CCNA Discovery 1 Module 8

1
CCNA Discovery 1 Module 8

• Basic Security

2
Threat Types

• Information Theft
• Identity Theft
• Data Loss / Manipulation
• Disruption of Service (Denial of Service / DoS)?

3
Threat Sources

• External Threats
• Outside the organization
• Via Internet
• Via Wireless
• Internal Threats
• Inside the Organization
• Intentional Sabotage/Espionage
• Unintentional Virus Infections and Spyware/Malware

4
Social Engineering

• Manipulation of people to gain information
• Pretexting
• Phishing
• Vishing (Phone Phishing)?

5
Pests

• Viruses
• Self-Replicating
• Modifies or deletes other programs and files
• Must be activated or run
• Worms
• Self-Replicating via network
• Does not necessarily require activation
• Trojan Horses
• Self-Replicating
• Appears as a legitimate program
• Damages data or provides a back door for attack

6
Denial of Service (DoS)?

• Disrupt Normal Service
• May be launched by a single machine or a group of
  machines (Distributed DoS)?
• Examples
• SYN Flood
• Ping of Death
• Traffic Flood

7
Brute Force

• Strong, Fast, and Dumb
• Try as many guesses as possible as quickly as
  possible
• Can cause DoS due to network traffic and
  processor loads

8
Spyware, Adware, Cookies, Pop-Ups

• Spyware collects user information without
  permission
• Adware uses user information to display targeted
  advertising (relentlessly at times)?
• Tracking Cookies are small pieces of data to
  track users on web sites. Not entirely bad.
• Pop-Ups and Pop-Unders are annoying tools used by
  web marketers to assault you with advertisements

9
Spam (Not Ham)?

• Unsolicited bulk e-mail advertisements
• Cost bandwidth, time, money, and processing
  resources to handle
• Additional costs exist to fight spam

10
Security Policy

• A formal statement of rules that users must
  adhere to when using technology assets
• Defines acceptable use terms and penalties
• Should outline incident management
• Think of it as the master plan or the big
  picture - the technical and implementation
  details still must be worked out by the
  administrator (you)?

11
Common Policy Subjects

• Identification and Authentication Policies
• Password Policies
• Acceptable Use Policies
• Remote Access Policies
• Incident Handling Procedures

12
Common Security Tools

• Software Patches/Updates (CRITICAL)?
• Virus Protection
• Spyware Protection
• Spam Blockers
• Popup Blockers
• Firewalls

13
Firewall Types

• Appliance-Based
• Server-Based
• Integrated
• Personal

14
DMZ (De-Militarized Zone)?

• Tightly controlled access
• Separate from both internal and external networks
• Used typically for public facing servers
• Servers can sometimes access internal resources
  also

15
Firewall Strategies

• Single Firewall
• Appropriate for smaller networks
• Single point of failure
• Can be overloaded
• DMZ is a third network connected to firewall
• Double Firewall
• Appropriate for large corporate networks
• Increased cost
• DMZ resides between firewalls