Loading in 2 Seconds...
Loading in 2 Seconds...
IS3220 Information Technology Infrastructure Security Unit 2 Network Security Basics. EXPLORE: CONCEPTS. Learning Objective. Explain the fundamental concepts of network security. Key Concepts. Confidentiality, integrity, and availability mandates for network resource security
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
IS3220 Information Technology Infrastructure Security Unit 2 Network Security Basics
Learning Objective • Explain the fundamental concepts of network security
Key Concepts • Confidentiality, integrity, and availability mandates for network resource security • Network security and its value to the enterprise • Roles and responsibilities in network security • Impact of network infrastructure design on security • Features, uses, and benefits of network security countermeasures
Primary Goals of Information Security Confidentiality Security Integrity Availability
Secondary Goals of Information Security Authentication Confidentiality Integrity Availability Privacy Authorization Non-Repudiation
The Need for Information Security Risk Threat Vulnerability
Information Assurance Non-repudiation Authentication Integrity Confidentiality Seven Domains of a Typical IT Infrastructure Availability
Security Policy Establish goals Address risk Provide roadmap for security Set expectations Link to business objectives Map of laws and regulations Supported by standards, procedures, and guidelines
Examples of Network Infrastructures Workgroup SOHO Client/Server
General Terms Confidentiality Integrity Availability Trust Privacy Authentication Authorization Non-repudiation
Networking Terminology Network Firewall Router Virtual Private Network IPSec Demilitarized Zone Intrusion Detection System (IDS) Intrusion Prevention System (IPS)
Policy, Awareness, and Training Policy ~ sets expectations Awareness ~ promotes security Training ~ defines roles and responsibilities
Consider Business Requirements Availability of the network and its components Redundancy High availability Single point of failure Denial of service Sensitivity of the data Encryption Access control
Internet Exposure Remote access Will a VPN work? Is direct internet access required?
Wired Networks Lack of external connectivity creates physical isolation Can rely on physical controls to protect network External threats must breach physical barrier If external connectivity is required No control is the same as physical isolation but security must enable the business Consider segmentation Rigorous front door screening
Benefits of Wireless Networking Can be inexpensive to deploy No need to run wires Quick connectivity for multiple users Convenience Mobility Ubiquity All laptops now come equipped with wireless
Wireless Concerns Introduces new attack surface Require additional design considerations to mitigate attack Data is transmitted over the air and accessible Use of encryption technology Consider implementing segmented wireless networks Require VPN authentication for wireless access Network can be directly accessed from a distance Shielding
Mobile Networking Allows user to be completely mobile Requires considerations for central management Potential for device to be lost