web security associate
DESCRIPTION
Web Security Associate. Lesson 1: What Is Security?. Lesson 1 Objectives. 1.1.1: Define security 1.1.2: Identify the importance of network security 1.1.3: Identify potential risk factors for data security, including improper authentication - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/1.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Web SecurityAssociate
![Page 2: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/2.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 1:What Is Security?
![Page 3: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/3.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 1 Objectives
• 1.1.1: Define security • 1.1.2: Identify the importance of network security • 1.1.3: Identify potential risk factors for data security,
including improper authentication • 1.1.4: Identify security-related organizations,
warning services and certifications • 1.1.5: Identify key resources that need specialized
security measures • 1.1.6: Identify the general types of security
threat/attacker • 1.2.6: Select security equipment and software based
on ease of use
![Page 4: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/4.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Network Security Background
• Internet-related security threats:– Security problems with browsers– Attacks by hackers– Threats from viruses– Internet inherently insecure
![Page 5: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/5.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
What Is Security?
• Local area networks (LANs)• Wide area networks (WANs)• Virtual private networks (VPNs)• Network perimeters• Illicit servers• Trojans
![Page 6: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/6.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Hacker Statistics
• Reported incidents have risen steadily:– From 252 in 1990– To 9,859 in 1999– To 137,529 in 2003
• Total vulnerabilities cataloged have also risen steadily:– From 417 in 1999– To 3,784 in 2003– To 7,236 in 2007
• Losses due to security breaches are estimated at $67.2 billion (2005)
![Page 7: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/7.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
The Myth of 100-Percent Security
• Balance in security• Security policies
![Page 8: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/8.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Attributes of anEffective Security Matrix
• Allows access control• Easy to use• Appropriate cost of ownership• Flexible and scalable• Superior alarming and reporting
![Page 9: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/9.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
What You AreTrying to Protect
• End-user resources• Network resources• Server resources• Information-storage resources
![Page 10: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/10.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Who Is the Threat?
• Casual attackers• Determined attackers• Spies and industrial espionage• End users
![Page 11: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/11.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Security Standards
• Security Services (ISO 7498-2)– Authentication– Access control– Data confidentiality– Data integrity– Non-repudiation
• Security mechanisms• Other government and industry standards
in addition to ISO 7498-2
![Page 12: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/12.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 1 Summary 1.1.1: Define security 1.1.2: Identify the importance of network security 1.1.3: Identify potential risk factors for data security,
including improper authentication 1.1.4: Identify security-related organizations,
warning services and certifications 1.1.5: Identify key resources that need specialized
security measures 1.1.6: Identify the general types of security
threat/attacker 1.2.6: Select security equipment and software based
on ease of use
![Page 13: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/13.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 2:Elements of Security
![Page 14: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/14.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 2 Objectives• 1.1.7: Identify ways in which increased security mechanisms
can result in increased latency• 1.1.8: Define the significance of a security policy • 1.1.9: Identify and develop basic components of an effective
security policy • 1.1.10: Identify the key user authentication methods • 1.1.11: Define the significance of access control methods • 1.1.12: Define the functions of access control lists (ACLs) and
execution control lists (ECLs) • 1.2.1: Identify the three main encryption methods used in
internetworking • 1.2.5: Identify the importance of auditing • 1.2.6: Select security equipment and software based on ease of
use • 1.2.7: Identify security factors related to transmission of
unencrypted data across the network • 1.2.9: Identify the significance of encryption in enterprise
networks
![Page 15: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/15.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Security Elementsand Mechanisms
Audit Administration
Encryption Access Control
User Authentication
Corporate Security Policy
Elements of effective security
![Page 16: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/16.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
• Classify systems• Prioritize resources• Assign risk factors• Define acceptable and unacceptable
activities• Define security measures to apply to
resources• Define education standards for employees• Determine who is responsible for
administering the policies
![Page 17: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/17.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Determining Backups
• To recover data lost due to an attack:– Enable a backup device– Enable a backup service
![Page 18: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/18.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Encryption
• Encryption categories– Symmetric– Asymmetric– Hash
• Encryption services– Data confidentiality– Data integrity– Authentication– Non-repudiation
• Encryption strength
![Page 19: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/19.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Authentication
• Authentication methods– What you know– What you have– Who you are– Where you are
![Page 20: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/20.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
SpecificAuthentication Techniques
• Kerberos• One-time passwords (OTP)
![Page 21: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/21.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Access Control
• Access Control List (ACL)– Objects– Common permissions
• Execution Control List (ECL)– Sandboxing
![Page 22: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/22.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Auditing
• Passive auditing• Active auditing
![Page 23: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/23.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Security Tradeoffsand Drawbacks
• Increased complexity• Slower system response time• Consider:
– Ease of installation– An intuitive interface– Effective customer support
![Page 24: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/24.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 2 Summary 1.1.7: Identify ways in which increased security mechanisms
can result in increased latency 1.1.8: Define the significance of a security policy 1.1.9: Identify and develop basic components of an effective
security policy 1.1.10: Identify the key user authentication methods 1.1.11: Define the significance of access control methods 1.1.12: Define the functions of access control lists (ACLs) and
execution control lists (ECLs) 1.2.1: Identify the three main encryption methods used in
internetworking 1.2.5: Identify the importance of auditing 1.2.6: Select security equipment and software based on ease of
use 1.2.7: Identify security factors related to transmission of
unencrypted data across the network 1.2.9: Identify the significance of encryption in enterprise
networks
![Page 25: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/25.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 3:Applied Encryption
![Page 26: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/26.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 3 Objectives• 1.2.2: Define symmetric (private-key) encryption • 1.2.3: Define asymmetric (public-key) encryption,
including distribution schemes, Public Key Infrastructure (PKI)
• 1.2.4: Define one-way (hash) encryption • 1.2.8: Identify the function of parallel processing in
relation to cryptography • 1.2.10: Identify the impact of encryption protocols and
procedures on system performance • 1.2.11: Create a trust relationship using public-key
cryptography • 1.2.12: Identify specific forms of symmetric, asymmetric
and hash encryption, including Advanced Encryption Standard (AES)
• 1.4.1: Deploy Pretty Good Privacy (PGP) / Gnu Privacy Guard (GPG) in Windows and Linux/UNIX systems
![Page 27: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/27.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Reasons to Use Encryption
• Make data confidential• Help authenticate users• Ensure data integrity
![Page 28: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/28.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Creating Trust Relationships
• Manually• Automatically• Rounds and parallelization
![Page 29: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/29.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Symmetric-KeyEncryption
• One key is used to encrypt and decrypt messages
• Benefits and drawbacks of symmetric-key encryption
![Page 30: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/30.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Symmetric-Key Algorithms
• Data Encryption Standard (DES)
• Triple DES• Symmetric
algorithms created by RSA Security Corporation
• International Data Encryption Algorithm (IDEA)
• Blowfish • Twofish• Skipjack• MARS• Rijndael• Serpent• Advanced
Encryption Standard (AES)
![Page 31: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/31.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Asymmetric-Key Encryption
• Benefits and drawbacks of asymmetric-key encryption
• How do browsers use public-key encryption?
• Asymmetric-key encryption elements– RSA– DSA– Diffie-Hellman
![Page 32: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/32.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
One-Way (Hash) Encryption
• Signing data• Hash algorithms
– MD2, MD4 and MD5– Secure hash algorithm– MD5sum utility (Linux)
![Page 33: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/33.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
AppliedEncryption Processes
• E-mail– PGP and GPG– Secure MIME– Proprietary asymmetric encryption
• Encrypting drives– Secure Sockets Layer (SSL) and Secure
HTTP– Transport Layer Security / Secure
Sockets Layer (TLS/SSL)
![Page 34: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/34.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Encryption Review
• Encryption• Authentication• Key• Symmetric-key (private-key) encryption • Asymmetric-key (public-key) encryption • Message integrity by hash mark and
signature
![Page 35: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/35.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 3 Summary 1.2.2: Define symmetric (private-key) encryption 1.2.3: Define asymmetric (public-key) encryption,
including distribution schemes, Public Key Infrastructure (PKI)
1.2.4: Define one-way (hash) encryption 1.2.8: Identify the function of parallel processing in
relation to cryptography 1.2.10: Identify the impact of encryption protocols and
procedures on system performance 1.2.11: Create a trust relationship using public-key
cryptography 1.2.12: Identify specific forms of symmetric, asymmetric
and hash encryption, including Advanced Encryption Standard (AES)
1.4.1: Deploy Pretty Good Privacy (PGP) / Gnu Privacy Guard (GPG) in Windows and Linux/UNIX systems
![Page 36: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/36.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 4:Types of Attacks
![Page 37: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/37.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 4 Objectives
• 1.2.5: Identify the importance of auditing • 1.4.3: Identify specific types of security
attacks • 1.4.4: Identify a brute-force attack • 1.4.5: Identify a dictionary attack • 1.4.6: Identify routing issues and security • 1.4.7: Determine the causes and results
of a denial-of-service (DOS) attack • 1.4.8: Recognize attack incidents • 1.4.9: Distinguish between illicit servers
and trojans
![Page 38: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/38.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Network Attack Categories
• Brute force • Dictionary • System bugs• Back doors• Malware • Social engineering • Denial of service (DOS)
• Distributed denial of service (DDOS)
• Spoofing • Scanning • Man in the middle • Bots and botnets• SQL injection
![Page 39: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/39.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Brute-Force andDictionary Attacks
• Brute-force attack– Repeated access attempts
• Dictionary attack– Customized version of brute-force attack
![Page 40: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/40.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
System Bugs and Back Doors
• Bug– Unintentional flaw in a program
• Back door– Deliberately-placed opening in an
operating system• Buffer overflow
![Page 41: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/41.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Malware (Malicious Software)
• Viruses• Worms• Trojans and root kits• Illicit servers• Logic bombs• Zero-day attacks• Managing viruses, worms and illicit
programs• Avoiding viruses, worms and trojans
![Page 42: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/42.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Social Engineering Attacks
• Call and ask for password• Fake e-mail• Phishing• Pharming• Securing desktops
![Page 43: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/43.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Denial-of-Service (DOS) Attacks
• Flooding• Malformed packets
– Teardrop/Teardrop2 – Ping of Death – Land attack – Miscellaneous attacks
• Physical denial-of-service attacks
![Page 44: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/44.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Distributed Denial-of-Service (DDOS) Attacks
• Components:– Controlling application– Illicit service– Zombie– Target
• Smurf and Fraggle attacks • Ways to diagnose DOS and DDOS attacks• Mitigating vulnerability and risk• Unintentional DOS
![Page 45: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/45.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Spoofing Attacks
• IP spoofing• ARP spoofing• DNS spoofing• Spoofing and traceback• Protecting against spoofing attacks
![Page 46: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/46.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Scanning Attacks
• Stack fingerprinting and operating system detection
• Sequence prediction • Network Mapper (Nmap)
![Page 47: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/47.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Man-in-the-Middle Attacks
• Packet sniffing and network switches• Connection hijacking• Registration hijacking• Voicemail compromises• Impersonated calls• DNS and ARP cache poisoning• Avoiding man-in-the-middle attacks
![Page 48: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/48.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Bots and Botnets
• Bot– Software application that runs
automated, repetitive tasks over the Internet
• Botnet– Group of computers infected with a bot
• Avoiding bot attacks
![Page 49: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/49.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
SQL Injection
• SQL injection– Hacking technique in which malicious
code is inserted into SQL command strings
• Preventing SQL injection attacks
![Page 50: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/50.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Auditing
• Checking password databases regularly • Checking log files • Scanning systems • Identifying information leakage
– Necessary information – Unnecessary information
![Page 51: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/51.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 4 Summary
1.2.5: Identify the importance of auditing 1.4.3: Identify specific types of security
attacks 1.4.4: Identify a brute-force attack 1.4.5: Identify a dictionary attack 1.4.6: Identify routing issues and security 1.4.7: Determine the causes and results
of a denial-of-service (DOS) attack 1.4.8: Recognize attack incidents 1.4.9: Distinguish between illicit servers
and trojans
![Page 52: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/52.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 5: Recent Networking
Vulnerability Considerations
![Page 53: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/53.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 5 Objectives• 1.1.3: Identify potential risk factors for data security,
including improper authentication • 1.2.5: Identify the importance of auditing • 1.4.3: Identify specific types of security attacks • 1.4.8: Recognize attack incidents
Additional topics:• Security issues associated with wireless network
technologies • Security issues associated with convergence
networking technologies • Security issues associated with Web 2.0 technologies • Additional security issues, including greynet
applications, data at rest, trusted users within an organization, anonymous downloads and indiscriminate link-clicking
![Page 54: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/54.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Wireless Network Technologies and Security
• Wireless Ethernet elements• Wireless signals
– FHSS– DSSS– OFDM
![Page 55: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/55.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
IEEE 802.11 Wireless Standards
• 802.11 (WiFi)• 802.11a• 802.11b• 802.11e• 802.11g• 802.11h• 802.11i• 802.11n (most current)
![Page 56: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/56.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Wireless Networking Modes
• Ad-hoc mode• Infrastructure mode• Wireless access points (APs)
– Wireless cells– Authentication types in wireless networks– BSSID– SSID– Wireless AP beacon
• Host association
![Page 57: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/57.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Wireless Application Protocol (WAP)
• WAP services:– Uniform scripting standards for wireless
devices – A method of encrypting devices from
WAP-enabled phones • Wireless Transport Layer Security (WTLS):
– WTLS benefits– Problems with WTLS
• Languages used in WAP
![Page 58: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/58.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Wireless Network Security Problems
• Cleartext transmission• Access control• Unauthorized APs and wireless systems • Corporate users participating in ad hoc
networks • Weak and/or flawed encryption • Encryption and network traffic • War driving
![Page 59: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/59.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Wireless Network Security Solutions
• WEP• MAC address filtering• WPA2 (802.11i)• IEEE 802.1x• RADIUS• Physical and configuration solutions
![Page 60: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/60.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Site Surveys
• Authorized site surveys– Site surveys after implementation
• Unauthorized site surveys– War driving/war walking– Examples of site surveying software
![Page 61: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/61.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Convergence Networking and Security
• Convergence technologies and equipment:– Private Branch Exchange (PBX)– Voice over IP (VoIP) devices– End-user telephone connections
• Virtual LANs (VLANs)• VLAN hopping• Firewall conflicts• DNS loops
![Page 62: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/62.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Web 2.0 Technologies
• Ajax• Wikis• Blogs• Really Simple Syndication (RSS)• Podcasts • Folksonomy
![Page 63: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/63.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Greynet Applications
• Instant messaging (IM)• Peer-to-peer (P2P) applications• File transfer and the 8.3 naming convention• Securing IM and P2P
![Page 64: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/64.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Vulnerabilitieswith Data at Rest
• Data on network drives and in network shares
• Data on vulnerable systems• Database data and SQL injection
![Page 65: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/65.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Security Threatsfrom Trusted Users
• Security breaches due to:– Carelessness– Noncompliance with established security
measures– Following inadequate security policies
![Page 66: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/66.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Anonymous Downloadsand Indiscriminate Link-Clicking
• Poisoned Web sites• Drive-by downloads• Guidelines to help avoid contact with
poisoned Web sites
![Page 67: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/67.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 5 Summary 1.1.3: Identify potential risk factors for data security,
including improper authentication 1.2.5: Identify the importance of auditing 1.4.3: Identify specific types of security attacks 1.4.8: Recognize attack incidents
Additional topics: Security issues associated with wireless network
technologies Security issues associated with convergence networking
technologies Security issues associated with Web 2.0 technologies Additional security issues, including greynet applications,
data at rest, trusted users within an organization, anonymous downloads and indiscriminate link-clicking
![Page 68: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/68.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 6:General Security Principles
![Page 69: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/69.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 6 Objectives
• 1.3.1: Identify the universal guidelines and principles of effective network security
• 1.3.2: Define amortization and chargeback issues related to network security architectures
• 1.3.3: Use universal guidelines to create effective specific solutions
![Page 70: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/70.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
CommonSecurity Principles
• Be paranoid• Have a security
policy• No system or
technique stands alone
• Minimize damage• Deploy company-
wide enforcement
• Provide training• Integrate security
strategies• Place equipment
according to needs• Identify security
business issues• Consider physical
security
![Page 71: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/71.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 6 Summary
1.3.1: Identify the universal guidelines and principles of effective network security
1.3.2: Define amortization and chargeback issues related to network security architectures
1.3.3: Use universal guidelines to create effective specific solutions
![Page 72: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/72.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 7:Protocol Layers
and Security
![Page 73: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/73.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 7 Objectives
• 1.3.4: Identify potential threats at different layers of the TCP/IP stack
• 1.3.7: Secure TCP/IP services, including HTTP, FTP
• 1.4.6: Identify routing issues and security • 1.4.7: Determine the causes and results
of a denial-of-service (DOS) attack
![Page 74: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/74.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
TCP/IP Security Introduction
• TCP/IP protocol stack• TCP/IP and network security
![Page 75: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/75.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
OSI Reference Model Review
• Application layer• Presentation layer• Session layer• Transport layer• Network layer• Data link layer• Physical layer
![Page 76: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/76.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Data Encapsulation
![Page 77: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/77.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
The TCP/IP Stack and the OSI Reference Model
![Page 78: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/78.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Link/Network Access Layer
• Media that defines this layer:– Fiber – Coaxial cable – Twisted pair – Free space (infrared, short-range
wireless, microwave, satellite) • Network topologies
![Page 79: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/79.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Network/Internet Layer
• Internet Protocol (IP)– Packets are not signed– Packets are not encrypted– Packets can be manipulated easily
• Internet Control Message Protocol (ICMP)– ICMP message types– Why block ICMP?
![Page 80: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/80.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Transport Layer
• Transmission Control Protocol (TCP)– The TCP handshake– The TCP header
• Establishing a TCP connection: – SYN and ACK
• Terminating a TCP connection: – FIN and ACK
• User Datagram Protocol (UDP)• Ports
![Page 81: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/81.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Application Layer
• File Transfer Protocol (FTP)– Active FTP– Passive FTP
• Hypertext Transfer Protocol (HTTP)• Telnet• Simple Network Management Protocol
(SNMP)• Domain Name System (DNS)• Additional application layer protocols
![Page 82: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/82.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Protocol Analyzers
• Monitor network traffic to identify network trends
• Identify network problems and send alert messages
• Identify specific problems• Test network connections, devices and
cables
![Page 83: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/83.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 7 Summary
1.3.4: Identify potential threats at different layers of the TCP/IP stack
1.3.7: Secure TCP/IP services, including HTTP, FTP
1.4.6: Identify routing issues and security 1.4.7: Determine the causes and results
of a denial-of-service (DOS) attack
![Page 84: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/84.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 8:Securing Resources
![Page 85: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/85.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 8 Objectives
• 1.3.5: Consistently apply security principles• 1.3.6: Identify ways to protect operating systems,
routers and equipment against physical attacks
• 1.3.7: Secure TCP/IP services, including HTTP, FTP • 1.3.8: Identify the significance of testing and
evaluating systems and services • 1.3.9: Identify network security management
applications, including network scanners, operating system add-ons, log analysis tools
• 1.4.7: Determine the causes and results of a denial-of- service (DOS) attack
![Page 86: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/86.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
TCP/IP Security Vulnerabilities
• Internet Protocol version 4 (IPv4)• Internet Protocol version 6 (IPv6)• Determining which IP version to implement
![Page 87: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/87.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Implementing Security
• Publish the security policy• Categorize resources and needs• Secure each resource and service• Log, test and evaluate• Repeat the process and keep current
![Page 88: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/88.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Resources and Services
• Protecting services– Protect against profiling– Coordinate methods and techniques– Protect services by changing default
settings– Remove unnecessary services
![Page 89: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/89.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Protecting TCP/IP Services
• Specialized accounts• The Web Server• CGI scripts
– CGI and programming• Securing Apache2• FTP servers
– Access control
![Page 90: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/90.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Simple MailTransfer Protocol (SMTP)
• The Internet Worm• Buffer overflows• The Melissa virus• Access control for e-mail• E-mail and virus scanning
![Page 91: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/91.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Physical Security
• Protecting the network against common physical attacks
• Ensuring access control• Securing wireless cells• Shielding network equipment• Securing removable media• Controlling the environment• Fire detection and suppression
![Page 92: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/92.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Testing Systems
• Testing existing systems• Implementing a new system or testing a
new security setting
![Page 93: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/93.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Security Testing Software
• Specific tools– Network scanners– Operating system add-ons– Logging and log analysis tools
![Page 94: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/94.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Security and Repetition
• Understanding the latest exploits• Continually improve and test your security
system
![Page 95: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/95.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 8 Summary 1.3.5: Consistently apply security principles 1.3.6: Identify ways to protect operating systems,
routers and equipment against physical attacks
1.3.7: Secure TCP/IP services, including HTTP, FTP 1.3.8: Identify the significance of testing and
evaluating systems and services 1.3.9: Identify network security management
applications, including network scanners, operating system add-ons, log analysis tools
1.4.7: Determine the causes and results of a denial-of- service (DOS) attack
![Page 96: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/96.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9:Firewalls and
Virtual Private Networks
![Page 97: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/97.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Objectives• 1.1.3: Identify potential risk factors for data security,
including improper authentication • 1.2.3: Define asymmetric (public-key) encryption,
including distribution schemes, Public Key Infrastructure (PKI)
• 1.4.2: Define IPSec concepts • 1.4.6: Identify routing issues and security • 1.5.1: Define the purpose and function of various
firewall types • 1.5.2: Define the role a firewall plays in a company's
security policy • 1.5.3: Define common firewall terms • 1.5.4: Identify packet filters and their features• 1.5.5: Identify circuit-level gateways and their
features
![Page 98: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/98.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Objectives (cont’d)
• 1.5.6: Identify application-level gateways and their features
• 1.5.7: Identify features of a packet-filtering firewall, including rules, stateful multi-layer inspection
• 1.5.8: Identify fundamental features of a proxy-based firewall (e.g., service redirection, service
passing, gateway daemons), and implement proxy-level firewall security
• 1.5.9: Define the importance of proxy caching related to performance
• 1.6.1: Implement a packet-filtering firewall • 1.6.2: Customize your network to manage hacker
activity
![Page 99: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/99.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Definition and Description of a Firewall
• Firewall• Demilitarized zone (DMZ)• Daemon
![Page 100: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/100.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
The Role of a Firewall
• Implement a company’s security policy• Create a choke point• Log Internet activity• Limit network host exposure
![Page 101: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/101.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Terminology
• Packet filter• Proxy server
– Application-layer proxy– Circuit-level proxy
• Network Address Translation (NAT)• Bastion host• Operating system hardening• Screening and choke routers• Demilitarized zone (DMZ)• Web security gateway
![Page 102: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/102.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Configuration Defaults
• By default, a firewall can be configured to either:– Deny all traffic, in which case you would
specify certain types of traffic to allow in and out of your network
– Allow all traffic, in which case you would specify certain types of traffic to deny
![Page 103: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/103.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
CreatingPacket Filter Rules
• Process• Rules and fields• Standard FTP clients and creating packet
filter rules• Passive FTP clients and packet filter rules
![Page 104: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/104.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Packet Filter Advantages and Disadvantages
• Drawbacks• Stateful multi-layer inspection
– Popular packet-filtering products• Using the ipchains and iptables commands
in Linux
![Page 105: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/105.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
ConfiguringProxy Servers
• Recommending a proxy-oriented firewall• Proxy server advantages and features
– Authentication– Logging and alarming– Caching– Fewer rules– Reverse proxies and proxy arrays
• Proxy server drawbacks– Client configuration– Speed
![Page 106: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/106.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
URL Filtering
• Techniques to filter outbound URLs• Techniques to filter inbound URLs
![Page 107: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/107.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Remote Access andVirtual Private Networks (VPNs)
• Three types of VPNs:– Workstation-to-server– Firewall-to-firewall– Workstation-to-workstation
• Tunneling protocols• Internet Protocol Security (IPsec)• Point-to-Point Tunneling Protocol (PPTP)• Layer 2 Tunneling Protocol (L2TP)• VPN vulnerabilities
![Page 108: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/108.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Public KeyInfrastructure (PKI)
• PKI standards– Based on X.509 standard
• PKI terminology• Certificates
![Page 109: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/109.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Summary 1.1.3: Identify potential risk factors for data
security, including improper authentication 1.2.3: Define asymmetric (public-key) encryption,
including distribution schemes, Public Key Infrastructure (PKI)
1.4.2: Define IPSec concepts 1.4.6: Identify routing issues and security 1.5.1: Define the purpose and function of various
firewall types 1.5.2: Define the role a firewall plays in a company's
security policy 1.5.3: Define common firewall terms 1.5.4: Identify packet filters and their features 1.5.5: Identify circuit-level gateways and their
features
![Page 110: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/110.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Summary (cont’d)
1.5.6: Identify application-level gateways and their features
1.5.7: Identify features of a packet-filtering firewall, including rules, stateful multi-layer inspection
1.5.8: Identify fundamental features of a proxy-based firewall (e.g.; service redirection, service
passing, gateway daemons), and implement proxy-level firewall security
1.5.9: Define the importance of proxy caching related to performance
1.6.1: Implement a packet-filtering firewall 1.6.2: Customize your network to manage hacker
activity
![Page 111: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/111.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 10:Levels of
Firewall Protection
![Page 112: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/112.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 10 Objectives
• 1.4.6: Identify routing issues and security • 1.5.1: Define the purpose and function of
various firewall types • 1.5.3: Define common firewall terms • 1.6.1: Implement a packet-filtering firewall • 1.6.2: Customize your network to manage
hacker activity
![Page 113: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/113.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Designing a Firewall
• Firewall design principles– Keep design simple– Make contingency plans
![Page 114: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/114.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Types of Bastion Hosts
• Single-homed bastion host• Dual-homed bastion host• Triple-homed bastion host• Internal bastion hosts
![Page 115: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/115.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Hardware Issues
• Choosing the operating system• Firewall appliances• Services• Daemons• Proxy servers
![Page 116: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/116.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
CommonFirewall Designs
• Screening routers• Screened host firewall (single-homed
bastion)• Screened host firewall (dual-homed bastion)• Screened subnet firewall (demilitarized
zone)
![Page 117: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/117.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 10 Summary
1.4.6: Identify routing issues and security 1.5.1: Define the purpose and function of
various firewall types 1.5.3: Define common firewall terms 1.6.1: Implement a packet-filtering firewall 1.6.2: Customize your network to manage
hacker activity
![Page 118: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/118.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 11:Detecting and
Distracting Hackers
![Page 119: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/119.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 11 Objectives
• 1.6.2: Customize your network to manage hacker activity
• 1.6.3: Implement proactive detection • 1.6.4: Distract hackers and contain their
activity • 1.6.5: Deploy tripwires and other traps on a
network host
![Page 120: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/120.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Proactive Detection
• Automated security scans• Login scripts• Automated auditing
![Page 121: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/121.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Distracting the Hacker
• Dummy accounts• Dummy files
– Dummy password files• Tripwire scripts• Automated checksums• Jails
![Page 122: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/122.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Deterring the Hacker
• Methods for deterring hackers– Log traffic and send e-mail messages– Conduct reverse scans– Drop the connection– Contact the ISP
• Tools for responding to hackers• Problems with retaliation
![Page 123: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/123.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 11 Summary
1.6.2: Customize your network to manage hacker activity
1.6.3: Implement proactive detection 1.6.4: Distract hackers and contain their
activity 1.6.5: Deploy tripwires and other traps on a
network host
![Page 124: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/124.jpg)
Copyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 12:Incident Response
![Page 125: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/125.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 12 Objectives
• 1.6.6: Respond appropriately to a security breach
• 1.6.7: Identify security organizations that can help in case of system attack
• 1.6.8: Subscribe to respected security alerting organizations
• 1.6.9: Identify appropriate authorities to contact regarding data theft and other attacks
![Page 126: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/126.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Creating an Incident Response Policy
• Decide ahead of time• Do not panic• Document everything
![Page 127: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/127.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Determining if an Attack Has Occurred
• Determine the scope of the breach• Stop or contain activity
![Page 128: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/128.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Executingthe Response Plan
• Notifying affected individuals• Notifying appropriate authorities• Notifying Internet agencies
![Page 129: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/129.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Analyzing and Learning
• Ask questions of everyone involved• Record specific lessons you have learned• Update your security policy
![Page 130: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/130.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 12 Summary
1.6.6: Respond appropriately to a security breach
1.6.7: Identify security organizations that can help in case of system attack
1.6.8: Subscribe to respected security alerting organizations
1.6.9: Identify appropriate authorities to contact regarding data theft and other attacks
![Page 131: Web Security Associate](https://reader037.vdocuments.site/reader037/viewer/2022110102/568134f4550346895d9c3c40/html5/thumbnails/131.jpg)
Web Security AssociateCopyright © 2010 Certification Partners, LLC -- All Rights Reserved
Web Security Associate What Is Security? Elements of Security Applied Encryption Types of Attacks Recent Networking Vulnerability Considerations General Security Principles Protocol Layers and Security Securing Resources Firewalls and Virtual Private Networks Levels of Firewall Protection Detecting and Distracting Hackers Incident Response