Topic 2 - SecurityTechnology

Topic 2 - SecurityTechnology - Learning Objectives Upon...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 2nd Edition 2 Learning Objectives Upon completion of this material, you should be able to: Understand the role of physical design in the implementation of a comprehensive security program Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up access protection—that is, how these connection methods can be controlled to assure confidentiality of information, and the authentication and authorization of users Understand content filtering technology Describe the technology that enables the use
Background image of page 2
Principles of Information Security, 2nd Edition 3 Introduction Technical controls essential in enforcing policy for many IT functions that do not involve direct human control Technical control solutions improve organization’s ability to balance making information readily available against increasing information’s levels of confidentiality and integrity
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 2nd Edition 4 Physical Design The physical design process: Selects technologies to support information security blueprint Identifies complete technical solutions based on these technologies, including deployment, operations, and maintenance elements, to improve security of environment Designs physical security measures to support technical solution
Background image of page 4
Principles of Information Security, 2nd Edition 5 Firewalls Prevent specific types of information from moving between the outside world (untrusted network) and the inside world (trusted network) May be separate computer system; a software service running on existing router or server; or a separate network containing supporting devices
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 2nd Edition 6 Firewall Categorization Methods Firewalls can be categorized by processing mode, development era [level of technology identified by generation], or intended structure [residential- or commercial- grade, software-, hardware- or application-based] Five processing modes that firewalls can be categorized by are: Packet filtering Application gateways Circuit gateways MAC layer firewalls Hybrids [combination of other methods, most common
Background image of page 6
Principles of Information Security, 2nd Edition 7 Packet Filtering Packet filtering firewalls examine header information of data packets, and decide whether to drop or forward packets. Restrictions most often imposed by for packet filtering firewalls include a combination of the following: Internet Protocol (IP) source and destination address – address restrictions accomplished through access control lists (ACLs) Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) source and destination port requests Simple firewall models enforce rules designed to prohibit packets with certain addresses or partial addresses
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 2nd Edition 8
Background image of page 8
Principles of Information Security, 2nd Edition 9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 2nd Edition 10
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 10/02/2010 for the course DISC 4477 taught by Professor Johnson during the Spring '10 term at University of Houston-Victoria.

Page1 / 62

Topic 2 - SecurityTechnology - Learning Objectives Upon...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online