These slides discuss the basics of network security.
The first question that should be answered is, why is network security important?
Understanding the increasing threats to security from the past to today.
How to think like an attacker?
Step 1. Perform footprint analysis (reconnaissance).
Step 2. Enumerate information.
Step 3. Manipulate users to gain access.
Step 4. Escalate privileges.
Step 5. Gather additional passwords and secrets.
Step 6. Install backdoors.
Step 7. Leverage the compromised system.
The trade off between open versus closed networks.
Developing a security policy for the company or organization is a must.
Understanding the common security threats and the different types of network attacks.
Finally, general mitigation techniques and the security appliances and applications
Presentation on how to chat with PDF using ChatGPT code interpreter
Accessing the WAN: Ch4 - Network Security
1. Save a tree. Please, don't print these slides unless it's necessary.
Accessing the WAN: Chapter 4
Abdelkhalik Elsaid Mosa
All pictures are copied from Cisco CCNA Exploration: Semester 4 – Accessing the WAN
2. If you found any mistake’s’ on these slides or if you
have any other questions or comments, please feel
free to email me at: abdu.elsaid@gmail.com or
abdu.elsaid@yahoo.com
Thanks,
Abdelkhalik Elsaid Mosa
Suez Canal University – Faculty of Computers & Informatics
Cisco Local Academy – Ismailia - Egypt
10. Developing a Security Policy
• Security Policy is a formal statement of the rules by which people who are
given access to an organization's technology and information assets must
abide.
• A security policy meets these goals:
1. Informs users, staff, and managers of their obligatory requirements for
protecting technology and information assets.
2. Specifies the mechanisms through which these requirements can be met.
3. Provides a baseline from which to acquire, configure, and audit computer
systems and networks for compliance with the policy.
• ISO/IEC 27002: a guideline for developing organizational security standards.
Risk assessment - Security policy - Organization of information security - Asset
management - Human resources security - Physical and environmental security -
Communications and operations management - Access control - Information
systems acquisition, development, and maintenance - Information security
incident management - Business continuity management, Compliance
11. Common Security Threats: Vulnerabilities
• Threats are the people interested and qualified in taking
advantage of each security weakness.
• Vulnerability is the degree of weakness which is inherent in every
network and device. This includes routers, switches, desktops,
servers, and even security devices.
1. Technological weaknesses
13. Common Security Threats: Threats to Physical Infrastructure
• The four classes of physical threats are:
1. Hardware threats-Physical damage to servers, routers,
switches, cabling plant, and workstations
2. Environmental threats-Temperature extremes (too hot or too
cold) or humidity extremes (too wet or too dry)
3. Electrical threats-Voltage spikes, insufficient supply voltage
(brownouts), unconditioned power (noise), and total power
loss
4. Maintenance threats-Poor handling of key electrical
components (electrostatic discharge), lack of critical spare
parts, poor cabling, and poor labeling