46340516 cisco press ccna security quick reference
Post on 05-Apr-2018
238 Views
Preview:
TRANSCRIPT
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 1/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 2/90
About the AuthorAnthony Sequeira, CCIE No. 15626, completed the CCIE in Routing and Switching in January 2006. He is currently
pursuing the CCIE in Security. For the past 15 years, he has written and lectured to massive audiences about the latest in
networking technologies. He is currently a senior technical instructor and certified Cisco Systems instructor for SkillSoft.
He lives with his wife and daughter in Florida. When he is not reading about the latest Cisco innovations, he is exploring
the Florida skies in a Cessna.
About the Technical EditorRyan Lindfield is an instructor and network administrator with Boson. He has more than 10 years of network adminis-
tration experience. He has taught many courses designed for CCNA, CCNP, and CCSP preparation, among others. He haswritten many practice exams and study guides for various networking technologies. He also works as a consultant, where
among his tasks are installing and configuring Cisco routers, switches, VPNs, intrusion detection systems, and firewalls.
[ 2 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 3/90
CHAPTER 1
Network Security Principles
Network Security FundamentalsThis section covers the need for network security and the security objectives found with most organizations. This section
also examines the different types of attacks that modern networks can experience.
Why do we need network security?Network threats include internal and external threats. Internal threats are the most serious. These threats often occur
because best practices are not followed. For example, blank or default passwords are used, or in-house developers use
insecure programming practices.
External threats typically rely on technical methods to attack the network. The CCNA in Security focuses on combating
these attacks using technical means. Firewalls, routers with access control lists (ACL), intrusion prevention systems (IPS),
and other methods are the focus.
Network security objectivesNetwork security should provide the following:
n Data confidentiality
n
Data integrityn Data and system availability
Confidentiality ensures that only authorized individuals can view sensitive data. Powerful methods of ensuring confiden-
tiality are encryption and access controls.
Integrity ensures that data has not been changed by an unauthorized individual.
[ 3 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 4/90
CHAPTER 1
Network Security Principles
Availability ensures that access to the data is uninterrupted. Denial-of-service (DoS) attacks attempt to compromise data
availability. These attacks typically try to fail a system using an unexpected condition or input, or fail an entire network
with a large quantity of information.
Data classificationPublic-sector classification levels include the following:
n Unclassified
n Sensitive but unclassified (SBU)
n Confidential
n Secret
n Top-secret
Private-sector classification levels include the following:
n Public
n Sensitive
n Private
n Confidential
Classification criteria include the following:
n Value: The most important factor.
n Age: With time, the sensitivity of data typically decreases.
[ 4 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 5/90
CHAPTER 1
Network Security Principles
n Useful life: Information can be made obsolete with newer info.
n Personal association: The data is associated with sensitive issues or individuals.
Classification roles include the following:
n Owner
n Custodian (responsible for the day-to-day management of the data)
n User
Security controls
Administrative controls involve policies and procedures.
Technical controls involve electronics, hardware, and software.
Physical controls are mostly mechanical.
Controls are categorized as preventative, deterrent, or detective.
Responses
Investigators must prove motive, opportunity, and means.
The system should not be shut down or rebooted before the investigation begins.
[ 5 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 6/90
CHAPTER 1
Network Security Principles
Laws and ethicsSecurity policy must attempt to follow criminal, civil, and administrative law.
Ethics refer to values that are even higher than the law.
Network Attack MethodologiesIt is very important to understand the command types of attacks that a network can experience. Studying these attacks is
the first step in defending against them
Motivations and classes of attackA vulnerability is a weakness in a system that can be exploited by a threat.
A risk is the likelihood that a specific attack will exploit a particular vulnerability of a system.
An exploit happens when computer code is developed to take advantage of a vulnerability.
The main vulnerabilities of systems are categorized as follows:
n Design errors
n Protocol weaknesses
n Software vulnerabilities
n Misconfiguration
[ 6 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 7/90
CHAPTER 1
Network Security Principles
n Hostile code
n Human factor
Potential adversaries can include the following:
n Nations or states
n Terrorists
n Criminals
n Hackers
n Corporate competitors
n Disgruntled employees
n Government agencies
Many different classifications are assigned to hackers, including the following:
n Hackers: Individuals who break into computer networks and systems to learn more about them.
n Crackers (criminal hackers): Hackers with a criminal intent to harm information systems.
n Phreakers (phone breakers): Individuals who compromise telephone systems.
n Script kiddies: Individuals with very low skill level. They do not write their own code. Instead, they run scriptswritten by other, more skilled attackers.
n Hacktivists: Individuals who have a political agenda in doing their work.
n Academic hackers: People who enjoy designing software and building programs with a sense for aesthetics and
playful cleverness.
[ 7 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 8/90
CHAPTER 1
Network Security Principles
n Hobby hacker: Focuses mainly on computer and video games, software cracking, and the modification of computer
hardware and other electronic devices.
How does a hacker usually think?1. Perform footprint analysis (reconnaissance).
2. Enumerate applications and operating systems.
3. Manipulate users to gain access.
4. Escalate privileges.
5. Gather additional passwords and secrets.
6. Install back doors.
7. Leverage the compromised system.
Defense in depthThe defense-in-depth strategy recommends several principles:
n Defend in multiple places.
n Defend the enclave boundaries.
n Defend the computing environment.
n Build layered defenses.
n Use robust components.
[ 8 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 9/90
CHAPTER 1
Network Security Principles
n Use robust key management.
n Deploy IDS or IPS.
IP spoofingIP spoofing refers to forging the source address information of a packet so that the packet appears to come from some
other host in the network. IP spoofing is often the first step in the abuse of a network service, or a DoS type of attack.
In IP spoofing, the attacker sends messages to a computer with an IP address that indicates the message is coming from a
trusted host.
The basis of IP spoofing lies in an inherent security weakness in TCP known as sequence prediction. Hackers can guess
or predict the TCP sequence numbers that are used to construct a TCP packet without receiving any responses from the
server. Their prediction allows them to spoof a trusted host on a local network.
IP spoofing attacks are categorized in one of two ways:
n Nonblind spoofing: The attacker sniffs the sequence and acknowledgment numbers and does not need to “predict”
them.
n Blind spoofing: The attacker sends several packets to the target machine to sample sequence numbers and then
predicts them for the attack.
Spoof attacks are often combined with IP source-routing options set in packets. Source routing is the ability of the source
to specify within the IP header a full routing path between endpoints. Cisco IOS routers drop all source-routed packets if
the no ip source-route global command is configured. Security devices, such as Cisco PIX 500 Series Security
Appliances and the Cisco ASA 5500 Series Adaptive Security Appliances, drop such packets by default.
[ 9 ]
© 2008 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 88 for more details.
CCNA Security Quick Reference by Anthony Sequeira
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 10/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 11/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 12/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 13/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 14/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 15/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 16/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 17/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 18/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 19/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 20/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 21/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 22/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 23/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 24/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 25/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 26/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 27/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 28/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 29/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 30/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 31/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 32/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 33/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 34/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 35/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 36/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 37/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 38/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 39/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 40/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 41/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 42/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 43/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 44/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 45/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 46/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 47/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 48/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 49/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 50/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 51/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 52/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 53/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 54/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 55/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 56/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 57/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 58/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 59/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 60/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 61/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 62/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 63/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 64/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 65/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 66/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 67/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 68/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 69/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 70/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 71/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 72/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 73/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 74/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 75/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 76/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 77/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 78/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 79/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 80/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 81/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 82/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 83/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 84/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 85/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 86/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 87/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 88/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 89/90
7/31/2019 46340516 Cisco Press CCNA Security Quick Reference
http://slidepdf.com/reader/full/46340516-cisco-press-ccna-security-quick-reference 90/90
top related