Week 3 and Week 11 Discussions

Brian34
Week3EmergingThreatsch12-1.pptx

Chapter 12 Secure Communications and Network Attacks

Network and Protocol Security Mechanisms

Secure Communications Protocols

Authentication Protocols

overview

Secure Communications Protocols

IPSec

Kerberos

Secure Shell (SSH)

Signal Protocol

Secure Remote Procedure Call (S-RPC)

Secure Sockets Layer (SSL)

Transport Layer Security (TLS)

Authentication Protocols

Challenge Handshake Authentication Protocol (CHAP)

Password Authentication Protocol (PAP)

Extensible Authentication Protocol (EAP)

Secure Voice Communications

Voice over Internet Protocol (VoIP)

Weaknesses and attacks

Secure Real-Time Transport Protocol (SRTP)

Social Engineering

In person, over the phone, e-mail, IM, social networks

PBX Fraud and Abuse

Direct Inward System Access (DISA)

Phreakers

Black box, Red box, Blue box, White box (DTMF)

Multimedia Collaboration

Remote Meeting

Instant Messaging

Manage Email Security

Email Security Goals

Understand Email Security Issues

Email Security Solutions

overview

Email Security Goals

SMTP, POP, IMAP

Open relay, closed relay, authenticated relay

Nonrepudiation

Restrict access

Integrity

Verify delivery

Confidentiality

Understand Email Security Issues

Lack of encryption

Delivery vehicle for malware

Lack of source verification

Flooding

Attachments

Email Security Solutions

Secure Multipurpose Internet Mail Extensions (S/MIME)

MIME Object Security Services (MOSS)

Privacy Enhanced Mail (PEM)

DomainKeys Identified Mail (DKIM)

Pretty Good Privacy (PGP)

Opportunistic TLS for SMTP Gateways

Sender Policy Framework (SPF)

Reputation filtering

Remote Access Security Management

Remote Access and Telecommuting Techniques

Plan Remote Access Security

Dial-Up Protocols

Centralized Remote Authentication Services

overview

Remote Access and Telecommuting Techniques

Service specific

Remote control

Screen scraper/scraping

Remote node operation

Plan Remote Access Security

POTS/PTSN, VoIP, VPN

Authentication, remote access justification, encrypted for confidentiality

Monitor for abuses

Remote connectivity technology

Transmission protection

Authentication protection

Remote user assistance

Dial-Up Protocols

Point-to-Point Protocol (PPP)

Serial Line Internet Protocol (SLIP)

Centralized Remote Authentication Services

Remote Authentication Dial-In User Service (RADIUS)

Terminal Access Controller Access-Control System (TACACS+)

TACACS, XTACACS

Virtual Private Network

Tunneling

How VPNs Work

Common VPN Protocols

PPTP, L2F, LT2P, IPSec

SSH, TLS

Virtual LAN

Virtualization

Hypervisors

VM escaping

Virtual Software

Virtual applications

Virtual desktop

Virtual Networking

Software Defined Network (SDN)

Network virtualization

Virtual SAN

Network Address Translation

Private IP Addresses (RFC 1918)

10.255.255.255 (a full Class A range)

172.16.0.0–172.31.255.255 (16 Class B ranges)

192.168.0.0–192.168.255.255 (256 Class C ranges)

Stateful NAT

Port Address Translation (PAT)

Static and Dynamic NAT

Automatic Private IP Addressing (APIPA)

169.254.x.y

Loopback Address

Switching Technologies

Circuit Switching Packet Switching

Constant traffic Bursty traffic

Fixed known delays Variable delays

Connection oriented Connectionless

Sensitive to Sensitive to connection loss data loss

Used primarily for voice Used for any type of traffic

Virtual Circuits

PVCs and SVCs

WAN Technologies 1/2

WAN Connection Technologies 1/2

Dedicated vs. Nondedicated

DS-0, DS-1, DS-3, T1, T3

ISDN

BRI vs. PRI

Channel Service Unit/Data Service Unit (CSU/DSU)

Data Terminal Equipment/Data Circuit-Terminating Equipment (DTE/DCE)

X.25

WAN Technologies 2/2

WAN Connection Technologies 2/2

Frame Relay

Committed Information Rate (CIR)

ATM

Switched Multimegabit Data Service (SMDS)

Synchronous Digital Hierarchy (SDH)

Synchronous Optical Network (SONET)

SDLC, HDLC

Miscellaneous Security Control Characteristics

Transparency

Verify Integrity

Transmission Mechanisms

Logging

Error correction

Security Boundaries

Areas of different security requirements

Classifications

Physical vs. logical

Should be clearly defined

Prevent or Mitigate Network Attacks

DoS and DDoS

Eavesdropping

Impersonation/masquerading

Replay attacks

Modification attacks

Address resolution protocol spoofing

DNS poisoning, spoofing, and hijacking

Hyperlink spoofing

Conclusion

Read the Exam Essentials

Review the chapter

Perform the Written Labs

Answer the Review Questions