Purpose of This Book

This book is part of the Information Systems Security & Assurance Series from Jones & Bartlett Learning (www.jblearning.com). Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information security principles packed with real-world applications and examples. Authored by professionals experienced in information systems security, they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinking—putting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow, as well.

Part 1 of the text reviews the history of data networks and the evolution of wired and wireless networking, from Alexander Graham Bell to the present bring-your-own-device phenomenon. You’ll read about the mobile revolution that took users from clunky analog phones to “smart” devices people can’t live without. Although most people view the resulting changes as a net positive, both wireless and mobile networking have introduced significant security vulnerabilities to networking in general. You’ll get an overview of network security threats and considerations, with a particular emphasis on wireless and mobile devices.

Part 2 focuses on wireless local area network (WLAN) security. You’ll read about WLAN design and the operation and behavior of wireless in general, particularly on 802.11 WLANs. You’ll review the threats and vulnerabilities directly associated with 802.11 wireless networks, their various topologies, and devices. The text will discuss basic security measures that satisfy the needs of small office/home office (SOHO) networks, as well as more-advanced concepts in wireless security unique to the needs of larger organizations. You’ll learn about the need to audit and monitor a WLAN, and the tools available for doing so. Finally, you’ll review risk assessment procedures as applied to WLAN and Internet Protocol mobility.

Part 3 discusses security solutions to the risks and vulnerabilities of wireless networks and mobile devices. You’ll read about the three major mobile operating systems and the vulnerabilities of each. Then you’ll review the security models of these operating systems and explore how IT organizations manage the security and control of smart devices on a large scale. The text will look at the risks mobile clients present to corporate networks, as well as the tools and techniques used to mitigate these risks. You’ll learn about the issues surrounding fingerprinting of mobile devices—how they are identified on a network. Finally, you’ll review the mobile malware landscape and mitigation strategies to prevent malware from finding its way into an organization’s information security resources.

Learning Features

The writing style of this book is practical and conversational. Step-by-step examples of information security concepts and procedures are presented throughout the text. Each chapter begins with a statement of learning objectives. Illustrations are used both to clarify the material and to vary the presentation. The text is sprinkled with Notes, Tips, FYIs, Warnings, and sidebars to alert the reader to additional helpful information related to the subject under discussion. Chapter Assessments appear at the end of each chapter, with solutions provided in the back of the book. Chapter summaries are included in the text to provide a rapid review or preview of the material and to help students understand the relative importance of the concepts presented.

Audience

The material is suitable for undergraduate or graduate computer science majors or information science majors, students at a two-year technical college or community college who have a basic technical background, or readers who have a basic understanding of IT security and want to expand their knowledge.