Internet and Network Security Introduction to Network Security.
Introduction to Network Security
-
Upload
john-ely-masculino -
Category
Technology
-
view
977 -
download
3
description
Transcript of Introduction to Network Security
![Page 1: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/1.jpg)
INTRODUCTION TO NETWORK SECURITY
![Page 2: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/2.jpg)
What is Network Security? consists of the provisions and policies
adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources.
![Page 3: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/3.jpg)
Security Challenges
Computer Security Institute (CSI) Survey: over 70% networks have
experienced security breach From the 70%, 60% have undergone
internal breaches and only 40% are external or perimeter breaches.
![Page 4: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/4.jpg)
2 Main reasons why security has became more important as an issue over time The hacking and attack tools have
become more and more dangerous, where an attack can cause serious financial damage to a company
The hacking and attack tools have become easier to use- in most cases, they are automated, allowing even a novice to use them.
![Page 5: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/5.jpg)
Security Roles
Have changed over the years In the past networks were closed to the
outside world, thus attack didn’t cause much damage
Mid 1990s, Internet has exploded which increases the possibility of security breach
![Page 6: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/6.jpg)
Security Issues
Security is a business problem not just a technology problem
The concept of security is an illusion Managing security means managing the
perception of others There are many different security
technologies to choose from You must create a comprehensive
security policy
![Page 7: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/7.jpg)
Security Goals
Create and implement a single, cohesive, company-wide security policy
Don’t allow products to dictate security policies – policies should drive the products that you choose
Centralize security management
![Page 8: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/8.jpg)
Security Components
Security is a relative or subjective problem Authentication Authorization Privacy Integrity Availability Nonrepudiation Accounting
![Page 9: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/9.jpg)
Authentication
Verifying a person’s identity (who they are)
![Page 10: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/10.jpg)
Authorization
Controlling access to resources (what they are trying to do)
![Page 11: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/11.jpg)
Privacy
Protecting confidentiality of information (what the content of the information is)
![Page 12: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/12.jpg)
Integrity
Validating that information was not changed (verifying that the information that was received has not been modified or tampered with)
![Page 13: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/13.jpg)
Availability
Providing redundancy for security (ensuring that you have a fallback solution in the event of failure or security compromise)
![Page 14: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/14.jpg)
Nonrepudiation
Proving that a transaction took place between two entities (when using online transactions, having verifiable proof that the transaction took place between 2 entities)
![Page 15: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/15.jpg)
Accounting
Recording information about an employee’s actions when interacting with data and systems as well as information about the operation (including security events) of your networking devices
![Page 16: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/16.jpg)
Data Classification for Public/Government Agencies Unclassified data
- data has few or no confidentiality requirements. Sensitive but unclassified (SBU) data
- data could prove embarrassing if revealed, but no serious security breach would occur. Confidential data
- Lowest level of classified data, where data protection must meet confidentiality requirements
![Page 17: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/17.jpg)
Data Classification for Public/Government Agencies
Secret data
- A significant effort must be made to secure data, limiting access to a small number of people Top Secret data
- Great effort and cost is used to secure data, limiting access to a very small number of people (need to know access)
![Page 18: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/18.jpg)
Data Classification for private companies or nongovernment
Public data - data is publicly available, as on a website
Sensitive data - similar to SBU Private data – data is important to a
company; an effort must be made to secure it and verify that it is accurate
Confidential data – data is very important to a company, like trade secrets and employee records
![Page 19: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/19.jpg)
Classification Criteria
Value Personal Association Age Useful Life
![Page 20: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/20.jpg)
Classification Procedures
Who is responsible for the data? How should the information be
classified, with any exceptions? How are the controls used for
classification policies? When and how does declassification of
data occur?
![Page 21: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/21.jpg)
Classification RolesRole Description Performed By
Owner Is ultimately responsible for the data
Typically a member of the management staff
Custodian Is responsible for the security of the data on a day-to-day basis
Typically a member of the IT staff
User Is responsible for using the data according to defined policies and operating procedures
Your typical user, who can “see the trees, but not the forest” in the company and who has a ground-level view of certain data
![Page 22: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/22.jpg)
Security Controls
Preventive – used to prevent a data compromise
Deterrent – used to scare away a certain number of ill-doers
Detective – used to detect access to data
![Page 23: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/23.jpg)
3 Categories that control the implementation of the security control
Administrative – policy and procedural controls
Technical – electronics, hardware, and software controls
Physical – mechanical controls
![Page 24: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/24.jpg)
Security Breaches: Prosecuting attackers and hackers
Motive Why did they do it?
OpportunityWere they available to commit the crime?
Means Did they have the capability to commit the
crime?
![Page 25: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/25.jpg)
Liability: Legal and Governmental Issues A company should practice due
diligence and due care when protecting sensitive data and resources.
A company can be sued by its customers or employees if a breach on sensitive data happens
Deal with government laws that requiring a minimal security level when protecting certain resources.
![Page 26: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/26.jpg)
On the Job
Examine security in your network from endpoint to endpoint, from where traffic enters your network, to where your users connect (switches, access points, and remote access VPN gateways)
Select a product solution that focuses on end-to-end security
![Page 27: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/27.jpg)
Questions
What are the benefits that an organization would get from properly classifying data?
Research about the 10 commandments of computer ethics by the Computer Ethics Institute
![Page 28: Introduction to Network Security](https://reader033.fdocuments.us/reader033/viewer/2022061118/546a0439af7959ff128b6adb/html5/thumbnails/28.jpg)
End of Presentation