Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNIT 3 SEMINAR Unit 3 Chapter 3 in CompTIA Security + Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:

Published byDustin Harvey Modified over 8 years ago

Similar presentations

Presentation on theme: "UNIT 3 SEMINAR Unit 3 Chapter 3 in CompTIA Security + Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:"— Presentation transcript:

1 UNIT 3 SEMINAR Unit 3 Chapter 3 in CompTIA Security + Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information: AIM – JMcDanolds Email – jmcdanolds@kaplan.edu Office Hours: Tuesday 4:00 PM ET and Wednesday 6:00 PM ET

2 UNIT 2 REVIEW What we covered last week… Chapter 2 Review – Identifying Potential Risks (If you don’t know what you’re up against, how do you prepare for it…) Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files

3 UNIT 3 What is happening this week… Security heavy-weights go to San Francisco. The RSA Conference 2011 Hot products: http://www.networkworld.com/slideshows/2011/021411- rsa.html?source=NWWNLE_nlt_daily_pm_2011-02-17 Keynote videos (also podcasts) http://www.rsaconference.com/2011/usa/recordings/key notecatalog.htm

4 CHAPTER 3 Infrastructure and Connectivity Protecting the flow of data… Understanding Infrastructure Security Understanding Network Infrastructure Devices Monitoring and Diagnosing Networks Securing Workstations and Servers Understanding Mobile Devices Understanding Remote Access Securing Internet Connections Understanding Network Protocols Basics of Cabling, Wires and Communications Employing Removable Media

5 CHAPTER 3 Understanding Infrastructure Security How information flows… Hardware Components Physical devices, such as routers, servers, firewalls, switches, workstations etc. Software Components Includes operating systems, applications, and management software NOC – Network Operations Center

6 CHAPTER 3 Network Infrastructure Devices Firewall – purpose is to isolate one network from another. Firewalls can be hardware, software, appliances Types: Packet filter, proxy, stateful Inspection Hub Switch Router Modem Remote Access Services Telecom/PBX Systems Virtual Private Networks Wireless Access Points

7 CHAPTER 3 Monitoring/Diagnosing Networks What you don’t know can hurt you… Network Monitors (sniffers) Intrusion Detection Systems - IDS (discussed later) Field Trips… http://learn-networking.com/network-security/three-archaic-backdoor-trojan- programs-that-still-serve-great-pranks Back Orifice 2000 http://www.bo2k.com/featurelist.html http://www.bo2k.com/docs/bo2k_1-0_tutorial.html Nmap ("Network Mapper") is a free utility for network exploration or security auditing. http://nmap.org/ http://nmap.org/ Password Crackers http://sectools.org/crackers.html

8 CHAPTER 3 Securing Workstations and Servers Hardening systems: Both workstations and servers are vulnerable. Remove unused software, services and processes Ensure that all workstations, servers and applications are up to date - Patches, updates, fixes Minimize information dissemination about the system Ex: Lock down configuration settings, use group policies and security templates, disable unneeded functions, evaluate sharing services. Windows Server 2008 – Security Configuration Wizard

9 CHAPTER 3 Understanding Mobile Devices Who is connecting to your network through a wireless device? Include pagers, PDAs, cell phones, etc. WTLS layer (Wireless Transport Layer Security) WAP (Wireless Access Protocol) Wireless Session Protocol (WSP)

10 CHAPTER 3 Understanding Remote Access Point-to-Point Protocol (PPP) plus CHAP – Challenge Handshake Authentication Protocol Tunneling Protocols PPTP L2F L2TP Secure Shell IPSec (IP Security used with tunneling protocols) 802.1x Wireless Protocols RADIUS TACACS/+

11 CHAPTER 3 Securing Internet Connections Ports and Sockets E-mail E-mail protocols SMTP POP/POP3 IMAP E-mail vulnerabilities SPAM Hoaxes Web Secure web connections SSL/TLS HTTP/S Web vulnerabilities ActiveX Buffer Overflows CGI Cookies Cross-site Scripting (XSS) Input validation Java Applets JavaScript Popups Signed Applets SMTP Relay FTP Blind/Anonymous FTP Secure FTP Sharing Files Vulnerabilities

12 CHAPTER 3 Ports, Sockets and Sniffers Port Scanners: http://sectools.org/port-scanners.html Packet Sniffers: http://sectools.org/sniffers.html http://www.wireshark.org/download.html

13 CHAPTER 3 SNMP and Other TCP/IP Protocols Simple Network Management Protocol (SNMP) Internet Control Message Protocol (ICMP) Internet Group Message Protocol (IGMP) ICMP vulnerability - A denial of service vulnerability exists that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system. http://www.securiteam.com/exploits/5SP0N0AFFU.htm l

14 CHAPTER 3 Cabling, Wires and Communications Coax Unshielded and Shielded Twisted Pair (UTP/STP) Fiber Optic Infrared Radio Frequency Microwave

15 CHAPTER 3 Removable Media Data on the move… CD-R/DVD-R Diskettes Flash Cards Hard Drives Network Attached Storage Smart Cards Tape Thumb Drives

16 UNIT 3 Unit 3 Assignment Unit 3 Project 1. Explain the vulnerabilities and mitigations associated with network devices (hardware). 2. Explain the vulnerabilities and mitigations associated with various transmission media such as coax, UTP, fiber, etc.

Download ppt "UNIT 3 SEMINAR Unit 3 Chapter 3 in CompTIA Security + Course Name – IT286-01 Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:"

Similar presentations

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Computer Engineer -- Network and Operating System Specialization Prepared By: Eng.Alaaeddin B. Al-Qazzaz.

Computer Engineer -- Network and Operating System Specialization Prepared By: Eng.Alaaeddin B. Al-Qazzaz.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.

Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Connecting to the Internet Through an ISP Networking for Home and Small.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Connecting to the Internet Through an ISP Networking for Home and Small.
Remote Networking Architectures

Remote Networking Architectures
CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.

CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.

MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 14 Remote Access.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.

Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Similar presentations

Ads by Google