DoS Attacks Malicious Code Attacks Device Hardening Social Engineering The Network Security Wheel

Similar documents
Objectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats

Chapter 4. Network Security. Part II

Accessing the WAN Chapter 4 - PART II Modified by Tony Chen 07/20/2008

Internetwork Expert s CCNA Security Bootcamp. Securing Cisco Routers. Router Security Challenges

Lab Student Lab Orientation

Network security session 9-2 Router Security. Network II

Chapter 11: Networks

Router Startup and Configuration

Chapter 11: It s a Network. Introduction to Networking

Chapter 4. Network Security. Part I

AutoSecure. Finding Feature Information. Last Updated: January 18, 2012

1. Which network design consideration would be more important to a large corporation than to a small business?

Computer Network Vulnerabilities

Configuring Security on the Voice Network

CCNA 1 Chapter 2 v5.0 Exam Answers %

IOS and Configuration Basics

Configuring TACACS+ Finding Feature Information. Prerequisites for TACACS+

Overview of the Cisco NCS Command-Line Interface

Lab Configuring and Verifying Extended ACLs Topology

MiPDF.COM. 3. Which procedure is used to access a Cisco 2960 switch when performing an initial configuration in a secure environment?

Troubleshooting the Security Appliance

Troubleshooting. Testing Your Configuration CHAPTER

Lab Well-Known Port Numbers and Multiple Sessions

Configuring Cisco Prime NAM

Lab Guide 1 - Basic Configuration and Interface Configuration

CCNA 1 Chapter 2 v5.0 Exam Answers 2013

Configure Smartport Properties on a Switch through the CLI

Chapter 2. Switch Concepts and Configuration. Part II

Take Assessment - CCNA 607 Certification Practice Exam - CCNA 4 WAN Technologies Version 3.1

Configuring Passwords and Privileges

CCNA Security PT Practice SBA

Chapter 5 Router and IOS Basics

Cisco Router Security: Principles and Practise. The foundation of network security is router security.

Chapter 4 Lab A: Configuring CBAC and Zone-Based Firewalls

Hands-On Ethical Hacking and Network Defense 3 rd Edition

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Cisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 4.2

Lab Capturing and Analyzing Network Traffic

Lab Configuring an ISR with SDM Express

Password Recovery in ROM Monitor Mode

Lab Command Line Fundamentals Instructor Version 2500

Accessing the WAN Chapter 4 PART I Modified by Tony Chen 08/20/2008

Getting Started Using Cisco License Manager

Fundamentals of Network Security v1.1 Scope and Sequence

Welcome! APNIC Security Tutorial. Securing edge network devices. Overview

Exam E1 Copyright 2010 Thaar AL_Taiey

Lab 7 Configuring Basic Router Settings with IOS CLI

Lab Using the CLI to Gather Network Device Information Topology

1. Which OSI layers offers reliable, connection-oriented data communication services?

Interconnecting Cisco Networking Devices Part 1 ICND1

Configuring Switch-Based Authentication

Skills Assessment Student Training Exam

Password Recovery in ROM Monitor Mode

Network Infrastructure Filtering at the border. stole slides from Fakrul Alam

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

SYLLABUS. DIVISION: Business and Engineering Technology REVISED: FALL 2015 CREDIT HOURS: 4 HOURS/WK LEC: 4 HOURS/WK LAB: 0 LEC/LAB COMB: 4

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

2. What flavor of Network Address Translation can be used to have one IP address allow many users to connect to the global Internet? A. NAT B.

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

Configuring Security with Passwords, Privileges, and Logins

Lab Student Lab Orientation

This document is a tutorial related to the Router Emulator which is available at:

System Management Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9400 Switches)

Network Infrastructure Filtering at the border. PacNOG19 28th November - 2nd December 2016 Nadi, Fiji

Enterprise Network Security. Accessing the WAN Chapter 4

Skills Assessment Student Training

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

Lab 4.2.5a Connectivity Tests Ping

CCNA Semester 2 labs. Labs for chapters 2 10

Lab - Examining Telnet and SSH in Wireshark

Lab Router Configuration Using Setup Instructor Version 2500

Deployment of a new M-Lab site

Upgrading the Software

Easy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.

5. Execute the attack and obtain unauthorized access to the system.

Configuring Port-Based Traffic Control

2. INTRUDER DETECTION SYSTEMS

Chapter 4 The Internet

Lab Configuring Static Routes Instructor Version 2500

Smart Install Concepts

Getting Started with the VG248

Jaringan Komputer (CCNA-1)

Cisco CCNA (ICND1, ICND2) Bootcamp

CCNA 1 Final Exam Answers UPDATE 2012 eg.2

Lab Establishing and Verifying a Telnet Connection Instructor Version 2500

System Management Configuration Guide, Cisco IOS XE Fuji 16.9.x (Catalyst 9500 Switches)

Logging into the Firepower System

Prerequisites for Controlling Switch Access with Terminal Access Controller Access Control System Plus (TACACS+)

CounterACT 7.0 Single CounterACT Appliance

Skills Assessment Student Practice

User Security Configuration Guide, Cisco IOS Release 15MT

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Using Cisco IOS XE Software

Cisco WAAS Software Command Summary

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems

Note that you can also use the password command but the secret command gives you a better encryption algorithm.

Skills Assessment Student Training Exam

CCNA. Course Catalog

Management Software AT-S79. User s Guide. For use with the AT-GS950/16 and AT-GS950/24 Smart Switches. Version Rev.

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Transcription:

CCNA4 Chapter 4 * DoS Attacks DoS attacks are the most publicized form of attack and also among the most difficult to eliminate. DoS attacks prevent authorized people from using a service by consuming system resources. * Malicious Code Attacks The primary vulnerabilities for end-user workstations are worm, virus, and Trojan horse attacks. A worm executes code and installs copies of itself in the infected computer, which can infect other hosts. A virus is malicious software that is attached to another program for the purpose of executing a particular unwanted function on a workstation. A Trojan horse is that the entire application was written to look like something else, when in fact it is an attack tool. * Device Hardening Default usernames and passwords should be changed. Access to system resources should be restricted to only the individuals that are authorized. Any unnecessary services should be turned off. * Social Engineering Phishing is a type of social engineering attack that involves using e-mail in an attempt to trick others into providing sensitive information, such as credit card numbers or passwords. Phishing attacks can be prevented by educating users and implementing reporting guidelines when they receive suspicious e-mail. * The Network Security Wheel Step 1: Secure Secure the network by applying the security policy and implementing the following security solutions: Threat defense Stateful inspection and packet filtering Step 2: Monitor Monitoring security involves both active and passive methods of detecting security violations. The active method is to audit host-level log files. Passive methods include using IDS devices to detect intrusion. Step 3: Test The functionality of the security solutions implemented in step 1 and the system auditing and intrusion detection methods implemented in step 2 are verified.

Step 4: Improve With the information collected from the monitoring and testing phases, IDSs can be used to implement improvements. * A security policy includes the following: Identifies the security objectives of the organization. Documents the resources to be protected. Identifies the network infrastructure with current maps and inventories. Identifies the critical resources that need to be protected. * General security policies Statement of authority and scope Acceptable use policy (AUP) Identification and authentication policy Incident handling procedure and.. * DNS Risk The basic DNS protocol offers no authentication or integrity assurance. By default, name queries are sent to the broadcast address 255.255.255.255. * Cisco Auto Secure You can configure AutoSecure in privileged EXEC mode using the auto secure command in one of these two modes: Interactive mode - This mode prompts you with options to enable and disable services and other security features. This is the default mode. Non-interactive mode - This mode automatically executes the auto secure command with the recommended Cisco default settings. This mode is enabled with the no-interact command option. * What is Cisco SDM? The Cisco Security Device Manager (SDM) is a web-based device-management tool designed for configuring LAN, WAN, and security features on Cisco IOS software-based routers. Cisco SDM ships preinstalled by default on all new Cisco integrated services routers. SDM files can be installed on router, PC, or both.

* Configuring Router to Support SDM Step 1. Access the router's Cisco CLI interface using Telnet or the console connection Step 2. Enable the HTTP and HTTPS servers on the router Step 3 Create a user account defined with privilege level 15 (enable privileges). Step 4 Configure SSH and Telnet for local login and privilege level 15. * Starting Cisco SDM To launch the Cisco SDM use the HTTPS protocol and put the IP address of the router into the browser. The figure shows the browser with an address of https://198.162.20.1 and the launch page for Cisco SDM. When the username and password dialog box appears (not shown), enter a username and password for the privileged (privilege level 15) account on the router. * Cisco IOS File Naming Conventions * Using TFTP Servers Step 1. Ping the TFTP server to make sure you have access to it. Step 2. Verify that the TFTP server has sufficient disk space for the Cisco IOS image. Use the show flash: command to determine : Total amount of flash memory on the router Amount of flash memory available Name of all the files stored in the flash memory.

Step 3. Copy current file from the router to TFTP server, using the copy flash: tftp: command During the copy process, exclamation points (!) indicate the progress. Each exclamation point signifies that one UDP segment has successfully transferred. * Recovering a Lost Router Password You need physical access to the router. You connect your PC to the router through a console cable. Use the power switch to turn off the router, and then turn the router back on Press Break on the terminal keyboard within 60 seconds of power up to put the router into ROMmon Bypass Startup Type confreg 0x2142 at the rommon 1> prompt. This causes the router to bypass the startup configuration where the forgotten enable password is stored. Access NVRAM Reset Passwords

* Securing Routing Protocols OSPF The figure shows the commands used to configure routing protocol authentication for OSPF on router R1 on interface S0/0/0. The first command specifies the key that will be used for MD5 authentication. The next command enables MD5 authentication. * Vulnerable Router Services and Interfaces Services which should typically be disabled are. Cisco Discovery Protocol (CDP) - Use the no cdp run. Source routing - Use the no ip source-route command. Classless routing - Use the no ip classless command. Small services such as echo, discard, and chargen - Use the no service tcp-small-servers or no service udp-small-servers command. Finger - Use the no service finger command. BOOTP - Use the no ip bootp server command. HTTP - Use the no ip http server command. Remote configuration - Use the no service config. SNMP - Use the no snmp-server command.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback