Module 3 - Identifying threats to network security. In this module, you will learn how to identify possible threats to a network and understand common motivations of attackers. The module introduces the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) threat model as an effective way to predict where threats may occur in an organization. | Module 3: Identifying Threats to Network Security Overview Introduction to Security Threats Predicting Threats to Security Lesson: Introduction to Security Threats Why Network Attacks Occur Who Attacks Networks? Common Types of Network Vulnerabilities How Network Attacks Occur Difficulties in Defending Networks Reasons that attackers break into networks include: Revenge Espionage Publicity Personal satisfaction Terrorism Why Network Attacks Occur Who Attacks Networks? Ability Characteristics of attackers Novice Possess little programming experience Use tools that are made by others Intermediate Possess significant programming skills Automate tools that are created by others Advanced Are expert programmers Develop tools that others use to attack networks Corporate Headquarters External Attacker Internet Internal Attacker Common Types of Network Vulnerabilities Vulnerability Examples Weak passwords Employees use blank or default passwords Password is predictable Unpatched software Service packs are not maintained Security hotfixes are not applied Incorrectly configured hardware and software Users have too many privileges Applications run as the Local System account Social engineering Help desk administrator resets a password without verifying the identity of the caller Weak security on Internet connections Unused services and ports are not secured Firewalls and routers are used improperly Unencrypted data transfer Authentication packets are sent in clear text Important data is sent over the Internet in clear text How Network Attacks Occur Stages of attack Examples of attacker actions 1. Footprint Runs a port scan on the firewall 2. Penetration Exploits an unpatched Web server 3. Elevation of privilege Creates an account with administrator rights 4. Exploit Defaces the Web site 5. Cover-up Erases the audit trail of the exploit Corporate Headquarters Attacker 1 2 5 4 3 Parties Characteristics Attackers Can attack with very low cost Only need to . | Module 3: Identifying Threats to Network Security Overview Introduction to Security Threats Predicting Threats to Security Lesson: Introduction to Security Threats Why Network Attacks Occur Who Attacks Networks? Common Types of Network Vulnerabilities How Network Attacks Occur Difficulties in Defending Networks Reasons that attackers break into networks include: Revenge Espionage Publicity Personal satisfaction Terrorism Why Network Attacks Occur Who Attacks Networks? Ability Characteristics of attackers Novice Possess little programming experience Use tools that are made by others Intermediate Possess significant programming skills Automate tools that are created by others Advanced Are expert programmers Develop tools that others use to attack networks Corporate Headquarters External Attacker Internet Internal Attacker Common Types of Network Vulnerabilities Vulnerability Examples Weak passwords Employees use blank or default passwords Password is predictable Unpatched software .