Security+ Guide to Network Security Fundamentals

Slides:



Advertisements
Similar presentations
Crime and Security in the Networked Economy Part 4.
Advertisements

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Cryptography and Network Security Chapter 1
Chapter 9: Privacy, Crime, and Security
Lecture 1: Overview modified from slides of Lawrie Brown.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
IS Network and Telecommunications Risks
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network Security PHILADELPHIA UNIVERSITY Ahmad Alghoul Module 1 Introduction: To Information & Security  Modified by :Ahmad Al Ghoul  Philadelphia.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Securing Information Systems
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
1 Guide to Network Defense and Countermeasures Chapter 2.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
Computer & Network Security
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
C8- Securing Information Systems
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
ACM 511 Introduction to Computer Networks. Computer Networks.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Note1 (Admi1) Overview of administering security.
Chapter 2 Securing Network Server and User Workstations.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Module 11: Designing Security for Network Perimeters.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Chap1: Is there a Security Problem in Computing?.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
CPT 123 Internet Skills Class Notes Internet Security Session B.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Securing Information Systems
Information Systems Security
CS457 Introduction to Information Security Systems
Securing Information Systems
Working at a Small-to-Medium Business or ISP – Chapter 8
Chapter 17 Risks, Security and Disaster Recovery
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Securing Information Systems
Security in Networking
IT Vocab IT = information technology Server Client or host
INFORMATION SYSTEMS SECURITY and CONTROL
Mohammad Alauthman Computer Security Mohammad Alauthman
Presentation transcript:

Security+ Guide to Network Security Fundamentals

Security Overview Chapter 1

Learning Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network security Determine the factors involved in a secure network strategy

Understanding Network Security Process by which digital information assets are protected Goals Maintain integrity Protect confidentiality Assure availability

Understanding Network Security Security ensures that users: Perform only tasks they are authorized to do Obtain only information they are authorized to have Cannot cause damage to data, applications, or operating environment

Security Threats Identity theft Privacy concerns Wireless access

To Offset Security Threats Integrity Assurance that data is not altered or destroyed in an unauthorized manner Confidentiality Protection of data from unauthorized disclosure to a third party Availability Continuous operation of computing systems

Security Ramifications: Costs of Intrusion Causes of network security threats Technology weaknesses Configuration weaknesses Policy weaknesses Human error

Technology Weaknesses TCP/IP Operating systems Network equipment

Configuration Weaknesses Unsecured accounts System accounts with easily guessed passwords Misconfigured Internet services Unsecured default settings Misconfigured network equipment Trojan horse programs Vandals Viruses

Policy Weaknesses Lack of a written security policy Politics High turnover Concise access controls not applied Software and hardware installation and changes do not follow policy Proper security Nonexistent disaster recovery plan

Human Error Accident Ignorance Workload Dishonesty Impersonation Disgruntled employees Snoops Denial-of-service attacks

Goals of Network Security Achieve the state where any action that is not expressly permitted is prohibited Eliminate theft Determine authentication Identify assumptions Control secrets

Creating a Secure Network Strategy Address both internal and external threats Define policies and procedures Reduce risk across across perimeter security, the Internet, intranets, and LANs

Creating a Secure Network Strategy Human factors Know your weaknesses Limit access Achieve security through persistence Develop change management process Remember physical security Perimeter security Control access to critical network applications, data, and services continued…

Creating a Secure Network Strategy Firewalls Prevent unauthorized access to or from private network Create protective layer between network and outside world Replicate network at point of entry in order to receive and transmit authorized data Have built-in filters Log attempted intrusions and create reports continued…

Creating a Secure Network Strategy Web and file servers Access control Ensures that only legitimate traffic is allowed into or out of the network Passwords PINs Smartcards continued…

Creating a Secure Network Strategy Change management Document changes to all areas of IT infrastructure Encryption Ensures messages cannot be intercepted or read by anyone other than the intended person(s) continued…

Creating a Secure Network Strategy Intrusion detection system (IDS) Provides 24/7 network surveillance Analyzes packet data streams within the network Searches for unauthorized activity

Chapter Summary Understanding network security Security threats Security ramifications Goals of network security Creating a secure network strategy