VU21991_AE_Pro_3of3 (2).docx - NETWORK SECURITY MANUAL V...

This preview shows page 1 - 5 out of 30 pages.

NETWORK SECURITY MANUAL V 2.0 NETWORK SECURITY MANUAL FOR TRAINEES
Contents 1-MODERN SECURITY THREATS ..................................................................................................... 3 1.1 H2 Numb-list ............................................................................................................................................ 3 Heading 1 ............................................................................................................................................ 3 Heading 2 ......................................................................................................................................................... 3 DataTrust: [Enter report title here] // 2 Created: [Select date] | Updated: 16/06/2019
1. MODERN SECURITY THREATS 1.1 NETWORK SECURITY ARCHITECTURE Network Security Architecture describes the network segmentation (i.e.security zones) and security layers (i.e., access control, intrusion prevention, content inspection, etc.). An appropriate design of the architecture provides many advantages (e.g., isolation of low trust systems, limitation of a security breach’s scope, costs savings). Cisco suggests a Three−Tier hierarchical network model, that consists of three layers: the Core layer, the Distribution layer, and the Access layer. Cisco Three-Layer network model is the preferred approach to network design. -Core Layer consists of biggest, fastest, and most expensive routers with the highest model numbers and Core Layer is considered as the back bone of networks. Core Layer routers are used to merge geographically separated networks. The Core Layer routers move information on the network as fast as possible. The switches operating at core layer switches packets as fast as possible. -The Distribution Layer is located between the access and core layers. The purpose of this layer is to define the boundaries by implementing access lists and other filters. Distribution Layer ensures that packets are properly routed between subnets and VLANs. -Access layer includes acces switches which are connected to the end devices (Computers, Printers, Servers etc). Access layer switches ensures that packets are delivered to the end devices. Some of the benefits of this model are better scalability, better redundancy, increased performance, and easy management and troubleshooting. DataTrust: [Enter report title here] // 3 Created: [Select date] | Updated: 16/06/2019
1.2 MALWARE Malware or malicious software is any program or file that can be harmful to a computer. There are different types of Malware, the first step to combat Malware is to identify the type. TYPES OF MALWARE: - VIRUS: A virus is malicious software attached to a document or file that supports macros to execute its code and spread from host to host. Once downloaded, the virus will lay dormant until the file is opened and in use. Viruses are designed to disrupt a system’s ability to operate. Viruses can cause significant operational issues and data loss. A well known example is the ILOVEYOU virus, that swept several continents in few hours via email messages titled “ILOVEYOU”, clogging web servers and over writing personal files, forcing IT managers to shut down email servers. -WORM: A worm is self-replicating and spreads without end-user action, causing real devastation. They spread by themselves without the need of end users (unlike viruses.) Worms spread by exploiting other files and programs to do the spreading work. They attack systems, devices, networks and connected infrastructure . When one person in an organization opens an email that contains a worm, the entire

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture