Accessing the WAN: Ch4 - Network Security
-
Upload
abdelkhalik-mosa -
Category
Technology
-
view
144 -
download
1
description
Transcript of Accessing the WAN: Ch4 - Network Security
Save a tree. Please, don't print these slides unless it's necessary.
Accessing the WAN: Chapter 4
Abdelkhalik Elsaid Mosa
All pictures are copied from Cisco CCNA Exploration: Semester 4 – Accessing the WAN
If you found any mistake’s’ on these slides or if you
have any other questions or comments, please feel
free to email me at: [email protected] or
Thanks,
Abdelkhalik Elsaid MosaSuez Canal University – Faculty of Computers & Informatics
Cisco Local Academy – Ismailia - Egypt
Why is Network Security Important?
The Increasing Threat to Security
White hat
Hacker
Black hat Cracker
PhreakerSpammer Phisher
Think like an attacker
• Step 1. Perform footprint analysis (reconnaissance).
• Step 2. Enumerate information.
• Step 3. Manipulate users to gain access.
• Step 4. Escalate privileges.
• Step 5. Gather additional passwords and secrets.
• Step 6. Install backdoors.
• Step 7. Leverage the compromised system.
Open versus Closed Networks
Open versus Closed Networks
Open versus Closed Networks
Open versus Closed Networks
Developing a Security Policy
• Security Policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.
• A security policy meets these goals:
1. Informs users, staff, and managers of their obligatory requirements for protecting technology and information assets.
2. Specifies the mechanisms through which these requirements can be met.
3. Provides a baseline from which to acquire, configure, and audit computer systems and networks for compliance with the policy.
• ISO/IEC 27002: a guideline for developing organizational security standards.
Risk assessment - Security policy - Organization of information security - Asset management - Human resources security - Physical and environmental security -
Communications and operations management - Access control - Information systems acquisition, development, and maintenance - Information security
incident management - Business continuity management, Compliance
Common Security Threats: Vulnerabilities
• Threats are the people interested and qualified in taking advantage of each security weakness.
• Vulnerability is the degree of weakness which is inherent in every network and device. This includes routers, switches, desktops, servers, and even security devices.
1. Technological weaknesses
Common Security Threats: Vulnerabilities
2. Configuration weaknesses
3. Security policy weaknesses
Common Security Threats: Threats to Physical Infrastructure
• The four classes of physical threats are:
1. Hardware threats-Physical damage to servers, routers, switches, cabling plant, and workstations
2. Environmental threats-Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)
3. Electrical threats-Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss
4. Maintenance threats-Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
Common Security Threats: Threats to Physical Infrastructure
Common Security Threats: Threats to Physical Infrastructure
Common Security Threats: Threats to Physical Infrastructure
Common Security Threats: Threats to Physical Infrastructure
Common Security Threats: Threats to Networks
Common Security Threats: Social Engineering
Types of Network Attacks
Types of Network Attacks: Reconaissance
Types of Network Attacks: Access Attacks
Types of Network Attacks: Access Attacks
Types of Network Attacks: Access Attacks
Types of Network Attacks: Access Attacks
Types of Network Attacks: DoS and DDoS
Types of Network Attacks: DoS and DDoS
Types of Network Attacks: DoS and DDoS
Types of Network Attacks: DoS and DDoS
Types of Network Attacks: DoS and DDoS
Types of Network Attacks: Malicious Code Attacks
General Mitigation Techniques
General Mitigation Techniques: IDS, IPS
General Mitigation Techniques: Common Security Appliances & Applications
Network admission controlAdaptive Security Appliances