Professional Documents
Culture Documents
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Section 1.1:
Securing Networks
Upon completion of this section, you should be able to:
Describe the current network security landscape.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Topic 1.1.1:
Current State of Affairs
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Networks Are Targets
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Drivers for Network Security
Common network security terms:
Threat
Vulnerability
Mitigation
Cisco Security Intelligence Operations
Risk
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Vectors of Network Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Data Loss
Vectors of data loss:
Email/Webmail
Unencrypted Devices
Removable Media
Hard Copy
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Topic 1.1.2:
Network Topology Overview
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Campus Area Networks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Small Office and Home Office Networks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Wide Area Networks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Data Center Networks
Outside perimeter security:
On-premise security officers
Security traps
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Cloud and Virtual Networks
VM-specific threats: Components of a secure data center:
Hyperjacking Secure segmentation
PIN enforcement
Data wipe
Jailbreak/root detection
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Section 1.2:
Network Threats
Upon completion of the section, you should be able to:
Describe the evolution of network security.
Describe malware.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Topic 1.2.1:
Who is Hacking Our Networks?
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
The Hacker & The Evolution of Hackers
Vulnerability Brokers
Hacktivists
Cyber Criminals
State-Sponsored
Hackers
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Topic 1.2.2:
Hacker Tools
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Introduction of Attack Tools
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Evolution of Security Tools
Penetration testing tools:
Password crackers Forensic
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Categories of Attack Tools
Network hacking attacks:
Eavesdropping
Data modification
IP address spoofing
Password-based
Denial-of-service
Man-in-the-middle
Compromised-key
Sniffer
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Topic 1.2.3:
Malware
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Various Types of Malware
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Viruses
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Trojan Horse Classification
Classifications:
Security software disabler
Remote-access
Data-sending
Destructive
Proxy
FTP
DoS
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Worms
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Worm Components
Components:
Enabling vulnerability
Propagation mechanism
Payload
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Other Malware
Ransomware Scareware
Spyware Phishing
Adware Rootkits
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Topic 1.2.4:
Common Network Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Types of Network Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Reconnaissance Attacks
Initial query of a target
Vulnerability scanners
Exploitation tools
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Access Attacks
A few reasons why hackers use access attacks:
To retrieve data
To gain access
Trust exploitation
Port redirection
Man-in-the-middle
Buffer overflow
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Social Engineering Attacks
Pretexting
Phishing
Spearphishing
Spam
Tailgating
Baiting
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Denial of Service Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
DDoS Attacks
1. Hacker builds a network of infected machines
A network of infected hosts is called a botnet.
The compromised computers are called zombies.
Zombies are controlled by handler systems.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
1.3 Mitigating Threats
Upon completion of this section, you should be able to::
Describe methods and resources to protect the networks.
Explain how to secure the three functional areas of Cisco routers and switches.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Topic 1.3.1:
Defending the Network
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Network Security Professionals
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Network Security Organizations
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Confidentiality, Integrity, Availability
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Topic 1.3.2:
Domains of Network Security
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Network Security Domains
Risk assessment
Security policy
Asset management
Access control
Compliance
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Network Security Policy
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Network Security Policy Objectives
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Topic 1.3.3:
Introducing the Cisco SecureX Architecture
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
The Security Artichoke
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Evolution of Network Security Tools
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
SecureX Product Families
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
SecureX Security Technology
Cisco SecureX Architecture:
Scanning engines
Delivery mechanisms
Next-generation endpoint
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Centralized Context-Aware Network Scanning Element
Defines security policies based on five parameters:
Type of device being used for access
Persons identity
Application in use
Location
Time of access
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Cisco Security Intelligence Operations
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Cisco Security Intelligence Operations (cont.)
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Topic 1.3.4:
Mitigating Common Network Threats
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Defending the Network
Best practices:
Develop a written security policy.
Educate employees about the risks of social engineering, and develop strategies to
validate identities over the phone, via email, or in person.
Control physical access to systems.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Mitigating Malware
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Mitigating Worms
Containment
Inoculation Quarantine
Treatment
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Mitigating Reconnaissance Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Mitigating Access Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Mitigating DoS Attacks
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Topic 1.3.5:
Cisco Network Foundation Protection Framework
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
NFP Framework
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Securing the Control Plane
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Securing the Management Plane
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Securing the Data Plane
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Section 1.4:
Summary
Chapter Objectives:
Explain network security.
Explain tools and procedures to mitigate the effects of malware and common
network attacks.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Thank you.
Instructor Resources
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 67