Chapter ThreeConducted and Wireless MediaData Commun

Chapter Three
Conducted and Wireless Media
Data Communications and Computer Networks: A Business
User's Approach
Eighth Edition
© 2016. Cengage Learning. All right reserved.
*
*
After reading this chapter,
you should be able to:Outline the characteristics of twisted pair
wire, including the advantages and disadvantagesOutline the
differences among Category 1, 2, 3, 4, 5, 5e, 6, and 7 twisted
pair wireExplain when shielded twisted pair wire works better
than unshielded twisted pair wireOutline the characteristics,
advantages, and disadvantages of coaxial cable and fiber -optic
cableOutline the characteristics of terrestrial microwave
systems, including the advantages and disadvantages
User's Approach, Eighth Edition
© 2016. Cengage Learning. All Rights Reserved.

*
*
you should be able to (continued):Outline the characteristics of
satellite microwave systems, including the advantages and
disadvantages as well as the differences among low-Earth-orbit,
middle-Earth-orbit, geosynchronous orbit, and highly elliptical
Earth orbit satellitesDescribe the basics of cellular telephones,
including all the current generations of cellular systemsOutline
the characteristics of short-range transmissions, including
Bluetooth
*
*
you should be able to (continued):Describe the characteristics,
advantages, and disadvantages of Wireless Application Protocol
(WAP), broadband wireless systems, and various wireless local
area network transmission techniquesApply the media selection
criteria of cost, speed, right-of-way, expandability and distance,
environment, and security to various media in a particular

application
*
*
IntroductionThe world of computer networks would not exist if
there were no medium by which to transfer dataThe two major
categories of media include:Conducted mediaWireless media
*
*
Twisted Pair WireOne or more pairs of single conductor wires
that have been twisted around each otherTwisted pair wire is
classified by category. Twisted pair is currently Category 1
through Category 7, although Categories 1, 2 and 4 are nearly
obsoleteTwisting the wires helps to eliminate electromagnetic
interference between the two wiresShielding can further help to
eliminate interference

*
*
Twisted Pair Wire (continued)
*
*
*
*

*
*
*
*
Twisted Pair SummaryMost common form of wireRelatively
inexpensiveEasy to installCarries high data rates (but not the
highest)Can suffer from electromagnetic noiseCan be easily
wire-tappedComes in shielded and unshielded forms
*

*
Coaxial CableA single wire wrapped in a foam insulation
surrounded by a braided metal shield, then covered in a plastic
jacket. Cable comes in various thicknessesBaseband coaxial
technology uses digital signaling in which the cable carries only
one channel of digital dataBroadband coaxial technology
transmits analog signals and is capable of supporting multiple
channels
*
*
Coaxial Cable (continued)
*
*
Coaxial Cable (continued)

*
*
Coaxial Cable SummaryA single wire surrounded by a braided
shieldBecause of shielding, can carry a wide bandwidth of
frequenciesThus is good with applications such as cable
televisionNot as easy to install as twisted pairMore expensive
than twisted pair
*
*
Fiber-Optic CableA thin glass cable approximately a little
thicker than a human hair surrounded by a plastic coating and
packaged into an insulated cableA photo diode or laser
generates pulses of light which travel down the fiber optic cable
and are received by a photo receptor
*

*
Fiber-Optic Cable (continued)
*
*Fiber-optic cable is capable of supporting millions of bits per
second for 1000s of metersThick cable (62.5/125 microns)
causes more ray collisions, so you have to transmit slower.
This is step index multimode fiber. Typically use LED for light
source, shorter distance transmissionsThin cable (8.3/125
microns) – very little reflection, fast transmission, typically
uses a laser, longer transmission distances; known as single
mode fiber
*
*

*
*
Fiber-Optic Cable (continued)Fiber-optic cable is susceptible to
reflection (where the light source bounces around inside the
cable) and refraction (where the light source passes out of the
core and into the surrounding cladding)Thus, fiber-optic cable
is not perfect either. Noise is still a potential problem
*
*
*

*
*
*
Fiber-Optic Cable SummaryFiber optic cable can carry the
highest data rate for the longest distancesInitial cost-wise, more
expensive than twisted pair, but less than coaxial cableBut when
you consider the superiority of fiber, initial costs outweighed by
capacitiesNeed to fibers for a round-trip connectionNot affected
by electromagnetic noise and cannot be easily wiretapped, but
still noise
*
*
Conducted Media

*
*
Wireless MediaRadio, satellite transmissions, and infrared light
are all different forms of electromagnetic waves that are used to
transmit dataTechnically speaking – in wireless transmissions,
space is the mediumNote in the following figure how each
source occupies a different set of frequencies
*
*
Wireless Media (continued)
*
*

Terrestrial Microwave TransmissionLand-based, line-of-sight
transmissionApproximately 20-30 miles between
towersTransmits data at hundreds of millions of bits per
secondSignals will not pass through solid objectsPopular with
telephone companies and business to business transmissions
*
*
Terrestrial Microwave Transmission (continued)
*
*
Terrestrial Microwave Transmission (continued)
*

*
Satellite Microwave TransmissionSimilar to terrestrial
microwave except the signal travels from a ground station on
earth to a satellite and back to another ground stationCan also
transmit signals from one satellite to anotherSatellites can be
classified by how far out into orbit each one is (LEO, MEO,
GEO, and HEO)
*
*
Satellite Microwave Transmission (continued)
*
*
Satellite Microwave Transmission (continued)LEO (Low -Earth-
Orbit) – 100 to 1000 miles out Used for wireless e-mail, special
mobile telephones, pagers, spying, videoconferencingMEO

(Middle-Earth-Orbit) – 1000 to 22,300 milesUsed for GPS
(global positioning systems) and governmentGEO
(Geosynchronous-Earth-Orbit) – 22,300 milesAlways over the
same position on earth (and always over the equator)Used for
weather, television, government operations
*
*
Satellite Microwave Transmission (continued)HEO (Highly
Elliptical Earth orbit) – satellite follows an elliptical orbitUsed
by the military for spying and by scientific organizations for
photographing celestial bodies
*
*
Satellite Microwave Transmission (continued)Satellite
microwave can also be classified by its configuration (see next
figure):Bulk carrier configurationMultiplexed
configurationSingle-user earth station configuration (e.g.,
VSAT)

*
*
*
*
*
*

*
*
*
*
Cellular TelephonesWireless telephone service, also called
mobile telephone, cell phone, and PCSTo support multiple users
in a metropolitan area (market), the market is broken into
cellsEach cell has its own transmission tower and set of
assignable channels
*

*
Cellular Telephones (continued)
The CTSO is responsible for switching cell phone signals from
to other and maintaining the best connection possible
*
*
Optional Reading
Rest of this Lecture slides
*
*

*
*
Cellular Telephones (continued)Placing a call on a cell
phoneYou enter a phone number on your cell phone and press
Send. Your cell phone contacts the nearest cell tower and grabs
a set-up channel. Your mobile identification information is
exchanged to make sure you are a current subscriber.If you are
current, you are dynamically assigned two channels: one for
talking, and one for listening. The telephone call is placed.
You talk.
*
*
Cellular Telephones (continued)Receiving a call on a cell
phoneWhenever a cell phone is on, it “pings” the nearest cell
tower every several seconds, exchanging mobile ID information.

This way, the cell phone system knows where each cell phone
is.When someone calls your cell phone number, since the cell
phone system knows what cell you are in, the tower “calls” your
cell phone.
*
*
Cellular Telephones (continued)1st GenerationAMPS
(Advanced Mobile Phone Service) – first popular cell phone
service; used analog signals and dynamically assigned
channelsD-AMPS (Digital AMPS) – applied digital multiplexing
techniques on top of AMPS analog channels
*
*
Cellular Telephones (continued)2nd GenerationPCS (Personal
Communication Systems) – essentially all-digital cell phone
servicePCS phones came in three technologies:TDMA – Time
Division Multiple AccessCDMA – Code Division Multiple
AccessGSM – Global System for Mobile Communications

*
*
Cellular Telephones (continued)2.5 GenerationAT&T Wireless,
Cingular Wireless, and T-Mobile now using GPRS (General
Packet Radio Service) in their GSM networks (can transmit data
at 30 kbps to 40 kbps)Verizon Wireless, Alltel, U.S.Cellular,
and Sprint PCS are using CDMA2000 1xRTT (one carrier radio-
transmission technology) (50 kbps to 75 kbps)Nextel uses IDEN
technology
*
*
Cellular Telephones (continued)3rd GenerationUMTS
(Universal Mobile Telecommunications System) – also called
Wideband CDMAThe 3G version of GPRSUMTS not backward
compatible with GSM (thus requires phones with multiple
decoders)1XEV (1 x Enhanced Version) –3G replacement for
1xRTTtwo forms:1xEV-DO for data only1xEV-DV for data and
voice

*
*
Cellular Telephones (continued)4th GenerationLTE (Long Term
Evolution) – theoretical speeds of 100 Mbps or more, actual
download speeds 10-15 MbpsWiMax – introduced in a couple
slides – theoretical speeds of 128 Mbps; actual download speeds
4 Mbps (didn’t make it for cellular)HSPA (High Speed Packet
Access) – 14 Mbps downlink, 5.8 Mbps uplink; (didn’t make
it)HSPA+ – theoretical downlink of 84 Mbps, 22 Mbps uplink
(T-Mobile) (didn’t make it)
*
*
WiMax - Broadband Wireless SystemsDelivers Internet services
into homes, businesses and mobile devicesDesigned to bypass
the local loop telephone lineTransmits voice, data, and video
over high frequency radio signalsMaximum range of 20-30
miles and transmission speeds in MbpsIEEE 802.16 set of
standards

*
*
WiMax (continued)
*
*
BluetoothBluetooth is a specification for short-range, point-to-
point or point-to-multipoint voice and data transferBluetooth
can transmit through solid, non-metal objectsIts typical link
range is from 10 cm to 10 m, but can be extended to 100 m by
increasing the power
*

*
Bluetooth (continued)Bluetooth will enable users to connect to
a wide range of computing and telecommunication devices
without the need of connecting cablesTypical uses include
phones, pagers, modems, LAN access devices, headsets,
notebooks, desktop computers, and PDAs
*
*
Wireless Local Area Networks
(IEEE 802.11)This technology transmits data between
workstations and local area networks using high-speed radio
frequenciesCurrent technologies allow up to 100 Mbps
(theoretical) data transfer at distances up to hundreds of
feetThree popular standards: IEEE 802.11b, a, g, nMore on this
in Chapter Seven (LANs)
*

*
Free Space OpticsFree space opticsUses lasers, or more
economically, infrared transmitting devicesLine of sight
between buildingsTypically short distances, such as across the
streetNewer auto-tracking systems keep lasers aligned when
buildings shake from wind and traffic
*
*
Free Space Optics (continued)Free space optics
(continued)Current speeds go from T-3 (45 Mbps) to OC-48 (2.5
Gbps) with faster systems in developmentMajor weakness is
transmission thru fogA typical FSO has a link margin of about
20 dBUnder perfect conditions, air reduces a system’s power by
approximately 1 dB/kmScintillation is also a problem
(especially in hot weather)
*
*

Ultra-WidebandUltra-widebandUWB not limited to a fixed
bandwidth but broadcasts over a wide range of frequencies
simultaneouslyMany of these frequencies are used by other
sources, but UWB uses such low power that it “should not”
interfere with these other sourcesCan achieve speeds up to 100
Mbps but for small distances such as wireless LANs
*
*
Ultra-Wideband (continued)Ultra-wideband
(continued)Proponents for UWB say it gets something for
nothing, since it shares frequencies with other sources.
Opponents disagreeCell phone industry against UWB because
CDMA most susceptible to interference of UWBGPS may also
be affectedOne solution may be to have two types of systems –
one for indoors (stronger) and one for outdoors (1/10 the power)
*
*
Infrared TransmissionsTransmissions that use a focused ray of

light in the infrared frequency rangeVery common with remote
control devices, but can also be used for device-to-device
transfers, such as PDA to computer
*
*
Near-Field CommunicationsVery close distances or devices
touchingMagnetic induction (such as radio frequency ID) used
for transmission of dataCommonly used for data transmission
between cellphones (non-Apple devices)
*
*
ZigBeeBased upon IEEE 802.15.4 standardUsed for low data
transfer rates (20-250 Kbps)Also uses low power
consumptionIdeal for heating, cooling, security, lighting, and
smoke and CO detector systemsZigBee can use a mesh design –
a ZigBee-enabled device can both accept and then pass on
ZigBee signals

*
*
*
*
*
*
Media Selection CriteriaCostSpeedDistance and
expandabilityEnvironmentSecurity

*
*
CostDifferent types of costsInitial cost – what does a particular
type of medium cost to purchase? To install?Maintenance /
support costROI (return on investment) – if one medium is
cheaper to purchase and install but is not cost effective, where
are the savings?
*
*
SpeedTwo different forms of speed:Propagation speed – the
time to send the first bit across the mediumThis speed depends
upon the mediumAirwaves and fiber are speed of lightCopper
wire is two thirds the speed of lightData transfer speed – the
time to transmit the rest of the bits in the messageThis speed is
measured in bits per second

*
*
Expandability and DistanceCertai n media lend themselves more
easily to expansionDon’t forget right-of-way issue for
conducted media and line-of-sight for certain wireless media
*
*
EnvironmentMany types of environments are hazardous to
certain mediaElectromagnetic noiseScintillation and
movementExtreme environmental conditions
*

*
SecurityIf data must be secure during transmission, it is
important that the medium not be easy to tapMake the wire
impervious to electromagnetic wiretappingEncrypt the signal
going over the medium
*
*
Conducted Media in Action: Two ExamplesFirst example –
simple local area networkHub typically usedTo select proper
medium, consider:Cable distanceData rate
*
*
Conducted Media in Action:
Two Examples (continued)

*
*
Conducted Media in Action:
Two Examples (continued)Second example – company wishes to
transmit data between buildings that are one mile apartIs
property between buildings owned by company?If not consider
using wirelessWhen making decision, need to
consider:CostSpeedExpandability and
distanceEnvironmentSecurity
*
*
Wireless Media In Action: Three ExamplesFirst example – you
wish to connect two computers in your home to Internet, and
want both computers to share a printerCan purchase wireless
network interface cardsMay consider using Bluetooth
devicesSecond example – company wants to transmit data
between two locations, Chicago and Los AngelesCompany

considering two-way data communications service offered
through VSAT satellite system
*
*
Wireless Media In Action:
Three Examples (continued)
*
*
Three Examples (continued)Third example – second company
wishes to transmit data between offices two miles
apartConsidering terrestrial microwave system

*
*
Three Examples (continued)
*
*
SummaryAll data communication media can be divided into two
basic categories: (1) physical or conducted media, and (2)
radiated or wireless media, such as satellite systemsThe three
types of conducted media are twisted pair, coaxial cable, and
fiber-optic cableTwisted pair and coaxial cable are both metal
wires and are subject to electromagnetic interferenceFiber -optic
cable is a glass wire and is impervious to electromagnetic
interferenceExperiences a lower noise level Has best
transmission speeds and long-distance performance of all
conducted media

*
*
Summary (continued) Several basic groups of wireless media
exist: terrestrial microwave transmissions, satellite
transmissions, cellular telephone systems, infrared
transmissions, WiMAX, Bluetooth, Wi-Fi, free space optics,
ultra-wideband, near-field communications, and ZigBeeEach of
the wireless technologies is designed for specific
applicationsWhen trying to select particular medium for an
application, it helps to compare the different media using these
six criteria: cost, speed, expandability and distance, right-of-
way, environment, and security
*
Chapter 6
Security Organization
Copyright © 2014 by McGraw-Hill Education.

Introduction
Every business needs a risk management approach that is
headed by a top level executive in the organization who is
dedicated to risk management and information security. Security
can no longer be left in the hands of the technologists. It must
be acknowledged, considered, embraced, and championed at the
highest levels of the organization—in other words, it must be
aligned to the business objectives of the organization to
maintain or improve its value.
The organization requires executive-level representation in the
business, because the management of risks related to
information security is ultimately the responsibility of senior
management. Whether the business is regulated or not, the top
executives are on the hook for any consequences that occur due
to failure of security controls.
Regardless of the specific functions within the security
organization, the definition of who does what should be well
defined in an org chart with clear responsibilities assigned to
each individual, so security can be properly managed.
Security Organization
Chief Security Risk Officer (CSRO) or Chief Information

Security Officer (CISO)
Responsible for risk management.
All organizations need an executive decision-maker who is
responsible for security risk
Accountable for all security efforts
Oversees all aspects of risk management
Oversees the information security function
CSRO / CISO Responsibilities
Ensure the business has risk management skills in its human
capital.
Establish an organizational structure that supports a risk
management strategy.
Implement an integrated risk management framework.
Define the business’s risk appetite in terms of loss tolerance.
Ensure the business can absorb the risk in terms of human and
financial resources.
Establish risk assessment, management, response, mitigation,
and audit procedures.
Influence the business’s risk culture and provide organizational
learning opportunities.
Security Director
Works with the executive team to accomplish business goals
Requires expert communication, negotiation, and leadership
skills, as well as technical knowledge of IT and security

hardware
Experienced in information security decision-making.
Oversees and coordinates security efforts across the business,
including IT, HR, Communications, Legal, Facilities, and other
departments
Security Director Responsibilities
Coordinates the security-related strategic and visionary goals of
the business
Oversees security management and vendors who safeguard the
business’s assets, intellectual property, and computer systems,
as well as the physical safety of employees and visitors
Identifies protection goals and objectives consistent with
corporate strategic plans
Manages the development and implementation of global security
policy (rules), standards (minimum requirements), guidelines
(recommendations), and procedures (step-by-step instructions)
to ensure ongoing maintenance of security
Maintains relationships with local, state, and federal law
enforcement and other related government agencies
Oversees the investigation of security breaches and assists with
disciplinary and legal matters associated with such breaches as
necessary
Works with outside consultants as appropriate for independent
security audits
Participates in the business’s change management process at the
organizational and strategic level
Is fluent with the various aspects of the risk management
framework

Security Manager
Day-to-day responsibility for all security-related activities and
incidents
All operational security positions report to this position
Responsible for management and distribution of the security
policy, policy adherence and coordination, and security incident
coordination
Security Manager Responsibilities
Develops and maintains a comprehensive security program
Develops and maintains a business resumption plan for
information resources
Approves access and formally assigns custody of the
information resources
Ensures compliance with security controls
Plans for contingencies and disaster recovery
Ensures that adequate technical support is provided to define
and select cost-effective security controls
Security Architect
Responsibility for the security architecture, including
conducting product testing and keeping track of new bugs and

security vulnerabilities as they arise
Produces a detailed security architecture for the network based
on identified requirements, and uses this architecture
specification to drive efforts toward implementation
Security Architect Responsibilities
Identifies threats and vulnerabilities
Identifies risks to information resources through risk analysis
Identifies critical and sensitive information resources
Works with the data owner to assess and classify information
Works with technical management to specify cost-effective
security controls and convey security control requirements to
users and custodians
Assists the security manager in evaluating the cost-effectiveness
of controls
Security Engineer
Technically implements the architect’s designs
Works directly with the architect on design decisions and with
the administrator on device management decisions

Security Engineer Responsibilities
Installation and configuration of networks and network devices
such as web application firewalls, network firewalls, switches,
load balancers, and routers
Security configuration of Unix, Linux, or Windows servers
Security configuration of applications and databases
Installation, configuration, and design of security tools,
including development and coding
Security incident investigation, including network packet
capture
Maintenance and monitoring of network and host intrusion
detection and prevention technologies
Security Administrator
Implements security on a day-to-day, operational/tactical basis
at the facility
Executes all actions directed by the security architect, security
engineer, security manager, or as required by security policy or
incident response procedures
Ensures that security requirements are met and maintained on
all computers, networks, and network technologies, including
patch management and operating system upgrades
Often the first person contacted whenever there is a suspected
or known security problem
Operational/tactical responsibility for ensuring that the
business, its reputation, and its assets are protected and has the
authority to take any and all action necessary to accomplish this
goal

Security Administrator Responsibilities
Implements the security controls specified by the security
architect, security engineer, and security manager
Implements physical and procedural safeguards for information
resources within the facility
Administers access to the information resources and makes
provisions for timely detection, reporting, and analysis of actual
and attempted unauthorized access to information resources
Provides assistance to the individuals responsible for
information security
Assists with acquisition of security hardware/software
Assists with identification of vulnerabilities and other data-
gathering activities and log file analysis
Develops and maintains access control rules
Maintains user lists, passwords, encryption keys, and other
authentication and security-related information and databases
Develops and follows procedures for reporting on monitored
controls
Security Analyst
Supports the security architect, security engineer, security
administrator, and security management in analyzing and
producing reports required for the assessment and smooth
functioning of security operations

Security Analyst Responsibilities
Monitors alerts and reports generated by security systems
Reviews log files as generated by security devices and servers,
making note of anomalies
Compiles reports as required by management or as specified by
security policy
Maintains security metrics
Collaborates with security organization team members to assess
and analyze security operations and suggests improvement
Manages quality control and change management initiatives for
the security organization
Maintains security policy documentation and ensures that
necessary changes are incorporated as directed by the architect
or management
Security Investigator
Responsible for Legal, HR, and internal investigations into
security incidents, breaches, attacks, and violations
Often works closely with law enforcement agencies as needed
Technical expertise as well as evidence handling and forensic
procedures
Security Investigator Responsibilities
Responds to requests from HR, Legal, and other internal

departments to investigate incidents
Coordinates with outside attorneys or law enforcement
representatives
Collects and preserves evidence from computer systems
Performs e-discovery and forensic searches for keywords and
patterns
Produces detailed reports on investigations
Provides information to the HR and Legal departments for
action
Maintains strict secrecy about ongoing investigations
Security Awareness Trainer
Develops and delivers security awareness training to the
business based on corporate security policy, standards,
procedures, and guidelines.
Background in security as well as in education and training
Coordinates and collaborates with the security department
subject matter experts to ensure that the training is both
comprehensive and accurate
Facility Security Officer
Enforces physical security policy at each building location
Authority to take action without the approval of the
management at the facility when required to ensure physical
security
Reviews physical security reports such as facility access records

Coordinates activities related to security incidents at the facility
Application Security
Knowledgeable about the programming languages
Trained in security programming techniques
Provides guidance and training to programmers on how to write
secure code
Reviews code produced by the programmers for security
vulnerabilities and flaws
Business Continuity and Disaster Recovery Planning
Business continuity planning (BCP)
Disaster recovery (DR) planning and testing
Non-security Jobs with Security Responsibilities
System and network administrators
Data owners
Data custodians

Security Incident Response Team
Individuals from various parts of the business are brought
together to handle emergencies.
They join the team apart from their daily responsibilities in
order to prepare, practice, and drill for potential emergencies
and, in the event of an actual emergency, handle the situation.
Examples of incidents a response team might handle include
Hostile intrusions into the network by unauthorized people
Damaging or hostile software loose on a system or on the
network
Personnel investigations for unauthorized access or acceptable
use violations
Virus activity
Software failures, system crashes, and network outages
Cooperation with international investigations
Court-ordered discovery, evidentiary, or investigative legal
action
Illegal activities such as software piracy
Managed Security Services
An information security provider for outsourced services may
be needed if
Security expertise is not found in house
Security is required 24´7´365 while functionality may be
required only for certain business windows (for example, 8 a.m.
to 5 p.m.)
Vast amounts of data must be examined
Specialized skill sets are hard to find

Security Council, Steering Committee, or Board of Directors
A security council or steering committee, whose members
include representatives from each major business department,
provides a forum for information exchange that facilitates the
job of the security practitioner and identifies business
requirements to which the security organization should be privy.
Interaction with Human Resources
Human Resources departments need to provide required
information about new hires.
HR also reports required information about terminations.
HR manages contractor information.
Summary
The CSRO or CISO is the highest level of security manager in
midsize and larger businesses, with ultimate responsibility for
all security efforts for the business.
Security functions include strategic positions such as
management, architecture, and policy specialists, as well as
operational positions such as administrators, analysts, and

investigators. Other functions such as BCP, DR, and physical
security may also reside within the information security
organization, depending on the nature of the business.
In addition to these full-time roles, security response teams
comprise collections of individuals from various parts of the
business who are removed from their daily responsibilities and
brought together to prepare, practice, and drill for emergencies.
These are the people who handle emergencies when they arise.
A corporate security council or steering committee, whose
members include representatives from each major department in
the business that are stakeholders in the end result of the
security program, provides a forum for information exchange
and input into the decisions that shape the security program.
For those functions not staffed internally, MSSPs are an option.
These outside firms are contracted by businesses to perform
specific security tasks such as monitoring, alerting, and incident
response. MSSPs can be less expensive, more efficient, and
more effective.
Chapter 4
Secure Design Principles

Introduction
This chapter covers information security principles.
Every network security implementation is based on a model.
The CIA triad is perhaps the most well-known model, with
focus on confidentiality, integrity, and availability of data.
Other models focus on other aspects of information security
Firewalls as a primary defense is a perimeter security model
Relying on several different security mechanisms is a layered
defense model
Every security design includes assumptions about what is
trusted and what is not trusted, and who can go where.
Countermeasures
The CIA Triad
The CIA triad is a data-centric model to help people think about
security, although it is neither perfect nor all-inclusive.
Confidentiality: Restriction of access to data only to those who
are authorized to use it
“confidential” implies access to one set of data by many sources
“private” means the data is accessible only to a single source
Integrity: Assurance that data has not been altered
Availability: Assurance that a service will be available when
needed

Alternatives to the CIA Triad
Parkerian Hexad
Confidentiality, Integrity, Availability, Control, Authenticity,
Utility
U.S. DoD “Five Pillars of Information Assurance”
Confidentiality, Integrity, Availability, Authenticity, Non-
repudiation
OECD guidelines The Organization for Economic Co-operation
and Development
Confidentiality, Integrity, Availability, Awareness,
Responsibility, Response, Ethics, Democracy, Risk Assessment,
Security Design and Implementation, Security Management, and
Reassessment.
NIST 800-27
Proposes 33 principles for securing technology systems
Best-known Attributes of Security
Confidentiality
Integrity
Availability
Accountability
Accuracy
Authenticity
Awareness
Completeness
Consistency
Control
Democracy
Ethics
Legality
Non-repudiation

Ownership
Physical possession
Reassessment
Relevance
Response
Responsibility
Risk assessment
Security design and implementation
Security management
Timeliness
Utility
Defense Models
The Lollipop
Hard, crunchy shell; soft, chewy center
Once the hard, crunchy exterior is broken, the soft, chewy
center is exposed
Not the best defense model
The Onion
Layered strategy
Defense in depth
Must be peeled away by the attacker, layer by layer, with plenty
of crying

Zones of Trust
Different areas of a network trust each other in different ways
Best Practices
Secure the physical environment.
Harden the operating system.
Keep patches updated.
Use an antivirus scanner (with real-time scanning).
Use firewall software.
Secure network share permissions.
Use encryption.
Secure applications.
Back up the system.
Create a computer security defense plan.
Implement ARP poisoning defenses.
Secure the Physical Environment
Lock down PCs and laptops.
Password-protect boot.
Password-protect CMOS.
Disable peripheral device boot.

Harden the Operating System
1. Reduce the attack surface of systems by turning off
unneeded services.
2. Install secure software.
3. Configure software settings securely.
4. Patch systems regularly and quickly.
5. Segment the network into zones of trust and place systems
into those zones based on their communication needs and
Internet exposure.
6. Strengthen authentication processes.
7. Limit the number (and privileges) of administrators.
Keep Patches Updated
In most cases, the vulnerabilities exploited are widely known,
and the affected vendors have already released patches.
Attacks against unpatched systems are widely successful.
Use an Antivirus Scanner
Essential
Forced, automatic updates
Enabled for real-time protection

Use Firewall Software
Stateful inspection systems capable of analyzing threats
occurring anywhere in layers 3 through 7.
Able to collate separate events into one threat description.
Block unwanted inbound connections.
Block unauthorized software applications (such as Trojans)
from initiating outbound traffic.
Secure Network Share Permissions
One of the most common ways a attacker or worm spreads
By default, Windows assigns the Everyone group Full Control
on every newly created share
This is the opposite of the least privilege principle (maybe it
should be called the most privilege principle)
Use Encryption
Protects passwords
Protects data
’nuff said

Secure Applications
Applications should be configured with the vendors’
recommended security settings.
Block active e-mail content from executing.
Block dangerous file attachments.
Install applications to nonstandard directories and ports.
Enforce policies to designate what software is allowed to run on
a particular computer.
Eradicate or secure P2P services.
Make sure any new programs in your environment are developed
securely.
Back Up the System
Recover modified, corrupted, or deleted files.
Worms and viruses often delete files, format hard drives, or
intentionally corrupt data.
You cannot always repair the damage and put the system back
to the way it was prior to an exploit, so backups are essential.
Create a Computer Security Defense Plan
1. Inventory the assets to protect.
2. Decide the value of each asset and its chance of being
exploited in order to come up with a quantifiable exposure risk.

3. Develop a plan to tighten the security on your protected
assets.
Assets with the highest exposure risk should be given the most
protection, but make sure all assets get some baseline level of
security.
4. Develop and document security baseline tools and
methods.
For example, a security template for end-user workstations
Apply security templates to workstations
5. Use vulnerability testing tools to confirm appropriate
configurations.
6. Do periodic testing to make sure security settings stay
implemented.
7. Change and update the plan as dictated by new events and
risks.
Implement ARP Poisoning Defenses
ARP poisoning attacks are one of the most common and
effective threats against network infrastructures (especially
wireless networks).
ARP spoofing is a type of attack in which a malicious actor
sends falsified ARP (Address Resolution Protocol) messages
over a local area network. This results in the linking of an
attacker's MAC address with the IP address of a legitimate
computer or server on the network.
A form of man-in-the-middle attack that allow an attacker to
intercept and modify network traffic, invisibly. Thus, these
attacks merit their own special countermeasures.
Defenses include
Static ARP tables
Port rate limiting

DHCP snooping with dynamic ARP inspection (DAI).
Dynamic Host Configuration Protocol. This is a method for
automatically configuring TCP/IP network settings on
computers, printers, and other network devices
Summary
The CIA triad is a well-known model, but there are many
others.
The onion model is a better defense than the lollipop.
Trust is an important consideration in every network.
Attacks can come from automated malicious code or from
manual attackers.
You can implement many counter measures to minimize the risk
of a successful attack, including securing the physical
environment, keeping patches updated, using an antivirus
scanner, using a firewall, securing user accounts, securing the
file system, securing network shares, and securing applications.
Security settings should be automated whenever possible and
should be part of a computer security defense plan.

Chapter ThreeConducted and Wireless MediaData Commun

Recommended

Recommended

More Related Content

Similar to Chapter ThreeConducted and Wireless MediaData Commun

Similar to Chapter ThreeConducted and Wireless MediaData Commun (19)

More from JinElias52

More from JinElias52 (20)

Recently uploaded

Recently uploaded (20)

Chapter ThreeConducted and Wireless MediaData Commun