A Practical Introduction to Enterprise Network and Security Management A Practical Introduction to Enterprise Network and Security Management Bongsik Shin, Ph.D CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2017 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S Government works Printed on acid-free paper International Standard Book Number-13: 978-1-4987-8797-0 (Hardback) This book contains information obtained from authentic and highly regarded sources Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint Except as permitted under U.S Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers For permission to photocopy or use material electronically from this work, please access www.copyright.com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-7508400 CCC is a not-for-profit organization that provides licenses and registration for a variety of users For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com and the CRC Press Web site at http://www.crcpress.com Contents Preface Author Chapter 1: Fundamental Concepts 1.1 Introduction 1.2 Network Elements 1.2.1 Host 1.2.1.1 Client–Server Mode 1.2.1.2 P2P Mode 1.2.1.3 Network Interface Card 1.2.2 Intermediary Device 1.2.3 Network Link 1.2.4 Application 1.2.5 Data/Message 1.2.6 Protocol 1.3 Modes of Communication 1.3.1 Methods of Data Distribution 1.3.1.1 Unicasting 1.3.1.2 Broadcasting 1.3.1.3 Multicasting 1.3.2 Directionality in Data Exchange 1.3.2.1 Simplex 1.3.2.2 Duplex 1.4 Network Topology 1.4.1 Point-to-Point Topology 1.4.2 Bus Topology 1.4.3 Ring Topology 1.4.4 Star (Hub-and-Spoke) Topology 1.4.5 Mesh Topology 1.4.6 Tree (or Hierarchical) Topology 1.5 Classification of Networks 1.5.1 Personal Area Network 1.5.2 Local Area Network 1.5.3 Metropolitan Area Network 1.5.4 Wide Area Network 1.5.5 Rise of Internet of Things 1.6 Subnetwork versus Inter-network 1.7 Measures of Network Performance 1.7.1 Capacity 1.7.1.1 Data Types and Data Rate 1.7.2 Delay 1.7.3 Reliability 1.7.4 Quality of Service 1.8 Numbering Systems 1.8.1 Binary versus Decimal 1.8.2 Binary versus Hexadecimal 1.9 Network Addressing 1.9.1 Characterizing Network Addressing 1.9.2 MAC Address 1.9.3 IP Address 1.9.4 Pairing of MAC and IP Addresses Chapter Summary Key Terms Chapter Review Questions Chapter 2: Architectures and Standards 2.1 Introduction 2.2 TCP/IP versus OSI 2.2.1 Standard Architecture 2.2.2 Standard and Protocol 2.2.3 Protocol Data Unit 2.3 Layer Functions: An Analogy 2.4 Layer Processing 2.5 Application Layer (Layer 5) 2.5.1 HTTP Demonstration 2.5.2 Select Application Layer Protocols 2.6 Transport Layer (Layer 4) 2.6.1 Provision of Data Integrity 2.6.1.1 Error Control 2.6.1.2 Flow Control 2.6.1.3 TCP and Data Integrity 2.6.1.4 UDP and Data Integrity 2.6.2 Session Management 2.6.2.1 Session versus No Session 2.6.2.2 Session Management by TCP 2.6.2.3 TCP Session in Real Setting 2.6.2.4 Additional Notes 2.6.3 Port Management 2.6.3.1 Port Types and Ranges 2.6.3.2 Source versus Destination Port 2.6.3.3 Socket 2.7 Internet Layer (Layer 3) 2.7.1 Packet Creation and Routing Decision 2.7.1.1 Packet Creation 2.7.1.2 Packet Routing Decision 2.7.2 Performing Supervisory Functions 2.8 Data Link Layer (Layer 2) 2.8.1 LAN Data Link 2.8.1.1 Frame and Switching 2.8.1.2 Link Types 2.8.1.3 Technology Standard(s) 2.8.1.4 Single Active Delivery Path 2.8.1.5 Frame’s MAC Addresses 2.8.2 WAN Data Link 2.9 Physical Layer (Layer 1) 2.10 Layer Implementation 2.10.1 Application Layer 2.10.2 Transport and Internet Layers 2.10.3 Data Link and Physical Layers Chapter Summary Key Terms Chapter Review Questions Chapter 3: Intermediary Devices 3.1 Introduction 3.2 Intermediary Devices 3.2.1 Operational Layers 3.2.2 Operating System 3.2.2.1 General Attributes 3.2.2.2 Access to Operating System 3.3 Hub (Multiport Repeater) 3.4 Bridge and Wireless Access Point 3.5 Switch 3.5.1 General Features 3.5.2 Switch Port 3.5.3 Switch Table 3.5.3.1 Switch Table Entries 3.5.3.2 Switch Learning 3.5.3.3 Aging of Entries 3.5.4 Switch Types 3.5.4.1 Nonmanaged versus Managed Switches 3.5.4.2 Store-and-Forward versus Cut-Through Switches 3.5.4.3 Symmetric versus Asymmetric Switches 3.5.4.4 Layer versus Layer Switches 3.5.4.5 Fixed, Stackable, and Modular Switches 3.5.4.6 Power over Ethernet 3.5.5 Security Issues 3.5.5.1 Safeguarding Switch Ports 3.5.5.2 Port Mirroring 3.6 Routers 3.6.1 Two Primary Functions 3.6.1.1 Routing Table Development and Its Update 3.6.1.2 Packet Forwarding 3.6.2 Router Components 3.6.3 Router Ports and Naming 3.6.4 Router Configuration 3.6.4.1 Basic Features 3.6.4.2 Advanced Features 3.7 Switching versus Routing 3.7.1 Data Link Layer versus Internet Layer 3.7.2 Connection-Oriented versus Connectionless 3.7.3 Single Delivery versus Multiple Delivery Paths 3.8 Address Resolution Protocol 3.8.1 Background 3.8.2 ARP Usage Scenarios 3.9 Choice of Intermediary Devices 3.10 Collision versus Broadcast Domains 3.10.1 Collision Domain 3.10.1.1 Collision Domain Types 3.10.1.2 Collision Domain and Network Design 3.10.1.3 CSMA/CD 3.10.2 Broadcast Domain Chapter Summary Key Terms Chapter Review Questions Chapter 4: Elements of Data Transmissions 4.1 Introduction 2.6.1.2 Flow Control 2.6.1.3 TCP and Data Integrity 2.6.1.4 UDP and Data Integrity 2.6.2 Session Management 2.6.2.1 Session versus No Session 2.6.2.2 Session Management by TCP 2.6.2.3 TCP Session in Real Setting 2.6.2.4 Additional Notes 2.6.3 Port Management 2.6.3.1 Port Types and Ranges 2.6.3.2 Source versus Destination Port 2.6.3.3 Socket 2.7 Internet Layer (Layer 3) 2.7.1 Packet Creation and Routing Decision 2.7.1.1 Packet Creation 2.7.1.2 Packet Routing Decision 2.7.2 Performing Supervisory Functions 2.8 Data Link Layer (Layer 2) 2.8.1 LAN Data Link 2.8.1.1 Frame and Switching 2.8.1.2 Link Types 2.8.1.3 Technology Standard(s) 2.8.1.4 Single Active Delivery Path 2.8.1.5 Frame’s MAC Addresses 2.8.2 WAN Data Link 2.9 Physical Layer (Layer 1) 2.10 Layer Implementation 2.10.1 Application Layer 2.10.2 Transport and Internet Layers 2.10.3 Data Link and Physical Layers Chapter Summary Key Terms Chapter Review Questions Chapter 3: Intermediary Devices 3.1 Introduction 3.2 Intermediary Devices 3.2.1 Operational Layers 77 78 78 79 79 80 81 81 82 83 83 84 85 86 86 87 88 90 90 90 91 91 91 92 92 94 97 97 98 98 99 100 102 107 107 107 107 3.2.2 Operating System 3.2.2.1 General Attributes 3.2.2.2 Access to Operating System 3.3 Hub (Multiport Repeater) 3.4 Bridge and Wireless Access Point 3.5 Switch 3.5.1 General Features 3.5.2 Switch Port 3.5.3 Switch Table 3.5.3.1 Switch Table Entries 3.5.3.2 Switch Learning 3.5.3.3 Aging of Entries 3.5.4 Switch Types 3.5.4.1 Nonmanaged versus Managed Switches 3.5.4.2 Store-and-Forward versus Cut-Through Switches 3.5.4.3 Symmetric versus Asymmetric Switches 3.5.4.4 Layer versus Layer Switches 3.5.4.5 Fixed, Stackable, and Modular Switches 3.5.4.6 Power over Ethernet 3.5.5 Security Issues 3.5.5.1 Safeguarding Switch Ports 3.5.5.2 Port Mirroring 3.6 Routers 3.6.1 Two Primary Functions 3.6.1.1 Routing Table Development and Its Update 3.6.1.2 Packet Forwarding 3.6.2 Router Components 3.6.3 Router Ports and Naming 3.6.4 Router Configuration 3.6.4.1 Basic Features 3.6.4.2 Advanced Features 3.7 Switching versus Routing 3.7.1 Data Link Layer versus Internet Layer 3.7.2 Connection-Oriented versus Connectionless 3.7.3 Single Delivery versus Multiple Delivery Paths 3.8 Address Resolution Protocol 3.8.1 Background 3.8.2 ARP Usage Scenarios 109 109 110 112 114 117 117 118 119 119 120 121 122 123 123 124 125 126 128 128 128 129 129 129 129 130 130 131 133 133 133 134 134 134 135 135 135 137 3.9 Choice of Intermediary Devices 3.10 Collision versus Broadcast Domains 3.10.1 Collision Domain 3.10.1.1 Collision Domain Types 3.10.1.2 Collision Domain and Network Design 3.10.1.3 CSMA/CD 3.10.2 Broadcast Domain Chapter Summary Key Terms Chapter Review Questions Chapter 4: Elements of Data Transmissions 4.1 Introduction 4.2 Data Transmission Elements 4.2.1 Digital Signaling 4.2.1.1 On/Off Signaling 4.2.1.2 Voltage Signaling 4.2.2 Analog Signaling 4.2.2.1 Properties of Analog Signal 4.2.2.2 Modulation 4.2.3 Signaling Devices 4.2.3.1 Modem and Analog Signaling 4.2.3.2 CSU/DSU and Digital Signaling 4.2.4 Bandwidth and Related Concepts 4.2.4.1 Bandwidth 4.2.4.2 Baseband and Broadband 4.2.5 Synchronous versus Asynchronous Transmissions 4.2.5.1 Asynchronous Transmission 4.2.5.2 Synchronous Transmission 4.2.6 Multiplexing 4.2.6.1 Frequency Division Multiplexing 4.2.6.2 FDM Example: ADSL 4.2.6.3 Time Division Multiplexing 4.2.6.4 TDM Example: T-1 Line 4.2.6.5 Spread Spectrum 4.2.7 Digital Speed Hierarchies 4.2.7.1 Digital Signal 4.2.7.2 Optical Carrier/Synchronous Transport Module 4.3 Networking Media 140 141 141 141 143 143 144 146 147 149 155 155 155 156 156 157 158 158 159 160 161 162 163 163 164 165 165 166 167 167 167 169 170 170 171 171 172 172 4.3.1 Propagation Effects 4.3.1.1 Attenuation 4.3.1.2 Distortion 4.3.2 Twisted Pairs 4.3.2.1 UTP versus STP 4.3.2.2 Cable Structure and Categories 4.3.2.3 Twisted-Pair Patch Cable 4.3.3 Optical Fibers 4.3.3.1 Advantages 4.3.3.2 Physical Structure 4.3.3.3 Single Mode versus Multimode 4.3.3.4 Fiber Patch Cable 4.3.4 LAN Cabling Standards 4.4 Structured Cabling 4.4.1 Background 4.4.2 Structured Cabling System Chapter Summary Key Terms Chapter Review Questions Chapter 5: IP Address Planning and Management 5.1 Introduction 5.2 Governance of IP Address Space 5.3 Structure of the IP Address 5.3.1 Binary versus Decimal Value Conversion 5.3.2 Structure of the IP Address 5.4 Classful IP: Legacy 5.4.1 Class A Network 5.4.2 Class B Network 5.4.3 Class C Network 5.5 Classless IP: Today 5.6 Special IP Address Ranges 5.6.1 Loopback 5.6.1.1 Internal Testing of TCP/IP Stack 5.6.1.2 Off-Line Testing of an Application 5.6.2 Broadcasting 5.6.2.1 Limited Broadcasting 5.6.2.2 Directed Broadcasting 173 173 173 174 174 175 175 178 178 179 179 180 181 183 183 183 188 189 191 196 196 196 198 198 199 200 200 201 201 202 203 203 204 204 205 206 207 5.6.2.3 Security Risk of Directed Broadcasting 5.6.3 Multicasting 207 208 5.6.4 Private IP and NAT 5.6.4.1 NAT: One-to-One IP Mapping 5.6.4.2 NAT: Many-to-One IP Mapping 5.6.4.3 Pros and Cons of NAT 5.7 Subnetting 5.7.1 Defining Subnet Boundary (Review) 5.7.2 Subnetwork Addressing 5.8 Subnet Mask 5.8.1 Subnet Mask 5.8.2 Subnetting Address Space 5.8.3 Broadcasting within a Subnet 5.9 Supernetting 5.10 Managing IP Address SPACE 5.10.1 Determining Number of Nodes 5.10.2 Determining Subnets 5.10.2.1 Managing Security with DMZ Subnet 5.10.2.2 Developing IP Assignment Policy Chapter Summary Key Terms Chapter Review Questions Hands-On Exercise: Enterprise IP Management at Atlas Co 209 209 210 211 212 212 214 216 216 219 220 222 225 225 227 228 228 231 231 232 237 Chapter 6: Fundamentals of Packet Routing 6.1 Introduction 6.2 Routing Mechanism 6.3 Routing Table 6.3.1 Background 6.3.2 Routing Table Elements 6.4 Packet Forwarding Decision 6.5 Entry Types of Routing Table 6.5.1 Directly Connected Routes 6.5.2 Static Routes 6.5.2.1 Static Routes of a Router 6.5.2.2 Static Routes of a Host 6.5.3 Dynamic Routes 6.6 Dynamic Routing Protocols 241 241 242 244 244 245 249 252 252 253 253 254 258 259 6.6.1 Protocol Categories 6.6.1.1 Interior Gateway Protocols 6.6.1.2 Exterior Gateway Protocols 6.6.2 Delivery of Advertisement 6.6.3 Determination of Dynamic Routes 6.6.4 Security Management 6.6.5 Static versus Dynamic Routing 6.7 Inter-domain Routing 6.8 Perspectives on Packet Routing Chapter Summary Key Terms Chapter Review Questions Chapter 7: Ethernet LAN 7.1 Introduction 7.2 Standard Layers 7.3 Ethernet Frame 7.3.1 Frame Structure 7.3.2 Addressing Modes 7.4 Ethernet LAN Design 7.4.1 Flat versus Hierarchical Design 7.4.2 Access Layer 7.4.3 Distribution and Core Layers 7.4.4 Benefits of Hierarchical Design 7.5 Spanning Tree Protocol 7.5.1 Link Redundancy 7.5.2 Protocols and Mechanism 7.6 Link Aggregation Review Questions 7.7 Virtual LANs (VLANs) 7.7.1 Background: Without VLANs 7.7.2 VLAN Concept 7.8 VLAN Scenarios 7.8.1 Without VLANs 7.8.2 With VLANs 7.8.2.1 Define VLANs on Switches 7.8.2.2 Plan the Range of Trunk and Access Ports 7.8.2.3 Assign Access Ports to VLANs 259 259 260 260 261 263 265 266 267 267 268 269 277 277 277 278 278 280 281 281 282 283 283 285 285 287 288 290 291 291 293 293 294 296 296 296 297 7.8.3 How VLANs Work 7.8.4 VLAN ID versus Subnet Addressing 7.9 VLAN Tagging/Trunking (IEEE802.1Q) 7.9.1 Background 299 300 301 301 7.9.2 VLAN Tagging 7.9.3 VLAN Tagging/Untagging Process 7.10 VLAN Types 7.10.1 Default VLAN 7.10.2 Data VLAN 7.10.2.1 Data VLAN and Security 7.10.3 Voice VLAN 7.11 Inter-VLAN Routing 7.11.1 A Router Interface per VLAN 7.11.1.1 Scenario 7.11.1.2 Scenario 7.11.2 Sub-Interfaces/Ports (Advanced) 7.12 VLANS and Network Management Chapter Summary Key Terms Chapter Review Questions 302 303 304 305 305 306 306 308 308 309 311 313 315 316 317 318 Chapter 8: Wireless LAN (WiFi) 8.1 Introduction 8.2 Standard Layers and Wireless Cards 8.3 WiFi Setup Modes 8.3.1 Ad Hoc Mode 8.3.2 Infrastructure Mode 8.4 Wireless Access Points 8.4.1 AP in Infrastructure Mode 8.4.2 AP in Non-infrastructure Modes 8.4.2.1 Repeater Mode 8.4.2.2 Bridge Mode 8.5 SSID, BSS, and ESS 8.5.1 Service Set Identifier 8.5.2 BSS versus ESS 8.5.2.1 Basic Service Set 8.5.2.2 Extended Service Set 8.6 Media Access Control 323 323 324 325 325 325 326 326 328 329 329 330 330 331 332 332 332 8.6.1 CSMA/CA 8.6.2 RTS/CTS 8.7 WiFi Frames 8.7.1 Data Frame 8.7.2 Management Frame 8.7.3 Control Frame 8.8 WiFi and Radio Frequency 8.8.1 Radio Spectrum 8.8.1.1 Low versus High Radio Frequency 8.8.1.2 Governance 8.8.1.3 Licensed versus Unlicensed Radio 8.8.2 WiFi Channels 8.8.3 Planning Basic Service Sets 8.9 Authentication and Association 8.9.1 Three-Stage Process 8.9.2 Authentication Methods of a Station 8.9.2.1 Open Authentication 8.9.2.2 Pre-shared Key Authentication 8.9.2.3 Authentication Server 8.9.2.4 Additional Notes on Security 8.10 WiFi Standards 8.10.1 IEEE802.11n 8.10.1.1 Throughput Modes 8.10.1.2 2.4/5.0 GHz Bands 8.10.1.3 Single-User MIMO 8.10.1.4 QoS Support 8.10.2 IEEE802.11ac 8.10.2.1 5.0 GHz Band 8.10.2.2 Throughput Modes 8.10.2.3 Multi-user MIMO 8.11 WiFi Mesh Network (IEEE802.11s) 8.12 WiFi Home/SOHO Network 8.12.1 DSL/Cable Modem 8.12.2 Wireless Access Router 8.12.3 IP Configuration 8.12.4 Case: Wireless Access Router Configuration Chapter Summary 333 334 335 336 336 336 337 337 337 338 338 339 339 342 342 343 343 344 344 345 346 347 347 347 347 348 349 349 349 349 350 352 352 352 353 355 358 Key Terms Chapter Review Questions Chapter 9: Wide Area Network 9.1 Introduction 9.2 WAN and Enterprise Networks 9.2.1 WAN Connection Scenarios 9.2.2 Service-Level Agreement 9.2.3 CPE versus SPF 9.2.3.1 Demarcation Point 9.2.4 WAN Design Considerations 9.3 Layers of WAN Standards 9.3.1 Physical Layer 9.3.2 Data Link Layer 9.3.2.1 Circuit Switching 9.3.2.2 Packet Switching 9.3.3 Comparison: WAN versus LAN 9.4 IP Addressing for WAN Links 9.4.1 Leased Lines 9.4.2 Packet Switched Data Network 9.4.2.1 One Subnet between Two Locations 9.4.2.2 One Subnet for All Locations 9.5 Physical Layer Options: Leased Lines 9.5.1 T-Carrier/E-Carrier 9.5.1.1 T1 and T3 Circuits 9.5.2 SONET/SDH 9.6 Data Link Standard: Leased Lines 9.6.1 PPP Frame Structure 9.6.2 Router Authentication 9.6.2.1 PAP versus CHAP 9.7 Data Link Standards: PSDN 9.7.1 General Attributes 9.7.2 Virtual Circuits 9.7.2.1 WAN Switch Table 9.7.2.2 PVC versus SVC 9.7.2.3 Access Link Speeds 9.8 Frame Relay 9.8.1 General Characteristics 359 361 365 365 366 366 367 368 368 368 369 370 370 370 370 371 372 373 374 374 376 377 378 378 379 380 380 380 381 382 383 384 384 384 384 385 385 9.8.2 Frame Structure 9.8.3 Data Link Connection Identifier 9.8.3.1 How DLCI Works 9.8.3.2 FR Switch Table 9.8.3.3 Multiple VCs and DLCIs 9.8.4 Mapping IP Addresses 9.9 Asynchronous Transfer Mode 386 386 387 388 388 388 390 9.9.1 Background 9.9.2 Cell Switching 9.9.3 Quality of Service 9.10 Carrier Ethernet 9.10.1 Background 9.10.2 Strengths 9.10.3 Service Transport 9.11 Multi-Protocol Label Switching 9.11.1 Labels and Label Information Base 9.11.2 Benefits of MPLS 9.12 Wireless WAN: Cellular Network 9.12.1 General Architecture 9.12.1.1 Cell 9.12.1.2 Base Station 9.12.1.3 Mobile Terminal Switching Office 9.12.1.4 Call Channels 9.12.2 Multiple Access Technologies 9.12.2.1 Frequency Division Multiple Access 9.12.2.2 Time Division Multiple Access 9.12.2.3 Code Division Multiple Access 9.12.2.4 Orthogonal Frequency Division Multiple Access 9.12.3 Generations of Cellular Standards 9.12.4 LTE and Future 9.12.4.1 Long-Term Evolution 9.12.4.2 What Does the Future Hold? Chapter Summary Key Terms Chapter Review Questions 390 390 391 392 392 393 394 394 394 396 396 396 396 397 397 398 398 398 398 398 399 399 399 400 400 400 401 403 Chapter 10: The Internet and Client–Server Systems 10.1 Introduction 408 408 10.2 Internet Architecture 10.2.1 Internet Service Provider 10.2.1.1 National ISPs 10.2.1.2 Regional/Local ISPs 10.2.1.3 ISP Network Architecture 10.2.2 Internet Exchange Point 10.2.3 Autonomous System 10.2.4 World Wide Web and Search Engine 10.2.4.1 World Wide Web 10.2.4.2 Deep Web 10.3 VPN for Secure Communications 10.3.1 Technology 10.3.1.1 Background 10.3.1.2 VPN Technology 10.3.2 Benefits of VPN 10.3.2.1 Cost-Effectiveness 10.3.2.2 Accessibility and Scalability 10.3.2.3 Flexibility 10.3.3 Risks of VPN 10.3.3.1 Reliability 10.3.3.2 Security 10.3.4 Types of VPN 10.3.4.1 Remote-Access VPN 10.3.4.2 Site-to-Site VPN 10.3.5 VPN Standards 10.3.6 IP Security 10.3.6.1 Tunnel Mode 10.3.6.2 Transport Mode 10.3.7 Secure Socket Layer 10.3.7.1 Broad Acceptance 10.3.7.2 VPN Implementation 10.3.7.3 SSL and Internet Commerce 10.3.8 IPSec versus SSL 10.4 IPv6 (IP Next Generation) 10.4.1 Background 10.4.2 IP Packet Structure 10.4.3 IP Addressing 10.4.3.1 Subnet Address Bits 408 409 409 410 410 411 413 415 415 416 417 417 417 417 417 417 418 418 418 418 419 419 419 420 420 421 422 423 423 424 424 425 426 427 427 427 428 428 10.4.3.2 Host Address Bits 10.4.4 Address Abbreviation 10.4.5 IPv6 versus IPv4 Standards 10.4.6 Transition Approaches 10.4.6.1 Dual IP Stacks within a Node 10.4.6.2 Direct Address Conversion 10.4.6.3 Packet Tunneling 10.5 Client–Server Applications 10.5.1 Domain Name System 10.5.1.1 Domain and Name Resolution 10.5.1.2 Domain Hierarchy 10.5.1.3 DNS Architecture 10.5.1.4 Host DNS File 10.5.2 Dynamic Host Configuration Protocol 10.5.2.1 The Process View 10.6 Server Virtualization 10.6.1 Traditional Computing Model 10.6.2 Virtualization Concept 10.6.3 Virtualization Approaches 10.6.3.1 Hosted Virtualization 10.6.3.2 Hypervisor-Based Virtualization 10.6.4 Shared Infrastructure 10.6.5 Summary: Benefits Realized Chapter Summary Key Terms Chapter Review Questions Chapter 11: Cybersecurity: Threats 11.1 Introduction 11.2 Malicious Codes: Malware 11.2.1 Virus 11.2.2 Worm 11.2.3 Trojan 11.2.4 Bot 11.2.5 Other Malware Types 11.2.6 Malware Issues 11.3 Password Cracking 11.3.1 Brute Force Method 429 429 430 430 430 432 432 433 433 434 434 435 436 438 439 441 441 442 442 442 443 444 445 446 446 447 452 452 453 454 454 455 456 457 458 459 459 11.3.2 Dictionary Method 11.4 Spoofing 11.4.1 Source Address Spoofing 11.4.1.1 IP Spoofing 11.4.1.2 MAC Spoofing 11.4.2 Email Spoofing 11.4.3 Web (or HTTP) Spoofing 11.5 Denial of Service 11.5.1 Pinging and SYN Requests 11.5.1.1 Pinging 11.5.1.2 SYN Requests 11.5.2 Distributed DOS 11.5.3 MAC Address Flooding 11.6 Packet Sniffing 11.6.1 Packet Sniffing with Wireshark 11.7 Port Scanning 11.7.1 Port Scanning with Zenmap 11.8 Social Engineering 11.9 Man-in-the-Middle 11.9.1 MITM with Bogus DHCP Server 11.10 Spam 11.11 Poisoning 11.11.1 ARP Poisoning (ARP Spoofing) 11.11.2 DNS Poisoning (DNS Spoofing) 11.12 Zero-Day Attack 11.13 WiFi Threats 11.13.1 Wardriving 11.13.2 Denial of Service 11.13.3 Rogue AP 11.13.4 MITM Chapter Summary Key Terms Chapter Review Questions 460 461 461 461 462 462 463 463 463 464 464 464 465 465 466 467 468 471 472 472 473 474 474 475 476 477 477 477 477 478 479 480 481 Chapter 12: Cybersecurity: Defenses 486 12.1 Introduction 12.2 Security Requirements and Solutions 12.2.1 Security Requirements 12.2.1.1 Confidentiality (Privacy) 486 486 486 486 12.2.1.2 Data Integrity 12.2.1.3 Authentication 12.2.1.4 Access Control/Authorization 12.2.1.5 Availability 12.2.2 Technology Solutions 12.3 Principles in Architecting Defense 12.3.1 Layering 12.3.2 Limiting 487 487 487 488 488 489 489 490 12.3.3 Simplicity 12.4 Firewall 12.4.1 Firewall and DMZ 12.4.1.1 Separating Firewall and Border Router 12.4.2 Firewall Functions and Management 12.4.2.1 Firewall Functions 12.4.2.2 Managing Firewall 12.4.3 Stateless versus Stateful Filtering 12.4.3.1 Stateless Filtering 12.4.3.2 Stateful Filtering 12.5 Access Control List 12.5.1 How Many ACLs? 12.5.2 ACL Filtering versus Packet Routing 12.6 Cryptography 12.6.1 Cryptography System 12.6.1.1 Basic Components 12.6.1.2 How It Works 12.6.2 Symmetric-Key Cryptography 12.6.3 Asymmetric-Key Cryptography 12.6.3.1 How It Works 12.6.3.2 Pros and Cons 12.6.4 Hybrid Approach 12.6.5 Hashing Cryptography 12.7 Digital Signature 12.8 Digital Certificate 12.8.1 Digital Certificate 12.8.2 Certificate Authority 12.9 Security Protocol 12.9.1 WiFi Security Standards 491 492 492 494 495 495 495 496 496 497 498 499 499 500 500 500 501 501 502 502 503 503 504 506 508 508 509 512 512 12.9.1.1 Wired Equivalent Privacy 12.9.1.2 WiFi Protected Access (WPA and WPA2) 12.9.1.3 Enterprise Mode versus Personal Mode Chapter Summary Key Terms Chapter Review Questions Glossary Acronyms Index 512 513 513 516 517 519 523 545 551 ... A Practical Introduction to Enterprise Network and Security Management A Practical Introduction to Enterprise Network and Security Management Bongsik Shin, Ph.D CRC Press Taylor & Francis... with at least one network interface card (NIC), which is an electronic circuit board Also called an adaptor or a local area network (LAN) card, the NIC is generally built into a computer these days,... Summary Key Terms Chapter Review Questions Chapter 2: Architectures and Standards 2.1 Introduction 2.2 TCP/IP versus OSI 2.2.1 Standard Architecture 2.2.2 Standard and Protocol 2.2.3 Protocol Data