Scribd Logo
Upload

Welcome to Scribd!

  • Managing A Secure Network: CCNA Security v2.0

    Uploaded by

    ijazumarzai
    10 views41 pages

    Original Title

    CCNASv2_InstructorPPT_CH11.pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views41 pages

    Managing A Secure Network: CCNA Security v2.0

    Uploaded by

    ijazumarzai

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 41

    Chapter 11:

    Managing a Secure Network

    CCNA Security v2.0


    11.0 Introduction
    11.1 Network Security Testing
    11.2 Developing a
    Comprehensive Security Policy
    11.3 Summary

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
    Upon completion of this section, you should be able to:
    • Describe the techniques used in network security testing.

    • Describe the tools used in network security testing.

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
    Operational Status of the Network:
    • Penetration testing

    • Network scanning

    • Vulnerability scanning

    • Password cracking

    • Log review

    • Integrity checks

    • Virus detection

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
    • Nmap/Zenmap

    • SuperScan

    • SIEM

    • GFI LANguard

    • Tripwire

    • Nessus

    • L0phtCrack

    • Metasploit

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
    Sample Nmap Screenshot Sample Zenmap Screenshot

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
    Essential functions:
    • Forensic Analysis

    • Correlation

    • Aggregation

    • Retention

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
    Upon completion of this section, you should be able to:
    • Explain the purpose of a comprehensive security policy.

    • Describe the structure of a comprehensive security policy.

    • Describe the standards, guidelines, and procedures of a security policy.

    • Explain the roles and responsibilities entailed by a security policy.

    • Explain security awareness and how to achieve through education and training.

    • Explain how to respond to a security breach.

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
    Determine what the assets of an organization are by asking:
    • What does the organization have that others want?

    • What processes, data, or information systems are critical to the


    organization?
    • What would stop the organization from doing business or fulfilling its
    mission?

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
    Audience Determines Security Policy Content

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
    A governing policy includes:
    • Statement of the issue that the policy addresses

    • How the policy applies in the environment

    • Roles and responsibilities of those affected by the policy

    • Actions, activities, and processes that are allowed (and not allowed)

    • Consequences of noncompliance

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
    Technical components:
    • General policies

    • Telephony policy

    • Email and communication policy

    • Remote access policy

    • Network policy

    • Application policy

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
    Customize End-User Policies for Groups

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
    NIST Information Technology Portal

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
    NSA Website

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
    Common Criteria Website

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
    • Chief Executive Officer (CEO) • Chief Security Officer (CSO)

    • Chief Technology Officer (CTO) • Chief Information Security


    Officer (CISO)
    • Chief Information Officer (CIO)

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
    Primary components:
    • Awareness campaigns

    • Training and education

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
    Chapter Objectives:
    • Explain the various techniques and tools used for network security testing.

    • Explain how to develop a comprehensive security policy.

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
    Thank you.
    • Remember, there are
    helpful tutorials and user
    guides available via your
    NetSpace home page. 1
    (https://www.netacad.com) 2
    • These resources cover a
    variety of topics including
    navigation, assessments,
    and assignments.
    • A screenshot has been
    provided here highlighting
    the tutorials related to
    activating exams, managing
    assessments, and creating
    quizzes.

    © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41

    You might also like