network security threats and mitigation unit objectives explain common threats and vulnerabilities...
TRANSCRIPT
![Page 1: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/1.jpg)
Network security threats and mitigation
Unit objectives Explain common threats and
vulnerabilities Explain common mitigation techniques Categorize different types of network
security appliances and methods Install and configure a firewall
![Page 2: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/2.jpg)
Topic A
Topic A: Network security threats Topic B: Threat mitigation Topic C: Network security appliances
and methods Topic D: Installing and configuring a
firewall
![Page 3: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/3.jpg)
Wireless security threats
Theft, rogue devices Default configuration of access points RF traffic Lack of encryption One-way authentication Client connection requests War chalking, war driving
![Page 4: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/4.jpg)
Vulnerabilities of access points
Physical access Firmware vulnerabilities Default accounts
![Page 5: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/5.jpg)
Wi-Fi scanners
Physical devices Laptop software
– Airsnort – NetStumbler
War driving War chalking Interference attacks Evil-twin attacks
![Page 6: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/6.jpg)
War chalking symbols
![Page 7: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/7.jpg)
Activity A-1
Scanning for insecure access points
![Page 8: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/8.jpg)
Denial-of-service attacks
Consume or disable resources by flooding systems with TCP/IP packets
Hit client computers and servers
![Page 9: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/9.jpg)
Distributed DoS attacks
Attacker uses multiple hosts Handlers Zombies
![Page 10: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/10.jpg)
DDoS countermeasures
Packet filtering Turn off directed broadcasts Block ports
![Page 11: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/11.jpg)
Man-in-the-middle attacks
Web spoofing Information theft TCP hijacking ARP poisoning ICMP redirect DNS poisoning
![Page 12: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/12.jpg)
Buffer overflow
Attackers insert malicious code Remote execution capability
![Page 13: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/13.jpg)
FTP bounce attacks
Use FTP port command Bypass security measures
![Page 14: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/14.jpg)
Smurf attacks
Flood a host with ICMP packets Use third-party network Configure routers to drop specific
ICMP packets
![Page 15: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/15.jpg)
Malware
Viruses Worms
![Page 16: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/16.jpg)
Activity A-2
Discussing attacks on wired networks
![Page 17: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/17.jpg)
Social engineering
Hacking people, not computers Goals include fraud, network intrusion,
espionage, identify theft, disruption Shoulder surfing
![Page 18: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/18.jpg)
Attack types
Dumpster diving Hoax Impersonation Phishing Pharming Shoulder surfing Skimming
Spam Spear phishing Spim Tailgating Vishing Whaling
![Page 19: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/19.jpg)
Social engineering countermeasures
Awareness Communicate security needs Policies
![Page 20: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/20.jpg)
Activity A-3
Discussing social engineering
![Page 21: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/21.jpg)
Topic B
Topic A: Network security threats Topic B: Threat mitigation Topic C: Network security appliances
and methods Topic D: Installing and configuring a
firewall
![Page 22: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/22.jpg)
Antivirus software
Combat viruses Real-time scanners Checksum Definition files Antivirus products
![Page 23: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/23.jpg)
Securing the operating system
Hardening Hotfixes Patches Updates Service packs
![Page 24: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/24.jpg)
Windows Update
![Page 25: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/25.jpg)
Updates
Important Recommended Optional
![Page 26: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/26.jpg)
Activity B-1
Updating the operating system
![Page 27: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/27.jpg)
Patch management
View list of installed updates View update information Uninstall updates when necessary
![Page 28: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/28.jpg)
Activity B-2
Managing software patches
![Page 29: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/29.jpg)
Security policies
Acceptable use Due care Privacy Separation of duties Need-to-know information Password management Account expiration Service-level agreements Ways to destroy or dispose of equipment,
electronic media, and printed documents
![Page 30: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/30.jpg)
Acceptable use
Defines how computer and network resources can be used
Protects information and limits liabilities and legal actions
Addresses productivity issues Employees should read and sign
document
![Page 31: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/31.jpg)
Due care
Judgment or care exercised in a given circumstance
Identifies risks to organization Assesses risks and measures to be
taken to ensure information security
![Page 32: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/32.jpg)
Privacy
Privacy of customer and supplier information– Contracts– Sales documents– Financial data– Personally identifiable information
Compromised information causes entities to lose trust
![Page 33: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/33.jpg)
Separation of duties
Avoids one person having all knowledge of a process– Potential for abuse– Knowledge leaves with person
Distribute tasks Document all procedures Security divided into multiple elements
– Each element assigned to different people
![Page 34: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/34.jpg)
Need to know
Sensitive information accessed only by those who must
Give IT team just enough permissions to perform duties
Give explicit access to those who need it
![Page 35: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/35.jpg)
Password management
Minimum password length Required characters Reset interval Reuse How users handle Check for weak passwords
![Page 36: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/36.jpg)
Account expiration
Unneeded counts disabled or deleted Disable accounts for extended leaves
![Page 37: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/37.jpg)
Service-level agreement
Contract between service provider and end-user
Defines levels of support Documents penalties Covers disaster recovery plans Contingency plans
![Page 38: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/38.jpg)
Disposal and destruction
Degauss magnetic media Zeroize drives Physically destroy media Lock recycle bins Shred or burn documents
![Page 39: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/39.jpg)
Activity B-3
Creating a security policy
![Page 40: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/40.jpg)
Human resources policies
Document manual procedures for automated duties
Access policies– ID badges– Keys– Restricted-access areas
Personnel management– Hiring process– Employee review and maintenance– Employee termination
![Page 41: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/41.jpg)
Incident response policy
1. Preparation
2. Detection
3. Containment
4. Eradication
5. Recovery
6. Follow-up
![Page 42: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/42.jpg)
Preparation
Have steps in place Balance easy access with effective
controls Identify steps to be taken Acceptable risks Due diligence
![Page 43: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/43.jpg)
Detection
Ask questions and document responses
![Page 44: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/44.jpg)
Containment
Shut down or take equipment offline Increase monitoring
![Page 45: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/45.jpg)
Eradication
Clean or delete files Restore data
![Page 46: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/46.jpg)
Recovery
Equipment Storage devices Passwords
![Page 47: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/47.jpg)
Follow-up
Document entire process Use documents for training or for legal
proceedings
![Page 48: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/48.jpg)
Activity B-4
Creating an incident response and reporting policy
![Page 49: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/49.jpg)
Education
Educate staff about security– Network administrators– End-users
Enables all employees to be part of security team
Enables regular user to see potential security problems or security violations
Customize as needed– Big picture for end-users– Detailed knowledge for administrative users– Exhaustive knowledge for security
administrators
![Page 50: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/50.jpg)
Communication
Identify what information can be shared and with whom
Identify what information can never be shared
Prove identity Social engineering threats
![Page 51: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/51.jpg)
User awareness
Reason for training Security contacts Whom to contact about security incidents Actions to take Policies about system account use Policies about system media use Techniques for sanitizing media and hard
copies Maintaining security of accounts Application and data policies Internet, Web, and e-mail policies
![Page 52: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/52.jpg)
Activity B-5
Identifying the need for user education and training
![Page 53: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/53.jpg)
Topic C
Topic A: Network security threats Topic B: Threat mitigation Topic C: Network security appliances
and methods Topic D: Installing and configuring a
firewall
![Page 54: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/54.jpg)
Assessment types
Threat Vulnerability Risk
![Page 55: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/55.jpg)
Vulnerability assessments
1. Establish a baseline
2. Review the code
3. Determine the attack surface
4. Review the architecture
5. Review the design
![Page 56: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/56.jpg)
Vulnerability testing tools
Port scanners Network mappers Password crackers Nessus and other dedicated scanning
applications
![Page 57: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/57.jpg)
Intrusion detection
Types– Anomaly-based, heuristic– Behavior-based – Signature-based
IDS monitors for attacks IPS takes action NIDS: network IDS HIDS: host-based IDS
![Page 58: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/58.jpg)
Events
True negative True positive False positive False negative
![Page 59: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/59.jpg)
Activity C-1
Discussing IDS characteristics
![Page 60: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/60.jpg)
NIDS
Monitors network for signs of attack Network location Indicators of malicious activity Active reaction options Passive reaction options
![Page 61: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/61.jpg)
IDScenter for Snort
![Page 62: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/62.jpg)
Example Snort rule
alert icmp any any -> any any (msg: “ICMP alert”;sid:2;)
Type (alert, log, etc.)
Protocol to watch
Source IP address
Source port
ID number (required)
Target IP
Message for log or alert
Target port
![Page 63: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/63.jpg)
HIDS
Monitors a single host HIDS operation Logs File modifications Application and resource monitoring Network traffic monitoring
![Page 64: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/64.jpg)
Advantages of HIDS over NIDS
Verify success or failure of attack Monitor individual users Monitor local attacks Not dependent on network (topology,
location, and so forth)
![Page 65: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/65.jpg)
Activity C-2
Comparing host-based and network intrusion detection systems
![Page 66: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/66.jpg)
Honeypots and honeynets
Honeypot: single host Honeynet: network Traps for attackers Purposes Ethical and legal considerations
![Page 67: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/67.jpg)
Honeypot examples
HoneyPoint Symantec Decoy Server Specter PacketDecoy HoneyBot Honeyd Project Honey Pot
![Page 68: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/68.jpg)
Honeypot deployment
![Page 69: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/69.jpg)
Activity C-3
Examining the role and use ofhoneypots and honeynets
![Page 70: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/70.jpg)
Topic D
Topic A: Network security threats Topic B: Threat mitigation Topic C: Network security appliances
and methods Topic D: Installing and configuring a
firewall
![Page 71: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/71.jpg)
Firewalls and proxies
Traffic control devices Techniques
– NAT and PAT– Packet filtering– Stateful packet inspection– Access control lists
![Page 72: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/72.jpg)
Firewall categories
Network-layer firewalls Application-layer firewalls
![Page 73: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/73.jpg)
Activity D-1
Examining firewalls and proxy servers
![Page 74: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/74.jpg)
Security zones
Network regions with various levels of security – Trusted zone– Semi-trusted zone – Untrusted zone
![Page 75: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/75.jpg)
Intranet zone
Organization’s own network Highly trusted Private address space Separated from public network
![Page 76: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/76.jpg)
Perimeter network
DMZ Network between intranet and Internet Not used in every network
![Page 77: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/77.jpg)
DMZ options
Screened host Bastion host Three-homed firewall Back-to-back firewalls Dead zone
![Page 78: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/78.jpg)
Screened host
![Page 79: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/79.jpg)
Bastion host
![Page 80: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/80.jpg)
Three-homed firewall
![Page 81: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/81.jpg)
Back-to-back firewalls
![Page 82: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/82.jpg)
Dead zone
![Page 83: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/83.jpg)
Traffic filtering
Outgoing traffic Incoming traffic
![Page 84: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/84.jpg)
NAT and PAT
Correlate internal and external addresses
Address availability Security
![Page 85: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/85.jpg)
Port address translation
Ports differentiate internal servers Common ports PAT enables
– Sharing of single external IP address– Added security for internal but publicly
accessible servers
![Page 86: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/86.jpg)
Activity D-2
Examining NAT and PAT devices
![Page 87: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/87.jpg)
Firewall administration
Host-based; network-based Software-based firewall vs. dedicated
appliance Rules-based Network layer vs. Application layer
![Page 88: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/88.jpg)
Rule planning
What traffic must always be allowed? What traffic must always be blocked?
Which systems must accept unsolicited inbound connections?
Can you use IPSec, Kerberos, etc.? Do you need to permit remote access? Do default rules meet your needs?
![Page 89: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/89.jpg)
Activity D-3
Configuring firewall rules
![Page 90: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/90.jpg)
Port security
Blocks rogue applications Configure at host level Use GPO or provisioning tool
![Page 91: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/91.jpg)
Activity D-4
Blocking ports with a firewall
![Page 92: Network security threats and mitigation Unit objectives Explain common threats and vulnerabilities Explain common mitigation techniques Categorize different](https://reader035.vdocuments.mx/reader035/viewer/2022062414/56649de35503460f94ada7c9/html5/thumbnails/92.jpg)
Unit summary
Explained common threats to and vulnerabilities in network security
Explained common mitigation techniques
Categorized different types of network security appliances and methods
Installed and configured a firewall