Download - Accessing the WAN: Ch4 - Network Security

Save a tree. Please, don't print these slides unless it's necessary.

Accessing the WAN: Chapter 4

Abdelkhalik Elsaid Mosa

All pictures are copied from Cisco CCNA Exploration: Semester 4 – Accessing the WAN

If you found any mistake’s’ on these slides or if you

have any other questions or comments, please feel

free to email me at: [email protected] or

[email protected]

Thanks,

Abdelkhalik Elsaid MosaSuez Canal University – Faculty of Computers & Informatics

Cisco Local Academy – Ismailia - Egypt

Why is Network Security Important?

The Increasing Threat to Security

White hat

Hacker

Black hat Cracker

PhreakerSpammer Phisher

Think like an attacker

• Step 1. Perform footprint analysis (reconnaissance).

• Step 2. Enumerate information.

• Step 3. Manipulate users to gain access.

• Step 4. Escalate privileges.

• Step 5. Gather additional passwords and secrets.

• Step 6. Install backdoors.

• Step 7. Leverage the compromised system.

Open versus Closed Networks

Developing a Security Policy

• Security Policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.

• A security policy meets these goals:

1. Informs users, staff, and managers of their obligatory requirements for protecting technology and information assets.

2. Specifies the mechanisms through which these requirements can be met.

3. Provides a baseline from which to acquire, configure, and audit computer systems and networks for compliance with the policy.

• ISO/IEC 27002: a guideline for developing organizational security standards.

Risk assessment - Security policy - Organization of information security - Asset management - Human resources security - Physical and environmental security -

Communications and operations management - Access control - Information systems acquisition, development, and maintenance - Information security

incident management - Business continuity management, Compliance

Common Security Threats: Vulnerabilities

• Threats are the people interested and qualified in taking advantage of each security weakness.

• Vulnerability is the degree of weakness which is inherent in every network and device. This includes routers, switches, desktops, servers, and even security devices.

1. Technological weaknesses

Common Security Threats: Vulnerabilities

2. Configuration weaknesses

3. Security policy weaknesses

Common Security Threats: Threats to Physical Infrastructure

• The four classes of physical threats are:

1. Hardware threats-Physical damage to servers, routers, switches, cabling plant, and workstations

2. Environmental threats-Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)

3. Electrical threats-Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss

4. Maintenance threats-Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling

Common Security Threats: Threats to Physical Infrastructure

Common Security Threats: Threats to Networks

Common Security Threats: Social Engineering

Types of Network Attacks

Types of Network Attacks: Reconaissance

Types of Network Attacks: Access Attacks

Types of Network Attacks: DoS and DDoS

Types of Network Attacks: Malicious Code Attacks

General Mitigation Techniques

General Mitigation Techniques: IDS, IPS

General Mitigation Techniques: Common Security Appliances & Applications

Network admission controlAdaptive Security Appliances