Security awareness applying practical security in your world second edition
Download
1 / 49

Download It - PowerPoint PPT Presentation


  • 320 Views
  • Updated On :

Security Awareness: Applying Practical Security in Your World, Second Edition. Chapter 5 Network Security. Objectives. Explain how a network functions Discuss how to defend against network attacks Describe the types of attacks that are launched against networks and network computers.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Download It' - medwin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Security awareness applying practical security in your world second edition l.jpg

Security Awareness: Applying Practical Security in Your World, Second Edition

Chapter 5

Network Security


Objectives l.jpg
Objectives World, Second Edition

  • Explain how a network functions

  • Discuss how to defend against network attacks

  • Describe the types of attacks that are launched against networks and network computers

Security Awareness: Applying Practical Security in Your World, 2e


How networks work l.jpg
How Networks Work World, Second Edition

  • Personal computer

    • Isolated from other computers

    • Functionality is limited to installed software and hardware directly connected to it

  • Computer network

    • Allows sharing

Security Awareness: Applying Practical Security in Your World, 2e




Types of networks l.jpg
Types of Networks World, 2e

  • Local area network (LAN)

    • Computers located relatively close to each other

  • Wide area network (WAN)

    • Connects computers over a larger geographical area than a LAN

  • Wireless local area network (WLAN)

    • Based on standard that transmits data at fast speeds over a distance of up to 115 meters (375 feet)

Security Awareness: Applying Practical Security in Your World, 2e




Transmitting network data l.jpg
Transmitting Network Data World, 2e

  • Transmission Control Protocol/Internet Protocol (TCP/IP)

    • Most common set of protocols used on networks

  • IP address

    • Uniquely identifies computer

  • Packets

    • Used to transmit data through a computer network

Security Awareness: Applying Practical Security in Your World, 2e



Network devices l.jpg
Network Devices World, 2e

  • Network interface card (NIC)

    • Also called client network adapter

    • Hardware that connects a computer to a wired network

  • Laptop computers

    • May use an internal NIC or an external NIC

Security Awareness: Applying Practical Security in Your World, 2e




Network devices continued l.jpg
Network Devices (continued) World, 2e

  • Access point (AP)

    • Contains an antenna and a radio transmitter/receiver to send and receive signals

    • Jack allows it to connect by cable to a standard wired network

    • Acts as base station for wireless network

    • Acts as bridge between wireless and wired networks

  • Router

    • Directs packets towards their destination

Security Awareness: Applying Practical Security in Your World, 2e





Attacks on networks l.jpg
Attacks on Networks World, 2e

  • Denial of service (DoS)attack

    • Attempts to make a server or other network device unavailable by flooding it with requests

    • Variants

      • Smurf attack

      • Distributed denial of service (DDoS)attack

Security Awareness: Applying Practical Security in Your World, 2e




Zombie and botnets l.jpg
Zombie and Botnets World, 2e

  • Computers that perform a DDoS and other network attacks

    • Often normal computers hijacked by attackers to carry out malicious network attacks

  • Zombies

    • Can be put to work to send spam and messages used in phishing scams

    • Can act as hosts for fake Web sites

Security Awareness: Applying Practical Security in Your World, 2e


Man in the middle attacks l.jpg
Man-in-the-Middle Attacks World, 2e

  • Attacker intercepts messages intended for a valid device

  • Two computers appear to be communicating with each other

    • However, they are actually sending and receiving data with a computer between them

Security Awareness: Applying Practical Security in Your World, 2e



Hijacking and spoofing l.jpg
Hijacking and Spoofing World, 2e

  • Spoofing

    • Act of pretending to be legitimate owner when in reality you are not

  • Media access control (MAC)address

    • Permanently recorded on network interface card when manufactured

    • Computers on network store a table

      • Links IP address with corresponding MAC address

Security Awareness: Applying Practical Security in Your World, 2e




Sniffing l.jpg
Sniffing World, 2e

  • Attacker captures packets as they travel through network

  • Sniffer

    • Hardware or software that performs sniffing

  • Attackers with sniffers

    • Can capture usernames, passwords, and other secure information without being detected

Security Awareness: Applying Practical Security in Your World, 2e




Network defenses l.jpg
Network Defenses World, 2e

  • Primary defenses against network attacks

    • Devices that can thwart attackers

    • Designing layout or configuration of a network that will reduce the risk of attacks

    • Testing network security

Security Awareness: Applying Practical Security in Your World, 2e


Network devices31 l.jpg
Network Devices World, 2e

  • Firewalls

    • Designed to prevent malicious packets from entering network or computers

  • Software firewall

    • Runs as a program on a local computer to protect it against attacks

  • Hardware firewalls

    • Separate devices that protect an entire network

    • Usually located outside network security perimeter as the first line of defense

Security Awareness: Applying Practical Security in Your World, 2e



Firewalls l.jpg
Firewalls World, 2e

  • Rule base

    • Foundation of a firewall

    • Establishes what action firewall should take when it receives a packet

    • Options

      • Allow, Block, Prompt

Security Awareness: Applying Practical Security in Your World, 2e


Firewalls continued l.jpg
Firewalls (continued) World, 2e

  • Stateless packet filtering

    • Looks at each incoming packet and permits or denies it based strictly on the rule base

    • Attackers can easily bypass the protection

  • Stateful packet filtering

    • Keeps record of the state of a connection between an internal computer and an external server

    • Makes decisions based on the connection as well as rule base

Security Awareness: Applying Practical Security in Your World, 2e




Network address translation nat l.jpg
Network Address Translation (NAT) World, 2e

  • Hides IP addresses of network devices from attackers

  • As a packet leaves the network

    • NAT removes original IP address from sender’s packet and replaces it with an alias

Security Awareness: Applying Practical Security in Your World, 2e


Network address translation nat continued l.jpg
Network Address Translation (NAT) (continued) World, 2e

  • NAT software

    • Maintains table of original address and corresponding alias address

  • Process is reversed when packet is returned to the NAT

Security Awareness: Applying Practical Security in Your World, 2e



Intrusion detection system l.jpg
Intrusion Detection System World, 2e

  • Establishes and maintains network security for large organizations

  • Monitors activity on the network and what packets are doing

  • Performs specific function when it senses an attack

    • Such as dropping packets or tracing source of attack

Security Awareness: Applying Practical Security in Your World, 2e



Proxy server l.jpg
Proxy Server World, 2e

  • Primary goal

    • To conceal the identity of computers within a protected network

  • Can inspect data packets for viruses and other malicious content

  • Intercepts requests sent to server and replaces original IP address with its own address

Security Awareness: Applying Practical Security in Your World, 2e



Network design l.jpg
Network Design World, 2e

  • Demilitarized zone (DMZ)

    • Another network that sits outside the secure network perimeter

  • Virtual private network

    • Creates a secure network connection over a public network

Security Awareness: Applying Practical Security in Your World, 2e



Wireless lan security l.jpg
Wireless LAN Security World, 2e

  • Hotspots

    • Locations where wireless data services are available

  • Advantages of WLANs

    • Do not restrict users to their desks to access network resources

    • Ease of installation

Security Awareness: Applying Practical Security in Your World, 2e


Wireless lan security continued l.jpg
Wireless LAN Security (continued) World, 2e

  • Security concerns

    • Access to the wireless network

    • View wireless transmissions

    • Weaknesses in wireless security standards

Security Awareness: Applying Practical Security in Your World, 2e


Summary l.jpg
Summary World, 2e

  • Purpose of a computer network

    • To allow computers and devices to share data, programs, and hardware

  • Denial of service attack

    • Attempts to make a server unavailable by flooding it with requests

  • Man-in-the-middle attack

    • Intercepts communication between two computers

Security Awareness: Applying Practical Security in Your World, 2e


Summary continued l.jpg
Summary (continued) World, 2e

  • Firewall

    • Designed to prevent malicious packets from entering the network

  • Demilitarized zone

    • Another network that sits outside the secure network perimeter

  • Security for wireless LANs

    • Remains a primary concern for wireless users

Security Awareness: Applying Practical Security in Your World, 2e


ad