1 / 11

Chapter 13 Network Security

Chapter 13 Network Security. Auditing Antivirus Firewalls Authentication Authorization Encryption. Security Policy Steps. Assets Threats Vulnerabilities Risk Protective measure Virus protection Firewall Authentication Encryption. Auditing. Personal: internal or external Methods

bconnors
Download Presentation

Chapter 13 Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Chapter 13Network Security • Auditing • Antivirus • Firewalls • Authentication • Authorization • Encryption

  2. Security Policy Steps • Assets • Threats • Vulnerabilities • Risk • Protective measure • Virus protection • Firewall • Authentication • Encryption

  3. Auditing • Personal: internal or external • Methods • Manual auditing: policy auditing or off-line audit (policy development & implementation) • automated auditing: event detection or real-time audits (software & exception reports) • Security probes: weak spots & improvement • Intrusion detection systems or Security Analyzer Tool for Analyzing Networks (SATAN) • Courtney

  4. Antivirus Technology • Virus scanning: signature scanners • Emulation technology: activity monitors (virtual PC) • CRC checkers: hashing checkers

  5. Firewall Architectures • Packet filtering • Application gateway

  6. Packet Filtering • Port-level filter, network-level filter, or packet filter • Filter tables: source and destination addresses • Weakness: IP spoofing

  7. Application Gateways • Application-level filters, assured pipe-lines, application gateways, or proxies • Sources, services or application • Weakness • I nability to detect malicious code

  8. Firewall Functions • Encryption • Virus scanning • Violation notification • Authentication • System monitoring • Auditing and logging • Attack protection

  9. Authentication • categories • What you know • What you have • What you are • Types • Token authentication • Biometric authentication

  10. Encryption methods • Private key encryption • Same algorithm • Data encryption standard (DES): 64-bit key • Public key encryption • Rivest-Shamir-Adelman: RSA • Public/private key encryption • Digital signature encryption • Private key, hashing program, original document

  11. Assignment • Review chapters 8, 9, & 13

More Related