1 / 58

Security+ Guide to Network Security Fundamentals Chapter 1

Security+ Guide to Network Security Fundamentals Chapter 1. المدرس : اياس القواسمة eyasa@usa.net البريد الالكتروني : 0564569838: الهاتف 2152 رقم المكتب:. Learning Objectives. Understand network security Understand security threat trends and their ramifications

ciaran-shaw
Download Presentation

Security+ Guide to Network Security Fundamentals Chapter 1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security+ Guide to Network Security FundamentalsChapter 1

  2. المدرس : اياس القواسمة eyasa@usa.netالبريد الالكتروني : 0564569838: الهاتف 2152 رقم المكتب:

  3. Learning Objectives • Understand network security • Understand security threat trends and their ramifications • Understand the goals of network security • Determine the factors involved in a secure network strategy

  4. Understanding Network Security • Network security • Process by which digital information assets are protected • Goals • Maintain integrity • Protect confidentiality • Assure availability

  5. Understanding Network Security • Security ensures that users: • Perform only tasks they are authorized to do • Obtain only information they are authorized to have • Cannot cause damage to data, applications, or operating environment

  6. Security Threats • Identity theft • Privacy concerns • Wireless access

  7. To Offset Security Threats • Integrity • Assurance that data is not altered or destroyed in an unauthorized manner • Confidentiality • Protection of data from unauthorized disclosure to a third party • Availability • Continuous operation of computing systems

  8. Quiz: Give real example for each information Security principles ? • Examples of Information Security Fundamental Principles: • Confidentiality: Exam questions prior to exam must hidden from students. • Integrity: Students grades must not be modified by students. • Availability: Student schedules system must be online and available during the beginning of the semester.

  9. Information Security Layers

  10. Security Vulnerabilities for Sale • Anyone can buy attack tools to take over computers

  11. Examples of Security Breaches

  12. Difficulties in Defending against Attacks

  13. Information Security Terminology • Asset • Something that has a value • Threat • An event or object that may defeat the security measures in place and result in a loss • Threat agent • A person or thing that has the power to carry out a threat

  14. Information Security Terminology • Vulnerability • Weakness that allows a threat agent to bypass security • Exploit • Takes advantage of a vulnerability • Risk • The likelihood that a threat agent will exploit a vulnerability • Realistically, risk cannot ever be entirely eliminated

  15. Information Security Terminology (continued)

  16. Information Security Terminology (continued)

  17. Security Ramifications:Costs of Intrusion • Causes of network security threats • Technology weaknesses • Configuration weaknesses • Policy weaknesses • Human error

  18. Ramifications: تشعبات

  19. 1-Technology Weaknesses • TCP/IP • Operating systems • Network equipment

  20. 2-Configuration Weaknesses • Unsecured accounts • System accounts with easily guessed passwords • Mis-configured Internet services • Unsecured default settings • Mis-configured network equipment • Trojan horse programs • Vandals ( المخربين) • Viruses

  21. 3- Policy Weaknesses • Lack of a written security policy • Politics • High turnover • Concise access controls not applied • Software and hardware installation and changes do not follow policy • Proper security • Nonexistent disaster recovery plan

  22. 4- Human Error • Accident • Ignorance • Workload • Dishonesty • Impersonation ( التمثيل) • Disgruntled employees ( الموظفين الساخطين) • Snoops( يتطفل) • Denial-of-service attacks

  23. Goals of Network Security • Achieve the state where any action that is not expressly permitted is prohibited • Eliminate theft • Determine authentication • Identify assumptions • Control secrets

  24. Creating a Secure Network Strategy • Address both internal and external threats • Define policies and procedures • Reduce risk across across perimeter security, the Internet, intranets, and LANs

  25. Creating a Secure Network Strategy • Human factors • Know your weaknesses • Limit access • Achieve security through persistence • Develop change management process • Remember physical security • Perimeter ( محيط)security • Control access to critical network applications, data, and services

  26. Creating a Secure Network Strategy • Firewalls • Prevent unauthorized access to or from private network • Create protective layer between network and outside world • Replicate network at point of entry in order to receive and transmit authorized data • Have built-in filters • Log attempted intrusions and create reports

  27. Creating a Secure Network Strategy • Web and file servers • Access control • Ensures that only legitimate traffic is allowed into or out of the network • Passwords • PINs • Smartcards

  28. Creating a Secure Network Strategy • Change management • Document changes to all areas of IT infrastructure • Encryption • Ensures messages cannot be intercepted or read by anyone other than the intended person(s)

  29. Creating a Secure Network Strategy • Intrusion detection system (IDS) • Provides 24/7 network surveillance • Analyzes packet data streams within the network • Searches for unauthorized activity

  30. Simplicity • Information security is by its very nature complex • Complex security systems can be hard to understand, troubleshoot, and feel secure about • As much as possible, a secure system should be simple for those on the inside to understand and use • Complex security schemes are often compromised to make them easier for trusted users to work with • Keeping a system simple from the inside but complex on the outside can sometimes be difficult but reaps a major benefit

  31. Who Are the Attackers? • The types of people behind computer attacks are generally divided into several categories • Hackers • Script kiddies • Spies • Employees • Cybercriminals • Cyberterrorists

  32. The NSA Hacker • Gary McKinnon hacked into NASA and the US Military • He was looking for evidence about UFOs

  33. Hackers • Hacker • Anyone who illegally breaks into or attempts to break into a computer system • Although breaking into another person’s computer system is illegal • Some hackers believe it is ethical as long as they do not commit theft, vandalism, or breach any confidentiality • Ethical Hacker • Has permission from the owner to test security of computers by attacking them

  34. Script Kiddies • Unskilled users • Download automated hacking software (scripts) from Web sites and use it to break into computers • Image from ning.com

  35. Spies • Computer spy • A person who has been hired to break into a computer and steal information • Excellent computer skills

  36. Employees • The largest information security threat • Motives • An employee might want to show the company a weakness in their security • Disgruntled employees may be intent on retaliating against the company • Industrial espionage • Blackmailing

  37. Cybercriminals • A loose-knit network of attackers, identity thieves, and financial fraudsters • More highly motivated, less risk-averse, better funded, and more tenacious than hackers • Many security experts believe that cybercriminals belong to organized gangs of young and mostly Eastern European attackers • Cybercriminals have a more focused goal that can be summed up in a single word: money

  38. Cybercriminals • Cybercrime • Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information • Financial cybercrime is often divided into two categories • Trafficking in stolen credit card numbers and financial information • Using spam to commit fraud

  39. Cyberterrorists • Their motivation may be defined as ideology, or attacking for the sake of their principles or beliefs • Goals of a cyberattack: • To deface electronic information and spread misinformation and propaganda • To deny service to legitimate computer users • To commit unauthorized intrusions into systems and networks that result in critical infrastructure outages and corruption of vital data

  40. Security Tradeoffs Security COST Ease of use Functionality

  41. Steps of an Attack • The five steps that make up an attack • Probe for information • Penetrate any defenses • Modify security settings • Circulate to other systems • Paralyze networks and devices

  42. Defenses against Attacks • Although multiple defenses may be necessary to withstand an attack • These defenses should be based on five fundamental security principles: • Layering • Limiting • Diversity • Obscurity • Simplicity

  43. Layering • Information security must be created in layers • One defense mechanism may be relatively easy for an attacker to circumvent • Instead, a security system must have layers, making it unlikely that an attacker has the tools and skills to break through all the layers of defenses • A layered approach can also be useful in resisting a variety of attacks • Layered security provides the most comprehensive protection

  44. Limiting • Limiting access to information reduces the threat against it • Only those who must use data should have access to it • In addition, the amount of access granted to someone should be limited to what that person needs to know • Some ways to limit access are technology-based, while others are procedural

  45. Diversity • Layers must be different (diverse) • If attackers penetrate one layer, they cannot use the same techniques to break through all other layers • Using diverse layers of defense means that breaching one security layer does not compromise the whole system

More Related