Module 6 Learning Objectives After completing this module the student should be able to: Discuss the security impacts of Instant Messaging and Chat applications; Describe how Peer-to-Peer applications can cause security problems; Explain how Voice over Internet Protocol (VoIP) can be attacked and defended; Describe the security issues associated with the Dynamic Host Configuration Protocol; Explain security issues, attacks and defenses associated with the Domain Name System; Understand the security relevance of the Network Time Protocols; Describe the various network management protocols, how they can be attacked and defended; Explain the technological network management resources of: Remote System Logging and Log Management; Network Vulnerability Scanning; Security Event and Information Management; and Penetration Testing. Describe the importance and use of operational security guidelines and procedures; Explain what security event response and forensic investigations need to consider; Understand why operational reviews are important to network security; Describe the role that accreditation and certification play in network security; Explain why security lifecycle reviews are necessary for achieving network security; Describe how to achieve operational network security compliance. Instant Messaging and Chat Instant messaging (IM) and chat applications provide near real-time text based communication between two or more networked participants. IM allows Module 6 ... 1 of 27 9/15/2017, 2:02 PM
communication, featuring immediate receipt of acknowledgment or reply, and can also provide additional features, e.g. by using web-cams, microphones, or attachments. It is even possible to save a conversation for later reference and instant messages are typically logged in a local message history. IM first appeared on multi-user operating systems and, as networks developed, spread with the networks. Some of these used a peer-to-peer protocol while others required clients to connect to a server. Internet "browser paradigm" based messaging clients became the norm in the mid 1990s. Multi-protocol user agents (UAs) such as Trillian, Adium and Miranda can use popular IM protocols. The adoption of IM across corporate networks creates risks and liabilities for companies who should consider implementing IM archiving and security mechanisms to mitigate these risks and provide safe and secure IM capabilities to their employees. Within the company there is the risk of employees use IM to release confidential information to an outside source. This is an issue that is difficult to control with the most effective approach being a corporate policy that mandates no IM allowed to non-employees and block all IM protocols at an organization's network perimeter. Other risks and liabilities include: Security risks (e.g. IM used to infect computers with spyware, viruses, trojans, worms) Policy compliance risks Inappropriate use Intellectual property leakage.
You've reached the end of your free preview.
Want to read all 27 pages?
- Spring '19
- IP address, IP addresses, SIP