Chapter 4 – Network Security docx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (10.88 MB, 143 trang )
1
Chapter 4 – Network Security
CCNA Exploration 4.0
Học viện mạng Bach Khoa - Website: www.bkacad.com
Why is Network Security Important?
Vote
Bank
Medicate
Travel
Purchase
Threat Capabilities
Sophistication
of Hacker Tools
Packet Forging/
Spoofing
2000
19951990
1985
Password
Guessing
Self Replicating Code
Password
Cracking
Exploiting Known
Vulnerabilities
Disabling
Audits
Back
Doors
Hijacking
Sessions
Sweepers
Sniffers
Stealth Diagnostics
Technical
Knowledge
Required
High
Low
Think Like a Attacker
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 1: Footprint Analysis
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 2: Enumerate Information
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 3: Manipulate Users to Gain Access
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 4: Escalate Privilege
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 5: Gather Additional Password & Secrets
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 6: Install Back Doors and Port Redirections
Học viện mạng Bach Khoa - Website: www.bkacad.com
Step 7: Leverage the Compromised System
Học viện mạng Bach Khoa - Website: www.bkacad.com
100% Security
Học viện mạng Bach Khoa - Website: www.bkacad.com
“
”
The only system which is truly secure is
one which is switched off and unplugged,
locked in a titanium lined safe, buried in a
concrete bunker, and
is surrounded by nerve gas and very highly
paid armed guards. Even then,
I wouldn’t stake my life on it….
Học viện mạng Bach Khoa - Website: www.bkacad.com
Open versus Closed Networks
Học viện mạng Bach Khoa - Website: www.bkacad.com
Open Access Network
• An open security model is the easiest to implement .
• Simple passwords and server security become the foundation of this model.
• If encryption is used, it is implemented by individual users or on servers.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Restrictive Access Network
A restrictive security model is more difficult to implement .
Firewalls and identity servers become the foundation of this model.
Closed Access Networks
• A closed security model is most difficult to implement. All available security
measures are implemented in this design.
• This model assumes that the protected assets are premium, all users are not
trustworthy, and that threats are frequent.
• Network security departments must clarify that they only implement the policy,
which is designed, written, and approved by the corporation.
Học viện mạng Bach Khoa - Website: www.bkacad.com
Học viện mạng Bach Khoa - Website: www.bkacad.com
Developing a Security Policy
• A security policy meets these goals:
1. Informs users, staff, and managers of their obligatory
requirements for protecting technology and information assets
2. Specifies the mechanisms through which these requirements
can be met
3. Provides a baseline from which to acquire, configure, and
audit computer systems and networks for compliance with the
policy
Học viện mạng Bach Khoa - Website: www.bkacad.com
Developing a Security Policy
Common Security Threats
Học viện mạng Bach Khoa - Website: www.bkacad.com
Common Security Threats
Học viện mạng Bach Khoa - Website: www.bkacad.com
Common Security Threats
Học viện mạng Bach Khoa - Website: www.bkacad.com
Threats to Physical Infrastructure
Học viện mạng Bach Khoa - Website: www.bkacad.com
Threats to Physical Infrastructure
Học viện mạng Bach Khoa - Website: www.bkacad.com
Threats to Physical Infrastructure
Học viện mạng Bach Khoa - Website: www.bkacad.com
Threats to Physical Infrastructure
Học viện mạng Bach Khoa - Website: www.bkacad.com
