CCNA Security Chapter 1
Modern Network Security Threats
Preview Professor Deb Keller Network Authentication and Security
�Lesson Objectives
Describe the evolution of network security. Describe the drivers for network security. Describe the major network security organizations. Describe the domains of network security. Describe network security policies. Describe viruses, worms, and Trojan Horses. Describe how to mitigate threats from viruses, worms, and Trojan Horses. Describe how network attacks are categorized. Describe reconnaissance attacks. Describe access attacks. Describe Denial of Service attacks. Describe how to mitigate network attacks.
�Evolution of Network Security
Intrusion Detection Systems Intrusion Prevention Systems Firewalls Encryption
�Network Threats
Internal Threats External Threats Spoofing Table Overflow Denial of Service
�Goals of an Information Security Program
Confidentiality
Prevent the disclosure of sensitive information from unauthorized people, resources, and processes The protection of system information or processes from intentional or accidental modification
Integrity
Availability
The assurance that systems and data are accessible by authorized users when needed
�Drivers for Network Security
Hacking Phreaking Wardialing Wardriving Network Scanning Tools Remote system administration hacking tools Viruses, Worms, Spam DoS Attacks
�Network Security Jobs
Network Security Administrator Risk Analyst VPN Specialist Penetration Tester Network Perimeter/Firewall Specialist Security Response IDS/IPS Engineer
�Network Security Organizations
[Link]
[Link]
[Link] [Link] [Link] [Link] [Link] [Link] [Link]
�Network Security Domains
Risk Assessment Security Policy Organization of Information Security Asset Management Human Resources Security Physical and Environmental Security Communications & Operations Management Access Control IS acquisition, Development and Maintenance Info. Sec. Incident Management Business Continuity Management Compliance
�Cisco Self-Defending Network
360 degrees visibility and protection Simplified control Business resiliency
Policy Management Threat Management Endpoint Security Network Infrastructure
�Security Policy
Protects the assets of the organization Answers the questions
What do you have that others want? What processes, data, or systems are critical to your organization? What would stop your organization from doing business or fulfilling its mission?
�Malicious Code Attacks
Viruses Worms Trojan Horses
Description Key features Examples Mitigation
�Categorization of Attacks
Reconnaissance Access Denial of Service
Distributed Denial of Service
Description Key Features Examples Mitigation
�10 Best Practices
1. Keep patches up to date by installing them weekly or daily, if possible. 2. Shut down unnecessary services and ports. 3. Use strong passwords and change them often. 4. Control physical access to systems. 5. Avoid unnecessary web page inputs. Some websites allow users to enter usernames and passwords. A hacker can enter more than just a username. For example, entering "jdoe; rm -rf /" might allow an attacker to remove the root file system from a UNIX server. 6. Perform backups and test the backed up files on a regular basis. 7. Educate employees about the risks of social engineering, and develop strategies to validate identities over the phone, via email, or in person. 8. Encrypt and password-protect sensitive data. 9. Implement security hardware and software such as firewalls, IPSs, virtual private network (VPN) devices, anti-virus software, and content filtering. 10. Develop a written security policy for the company.