Skip to content

Cs507 Information Systems Assignment 3 Solution 2012 Olympics

Decision To Drop The Atomic Bomb Essay


Do you need help with with essay, research paper, homework or even dissertation?

Visit our website - https://goo.gl/HKbmHS (assignmenthelp24.com)





=================>>>CLICK HERE=================

=================>>>CLICK HERE=================

=================>>>CLICK HERE=================







=================>>>GET ASSIGNMENT HELP=================

=================>>>GET ASSIGNMENT HELP=================

=================>>>GET ASSIGNMENT HELP=================





sample annotated bibliography harvard
strictly ballroom essay fran
college essay persuasive topics
umi dissertation publishing city for pearson
examples of great mba essays
army purpose for critical thinking
marcyliena morgan the african american speech community essay
iana mac address assignment
attention grabber for essay on persuasion map
research papers in organizational behavior
sanierung unternehmen beispiel essay
persuasive essays about terrorism
how Hire Someone to Write My Research Paper use footnotes and endnotes in an essay
for or against gay marriage essay
cover letter builder examples
coursera computer networks homework meme
timed writing assignments
niche no essay scholarship reviews
formal greeting for cover letter
dulce et decorum est critical essay example
college essays about responsibility
gonzalez image processing bibtex bibliography
vark essay
university of michigan transfer essay examples
hesi critical thinking test
euthanasia research paper titles
sign painter house casual normal font for essays
dissertation rwth aachen vpn
are we distracted by technology essay titles
future of science and technology in india essay topics
22 types of essays 11th
ignou eco 14 assignment of lease
utu force assignment to rest days
child case study analysis for education
journeys essay introduction
coursework bank info photosynthesis and cellular
swing kids movie essay citation
the appropriation of cultures analysis essay
professional cover letter templates 2012 nfl
battlefield vietnam documentary review essay
oscola bibliography legislation define
robert m lafollette progressive era essay
political science as a science essay
cs507 assignment no 3 solution 2015 calendar
oss-101 solved assignment 2014 impala
essay about shipwrecked
rhopalodia descriptive essay
proportion confidence interval assumptions and critical thinking
example parent essay for private schools
gemini abad essays for scholarships
essay preparation for civil services india
Hire Someone to Write My Research Paper teejay level f homework booklet series
okonkwo and obierika essay checker
latex annotated bibliography example
essay on my old neighborhood remembered
essay on holi in hindi language for class 5
resume cover letter information technology manager position
my favourite local delicacies essay outline
compare and contrast essay between two products that are the same
debora halbert asserts in her essay that
controversial essay topics on adoption
national unity day india essay topics
states rights civil war essay introduction
mathi english term paper
elia essayist enfield
through deaf eyes essaytyper
health history example essay about myself
4th grade math homework fractions
essay mexican drug war pics
essay on friendship in 200 words or less
culpability vs responsibility assignment
von richter cinnoline synthesis essay
film school essay example
the letter a in the scarlet letter essay ideas
writing different types of essays writing
command leadership and staff assignment policy implementation
mixed aldol condensation of benzaldehyde and acetone chegg homework
Hire Someone to Write My Research Paper expense assignment system dod
background information introduction essay samples
my childhood years essay
can you use contractions in a narrative essay
guion argumentative essay topics
nisa essay
four operations maths homework year 4
the write stuff thinking through essays ebook
essay on unfair contract terms
argumentative outline for essay
narrative essay 1st grade
bbih bibliography for websites
bibliography of community currency research usa
gun control essay against the death
thesis for research papers
tulpa scientific research paper
brill 2000 essay
micro environment essay spm
brandeis admissions essay for graduate
science fair research paper abstract apa
economic extended essay guide
save trees save life free essays samples
essay referencing apa book
egypt and mesopotamia comparison essay
rugged engineer song essayons
deed of assignment of ip rights
coca cola facebook fan page+case study
bradshaw model gcse geography coursework
how to escape from doing your homework
help with college essay admission examples
graphic organizers for writing informative essays 4th
population explosion essay in marathi
edld 5335 week 2 assignment 2015 ford
funny story in english essay sample
supplementary aids and services case study
contents of a cover letter for a job
essay on travelling widens your horizon
mark deuze media life summary essay
homi jehangir bhabha essay
literary essays literature
research paper summary outline sheet
5 essay paragraph graphic organizer
good college essay about yourself
dissertations in marine biology
critical thinking and writing qmul
les pgd en droit administratif Hire Someone to Write My Research Paper dissertation
semiotic analysis of advertisement essay assignment
uw Hire Someone to Write My Research Paper milwaukee housing assignments tamu
olympics essay competition
research paper on group work rules
what is your dream vacation essay
an inspector calls stage directions essay sample
cola wars continue case study analysis paper
minimanual de qualidade de vida critical thinking
untersuchen auf stetigkeit beispiel essay
spoken language essay conclusions
ignou 4 u solved assignment
example thesis statements for a research paper
qrb 501 week 5 case study 21-102
kaplan gre recommended essay style
actors cover letter to agent examples of figurative language
descriptive essay on my home town
research paper note taking sheet for kids
refrigeration oils assignment discovery
call for submissions personal essays on depression
study habits essay
what is Hire Someone to Write My Research Paper a fact about homework
january 2010 sat essay topics
essayer coiffure femme en ligne
personal characteristics essay mba
gender reassignment surgeons in new york city
bambarakanda waterfall essay typer
essay on child labour in nepal poz

Presentation on theme: "CIST 1601 Information Security Fundamentals"— Presentation transcript:

1 CIST 1601 Information Security Fundamentals
Chapter 4 Monitoring Activity and Intrusion DetectionCollected and CompiledBy JD WillardMCSE, MCSA, Network+,Microsoft IT Academy AdministratorComputer Information Systems InstructorAlbany Technical College

2 Monitoring the Network Recognizing the Different Types of Network Traffic
Novell ProtocolsNetWare, a server-based networking environment/operating system, offers network protocols, services, and applications. NetWare is susceptible to DoS attacks. In addition to TCP/IP, NetWare supports two other proprietary protocols:Internetwork Packet Exchange (IPX) and Sequenced Packet Exchange (SPX) are unique to Novell 4.x and earlier NetWare networks. Since NetWare 5, NetWare has been able to use TCP/IP as its only transport protocol. IPX and SPX are fast, efficient, and well documented. They’re also susceptible to communications interception using internal monitoring. Microsoft created NWLink, an IPX-/SPX-compatible protocol that it owns.NetWare Directory Services (NDS) manages all the resources in a network. NDS provides a database of all network objects or resources.

3 Monitoring the Network Recognizing the Different Types of Network Traffic
The figure below shows an NDS tree. Notice that the NDS tree treats print devices, disk volumes, users, and groups as leaf objects, or resources, in the tree. Earlier versions of NetWare used bindery services; the bindery kept track of resources on a server-by-server basis. In the most recent versions of NetWare, NDS has been expanded and renamed eDirectory.

4 Monitoring the Network Recognizing the Different Types of Network Traffic
Microsoft ProtocolsNetBIOSThe biggest vulnerability with NetBIOS is that it opens ports for file and print sharing.These ports (which can include 135 through 139 and 445) can be accessed across the Internet as well as by devices on the local LAN.NetBEUINetBEUI is a nonroutable protocol, meaning that it can’t be sent across routers. NetBEUI traffic is easy to intercept internally using a network sniffer.WINS ServiceWindows Internet Naming Service (WINS) translates NetBIOS names to TCP/IP addresses. Because WINS is providing a service to clients who request information from it, it’s susceptible to DoS attacks. When left unpatched, it is also available for remote code execution.WINS Server Resolving TCP/IP address to NetBIOS Name

5 Monitoring the Network Recognizing the Different Types of Network Traffic
Network File System ProtocolNetwork File System (NFS) is the default file-sharing protocol for Unix systems. NFS allows a remote user to mount drives on a machine in the network. To be secure, NFS requires special configuration. NFS is equivalent to Distributed File System (DFS), which tends to exist outside of the Unix world.The Apple ProtocolMost manufacturers support AppleTalk, which isn’t intended for secure applications. Modern Macintosh systems can also use TCP/IP for connections.Most AppleTalk vulnerabilities are exploitations of programs that offer this service. For example, there are known vulnerabilities with programs that allow Linux to offer AppleTalk, but those weaknesses are with the programs themselves and not with AppleTalk per se.A remote system mounting a drive on a local machine using NFS.

6 Monitoring Network Systems
Reporting (07:32)Monitoring can occur on individual systems, on servers, or as a separate component of the network. The connection used is called a tap. The figure below illustrates some of the places where a network tap can occur. Each tap location presents a different view of the network. For effective security, multiple taps are probably needed.Your system faces both internal and external threats.Heavy traffic makes it necessary to dedicate personnel to monitoring. Network activity is also reported in system logs and audit files. It’s a good practice to periodically review these files. Automated tools make this process more manageable.Network sniffers and NIDSs are used to monitor network traffic. Network sniffers are manually oriented, whereas an NIDS can be automated.Tap locations used to monitor network traffic

7 Understanding Intrusion Detection Systems
Network Intrusion Detection and Prevention (5:40)Intrusion detection (ID) is the process of monitoring events in a system or network to determine if an intrusion is occurring.An intrusion is defined as any activity or action that attempts to undermine or compromise the confidentiality, integrity, or availability of resources.An IDS reports and monitors intrusion attempts.An IDS will announce an event through an alert when suspicious activity is encountered.Detection vs. Prevention (6:06)

8 Understanding Intrusion Detection Systems
An activity is an element of a data source that is of interest to the operator. This is usually a specific occurrence or event.The administrator is the person responsible making decisions about, the deployment and configuration of the IDS, alarm levels, historical logging, and session monitoring capabilities, and determining the appropriate responses to attacks and ensuring that those responses are carried out.An alert is the message from an IDS analyzer that indicates something of interest has happened. An alert is a message from the IDS indicating that an event has occurred. Alerts occur when activities of a certain type exceed a preset threshold.The analyzer is the component that analyzes the data collected by the sensor. The analyzer function uses data sources from sensors to analyze and determine whether an attack is under way.The data source is the raw information used by the IDS to detect suspicious activity. Data sources include audit files, system logs, or current network activity.An event is an occurrence in the data source that indicates a suspicious event. Not every activity ends up as an event, and not every event generates an alert. The event might trigger an alert if a deviation from normal network traffic patterns occurred or if an activity threshold was crossed.The manager is the component that the operator uses to manage the IDS. The manager may be a graphical interface, a real-time traffic screen, or a command-line-driven environment.Notification is the process or method by which the IDS manager makes the operator aware of an alert. This might include a graphic display or an e‑mail sent to the administrative staff.The operator is the person primarily responsible for the IDS.A sensor collects data from the data source and passes it on to the analyzer. If the analyzer determines that unusual activity has occurred, an alert may be generated.The components of an IDS working together to provide network monitoring

9 Understanding Intrusion Detection Systems
A signature-based system, also commonly known as misusedetection IDS (MD-IDS), is primarily focused on evaluating attacks based on a known identity, attack signature, or audit trail.All attack signatures are contained in a signature database. The signature database must be updated to remain effective. The user can examine the signature database, and quickly determine which intrusive activity the misuse detection system is programmed to alert on.Signature-based systems have an advantage because of their simplicity and their ability to operate online in real time. Other advantages include:Low number of false positivesDetailed text logsUse of few system resourcesSignature-based detection has several limitations, including being based excessively on passive monitoring and the rule sets need constant updating. They can detect only known attacks with identified signatures.A signature-based IDS in actionFalse Positives (3:23)

10 Understanding Intrusion Detection Systems
Anomaly-detection IDS (AD-IDS) detects any changes or deviations in network traffic. It is also called statistical anomaly detection. Anomaly detection is analogous to credit card fraud detection. Credit card companies maintain “spending profiles” for their customers.Anomaly detectors work by creating profiles or models on the normal behavior pattern of individual users, hosts, or network connections. There is an initial learning period before anomalies can be detected. Once the baselines are established, anomaly-based monitoring can detect anomalies. Sometimes the baseline is established through a manual process.The classifications of anomaly detection techniques include statistical methods, rule-based methods, distance-based methods, profiling methods, and model-based approaches.Anomaly-based monitoring is useful for detecting these types of attacks:Protocol and port exploitationNew exploits or buffer overflow attacksDoS attacks based on payloads or volumeNormal network failuresVariants of existing attacks in new environmentsHighly secure environments might use complex patterns of behavior analysis, in some cases learning individual patterns of use common to each user profile, so that variations can be identified.One of the disadvantages of anomaly-based IDS is that it generates false positives because the pattern of behavior can vary, or the pattern of behavior is too dynamic to analyze properly.AD-IDS using expert system technology to evaluate risks

11 Understanding Intrusion Detection Systems
Behavior-based monitoring works by looking at the way certain executable files make your computer behave. It determines whether a program is malicious by inspecting the stream of system calls that the program issues to the operating system.This monitoring method can be used to identify internal misuse by recognizing actions outside of normal access patterns or authorized events occurring outside of normal profile usage, such as the access of protected files during off hours.Behavior-based monitoring is not likely to produce a false alert because you defined non-acceptable behavior. Rules must be in place. If you do not properly define inappropriate behaviors, then attacks can occur. When you define a rule that prevents an client from executing the cmd.exe command and alerts you when this is attempted, you are using behavior-based monitoring.Behavior-based monitoring advantages include the following: It can identify malware before it is added to signature files, monitor for malware activities, and learn about malware based on previous detection.Behavior-based detection has several limitations, including high incidence of false alarms and slow file checking.

12 Working with a Network-Based IDS
The primary advantage of an network-based IDS (N-IDS) is the low maintenance involved in analyzing traffic in the network. An NIDS is easy and economical to manage because the signatures are not configured on all the hosts in a network segment.Violations of policy, monitoring of all HTTP traffic, and monitoring of all FTP traffic are examples of the types of information an NIDS is designed to monitor.An NIDS is not capable of analyzing encrypted information. For example, the packets that travel through a VPN cannot be analyzed by the NIDS. The lack of this capability is a primary disadvantage of an NIDS.The performance of an NIDS can be affected in a switched network environment because the NIDS will not be able to properly analyze all the traffic that occurs on the network on which it does not reside.Two basic types of responses can be formulated at the network level: passive and active.

13 Working with a Network-Based IDS
A network-based IDS (N-IDS) approach to IDS attaches the system to a point in the network where it can monitor and report on all network traffic.Placing the N-IDS in front of the firewall provides monitoring of all network traffic going into the network.Putting the N-IDS behind the firewall only allows you to see the traffic that penetrates the firewall.The best solution to creating a secure network is to place IDS in front of and behind the firewall.The N-IDS can be attached to a switch or a hub, or it can be attached to a tap. Intrusion is monitored on the network segment on which the NIDS is placed, and not on individual systems.N-IDS placement in a network determines what data will be analyzedA hub being used to attach the N-IDS to the network

14 Implementing a Passive Response
A passive response is the most common type of response to many intrusions and the easiest and cheapest to develop and implement. A passive threat response does nothing to prevent the threat or attack, just acknowledges that one is or is about to happen. The following list includes some passive response strategies:Logging involves gathering sufficient information on the attack to assist administrators in implementing measures to divert it. Logging usually involves recording of events and the circumstances under which they occurred.Notification involves informing the designated administrator when a security related event occurred and communicating information on the event. If the IDS is manned full time, messages can be displayed on the manager’s console to indicate that the situation is occurring.Shunning basically involves ignoring the attack because the specific attack will not work. The IDS can make a note of it in a log and move on to other more pressing business.

15 Implementing an Active Response
An active response involves taking an action based on an attack or threat. An active response will include one of the reactions briefly described here:Terminating processes or sessions   If a flood attack is detected, the IDS can cause the subsystem, such as TCP, to force resets to all the sessions that are under way.IDS instructing TCP to reset all connections

16 Implementing an Active Response
Network configuration changes   If a certain IP address or a particular socket or port is being attacked, the IDS can instruct a border router or firewall to reject any requests or traffic from that address or port. This configuration change can remain in effect permanently or for a specified period.IDS instructing the firewall to close port 80 for 60 seconds to thwart an IIS attack

17 Implementing an Active Response
Deception   A deception active response fools the attacker into thinking the attack is succeeding while the system monitors the activity and potentially redirects the attacker to a system that is designed to be broken.This allows the operator or administrator to gather data about how the attack is unfolding and the techniques being used in the attack. This process is referred to as sending them to the honeypot.It’s dangerous to allow a hacker to proceed into your network, even if you’re monitoring the events.This approach is frequently used when law enforcement is gathering evidence to ensure a successful prosecution of the attacker.A network honeypot deceives an attacker and gathers intelligence

18 Working with a Host-Based IDS
A Host Intrusion Detection System (HIDS) is designed to detect hacker attacks on a single computer system. HIDS software is installed on each host that needs IDS capabilities.Because the HIDS is installed on the local computer, the computer is completely compromised once a hacker penetrates the HIDS software.HIDS can monitor:Network traffic specific to the hostChecksums of important system filesPorts used by the system or incoming connectionsProcesses running on the systemHIDS can include filters and antivirus modules.HIDSs are good at detecting unauthorized file modifications and user activity.HIDS runs on a host in the network to:Monitor communicationsMonitor system logs and file systemsDetect suspicious activities, including failed login attemptsA host-based IDS cannot see information within encrypted tunnels.To monitor the internal network and external traffic the NIDSs and HIDs should be used together.A host-based IDS interacting with the operating system

19 Working with NIPSA network intrusion prevention system (NIPS) detects network intrusion attempts and controls access to the network for the intruders. A NIPS is an improvement over an IDS because an IPS actually prevents intrusion.An inline NIPS works like a Layer 2 bridge. It sits between the systems that need to be protected and the rest of the network.NIPS proactively protect machines against damage from attacks that signature-based technologies cannot detect, as most NIPS solutions have the ability to look at application layer protocols such as HTTP, FTP, and SMTP.When implementing a NIPS, keep in mind that the sensors must be physically inline to function properly. This adds single point of failure to the network. A good way to prevent this issue is to use fail-open technology. This means that if the device fails, it does not cause a complete network outage; instead, it acts like a patch cable.

20 Utilizing HoneypotsHoneypots are computer systems designed to be vulnerable points of attack on a separate network away from the corporate network. Honeypots lure a hacker by appearing to be a legitimate server with security holes that are ripe and ready for exploitation.A honeypot simulates a network of vulnerable devices, and have logging and tracing enabled. To attract hackers, a honeypot has its security level purposefully set quite low, so as to draw attackers to it, and divert them from the private network.This security technique is used to allow administrators to observe hackers in action while not exposing vital network resources.Law enforcement agencies use honeypots to gather evidence for prosecution.A honeypot is most often deployed on the DMZ or screened subnet.When compared to IDSs and firewalls, honeypots are usually easier to configure and monitor. In addition to this, IDSs and firewalls collect vast quantities of information while honeypots provide valuable information on only the specific attack.Before implementing a honeypot, you need to understand the concepts of enticement and entrapment:Enticement is the process of luring someone into your plan or trap. You might accomplish this by advertising that you have free software, or you might brag that no one can break into your machine. If you invite someone to try, you’re enticing them to do something that you want them to do.Entrapment is the process of encouraging an individual to perform an unlawful act that they wouldn’t normally have performed.While enticement is legally acceptable, entrapment isn’t. You should seek legal advice before you implement a honeypot on your network.

21 Understanding Incident Response
An incident is the occurrence of any event that endangers a system or network.Incident response encompasses forensics (identifying what has occurred) and refers to the process of identifying, investigating, repairing, documenting, and adjusting procedures to prevent another incident.It’s a good idea to include the procedures you’ll generally follow in an incident response plan (IRP). The IRP outlines what steps are needed and who is responsible for deciding how to handle a situation.A chain of custody tells how the evidence made it from the crime scene to the courtroom, including documentation of how the evidence was collected, preserved, and analyzed.

22 Understanding Incident Response
Step One: Identifying the IncidentThe first step is to identify the incident and determine if it is an incident, or just a false positive.A false positive occurs when the software classifies an action as a possible intrusion when it is actually a nonthreatening action.When a suspected incident pops up, first responders are those who must ascertain if it truly is an incident or a false alarm.When the response team has determined that an incident occurred, the next step in incident analysis involves considering how to handle it by taking a comprehensive look at the incident activity to determine the scope, priority, and threat of the incident.Escalation, involves consulting policies and appropriate management, and determining how best to conduct an investigation into the incident.

23 Understanding Incident Response
Step Two: Investigating the IncidentThe process of investigating an incident involves searching logs, files, and any other sources of data about the nature and scope of the incident.If possible, you should determine whether this is part of a larger attack, a random event, or a false positive.You might find that the incident doesn’t require a response if it can’t be successful.Your investigation might conclude that a change in policies is required to deal with a new type of threat.

24 Understanding Incident Response
Step Three: Repairing the DamageIn keeping with the severity of the incident, the organization can act to mitigate the impact of the incident by containing it and eventually restoring operations back to normal.Most operating systems provide the ability to create a disaster-recovery process using distribution media or backups of system state files.In the case of a DoS attack, a system reboot may be all that is required.Your operating system manufacturer will typically provide detailed instructions or documentation on how to restore services in the event of an attack.Just as every network, regardless of size, should have a firewall, it shouldalso be protected by antivirus software that is enabled and current.If a system has been severely compromised it may need to be regenerated from scratch. In that case, you’re highly advised to do a complete disk format or repartition to ensure that nothing is lurking on the disk, waiting to infect your network again.

25 Understanding Incident Response
Step Four: Documenting and Reporting the ResponseYou should document the steps you take to identify, detect, and repair the system or network .It is important to accurately determine the cause of each incident so that it can be fully contained and the exploited vulnerabilities can be mitigated to prevent similar incidents from occurring in the future.Many help-desk software systems provide detailed methods you can use to record procedures and steps.You should also report the incident to the law and/or CERT (www.cert.org) so that others can be aware of the type of attack and help look for proactive measures to prevent this from happening again.You might also want to inform the software or system manufacturer.

26 Understanding Incident Response
Step Five: Adjusting ProceduresAfter an incident has been successfully managed, revisit the procedures and policies in place in your organization to determine what changes, if any, need to be made.The following questions might be included in a policy or procedure manual:How did the policies work or not work in this situation?What did we learn about the situation that was new?What should we do differently next time?These simple questions can help you adjust procedures. This process is called a postmortem, the equivalent of an autopsy.

27 Working with Wireless Systems
Wireless transport layer security (WTLS) is the security layer for wireless connections that use the wireless access protocol (WAP). Wireless Application Protocol (WAP)  is an open international standard for applications that use wireless communication.WTLS provides authentication, encryption, and data integrity for wireless devices in the WAP environment.. WTLS provides reasonable security for mobile devices, and it’s being widely implemented in wireless devices.WAP provides the functional equivalent of TCP/IP for wireless devices. Many devices, including newer cell phones and PDAs, include support for WTLS as part of their networking protocol capabilities.WTLS as part of the WAP environment

28 IEEE 802.11x Wireless Protocols
The standard specifies the technologies that are used for wireless LANs.The Institute of Electrical and Electronics Engineers (IEEE) developed the standard.802.1x transmissions generate detectable radio-frequency signals in all directionsThe standard defines wireless LANs transmitting at 1Mbps or 2Mbps bandwidths using the 2.4GHz frequency spectrum and using either frequency-hopping spread spectrum (FHSS) or direct-sequence spread spectrum (DSSS) for data encoding.The a standard provides wireless LAN bandwidth of up to 54Mbps in the 5GHz frequency spectrum. The a uses orthogonal frequency division multiplexing (OFDM) for encoding.The b standard provides for bandwidths of up to 11Mbps in the 2.4GHz frequency spectrum. This standard is also called Wi-Fi or high rate. The b standard uses only DSSS for encoding.The g standard provides for bandwidths of up to 54Mbps in the 2.4GHz frequency spectrum.The n standard provides for bandwidths of up to 300Mbps in the 5GHz frequency spectrum (it can also communicate at 2.4GHz for compatibility). It offers higher speed and a frequency with less interference.

29 IEEE 802.11x Wireless Protocols
Direct-sequence spread spectrum (DSSS) transmits a signal that is a combination of an artificial and a real signal.DSSS accomplishes communication by adding the data to a higher speed transmission. The higher speed transmission contains redundant information to ensure data accuracy. Each packet can then be reconstructed in the event of a disruption.The receiving end utilizes the additional signal to maintain the integrity of the real signal when interference is experienced. Both ends must agree upon the method for generating the signal.DSSS offers superior range, the ability to block interference, and a transmission rate of 11 Mbps.Frequency-hopping spread spectrum (FHSS) accomplishes communication by hopping the transmission over a range of predefined frequencies. The changing or hopping is synchronized between both ends and appears to be a single transmission channel to both ends. FHSS signals are difficult for malicious users to pick up.Orthogonal Frequency-Division Multiplexing (OFDM) is a modulation scheme used with networks in the IEEE a standard. ODFM accomplishes communication by breaking the data into subsignals and transmitting them simultaneously. These transmissions occur on different frequencies or subbands.

30 IEEE 802.11x Wireless Protocols
The Wireless Application Protocol (WAP) is the technology designed for use with wireless devices. WAP functions are equivalent to TCP/IP functions in that they’re trying to serve the same purpose for wireless devices.The gateway converts information back and forth between HTTP and WAP as well as encodes and decodes between the security protocols. If the interconnection between the WAP server and the Internet isn’t encrypted, packets between the devices may be intercepted, creating a potential vulnerability. This vulnerability is called a gap in the WAP.Wired Equivalent Privacy (WEP) is a standard for wireless devices that encrypts data to provide data security. WEP is vulnerable due to weaknesses in the way the encryption algorithms are employed. It can potentially be cracked in as few as five minutes using available PC software. This makes WEP one of the more vulnerable protocols available for security.The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) technologies were designed to address the core problems with WEP. These technologies implement the i standard. The difference between WPA and WPA2 is that the WPA implements most of i in order to be able to communicate with older wireless cards, while WPA2 implements the full standard and is not compatible with older cards.WPA2 is currently the highest standard for Wi-Fi communication security.WEP and WPA (4:30)

31 Wireless Vulnerabilities to Know
MAC Filtering and SSID Management (3:20)