Cloud Resources 244 8.3 Importance of SDN in Network Function Virtualization (NFV) 245 8.3.1 Network Service Chaining (NSC) 248 8.3.2 Importance of NFs Placement in a Cloud Environment 249 8.3.3 Importance of NF Placement and Scaling in NSC 251 8.4 SDN and Network Virtualization Role in Evolution of Next-Generation Wi-Fi and Mobile Networks 253 8.4.1 Software-Defined Solutions for Enterprise Wireless LANs (WLANs) 253 8.4.1.1 Software-Defined APs 254 8.4.1.2 SDN Switches and Controller 256 8.4.2 Software-Defined Mobile Networks and Telecommunication Clouds 258 8.4.3 Necessity and Importance of Telecommunication Clouds 259 8.4.3.1 SDN- and NFV-Enabled Cloud Environments 260 8.4.3.2 Lightweight Virtualization Technologies 261 8.4.3.3 Novel Application Architecture, Such as Cloud Native Applications and Microservices 263 8.5 SDN and NFV Role in 5G and Smart Cities 264 8.5.1 SDN and NFV Role in Designing Deployment Environment for IoT Applications 265 8.5.2 Cloud-Fog-Edge Computing Environments 266 8.5.3 SDN- and NFV-Enabled 5G and Network Slicing Deployment 269 8.6 Conclusions and Future Scope 271 References 272 9 Software-Defined Networking: Recent Developments and Potential Synergies 279Jasminder Kaur Sandhu, Bhawna Singla, Meena Pundir, Sanjeev Rao and Anil Kumar Verma 9.1 Introduction 280 9.2 Characteristics of Software-Defined Networking 282 9.2.1 Open Standards and Vendor Neutral 282 9.2.2 Centrally Managed 283 9.2.3 Decoupled 283 9.2.4 Dynamic/Agile 283 9.2.5 Flow-Based Management 283 9.2.6 Programmable 283 9.3 Applications of Software-Defined Networking 284 9.3.1 Specific Purposes 284 9.3.1.1 Network Management 284 9.3.1.2 Middle-Box 284 9.3.2 Security 285 9.3.3 Networks 285 9.3.3.1 Optical Network 286 9.3.3.2 Home Network 286 9.3.3.3 Wireless Network 286 9.4 Security Issues in Software-Defined Networking 287 9.4.1 Authentication and Authorization 287 9.4.2 Access Control and Accountability 288 9.4.3 Threats from Applications 289 9.4.4 Threats Due to Scalability 289 9.4.5 Denial of Service (DoS) Attacks 290 9.4.6 Challenges in Distributed Control Plane 290 9.5 Potential Attacks in Software-Defined Networking 291 9.5.1 Spoofing 291 9.5.2 ARP Spoofing 291 9.5.2.1 IP Spoofing 293 9.5.3 Tampering 293 9.5.4 Repudiation 294 9.5.5 Information Disclosure 295 9.5.6 DoS 295 9.5.7 Elevation of Privilege 296 9.6 Solutions to Security Issues and Attacks in Software-Defined Networking 297 9.6.1 Spoofing 297 9.6.1.1 ARP Spoofing 297 9.6.1.2 IP Spoofing 301 9.6.2 Tampering 301 9.6.3 Repudiation 301 9.6.3.1 Nonrepudiation Verification 301 9.6.3.2 Accountability 302 9.6.4 Information Disclosure 302 9.6.4.1 Scanning-Based Solutions 302 9.6.4.2 Information Disclosure Countermeasure 302 9.6.5 Denial of Service (DoS) 302 9.6.6 Elevation of Privilege 303 9.7 Software-Defined Networking Framework 303 9.7.1 Global Flow Table 304 9.7.2 VNGuard 304 9.8 Security Enhancement Using the Software-Defined Networking Framework 305 9.8.1 SDN Firewall 305 9.8.2 Access Control 307 9.8.3 Intrusion Detection System/Intrusion Prevention System (IDS/IPS) 307 9.8.4 SDN Policies 307 9.8.5 Monitoring and Auditing 308 9.8.6 Privacy Protection 308 9.8.7 SDN WiFi Networks 308 9.8.8 Mobile SDN 309 9.8.9 BYOD 309 9.8.10 SDN Open Labs 309 9.9 Open Challenge 310 9.9.1 Interaction Between Different Controllers and Switches 310 9.9.2 Controller Security 310 9.9.3 Managing Heterogenous Controllers 310 9.9.4 Standard Protocol for Controller 311 9.9.5 Standard Protocol Between Control and Management Plane 311 9.9.6 Managing the Load Between Controllers 311 9.10 Recommended Best Practices 311 9.10.1 Authentication 312 9.10.2 Access Control 312 9.10.3 Data Confidentiality 312 9.10.4 Nonrepudiation 312 9.10.5 Data Integrity 313 9.10.6 Communication Security 313 9.10.7 Privacy 313 9.10.8 Availability 313 9.11 Conclusion and Future Scope 314 References 315 10 Security Challenges and Analysis for SDN-Based Networks 321Priyanka Kujur, Subhra Priyadarshini Biswal and Sanjeev Patel 10.1 Introduction 322 10.2 Threat Model 325 10.2.1 Spoofing 325 10.2.2 Tampering 325 10.2.3 Repudiation 325 10.2.4 Information Disclosure 325 10.2.5 Denial of Service 326 10.2.6 Elevation of Privileges 326 10.2.7 Threats in SDN Networks 326 10.2.7.1 Attack Surface in SDN 326 10.2.7.2 Security Issues in SDN 327 10.2.7.3 Addressing SDN Security Matters 328 10.2.7.4 Attack to the SDN Architecture 328 10.2.8 Policy-Based SDN Security Architecture 330 10.3 Control Plane Security of SDN 331 10.3.1 Application Coexistence 331 10.3.2 Flow Constraints vs. Flow Circuits 332 10.3.3 An Application Permission Model 332 10.3.4 Application Accountability 332 10.3.5 Toward a Security-Enhanced Control Layer 332 10.4 Security Analysis 332 10.5 Network-Wide Security in SDN 333 10.5.1 Security Systems Development 334 10.5.2 Flow Sampling 335 10.5.3 Traffic Monitoring 336 10.5.4 Access Control 337 10.5.5 Content Inspection 337 10.5.6 Network Resilience 338 10.5.7 Security Middle Boxes 339 10.5.8 Security Challenges in SDN 339 10.6 SDN-Based Virtual and Cloud Networks Security 340 10.6.1 Virtual Networks Security 340 10.6.2 Cloud Networks Security 340 10.7 SDN-Based Secure IoT Frameworks 341 10.8 Conclusion and Future Scope 341 References 342 11 A Novel Secure SDN Architecture for Reliable Data Transmission in 5G Networks 347J. Sathiamoorthy, Usha M. and R. Bhagavath Nishant 11.1 Introduction 348 11.1.1 Organization of the Chapter 352 11.2 Related Work 352 11.3 SDN-5G Networks—What Does the Future Hold? 356 11.4 Layers in SDN-5G Networks 358 11.5 Security Threats 359 11.5.1 Control Plane 360 11.5.2 Data Plane 361 11.5.3 Application Plane 361 11.6 SDN-5G Networks—Possible Attacks and Threats 362 11.6.1 Distributed Denial of Services (DDoS) 362 11.6.2 Solution for DDoS—To Analyze User’s Behavior via Detection Through Entropy 363 11.6.3 Solution for Packet Sniffing 363 11.6.4 Steps in the Handshake Process 364 11.6.5 ARP Spoofing Attack 365 11.6.5.1 ARP Authentication 365 11.6.5.2 Operating System Patching 365 11.6.5.3 API Exploitation 366 11.6.5.4 Password Guessing or Brute Force 366 11. 7 Proposed Methodology 367 11.7.1 Strong Security Architecture for SDN-Based 5G Networks 367 11.8 Security Analysis 373 11.8.1 IP Spoofing 373 11.8.2 MITM Attack 379 11.8.3 Replay Attack 379 11.9 Conclusion and Future Scope 388 References 388 12 Security and Privacy Issues in 5G/6G-Assisted Software-Defined Networks 391Durbadal Chattaraj and Ashok Kumar Das 12.1 Introduction 392 12.1.1 SDN Applications 394 12.1.2 Security and Privacy Issues in SDN 396 12.1.3 Chapter Contributions 397 12.1.4 Chapter Organization 397 12.2 Security and Functionality Requirements in SDN 398 12.3 Network and Threat Models 399 12.3.1 Network Model 399 12.3.2 Adversary Model 402 12.4 Taxonomy of Security Protocols in SDN 405 12.5 Security Solutions in SDN 406 12.5.1 Authentication 407 12.5.2 Access Control 408 12.5.3 Key Management 409 12.5.4 Intrusion Detection 410 12.5.5 Blockchain-Based Security Solution 412 12.6 Comparative Analysis 413 12.6.1 Comparative Analysis on Communication and Computational Costs 414 12.6.2 Comparative Analysis on Security Features 415 12.7 Conclusion and Future Scopes 419 References 420 13 Evolving Requirements and Application of SDN and IoT in the Context of Industry 4.0, Blockchain and Artificial Intelligence 427Sunil Kr. Singh, Sunil Kr Sharma, Dipesh Singla and Shabeg Singh Gill 13.1 Introduction 428 13.2 Objectives of the Chapter 430 13.3 Organization of the Chapter 431 13.4 Software-Defined Network Architecture 431 13.4.1 SDN Planes 434 13.4.1.1 Control Plane 434 13.4.1.2 Data Plane 434 13.4.1.3 Application/Management Plane 435 13.4.2 QoS: Quality of Service 436 13.4.2.1 Jitter 436 13.4.2.2 Packet Loss 436 13.4.2.3 Bandwidth 437 13.4.2.4 Latency 437 13.4.3 OpenQoS 437 13.4.4 Secondnet 438 13.4.5 OpenQFlow 440 13.4.6 CloudNaaS 441 13.4.7 Scalable QoS and Automated Control for Network Convergence 442 13.5 Security 442 13.5.1 Fresco 442 13.5.2 NetFuse 443 13.5.3 Scalability 444 13.5.4 DIFANE 444 13.5.5 DevoFlow 445 13.5.6 Maestro 445 13.5.7 Load Balancing 446 13.5.8 AsterX 446 13.5.9 OpenFlow-Based Server Load Balancing Gone Wild 447 13.6 Software-Defined Network (SDN) With IoT 447 13.7 SDN-Based IoT Architecture 448 13.7.1 IoT’s Architecture With Software Programming Functions 449 13.7.2 SDN Controllers 449 13.7.3 Gateways/Routers 451 13.7.4 Sinks 452 13.7.5 Data Center 452 13.7.6 Design Principles 453 13.7.7 Dynamic Deployment of Security Policies 454 13.8 Role of SDN and IoT in Industry 4.0 456 13.8.1 Industry 4.0 Explained 457 13.8.1.1 Mass Customization 457 13.8.1.2 Flexibility 457 13.8.1.3 Additive Manufacturing 457 13.8.1.4 Better Decision Making 458 13.8.1.5 Simulation and Digital Twins 458 13.8.1.6 Integrated Supply Chain 458 13.8.1.7 Energy Management 458 13.8.1.8 Creating Value from Big Data 459 13.8.1.9 Cyber-Physical Systems 459 13.8.2 Brokerage Services 462 13.8.3 Man4Ware 464 13.8.4 Security 466 13.8.5 Additional Advanced Service Alternatives 467 13.8.6 Interconnection and Integration Between IoT and Industry 4.0 467 13.9 Work in Related Domains of IoT 468 13.10 IoT Computing and Management With SDN 470 13.10.1 Edge Computing 470 13.10.2 Convergence of NFV and Edge Computing 471 13.10.3 Use of Artificial Intelligence (AI) in Software-Defined Networks (SDN) 472 13.10.4 SDN Network Structure and OpenFlow (OF) Protocol 473 13.11 Scope of Blockchain to Secure IoT Using SDN 474 13.11.1 The Architecture of Blockchain-Based SDN 475 13.11.2 Workflow of BC-SDN and Smart Contracts 477 13.11.2.1 Key Components of Workflow 478 13.12 SDN in Various Emerging Areas of IoT 481 13.13 Conclusion and Future Scope 486 References 489 14 SDN-Based Cloud Combining Edge Computing for IoT Infrastructure 497Jyoti Snehi, Manish Snehi, Devendra Prasad, Sarita Simaiya, Isha Kansal and Vidhu Baggan 14.1 Introduction 498 14.1.1 Architecture of SDN vs. Traditional Networks 503 14.1.2 SDN/NFV Tiers 504 14.1.3 Objective of Chapter 509 14.1.4 Organization of Chapter 509 14.2 Challenges with SDN-Based Cloud and NFV Technologies for IoT 510 14.3 Literature Survey 519 14.4 Knowledge-Driven SDN-Based IoT Architecture That Leverages Edge Cloud 526 14.5 Discussion and Future Recommendation 532 14.6 Conclusion 533 References 533 Index 541
£153.00
John Wiley & Sons Inc CASP Certification Kit Exam CAS004
Book Synopsis
£48.75
John Wiley & Sons Inc Deep Reinforcement Learning for Wireless
Book SynopsisDeep Reinforcement Learning for Wireless Communications and Networking Comprehensive guide to Deep Reinforcement Learning (DRL) as applied to wireless communication systems Deep Reinforcement Learning for Wireless Communications and Networking presents an overview of the development of DRL while providing fundamental knowledge about theories, formulation, design, learning models, algorithms and implementation of DRL together with a particular case study to practice. The book also covers diverse applications of DRL to address various problems in wireless networks, such as caching, offloading, resource sharing, and security. The authors discuss open issues by introducing some advanced DRL approaches to address emerging issues in wireless communications and networking. Covering new advanced models of DRL, e.g., deep dueling architecture and generative adversarial networks, as well as emerging problems considered in wireless networks, e.g., ambient backscatterTable of ContentsNotes on Contributors xiii Foreword xiv Preface xv Acknowledgments xviii Acronyms xix Introduction xxii Part I Fundamentals of Deep Reinforcement Learning 1 1 Deep Reinforcement Learning and Its Applications 3 1.1 Wireless Networks and Emerging Challenges 3 1.2 Machine Learning Techniques and Development of DRL 4 1.2.1 Machine Learning 4 1.2.2 Artificial Neural Network 7 1.2.3 Convolutional Neural Network 8 1.2.4 Recurrent Neural Network 9 1.2.5 Development of Deep Reinforcement Learning 10 1.3 Potentials and Applications of DRL 11 1.3.1 Benefits of DRL in Human Lives 11 1.3.2 Features and Advantages of DRL Techniques 12 1.3.3 Academic Research Activities 12 1.3.4 Applications of DRL Techniques 13 1.3.5 Applications of DRL Techniques in Wireless Networks 15 1.4 Structure of this Book and Target Readership 16 1.4.1 Motivations and Structure of this Book 16 1.4.2 Target Readership 19 1.5 Chapter Summary 20 References 21 2 Markov Decision Process and Reinforcement Learning 25 2.1 Markov Decision Process 25 2.2 Partially Observable Markov Decision Process 26 2.3 Policy and Value Functions 29 2.4 Bellman Equations 30 2.5 Solutions of MDP Problems 31 2.5.1 Dynamic Programming 31 2.5.1.1 Policy Evaluation 31 2.5.1.2 Policy Improvement 31 2.5.1.3 Policy Iteration 31 2.5.2 Monte Carlo Sampling 32 2.6 Reinforcement Learning 33 2.7 Chapter Summary 35 References 35 3 Deep Reinforcement Learning Models and Techniques 37 3.1 Value-Based DRL Methods 37 3.1.1 Deep Q-Network 38 3.1.2 Double DQN 41 3.1.3 Prioritized Experience Replay 42 3.1.4 Dueling Network 44 3.2 Policy-Gradient Methods 45 3.2.1 REINFORCE Algorithm 46 3.2.1.1 Policy Gradient Estimation 46 3.2.1.2 Reducing the Variance 48 3.2.1.3 Policy Gradient Theorem 50 3.2.2 Actor-Critic Methods 51 3.2.3 Advantage of Actor-Critic Methods 52 3.2.3.1 Advantage of Actor-Critic (A2C) 53 3.2.3.2 Asynchronous Advantage Actor-Critic (A3C) 55 3.2.3.3 Generalized Advantage Estimate (GAE) 57 3.3 Deterministic Policy Gradient (DPG) 59 3.3.1 Deterministic Policy Gradient Theorem 59 3.3.2 Deep Deterministic Policy Gradient (DDPG) 61 3.3.3 Distributed Distributional DDPG (D4PG) 63 3.4 Natural Gradients 63 3.4.1 Principle of Natural Gradients 64 3.4.2 Trust Region Policy Optimization (TRPO) 67 3.4.2.1 Trust Region 69 3.4.2.2 Sample-Based Formulation 70 3.4.2.3 Practical Implementation 70 3.4.3 Proximal Policy Optimization (PPO) 72 3.5 Model-Based RL 74 3.5.1 Vanilla Model-Based RL 75 3.5.2 Robust Model-Based RL: Model-Ensemble TRPO (ME-TRPO) 76 3.5.3 Adaptive Model-Based RL: Model-Based Meta-Policy Optimization (mb-mpo) 77 3.6 Chapter Summary 78 References 79 4 A Case Study and Detailed Implementation 83 4.1 System Model and Problem Formulation 83 4.1.1 System Model and Assumptions 84 4.1.1.1 Jamming Model 84 4.1.1.2 System Operation 85 4.1.2 Problem Formulation 86 4.1.2.1 State Space 86 4.1.2.2 Action Space 87 4.1.2.3 Immediate Reward 88 4.1.2.4 Optimization Formulation 88 4.2 Implementation and Environment Settings 89 4.2.1 Install TensorFlow with Anaconda 89 4.2.2 Q-Learning 90 4.2.2.1 Codes for the Environment 91 4.2.2.2 Codes for the Agent 96 4.2.3 Deep Q-Learning 97 4.3 Simulation Results and Performance Analysis 102 4.4 Chapter Summary 106 References 106 Part II Applications of Drl in Wireless Communications and Networking 109 5 DRL at the Physical Layer 111 5.1 Beamforming, Signal Detection, and Decoding 111 5.1.1 Beamforming 111 5.1.1.1 Beamforming Optimization Problem 111 5.1.1.2 DRL-Based Beamforming 113 5.1.2 Signal Detection and Channel Estimation 118 5.1.2.1 Signal Detection and Channel Estimation Problem 118 5.1.2.2 RL-Based Approaches 120 5.1.3 Channel Decoding 122 5.2 Power and Rate Control 123 5.2.1 Power and Rate Control Problem 123 5.2.2 DRL-Based Power and Rate Control 124 5.3 Physical-Layer Security 128 5.4 Chapter Summary 129 References 131 6 DRL at the MAC Layer 137 6.1 Resource Management and Optimization 137 6.2 Channel Access Control 139 6.2.1 DRL in the IEEE 802.11 MAC 141 6.2.2 MAC for Massive Access in IoT 143 6.2.3 MAC for 5G and B5G Cellular Systems 147 6.3 Heterogeneous MAC Protocols 155 6.4 Chapter Summary 158 References 158 7 DRL at the Network Layer 163 7.1 Traffic Routing 163 7.2 Network Slicing 166 7.2.1 Network Slicing-Based Architecture 166 7.2.2 Applications of DRL in Network Slicing 168 7.3 Network Intrusion Detection 179 7.3.1 Host-Based IDS 180 7.3.2 Network-Based IDS 181 7.4 Chapter Summary 183 References 183 8 DRL at the Application and Service Layer 187 8.1 Content Caching 187 8.1.1 QoS-Aware Caching 187 8.1.2 Joint Caching and Transmission Control 189 8.1.3 Joint Caching, Networking, and Computation 191 8.2 Data and Computation Offloading 193 8.3 Data Processing and Analytics 198 8.3.1 Data Organization 198 8.3.1.1 Data Partitioning 198 8.3.1.2 Data Compression 199 8.3.2 Data Scheduling 200 8.3.3 Tuning of Data Processing Systems 201 8.3.4 Data Indexing 202 8.3.4.1 Database Index Selection 202 8.3.4.2 Index Structure Construction 203 8.3.5 Query Optimization 205 8.4 Chapter Summary 206 References 207 Part III Challenges, Approaches, Open Issues, and Emerging Research Topics 213 9 DRL Challenges in Wireless Networks 215 9.1 Adversarial Attacks on DRL 215 9.1.1 Attacks Perturbing the State space 215 9.1.1.1 Manipulation of Observations 216 9.1.1.2 Manipulation of Training Data 218 9.1.2 Attacks Perturbing the Reward Function 220 9.1.3 Attacks Perturbing the Action Space 222 9.2 Multiagent DRL in Dynamic Environments 223 9.2.1 Motivations 223 9.2.2 Multiagent Reinforcement Learning Models 224 9.2.2.1 Markov/Stochastic Games 225 9.2.2.2 Decentralized Partially Observable Markov Decision Process (dpomdp) 226 9.2.3 Applications of Multiagent DRL in Wireless Networks 227 9.2.4 Challenges of Using Multiagent DRL in Wireless Networks 229 9.2.4.1 Nonstationarity Issue 229 9.2.4.2 Partial Observability Issue 229 9.3 Other Challenges 230 9.3.1 Inherent Problems of Using RL in Real-Word Systems 230 9.3.1.1 Limited Learning Samples 230 9.3.1.2 System Delays 230 9.3.1.3 High-Dimensional State and Action Spaces 231 9.3.1.4 System and Environment Constraints 231 9.3.1.5 Partial Observability and Nonstationarity 231 9.3.1.6 Multiobjective Reward Functions 232 9.3.2 Inherent Problems of DL and Beyond 232 9.3.2.1 Inherent Problems of dl 232 9.3.2.2 Challenges of DRL Beyond Deep Learning 233 9.3.3 Implementation of DL Models in Wireless Devices 236 9.4 Chapter Summary 237 References 237 10 DRL and Emerging Topics in Wireless Networks 241 10.1 DRL for Emerging Problems in Future Wireless Networks 241 10.1.1 Joint Radar and Data Communications 241 10.1.2 Ambient Backscatter Communications 244 10.1.3 Reconfigurable Intelligent Surface-Aided Communications 247 10.1.4 Rate Splitting Communications 249 10.2 Advanced DRL Models 252 10.2.1 Deep Reinforcement Transfer Learning 252 10.2.1.1 Reward Shaping 253 10.2.1.2 Intertask Mapping 254 10.2.1.3 Learning from Demonstrations 255 10.2.1.4 Policy Transfer 255 10.2.1.5 Reusing Representations 256 10.2.2 Generative Adversarial Network (GAN) for DRL 257 10.2.3 Meta Reinforcement Learning 258 10.3 Chapter Summary 259 References 259 Index 263
£91.80
John Wiley & Sons Inc The Official Isc2 Sscp Cbk Reference
Book SynopsisThe only official body of knowledge for SSCP(ISC)2's popular credential for hands-on security professionalsfully revised and updated 2021 SSCP Exam Outline. Systems Security Certified Practitioner (SSCP) is an elite, hands-on cybersecurity certification that validates the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. SSCP certificationfully compliant with U.S. Department of Defense Directive 8140 and 8570 requirementsis valued throughout the IT security industry. The Official (ISC)2 SSCP CBK Reference is the only official Common Body of Knowledge (CBK) available for SSCP-level practitioners, exclusively from (ISC)2, the global leader in cybersecurity certification and training. This authoritative volume contains essential knowledge practitioners require on a regular basis. Accurate, up-to-date chapters provide in-depth coverage of the seven SSCP domains: Security Operations and AdministraTable of ContentsForeword xxiii Introduction xxv Chapter 1: Security Operations and Administration 1 Comply with Codes of Ethics 2 Understand, Adhere to, and Promote Professional Ethics 3 (ISC)2 Code of Ethics 4 Organizational Code of Ethics 5 Understand Security Concepts 6 Conceptual Models for Information Security 7 Confidentiality 8 Integrity 15 Availability 17 Accountability 18 Privacy 18 Nonrepudiation 26 Authentication 27 Safety 28 Fundamental Security Control Principles 29 Access Control and Need-to-Know 34 Job Rotation and Privilege Creep 35 Document, Implement, and Maintain Functional Security Controls 37 Deterrent Controls 37 Preventative Controls 39 Detective Controls 39 Corrective Controls 40 Compensating Controls 41 The Lifecycle of a Control 42 Participate in Asset Management 43 Asset Inventory 44 Lifecycle (Hardware, Software, and Data) 47 Hardware Inventory 48 Software Inventory and Licensing 49 Data Storage 50 Implement Security Controls and Assess Compliance 56 Technical Controls 57 Physical Controls 58 Administrative Controls 61 Periodic Audit and Review 64 Participate in Change Management 66 Execute Change Management Process 68 Identify Security Impact 70 Testing/Implementing Patches, Fixes, and Updates 70 Participate in Security Awareness and Training 71 Security Awareness Overview 72 Competency as the Criterion 73 Build a Security Culture, One Awareness Step at a Time 73 Participate in Physical Security Operations 74 Physical Access Control 74 The Data Center 78 Service Level Agreements 79 Summary 82 Chapter 2: Access Controls 83 Access Control Concepts 85 Subjects and Objects 86 Privileges: What Subjects Can Do with Objects 88 Data Classification, Categorization, and Access Control 89 Access Control via Formal Security Models 91 Implement and Maintain Authentication Methods 94 Single-Factor/Multifactor Authentication 95 Accountability 114 Single Sign-On 116 Device Authentication 117 Federated Access 118 Support Internetwork Trust Architectures 120 Trust Relationships (One-Way, Two-Way, Transitive) 121 Extranet 122 Third-Party Connections 123 Zero Trust Architectures 124 Participate in the Identity Management Lifecycle 125 Authorization 126 Proofing 127 Provisioning/Deprovisioning 128 Identity and Access Maintenance 130 Entitlement 134 Identity and Access Management Systems 137 Implement Access Controls 140 Mandatory vs. Discretionary Access Control 141 Role-Based 142 Attribute-Based 143 Subject-Based 144 Object-Based 144 Summary 145 Chapter 3: Risk Identification, Monitoring, And Analysis 147 Defeating the Kill Chain One Skirmish at a Time 148 Kill Chains: Reviewing the Basics 151 Events vs. Incidents 155 Understand the Risk Management Process 156 Risk Visibility and Reporting 159 Risk Management Concepts 165 Risk Management Frameworks 185 Risk Treatment 195 Perform Security Assessment Activities 203 Security Assessment Workflow Management 204 Participate in Security Testing 206 Interpretation and Reporting of Scanning and Testing Results 215 Remediation Validation 216 Audit Finding Remediation 217 Manage the Architectures: Asset Management and Configuration Control 218 Operate and Maintain Monitoring Systems 220 Events of Interest 222 Logging 229 Source Systems 230 Legal and Regulatory Concerns 236 Analyze Monitoring Results 238 Security Baselines and Anomalies 240 Visualizations, Metrics, and Trends 243 Event Data Analysis 244 Document and Communicate Findings 245 Summary 246 Chapter 4: Incident Response and Recovery 247 Support the Incident Lifecycle 249 Think like a Responder 253 Physical, Logical, and Administrative Surfaces 254 Incident Response: Measures of Merit 254 The Lifecycle of a Security Incident 255 Preparation 257 Detection, Analysis, and Escalation 264 Containment 275 Eradication 277 Recovery 279 Lessons Learned; Implementation of New Countermeasures 283 Third-Party Considerations 284 Understand and Support Forensic Investigations 287 Legal and Ethical Principles 289 Logistics Support to Investigations 291 Evidence Handling 292 Evidence Collection 297 Understand and Support Business Continuity Plan and Disaster Recovery Plan Activities 306 Emergency Response Plans and Procedures 307 Interim or Alternate Processing Strategies 310 Restoration Planning 313 Backup and Redundancy Implementation 315 Data Recovery and Restoration 319 Training and Awareness 321 Testing and Drills 322 CIANA+PS at Layer 8 and Above 328 It Is a Dangerous World Out There 329 People Power and Business Continuity 333 Summary 333 Chapter 5: Cryptography 335 Understand Fundamental Concepts of Cryptography 336 Building Blocks of Digital Cryptographic Systems 339 Hashing 347 Salting 351 Symmetric Block and Stream Ciphers 353 Stream Ciphers 365 Eu Ecrypt 371 Asymmetric Encryption 371 Elliptical Curve Cryptography 380 Nonrepudiation 383 Digital Certificates 388 Encryption Algorithms 392 Key Strength 393 Cryptographic Attacks, Cryptanalysis, and Countermeasures 395 Cryptologic Hygiene as Countermeasures 396 Common Attack Patterns and Methods 401 Secure Cryptoprocessors, Hardware Security Modules, and Trusted Platform Modules 409 Understand the Reasons and Requirements for Cryptography 414 Confidentiality 414 Integrity and Authenticity 415 Data Sensitivity 417 Availability 418 Nonrepudiation 418 Authentication 420 Privacy 421 Safety 422 Regulatory and Compliance 423 Transparency and Auditability 423 Competitive Edge 424 Understand and Support Secure Protocols 424 Services and Protocols 425 Common Use Cases 437 Deploying Cryptography: Some Challenging Scenarios 442 Limitations and Vulnerabilities 444 Understand Public Key Infrastructure Systems 446 Fundamental Key Management Concepts 447 Hierarchies of Trust 459 Web of Trust 462 Summary 464 Chapter 6: Network and Communications Security 467 Understand and Apply Fundamental Concepts of Networking 468 Complementary, Not Competing, Frameworks 470 OSI and TCP/IP Models 471 OSI Reference Model 486 TCP/IP Reference Model 501 Converged Protocols 508 Software-Defined Networks 509 IPv4 Addresses, DHCP, and Subnets 510 IPv4 Address Classes 510 Subnetting in IPv4 512 Running Out of Addresses? 513 IPv4 vs. IPv6: Key Differences and Options 514 Network Topographies 516 Network Relationships 521 Transmission Media Types 525 Commonly Used Ports and Protocols 530 Understand Network Attacks and Countermeasures 536 CIANA+PS Layer by Layer 538 Common Network Attack Types 553 SCADA, IoT, and the Implications of Multilayer Protocols 562 Manage Network Access Controls 565 Network Access Control and Monitoring 568 Network Access Control Standards and Protocols 573 Remote Access Operation and Configuration 575 Manage Network Security 583 Logical and Physical Placement of Network Devices 586 Segmentation 587 Secure Device Management 591 Operate and Configure Network-Based Security Devices 593 Network Address Translation 594 Additional Security Device Considerations 596 Firewalls and Proxies 598 Network Intrusion Detection/Prevention Systems 605 Security Information and Event Management Systems 607 Routers and Switches 609 Network Security from Other Hardware Devices 610 Traffic-Shaping Devices 613 Operate and Configure Wireless Technologies 615 Wireless: Common Characteristics 616 Wi-Fi 624 Bluetooth 637 Near-Field Communications 638 Cellular/Mobile Phone Networks 639 Ad Hoc Wireless Networks 640 Transmission Security 642 Wireless Security Devices 645 Summary 646 Chapter 7: Systems and Application Security 649 Systems and Software Insecurity 650 Software Vulnerabilities Across the Lifecycle 654 Risks of Poorly Merged Systems 663 Hard to Design It Right, Easy to Fix It? 664 Hardware and Software Supply Chain Security 667 Positive and Negative Models for Software Security 668 Is Blocked Listing Dead? Or Dying? 669 Information Security = Information Quality + Information Integrity 670 Data Modeling 671 Preserving Data Across the Lifecycle 674 Identify and Analyze Malicious Code and Activity 678 Malware 679 Malicious Code Countermeasures 682 Malicious Activity 684 Malicious Activity Countermeasures 688 Implement and Operate Endpoint Device Security 689 HIDS 691 Host-Based Firewalls 692 Allowed Lists: Positive Control for App Execution 693 Endpoint Encryption 694 Trusted Platform Module 695 Mobile Device Management 696 Secure Browsing 697 IoT Endpoint Security 700 Endpoint Security: EDR, MDR, XDR, UEM, and Others 701 Operate and Configure Cloud Security 701 Deployment Models 702 Service Models 703 Virtualization 706 Legal and Regulatory Concerns 709 Data Storage and Transmission 716 Third-Party/Outsourcing Requirements 716 Lifecycles in the Cloud 717 Shared Responsibility Model 718 Layered Redundancy as a Survival Strategy 719 Operate and Secure Virtual Environments 720 Software-Defined Networking 723 Hypervisor 725 Virtual Appliances 726 Continuity and Resilience 727 Attacks and Countermeasures 727 Shared Storage 729 Summary 730 Appendix: Cross-Domain Challenges 731 Paradigm Shifts in Information Security? 732 Pivot 1: Turn the Attackers’ Playbooks Against Them 734 ATT&CK: Pivoting Threat Intelligence 734 Analysis: Real-Time and Retrospective 735 The SOC as a Fusion Center 737 All-Source, Proactive Intelligence: Part of the Fusion Center 738 Pivot 2: Cybersecurity Hygiene: Think Small, Act Small 739 CIS IG 1 for the SMB and SME 740 Hardening Individual Cybersecurity 740 Assume the Breach 742 Pivot 3: Flip the “Data-Driven Value Function” 743 Data-Centric Defense and Resiliency 744 Ransomware as a Service 745 Supply Chains, Security, and the SSCP 746 ICS, IoT, and SCADA: More Than SUNBURST 747 Extending Physical Security: More Than Just Badges and Locks 749 The IoRT: Robots Learning via the Net 750 Pivot 4: Operationalize Security Across the Immediate and Longer Term 751 Continuous Assessment and Continuous Compliance 752 SDNs and SDS 753 SOAR: Strategies for Focused Security Effort 755 A “DevSecOps” Culture: SOAR for Software Development 756 Pivot 5: Zero-Trust Architectures and Operations 757 FIDO and Passwordless Authentication 760 Threat Hunting, Indicators, and Signature Dependence 761 Other Dangers on the Web and Net 763 Surface, Deep, and Dark Webs 763 Deep and Dark: Risks and Countermeasures 764 DNS and Namespace Exploit Risks 765 Cloud Security: Edgier and Foggier 766 Curiosity as Countermeasure 766 Index 769
£48.75
