Chapter 3 - 02 - Discuss Network Security Fundamentals - 01_ocred.pdf

Full Transcript

Leértified Cybersecurity Technician Network Security Fundamentals Module o Exam 212-82 Flow Discuss Information Security Fundamentals Discuss Network Security Fundament als eproduction is Strictly Prohibited Network security helps organizations in implementing necessary preventative measures to protect their IT infrastructure from misuse, unauthorized access, informat ion disclosure, unauthor ized access or modification of data in trans it, destruction, etc., thereby providing a secure environment for the users, computer s, and programs to perform their regular functions. This section discusses the goal of netw ork defense, principles of information assurance, benefits and challenges of network defe nse, types of network defense approach es, types of network security controls, and elements of network defense. Module 03 Page 418 Certified Cybersecurity Technician Copyri ght © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Pro Certified Cybersecurity Technician Network Security Fundamentals Exam 212-82 Essentials of Network Security O A completely secure and robust network can be designed with proper implementation and configuration of network security elements Elements of Network Security Network Security Controls Essentials of Network Security A completely secure and robust network can be designed with proper implementation and configuration of network security elements. Network security relies on three main security elements: * Network Security Controls Network security controls are the security features that should be appropriately configured and implemented to ensure network security. These are the cornerstones of any systematic discipline of security. These security controls work together to allow or restrict the access to organization’s resources based on identity management. = Network Security Protocols Network security protocols implement security related operations to ensure the security and integrity of data in transit. The network security protocols ensure the security of the data passing through the network. They implement methods that restrict unauthorized users from accessing the network. The security protocols use encryption and cryptographic techniques to maintain the security of messages passing through the network. = Network Security Devices Network security appliances are devices that are deployed to protect computer networks from unwanted traffic and threats. These devices can be categorized into active devices, passive devices, and preventative devices. It also consists Threat Management (UTM) which combines features of all the devices. Module 03 Page 419 of Unified Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Fundamentals Exam 212-82 Goal of Network Defense @ The ultimate goal of network defense is to protect an organization’s information, systems, and network infrastructure from unauthorized access, misuse, modification, service denial, or any degradation and disruptions ) (174 \ Organizations rely on information assurance (IA) principles to attain defense-in-depth security. Information Assurance (lA) principles act as enablers for an organization’s security activities to protect and defend the organizational network from security attacks Goal of Network Defense Different types of unauthorized or illegal activities may include interrupting, damaging, exploiting, or restricting access to networks or computing resources and stealing data and information from them. The implementation of numerous security measures, by itself, does not guarantee network security. For example, many organizations assume that deploying a firewall, or multiple firewalls, on the network is sufficient to protect their infrastructure from a variety of threats. However, attackers can bypass such security measures to gain access to systems. Thus, it is important to ensure comprehensive network defense to prevent and mitigate various types of threats. The goal of comprehensive network defense is to deploy continual and defense-in-depth security, which involves predicting, protecting, monitoring, analyzing, detecting, and responding to unauthorized activities such as unauthorized access, misuse, modification, service denial, and any degradation or disruption in the network, and to guarantee the overall security of the network. Organizations rely on information assurance (lA) principles to attain defense-in-depth security. Module 03 Page 420 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Fundamentals Exam 212-82 Information Assurance (IA) Principles Confidentiality O Availability O Ensures information is not disclosed to unauthorized parties S N Authorized User MCannot listen to or ew the information e o N Ensures information is available to authorized parties without any disruption Dot g > Services unavailable 3 to authorized users : seessssesesessessessesssessssssassed = x Integricy Authorized User : Server Man in the Middle. Integrity Q Ensures information is not modified or tampered with by unauthorized parties Authorized User A b4 & Man in the Middle Copyright © by L All Rights Reserved. Reproduction is Strictly Prohibited Information Assurance (IA) Principles (Cont’d) Non-repudiation Q Ensures that a party in a communication cannot deny sending the message Authentication QO Ensures the identity of an individual is verified by the system or service Transfer amount 500 to User........................................................) User denies transaction Authorized User (L L All Rights Reserved. Reproduction is Strictly Prohibited. Information Assurance (IA) Principles Information assurance (lA) principles act as enablers for an organization’s security activities to protect and defend its network from security attacks. They facilitate the adoption of appropriate countermeasures and response actions upon a threat alert or detection. Therefore, security professionals must use IA principles to identify data that is sensitive, and to counter events that may have security implications for the network. IA principles assist them in Module 03 Page 421 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Fundamentals Exam 212-82 identifying network security vulnerabilities, monitoring the network for any intrusion attempts or malicious activity, and defending the network by mitigating vulnerabilities. Network defense activities should address the following IA principles to achieve defense-indepth network security: = Confidentiality: Confidentiality permits only authorized users to access, use or copy information. Authentication is crucial for confidentiality. If an unauthorized user accesses protected information, it implies that a breach of confidentiality has occurred. Cannot listen to or view the information Authorized User Server Man in theMiddIe Figure 3.2: Confidentiality * Integrity: Integrity protects data and does not allow modification, deletion, or corruption of data without proper authorization. This information assurance principle also relies on authentication to function properly. Cannot modify the information...................A.................) Authorized User Man in the Middle Figure 3.3: Integrity = Availability: Availability is the process of protecting information systems or networks that store sensitive request access. data, to make them available for the end users whenever they Services unavailable to authorized users Authorized User Server Figure 3.4: Availability Module 03 Page 422 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Fundamentals * Exam 212-82 Non-repudiation: Non-repudiation is a service that validates the integrity of a digital signature’s transmission, starting from where repudiation grants access to protected signature is from the intended party. it originated information to where by validating it arrived. that the Non- digital Transfer amount 500 to User User denies transaction Figure 3.5: Non-repudiation = Authentication: Authentication is a process of authorizing users with the credentials provided, by comparing them to those in a database of authorized users on an authentication server, to grant access to the network. It guarantees that the files or data passing through the network is safe. Figure 3.6: Authentication Module 03 Page 423 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.