1 / 25

IS3220 Information Technology Infrastructure Security Unit 2 Network Security Basics

IS3220 Information Technology Infrastructure Security Unit 2 Network Security Basics. EXPLORE: CONCEPTS. Learning Objective. Explain the fundamental concepts of network security. Key Concepts. Confidentiality, integrity, and availability mandates for network resource security

kovit
Télécharger la présentation

IS3220 Information Technology Infrastructure Security Unit 2 Network Security Basics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IS3220 Information Technology Infrastructure Security Unit 2 Network Security Basics

  2. EXPLORE: CONCEPTS

  3. Learning Objective • Explain the fundamental concepts of network security

  4. Key Concepts • Confidentiality, integrity, and availability mandates for network resource security • Network security and its value to the enterprise • Roles and responsibilities in network security • Impact of network infrastructure design on security • Features, uses, and benefits of network security countermeasures

  5. Primary Goals of Information Security Confidentiality Security Integrity Availability

  6. Secondary Goals of Information Security Authentication Confidentiality Integrity Availability Privacy Authorization Non-Repudiation

  7. Seven Domains of a Typical IT Infrastructure

  8. The Need for Information Security Risk Threat Vulnerability

  9. Information Assurance Non-repudiation Authentication Integrity Confidentiality Seven Domains of a Typical IT Infrastructure Availability

  10. Security Policy Establish goals Address risk Provide roadmap for security Set expectations Link to business objectives Map of laws and regulations Supported by standards, procedures, and guidelines

  11. Examples of Network Infrastructures Workgroup SOHO Client/Server

  12. General Terms Confidentiality Integrity Availability Trust Privacy Authentication Authorization Non-repudiation

  13. Networking Terminology Network Firewall Router Virtual Private Network IPSec Demilitarized Zone Intrusion Detection System (IDS) Intrusion Prevention System (IPS)

  14. EXPLORE: PROCESS

  15. Policy, Awareness, and Training Policy ~ sets expectations Awareness ~ promotes security Training ~ defines roles and responsibilities

  16. Security Countermeasures

  17. Security Countermeasures (Continued)

  18. Security Countermeasures (Continued)

  19. EXPLORE: CONTEXT

  20. Consider Business Requirements Availability of the network and its components Redundancy High availability Single point of failure Denial of service Sensitivity of the data Encryption Access control

  21. Internet Exposure Remote access Will a VPN work? Is direct internet access required?

  22. Wired Networks Lack of external connectivity creates physical isolation Can rely on physical controls to protect network External threats must breach physical barrier If external connectivity is required No control is the same as physical isolation but security must enable the business Consider segmentation Rigorous front door screening

  23. Benefits of Wireless Networking Can be inexpensive to deploy No need to run wires Quick connectivity for multiple users Convenience Mobility Ubiquity All laptops now come equipped with wireless

  24. Wireless Concerns Introduces new attack surface Require additional design considerations to mitigate attack Data is transmitted over the air and accessible Use of encryption technology Consider implementing segmented wireless networks Require VPN authentication for wireless access Network can be directly accessed from a distance Shielding

  25. Mobile Networking Allows user to be completely mobile Requires considerations for central management Potential for device to be lost

More Related