DFN40143 Network Security Chapter 5 Comprehensive Security Policy

Chapter 5:
Managing a Secure Network
CCNA Security v2.0

Introduction
5.3 Network Security Testing
Chapter Outline 5.4 Developing a
Comprehensive Security Policy
Summary
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Section 5.3:
Network Security Testing
Upon completion of this section, you should be able to:
• Describe the techniques used in network security testing.
• Describe the tools used in network security testing.
Topic 5.3.1:
Network Security Testing Techniques
Operations Security
Testing and Evaluating Network Security
Types of Network Tests
Operational Status of the Network:
• Penetration testing
• Network scanning
• Vulnerability scanning
• Password cracking
• Log review
• Integrity checks
• Virus detection
Topic 5.3.1:
Network Security Testing Tools
Network Testing Tools
• Nmap/Zenmap
• SuperScan
• SIEM
• GFI LANguard
• Tripwire
• Nessus
• L0phtCrack
• Metasploit
Nmap and Zenmap
• Nmap is short for Network Mapper.
• It is an open-source Linux command-line tool that is used to scan IP
addresses and ports in a network and to detect installed
applications.
• Nmap allows network admins to find which devices are running on
their network, discover open ports and services, and detect
vulnerabilities.
• It helps to quickly map out a network without sophisticated
commands or configurations, support simple commands and
complex scripting through the Nmap scripting engine.
Nmap and Zenmap
Other features of Nmap include:
• Ability to quickly recognize all the devices including servers, routers,
switches, mobile devices, etc on single or multiple networks.
• Helps identify services running on a system including web servers,
DNS servers, and other common applications.
• Nmap can find information about the operating system running on
devices, detailed information like OS versions, making it easier to
plan additional approaches during penetration testing.
• Use Nmap to attack systems using existing scripts from the Nmap
Scripting Engine during security auditing and vulnerability scanning.
• Nmap has a GUI called Zenmap. It helps you develop visual
mappings of a network for better usability and reporting.
Nmap and Zenmap
Sample Nmap Screenshot Sample Zenmap Screenshot
SuperScan
• SuperScan is a free Windows-only closed-source TCP/UDP port
scanner.
• It is a powerful TCP port scanner, that includes a variety of
additional networking tools like ping, traceroute, HTTP HEAD,
WHOIS and more.
• SuperScan has the capability to perform ping and port scans using
a valid IP address.
• Features:
 It provides superior scanning speed for detecting both UDP and
TCP open ports.
 We can read the IP addresses which need to be scanned from a
file.
 The results of the scan can be read in a HTML file.
SuperScan
SIEM
Essential functions:
• Forensic Analysis
• Correlation
• Aggregation
• Retention
Section 5.4:
Developing a Comprehensive
Security Policy
Upon completion of this section, you should be able to:
• Explain the purpose of a comprehensive security policy.
• Describe the structure of a comprehensive security policy.
• Describe the standards, guidelines, and procedures of a security policy.
• Explain the roles and responsibilities entailed by a security policy.
• Explain security awareness and how to achieve through education and training.
• Explain how to respond to a security breach.
Topic 5.4.1:
Security Policy Overview
Security Policy
• A policy would be some form of documentation that is created to
enforce specific rules or regulations and keep a structure on
procedures.
• It allows an organization and its management team to draw very
clear and understandable objectives, goals, rules and formal
procedures that help to define the overall security posture and
architecture for said organization.
Secure Network Life Cycle
Determine what the assets of an organization are by asking:
• What does the organization have that others want?
• What processes, data, or information systems are critical to the

organization?
• What would stop the organization from doing business or fulfilling its
mission?
Security Policy
Security Policy Audience
Audience Determines Security Policy Content
Topic 5.4.2:
Structure of a Security Policy
Security Policy Hierarchy
Governing Policy
A governing policy includes:
• Statement of the issue that the policy addresses
• How the policy applies in the environment
• Roles and responsibilities of those affected by the policy
• Actions, activities, and processes that are allowed (and not allowed)
• Consequences of noncompliance
Technical Policies
Technical components:
• General policies
• Telephony policy
• Email and communication policy
• Remote access policy
• Network policy
• Application policy
End User Polices
Customize End-User Policies for Groups
Topic 5.4.3:
Standards, Guidelines, and Procedures
Security Policy Documents
Standards Documents
Guideline Documents
NIST (National Institute of Standards and Technology)
Information Technology Portal
Guideline Documents (Cont.)
NSA Website
Guideline Documents (Cont.)
Common Criteria Website
Procedure Documents
Topic 5.4.4:
Roles and Responsibilities
Organizational Reporting Structure
Common Executive Titles
• Chief Executive Officer (CEO) • Chief Security Officer (CSO)
• Chief Technology Officer (CTO) • Chief Information Security

Officer (CISO)
• Chief Information Officer (CIO)
Topic 5.4.5:
Security Awareness and Training
Security Awareness Program
Primary components:
• Awareness campaigns
• Training and education
Topic 5.4.6:
Responding to a Security Breach
Motive, Opportunity, and Means
Collecting Data
Summary
Chapter Objectives:
• Explain the various techniques and tools used for network security testing.
• Explain how to develop a comprehensive security policy.
Thank you.
Instructor Resources
• Remember, there are

helpful tutorials and user
guides available via your
NetSpace home page. 1
(https://www.netacad.com) 2
• These resources cover a
variety of topics including
navigation, assessments,
and assignments.
• A screenshot has been
provided here highlighting
the tutorials related to
activating exams, managing
assessments, and creating
quizzes.

DFN40143 Network Security Chapter 5 Comprehensive Security Policy

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DFN40143 Network Security Chapter 5 Comprehensive Security Policy

Uploaded by

Copyright:

Available Formats

Chapter 5:

Managing a Secure Network

CCNA Security v2.0

• Describe the tools used in network security testing.

Sample Nmap Screenshot Sample Zenmap Screenshot

• Describe the structure of a comprehensive security policy.

• Describe the standards, guidelines, and procedures of a security policy.

• Explain the roles and responsibilities entailed by a security policy.

• Explain how to respond to a security breach.

• What processes, data, or information systems are critical to the

• How the policy applies in the environment

• Roles and responsibilities of those affected by the policy

• Email and communication policy

• Remote access policy

• Chief Technology Officer (CTO) • Chief Information Security

• Training and education

• Explain how to develop a comprehensive security policy.

• Remember, there are

You might also like