AS-5-Discussions,Assignments

Colin Horn

winsec3e_ppt_ch09.pptx

Home >Information Systems homework help >AS-5-Discussions,Assignments

Security Strategies in Windows Platforms and Applications

Lesson 9

Microsoft Windows Network Security

www.jblearning.com

Cover image © Sharpshot/Dreamstime.com

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Learning Objective(s)

Implement security controls to protect Microsoft Windows systems and networks.

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Key Concepts

Network security in a Microsoft Windows environment

Windows security protocols

Securing wireless networks

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Purpose of Network Security

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Acts as a layer of defense

Helps keep attackers out

Reduces risk of compromised computers

Limits exposure of protected resources

Supports availability, integrity, and confidentiality

Seven Domains of a Typical IT Infrastructure

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Network Types

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Local area network (LAN)

Metropolitan area network (MAN)

Wide area network (WAN)

Personal area network (PAN)

Campus area network (CAN)

Global area network (GAN)

Network Security Controls

Access controls

Communication controls

Anti-malware software

Recovery plans, including backups

Procedures to control network device configuration changes

Monitoring tools and other detective controls

Software patch management

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Principles of Microsoft Windows Network Security

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Physical and logical access—Locate important computers and devices in physically secure areas and limit access to them. Separate networks logically into smaller segments to control resource access. Logically separating networks is beneficial when you need to keep groups of devices separate. This is common in larger networks.

Traffic flow—Use firewalls and other types of filters to discard unauthorized traffic on a network. Filters should exist at all network boundaries and between segments to control network ingress and egress.

Computer and device security—Ensure each computer and device on the network is prepared to handle any known attack. Any computer or device that does not have proper security controls deployed poses a threat to the entire network.

Physical and logical access

Traffic flow

Computer and device security

Common Components Found in Networks

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Connection media—The adapters and wires that connect components together. Not all connection methods use wires. With wireless devices, radio waves transmit data. So, connection media also includes wireless adapters.

Networking devices—Hardware devices that connect other devices and computers using connection media.

Server computers and services devices—Hardware that provides one or more services to users, such as server computers, printers, and network storage devices.

Connection Media

Wireless network connections

Wired connections

Unshielded twisted pair (UTP)

Shielded twisted pair (STP)

Coaxial cable

Fiber optic cable

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

802.11 Wireless Standards

Protocol	Max. Transmission Speed	Range (ft.) Indoor/Outdoor	Frequency
802.11a	54 Mbps	115 / 390	5 GHz
802.11b	11 Mbps	125 / 460	2.4 GHz
802.11g	54 Mbps	125 / 460	2.4 GHz
802.11n	600 Mbps	230 / 820	2.4 GHz / 5 GHz
802.11ac	1.3 Gbps	115	5 GHz
802.11ad (WiGiG)	6.7 Gbps	11	2.4 / 5 / 60 GHz
802.11ah (HaLow)	347 Mbps	3200 (proposed)	900 MHz
802.11ax (HEW)	4 Gbps (proposed)	(Not determined)	2.4 GHz / 5 GHz

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Networking Devices

Simplest networks with few devices have every component connected

More than just a few devices in this arrangement is difficult to manage

Today’s network environments use several types of devices to keep connections manageable

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Hub

A box with several connectors, or ports, that allows multiple network cables to attach to it

Common hubs have 4, 8, 16, or 32 ports

Acts as hardware repeater

Takes input from any port and repeats the transmission, sending it as output on every port, including the original input port

As networks have become faster and more complex, hub use has all but disappeared.

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Switch

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

A switch is a hardware device that forwards input it receives only to the appropriate output port.

A switch can help avoid many collision and congestion issues and actually speed up networks.

Router

Connects two or more separate networks

Can connect any types of networks as long as they use the same protocols

Is more intelligent than a switch

Inspects address portion of packets

Examines destination address and forwards packet to correct outbound port

Can be stand-alone hardware devices or computers with multiple network interfaces running routing software

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Gateway

A network device that connects two or more separate networks using different protocols

Wired LANs, wireless LANs, and WANs

Can perform many of the tasks a router performs

Has ability to translate network packets from one protocol to another

Is much more complex than a router or a switch

One of the most common types is Internet gateway; connects a LAN to the Internet

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Server Computers and Services Devices

Centralized services for multiple users to share information and physical resources

Examples of shared resources include:

File storage

Printer and print services

Central database and document management systems

Central authentication services

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Server Computers and Services Devices

Network file server

Network print server

Data storage

Application server

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Server Computers and Services Devices

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Network file server

Network print server

Data storage

Application server

Firewall

Filters network traffic to block suspicious packets or messages

Examines all network traffic and compares it with predefined rules

Rules tell the firewall whether to forward or deny traffic

After matching traffic to its rules, firewall should drop or reject network messages that are unauthorized or suspicious

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

DMZ with Two Firewalls

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Microsoft Windows Security Protocols and Services

Node

Computer or device connected to a network

Node communicate via rules called protocols

OSI Reference Model

A generic description for how computers use multiple layers of protocol rules to communicate across a network

Transmission Control Protocol/Internet Protocol (TCP/IP) Reference Model

Defines four different layers of communication rules

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

TCP/IP and OSI Reference Models

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Common Network Communication Protocols

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Telnet

Secure Shell (SSH)

HTTP/ HTTPS

TLS/SSL

TCP/IP

UDP

Common Network Communication Protocols (Cont.)

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

IPSec & IKEv2

PPTP

L2TP

SSTP

WEP/WPA

Kerberos

Message Flow in the U.N. Example

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Securing Microsoft Windows Environment Network Services

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Service updates

Service accounts

Necessary services

Windows Services Startup Options

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Wireless Network Security Guidelines

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Use WPA, WPA2, or WPA3 encryption

Use Media Access Control (MAC) address filtering

Disable Service Set Identifier (SSID) broadcast

Limit outside eavesdropping

Physically separate wireless networks by purpose

Desktop and Server Security

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Desktop Security

User authorization and authentication

Malicious software protection

Server Security

Outbound software filtering

Authentication and authorization

Network traffic filtering

Malicious software protection

Internal Network and Cloud Security

IPv4 versus IPv6

IPv6 features can be used in IPv4 now, such as end-to-end encryption using IPSec

Features are retrofitted into IPv4

Dual-stack IP networking support both IPv4 and IPv6 concurrently

Cloud computing

Service level agreement (SLA)

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Best Practices for Microsoft Windows Network Security

Identify sensitive data.

Use encryption.

Establish unique domain user accounts.

Enforce strong passwords.

Create new user accounts with limited rights and permission for services.

Do not allow any services to run as a domain admin user.

Use Kerberos for secure authentication.

Install firewalls to create a DMZ.

Use encrypted communications.

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Best Practices for Microsoft Windows Network Security (Cont.)

Establish firewall rules.

Deny all suspicious traffic.

Allow only approved traffic for servers.

Filter inbound and outbound traffic for malicious messages.

Install anti-malware software.

Perform quick scans daily.

Perform complete scans weekly.

Use WPA, WPA2, or WPA3.

Disable SSID broadcast.

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Best Practices for Microsoft Windows Network Security (Cont.)

Do not enable wireless or mobile broadband cards while connected to your organization’s internal network.

Do not allow visitors to roam around your facilities using wireless LANs.

Avoid connecting to public networks.

Use a VPN.

Install separate wireless access point for guests.

Disable or uninstall services you don’t need.

Page ‹#›

Security Strategies in Windows Platforms and Applications

www.jblearning.com

Summary

Network security in a Microsoft Windows environment

Windows security protocols

Securing wireless networks

Page ‹#›

Security Strategies in Windows Platforms and Applications