Đang chuẩn bị liên kết để tải về tài liệu:
Lecture CCNA security partner - Chapter 1: Network security concepts and policies

This chapter discusses how to develop a comprehensive network security policy to counter threats against information security. It also teaches you about possible threats and how to describe and implement the process of developing a security policy. It covers the identification of common vulnerabilities and threats, mitigation strategies, and the implementation of a security architecture using a lifecycle approach. | Network Security Concepts and Policies 1 To protect assets! Historically done through physical security and closed networks. Purpose of Security With the advent of personal computers, LANs, and the wide-open world of the Internet, the networks of today are more open. The Network Today To provide adequate protection of network resources, the procedures and technologies that you deploy need to guarantee three things : Confidentiality Integrity Availability of systems and data Basic Security Requirements An asset is anything of value to an organization. A vulnerability is a weakness in a system or its design that could be exploited by a threat. A threat is a potential danger to information or systems. A risk is the likelihood that a particular vulnerability will be exploited. An exploit is an attack performed against a vulnerability. A countermeasure (safeguard) is the protection that mitigates the potential risk. Data, Vulnerabilities, and Countermeasures 5 Need for Network Security . | Network Security Concepts and Policies 1 To protect assets! Historically done through physical security and closed networks. Purpose of Security With the advent of personal computers, LANs, and the wide-open world of the Internet, the networks of today are more open. The Network Today To provide adequate protection of network resources, the procedures and technologies that you deploy need to guarantee three things : Confidentiality Integrity Availability of systems and data Basic Security Requirements An asset is anything of value to an organization. A vulnerability is a weakness in a system or its design that could be exploited by a threat. A threat is a potential danger to information or systems. A risk is the likelihood that a particular vulnerability will be exploited. An exploit is an attack performed against a vulnerability. A countermeasure (safeguard) is the protection that mitigates the potential risk. Data, Vulnerabilities, and Countermeasures 5 Need for Network Security Business goals and risk analysis drive the need for network security Dealing with Risk : Reduce Limitation/avoidance Assurance Detection Recoverry Need for Network Security Adversaries, Methodologies, and Classes of Attack Adversaries : To defend against attacks on information and information systems, organizations must begin to define the threat by identifying potential adversaries. These adversaries can include the following: Nations or states Terrorists Criminals Hackers Corporate competitors Disgruntled employees Government agencies, such as the National Security Agency (NSA) and the Federal Bureau of Investigations (FBI) 8 Adversaries, Methodologies, and Classes of Attack Methodologies : Step 1. Perform footprint analysis (reconnaissance). Step 2. Enumerate applications and operating systems. Step 3. Manipulate users to gain access. Step 4. Escalate privileges. Step 5. Gather additional passwords and secrets. Step 6. Install back doors. Step 7. Leverage the compromised system. .