Professional Documents
Culture Documents
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Upon completion of this section, you should be able to:
• Describe the current network security landscape.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Common network security terms:
• Threat
• Vulnerability
• Mitigation
Cisco Security Intelligence Operations
• Risk
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Vectors of data loss:
• Email/Webmail
• Unencrypted Devices
• Removable Media
• Hard Copy
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Outside perimeter security:
• On-premise security officers
• Security traps
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
VM-specific threats: Components of a secure data center:
• Hyperjacking • Secure segmentation
• PIN enforcement
• Data wipe
• Jailbreak/root detection
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Upon completion of the section, you should be able to:
• Describe the evolution of network security.
• Describe malware.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Modern hacking titles:
• Script Kiddies
• Vulnerability Brokers
• Hacktivists
• Cyber Criminals
• State-Sponsored
Hackers
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Penetration testing tools:
• Password crackers • Forensic
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Network hacking attacks:
• Eavesdropping
• Data modification
• IP address spoofing
• Password-based
• Denial-of-service
• Man-in-the-middle
• Compromised-key
• Sniffer
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Classifications:
• Security software disabler
• Remote-access
• Data-sending
• Destructive
• Proxy
• FTP
• DoS
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Initial Code Red Worm Infection
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Components:
1.
Propagate
• Enabling vulnerability for 19 days
• Propagation mechanism
• Payload
4.
Code Red 2.
Launch DoS
Repeat the
cycle
Worm attack for
next 7 days
Propagation
3.
Stop and go
dormant for
a few days
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Ransomware Scareware
Spyware Phishing
Adware Rootkits
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Data
Modification
Syn Flood
Smurf
Attack
Reconnaissance
Access
DoS
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
• Initial query of a target
• Vulnerability scanners
• Exploitation tools
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
A few reasons why hackers use access attacks:
• To retrieve data
• To gain access
• Trust exploitation
• Port redirection
• Man-in-the-middle
• Buffer overflow
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
• Pretexting
• Phishing
• Spearphishing
• Spam
• Tailgating
• Baiting
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
1. Hacker builds a network of infected machines
• A network of infected hosts is called a botnet.
• The compromised computers are called zombies.
• Zombies are controlled by handler systems.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Upon completion of this section, you should be able to::
• Describe methods and resources to protect the networks.
• Explain how to secure the three functional areas of Cisco routers and switches.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Confidentiality:
Uses encryption to
encrypt and hide
data.
Components
of
Cryptography
Availability:
Integrity:
Assures data is
Uses hashing
accessible.
algorithms to
Guaranteed by
ensure data is
network hardening
unaltered during
mechanisms and
operation.
backup systems.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
• Risk assessment
• Security policy
• Asset management
• Access control
• Compliance
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Server Edge
and Branch
SecureX
Secure Secure
Access Mobility
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Cisco SecureX Architecture:
• Scanning engines
• Delivery mechanisms
• Next-generation endpoint
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Defines security policies based on five parameters:
• Type of device being used for access
• Person’s identity
• Application in use
• Location
• Time of access
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Please
add another slide for Fig 2 of page 1.3.3.6
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Best practices:
• Develop a written security policy.
• Educate employees about the risks of social engineering, and develop strategies to
validate identities over the phone, via email, or in person.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Containment
Inoculation Quarantine
Treatment
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Chapter Objectives:
• Explain network security.
• Explain tools and procedures to mitigate the effects of malware and common
network attacks.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Thank you.
• Remember, there are
helpful tutorials and user
guides available via your
NetSpace home page. 1
(https://www.netacad.com) 2
• These resources cover a
variety of topics including
navigation, assessments,
and assignments.
• A screenshot has been
provided here highlighting
the tutorials related to
activating exams, managing
assessments, and creating
quizzes.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 67