The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the technologies that Cisco uses in its security structure.
Network Security Concepts and Policies © 2012 Cisco and/or its affiliates All rights reserved Purpose of Security • To protect assets! – Historically done through physical security and closed networks © 2012 Cisco and/or its affiliates All rights reserved The Network Today • With the advent of personal computers, LANs, and the wide-open world of the Internet, the networks of today are more open © 2012 Cisco and/or its affiliates All rights reserved Basic Security Requirements • To provide adequate protection of network resources, the procedures and technologies that you deploy need to guarantee three things : – Confidentiality – Integrity – Availability of systems and data © 2012 Cisco and/or its affiliates All rights reserved Data, Vulnerabilities, and Countermeasures • An asset is anything of value to an organization • A vulnerability is a weakness in a system or its design that could be exploited by a threat • A threat is a potential danger to information or systems • A risk is the likelihood that a particular vulnerability will be exploited • An exploit is an attack performed against a vulnerability • A countermeasure (safeguard) is the protection that mitigates the potential risk © 2012 Cisco and/or its affiliates All rights reserved Need for Network Security • Business goals and risk analysis drive the need for network security • Dealing with Risk : – Reduce – Limitation/avoidance – Assurance – Detection – Recoverry © 2012 Cisco and/or its affiliates All rights reserved Need for Network Security © 2012 Cisco and/or its affiliates All rights reserved Adversaries, Methodologies, and Classes of Attack • Adversaries : To defend against attacks on information and information systems, organizations must begin to define the threat by identifying potential adversaries These adversaries can include the following: • Nations or states • Terrorists • Criminals • Hackers • Corporate competitors • Disgruntled employees • Government agencies, such as the National Security Agency (NSA) and the Federal Bureau of Investigations (FBI) © 2012 Cisco and/or its affiliates All rights reserved Adversaries, Methodologies, and Classes of Attack • Methodologies : – Step Perform footprint analysis (reconnaissance) – Step Enumerate applications and operating systems – Step Manipulate users to gain access – Step Escalate privileges – Step Gather additional passwords and secrets – Step Install back doors – Step Leverage the compromised system © 2012 Cisco and/or its affiliates All rights reserved Adversaries, Methodologies, and Classes of Attack Threats Classification • Enumeration and fingerprinting • Spoofing and impersonation • Man-in-the-middle • Overt and covert channels • Blended threats and malware • Exploitation of privilege and trust • Confidentiality • Password attacks • Availability attacks • Denial of service (DoS) • Botnet • Physical security attacks ã Forces of nature â 2012 Cisco and/or its affiliates All rights reserved 10 Sequence Prediction Sequence Number Prediction © 2012 Cisco and/or its affiliates All rights reserved 12 Trust Exploitation Trust Exploitation © 2012 Cisco and/or its affiliates All rights reserved 13 Confidentiality and Integrity Attacks Breach of Confidentiality © 2012 Cisco and/or its affiliates All rights reserved 14 Man-in-the-Middle Attacks IP Source Routing Attack © 2012 Cisco and/or its affiliates All rights reserved 15 Overt and Covert Channels Overt Channel © 2012 Cisco and/or its affiliates All rights reserved 16 Principles of Secure Network Design • Defense in depth • Compartmentalization • Least privilege • Weakest link • Separation and rotation of duties • Hierarchically trusted components and protection • Mediated access • Accountability and traceability © 2012 Cisco and/or its affiliates All rights reserved 17 Evaluating and Managing the Risk © 2012 Cisco and/or its affiliates All rights reserved 18 Risk Analysis and Management • Every process of security should first address the following questions: • Which are the threats the system is facing? • Which are the probable threats and what would be their consequence, if exploited? • The threat-identification process provides an organization with a list of threats to which a system is subject in a particular environment © 2012 Cisco and/or its affiliates All rights reserved 19 Risk Analysis • Quantitative • Qualitative © 2012 Cisco and/or its affiliates All rights reserved 20 Building Blocks of Risk Analysis List of Assets and Their Value • Assets and their value • Vulnerabilities • Threats, their impact, and rate or probability of occurrence © 2012 Cisco and/or its affiliates All rights reserved 21 A Lifecycle Approach to Risk Management © 2012 Cisco and/or its affiliates All rights reserved 22 Security Policies The three reasons for having a security policy are as follows: • To inform users, staff, and managers • To specify mechanisms for security • To provide a baseline A properly defined security policy does the following: • Protects people and information • Sets the rules for expected behavior • Authorizes staff to monitor, probe, and investigate • Defines the consequences of violations © 2012 Cisco and/or its affiliates All rights reserved 23 Security Policy Components Components of a Comprehensive Security Policy © 2012 Cisco and/or its affiliates All rights reserved 24 Secure Network Lifecycle Management Organization-wide Integration of IT Governance, Risk Management, Compliance © 2012 Cisco and/or its affiliates All rights reserved 25 © 2012 Cisco and/or its affiliates All rights reserved 26 ...Purpose of Security • To protect assets! – Historically done through physical security and closed networks © 2012 Cisco and/ or its affiliates All rights reserved The Network Today • With... the potential risk © 2012 Cisco and/ or its affiliates All rights reserved Need for Network Security • Business goals and risk analysis drive the need for network security • Dealing with Risk :... Recoverry © 2012 Cisco and/ or its affiliates All rights reserved Need for Network Security © 2012 Cisco and/ or its affiliates All rights reserved Adversaries, Methodologies, and Classes of Attack