Chapter 4 – Network Security docx

THÔNG TIN TÀI LIỆU

Cấu trúc

Chapter 4 – Network Security
Why is Network Security Important?
Threat Capabilities
Think Like a Attacker
Step 1: Footprint Analysis
Step 2: Enumerate Information
Step 3: Manipulate Users to Gain Access
Step 4: Escalate Privilege
Step 5: Gather Additional Password & Secrets
Step 6: Install Back Doors and Port Redirections
Step 7: Leverage the Compromised System
100% Security
Open versus Closed Networks
Open Access Network
Restrictive Access Network
Closed Access Networks
Developing a Security Policy
Developing a Security Policy
Common Security Threats
Threats to Physical Infrastructure
Network Security Threats
Unstructured threats
Structured threats
External threats
Internal threats
Social Engineering
Types of Network Attacks
Reconaissance Attacks
Internet Information Queries
Port Scans and Ping Sweeps
Port Scan and Ping Sweep Attack Mitigation
Packet Sniffers
Packet Sniffer Mitigation
Access Attacks
Password Attacks
Password Attack Mitigation
Trust Exploitation
Trust Exploitation Attack Mitigation
Port Redirection
Man-in-the-Middle Attacks & Mitigation
DoS Attacks
Ping of Death Attack
SYN Flood Attack
DDos Attacks
DoS: Smurf Attack
Malicious Code Attacks
Anatomy of a Worm Attack
Mitigating Worm Attacks
General Mitigation Techniques
Intrusion Detection and Prevention
Host-based Intrusion Detection Systems
Common Security Appliances and Applications
The Network Security Wheel
Secure Network
Monitor Network
Test Secure
Improve Secure
What is a Security Policy?
Components of a Security Policy
Safeguard a Router
Password-Protecting a Router
Configure the Line-Level Password
Enable Password
Cisco-Proprietary Password Encryption
Enhanced Username Password Security
Hardening Login
Hardening Login
Securing Administrative Access to Routers
Securing Administrative Access to Routers
Implementing SSH to Secure Remote Administrative Access
Configuring SSH Security
Slide Number 84
Why is Syslog Important?
Log Output Destination
Syslog System
Syslog Severity Levels
Syslog Severity Levels Examples
Structure of a Syslog Message
Configuring for Syslog
Slide Number 94
Vulnerable Router Services and Interfaces
Vulnerable Router Services and Interfaces
Cisco Auto Secure
Cisco Auto Secure
Routing Protocol Authentication Overview
Routing Protocol Authentication
Slide Number 103
What is Cisco SDM?
Cisco SDM Features
Configuring Your Router to Support Cisco SDM
Starting Cisco SDM
Cisco SDM Home Page Overview
About Your Router Area
Configuration Overview Area
Cisco SDM Wizards
http://www.cisco.com/cdc_content_elements/flash/sdm/demo.htm?NO_NAV
Locking Down a Router with Cisco SDM
Locking Down a Router with Cisco SDM
Slide Number 115
Maintaining Cisco IOS Software Image
Cisco IOS File Systems and Devices
URL Prefixes for Cisco Devices
Commands for Managing Configuration Files
Cisco IOS File Naming Conventions
Using TFTP Servers to Manage IOS Images
Backing Up IOS Software Image
Upgrading IOS Software Images
Slide Number 129
Restoring IOS Software Images
Using xmodem to Restore an IOS Image
Slide Number 132
Cisco IOS Troubleshooting Commands
Using the show Command
Using the debug Command
Considerations when using the debug Command
Commands Related to the debug Command
Password Recovery
Router Password Recovery Procedure
Slide Number 143

Nội dung

1 Chapter 4 – Network Security CCNA Exploration 4.0 Học viện mạng Bach Khoa - Website: www.bkacad.com Why is Network Security Important? Vote Bank Medicate Travel Purchase Threat Capabilities Sophistication of Hacker Tools Packet Forging/ Spoofing 2000 19951990 1985 Password Guessing Self Replicating Code Password Cracking Exploiting Known Vulnerabilities Disabling Audits Back Doors Hijacking Sessions Sweepers Sniffers Stealth Diagnostics Technical Knowledge Required High Low Think Like a Attacker Học viện mạng Bach Khoa - Website: www.bkacad.com Step 1: Footprint Analysis Học viện mạng Bach Khoa - Website: www.bkacad.com Step 2: Enumerate Information Học viện mạng Bach Khoa - Website: www.bkacad.com Step 3: Manipulate Users to Gain Access Học viện mạng Bach Khoa - Website: www.bkacad.com Step 4: Escalate Privilege Học viện mạng Bach Khoa - Website: www.bkacad.com Step 5: Gather Additional Password & Secrets Học viện mạng Bach Khoa - Website: www.bkacad.com Step 6: Install Back Doors and Port Redirections Học viện mạng Bach Khoa - Website: www.bkacad.com [...]... Bach Khoa - Website: www.bkacad.com Open Access Network • • • An open security model is the easiest to implement Simple passwords and server security become the foundation of this model If encryption is used, it is implemented by individual users or on servers Học viện mạng Bach Khoa - Website: www.bkacad.com Restrictive Access Network A restrictive security model is more difficult to implement Firewalls... model Học viện mạng Bach Khoa - Website: www.bkacad.com Closed Access Networks • • • A closed security model is most difficult to implement All available security measures are implemented in this design This model assumes that the protected assets are premium, all users are not trustworthy, and that threats are frequent Network security departments must clarify that they only implement the policy,... compliance with the policy Học viện mạng Bach Khoa - Website: www.bkacad.com Developing a Security Policy Học viện mạng Bach Khoa - Website: www.bkacad.com Common Security Threats Học viện mạng Bach Khoa - Website: www.bkacad.com Common Security Threats Học viện mạng Bach Khoa - Website: www.bkacad.com Common Security Threats Học viện mạng Bach Khoa - Website: www.bkacad.com Threats to Physical Infrastructure... Website: www.bkacad.com Developing a Security Policy • A security policy meets these goals: 1 Informs users, staff, and managers of their obligatory requirements for protecting technology and information assets 2 Specifies the mechanisms through which these requirements can be met 3 Provides a baseline from which to acquire, configure, and audit computer systems and networks for compliance with the policy... www.bkacad.com Network Security Threats Học viện mạng Bach Khoa - Website: www.bkacad.com Unstructured threats Học viện mạng Bach Khoa - Website: www.bkacad.com Structured threats Học viện mạng Bach Khoa - Website: www.bkacad.com External threats Học viện mạng Bach Khoa - Website: www.bkacad.com Internal threats Học viện mạng Bach Khoa - Website: www.bkacad.com Social Engineering Types of Network Attacks... Khoa - Website: www.bkacad.com 100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards Even then, I wouldn’t stake my life on it… Học viện mạng Bach Khoa - Website: www.bkacad.com ” Open versus Closed Networks Học viện mạng Bach Khoa - . 1 Chapter 4 – Network Security CCNA Exploration 4. 0 Học viện mạng Bach Khoa - Website: www.bkacad.com Why is Network Security Important? Vote Bank Medicate Travel Purchase Threat. www.bkacad.com Open versus Closed Networks Học viện mạng Bach Khoa - Website: www.bkacad.com Open Access Network • An open security model is the easiest to

Ngày đăng: 16/03/2014, 08:20

Xem thêm