Professional Documents
Culture Documents
CCNASv2 InstructorPPT CH1
CCNASv2 InstructorPPT CH1
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Section 1.1:
Securing Networks
Upon completion of this section, you should be able to:
• Describe the current network security landscape.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Topic 1.1.1:
Current State of Affairs
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Networks Are Targets
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
What is Network Security?
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Drivers for Network Security
Common network security terms:
• Threat
• Vulnerability
• Mitigation
Cisco Security Intelligence Operations
• Risk
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Vectors of Network Attacks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Data Loss
Vectors of data loss:
• Email/Webmail
• Unencrypted Devices
• Removable Media
• Hard Copy
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Topic 1.1.2:
Network Topology Overview
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Campus Area Networks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Small Office and Home Office Networks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Wide Area Networks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Data Center Networks
Outside perimeter security:
• On-premise security officers
• Security traps
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Cloud and Virtual Networks
VM-specific threats: Components of a secure data center:
• Hyperjacking • Secure segmentation
• PIN enforcement
• Data wipe
• Jailbreak/root detection
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Section 1.2:
Network Threats
Upon completion of the section, you should be able to:
• Describe the evolution of network security.
• Describe malware.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Topic 1.2.1:
Who is Hacking Our Networks?
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
The Hacker & The Evolution of Hackers
• Vulnerability Brokers
• Hacktivists
• Cyber Criminals
• State-Sponsored
Hackers
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Topic 1.2.2:
Hacker Tools
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Introduction of Attack Tools
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Evolution of Security Tools
Penetration testing tools:
• Password crackers • Forensic
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Categories of Attack Tools
Network hacking attacks:
• Eavesdropping
• Data modification
• IP address spoofing
• Password-based
• Denial-of-service
• Man-in-the-middle
• Compromised-key
• Sniffer
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Topic 1.2.3:
Malware
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Various Types of Malware
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Viruses
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Trojan Horse Classification
Classifications:
• Security software disabler
• Remote-access
• Data-sending
• Destructive
• Proxy
• FTP
• DoS
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Worms
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Worm Components
Components:
1.
Propagate
• Enabling vulnerability for 19 days
• Propagation mechanism
• Payload
4.
Code Red 2.
Repeat the
cycle
Worm Launch DoS
attack for
next 7 days
Propagation
3.
Stop and go
dormant for
a few days
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Other Malware
Ransomware Scareware
Spyware Phishing
Adware Rootkits
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Topic 1.2.4:
Common Network Attacks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Types of Network Attacks
Data
Modification
Syn Flood
Smurf
Attack
Reconnaissance
Access
DoS
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Reconnaissance Attacks
• Initial query of a target
• Vulnerability scanners
• Exploitation tools
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Access Attacks
A few reasons why hackers use access attacks:
• To retrieve data
• To gain access
• Trust exploitation
• Port redirection
• Man-in-the-middle
• Buffer overflow
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Social Engineering Attacks
• Pretexting
• Phishing
• Spearphishing
• Spam
• Tailgating
• Baiting
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Denial of Service Attacks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
DDoS Attacks
1. Hacker builds a network of infected machines
• A network of infected hosts is called a botnet.
• The compromised computers are called zombies.
• Zombies are controlled by handler systems.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Section 1.3 Mitigating Threats
Upon completion of this section, you should be able to::
• Describe methods and resources to protect the networks.
• Explain how to secure the three functional areas of Cisco routers and switches.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Topic 1.3.1:
Defending the Network
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Network Security Professionals
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Network Security Organizations
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Confidentiality, Integrity, Availability
Confidentiality:
Uses encryption to
encrypt and hide
data.
Components
of
Availability:
Cryptography
Integrity:
Assures data is
Uses hashing
accessible.
algorithms to
Guaranteed by
ensure data is
network hardening
unaltered during
mechanisms and
operation.
backup systems.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Topic 1.3.2:
Domains of Network Security
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Network Security Domains
• Risk assessment
• Security policy
• Asset management
• Access control
• Compliance
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Network Security Policy
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Network Security Policy Objectives
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Topic 1.3.3:
Introducing the Cisco SecureX Architecture
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
The Security Artichoke
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Evolution of Network Security Tools
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
SecureX Product Families
Server Edge
and Branch
Secure Secure
Access Mobility
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
SecureX Security Technology
Cisco SecureX Architecture:
• Scanning engines
• Delivery mechanisms
• Next-generation endpoint
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Centralized Context-Aware Network Scanning Element
Defines security policies based on five parameters:
• Type of device being used for access
• Person’s identity
• Application in use
• Location
• Time of access
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Cisco Security Intelligence Operations
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Cisco Security Intelligence Operations (cont.)
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Topic 1.3.4:
Mitigating Common Network Threats
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Defending the Network
Best practices:
• Develop a written security policy.
• Educate employees about the risks of social engineering, and develop strategies to
validate identities over the phone, via email, or in person.
• Control physical access to systems.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Mitigating Malware
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Mitigating Worms
Containment
Inoculation Quarantine
Treatment
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Mitigating Reconnaissance Attacks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Mitigating Access Attacks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Mitigating DoS Attacks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Topic 1.3.5:
Cisco Network Foundation Protection Framework
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
NFP Framework
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Securing the Control Plane
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Securing the Management Plane
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Securing the Data Plane
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Section 1.4:
Summary
Chapter Objectives:
• Explain network security.
• Explain tools and procedures to mitigate the effects of malware and common
network attacks.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
Thank you.
Instructor Resources
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 68