Specifically designed security hardware devices Provide greater protection than

Specifically designed security hardware devices

This preview shows page 6 - 8 out of 14 pages.

Specifically designed security hardware devices Provide greater protection than standard networking devices o Virtual private network (V P N) - enables authorized users to use an unsecured public network as if it were a secure private network o Network Intrusion Detection and Prevention o Intrusion detection system (I D S) Can detect attack as it occurs o Intrusion Prevention System (I P S) Monitors network traffic to immediately block a malicious attack N I P S is located “in line” on the firewall o Security and Information Event Management (S I E M) product A S I E M consolidates real-time monitoring and management of security information common security zones: o Demilitarized zones Using network address translation to create zones D M Z - a separate network located outside secure network perimeter Network address translation (N A T) o Allows private I P addresses to be used on the public Internet Virtual LAN (V LAN) o Allow scattered users to be logically grouped together N A C o Examines the current state of a system or network device before it can connect to the network D L P sensors: o D L P network sensors o D L P storage sensors o D L P agent sensors CH. 7 Secure Network Protocols o Transmission Control Protocol/Internet Protocol (T C P/I P) Most common protocol suite used for local area networks and the Internet Several basic T C P/I P Protocols that relate to security:
Simple Network Management Protocol (S N M P) Domain Name System (D N S) o File Transfer Protocol D N S o A T C P/I P protocol that maps I P addresses to their symbolic name T C P/I P protocol used for transferring files o File transfer protocol (F T P) – an unsecure protocol used to connect to an F T P server Secure Email Protocols o Secure/Multipurpose Internet Mail Extensions (S/M I M E) o A protocol for securing email messages Placement of Security Devices and Technologies o S S L/T L S accelerator o Port mirrors o Network tap (test access point) o Sensors, collectors, and filters o Aggregation switch o Correlation engine o D D o S mitigator Analyzing Security Data o Security logs Can reveal types of attacks that are being directed at the network and if attacks were successful Access logs o Provide details regarding requests for specific files Audit logs o Used to record which user performed an action Event logs o Document any unsuccessful events and the most significant successful events Data Execution Prevention (D E P) o A Microsoft Windows feature that prevents attackers from using buffer overflow to execute malware File integrity check (F I C) o A service that can monitor any changes made to computer files, such as O S file 28 Issues with log management o Generating, transmitting, storing, analyzing, and disposing of computer security log data This is due to: Multiple devices generating logs Very large volume of data Different log formats A solution:

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture