Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Network Security Threats Review

Network Security Threats Review

Jul 06,2009 by alperen

small font medium font large font
image

Technologies like the Internet, wireless connectivity, instant messaging, and others have introduced new levels of concern for network security. In addition to providing additional access points to the network, the Internet is also a reference resource for hackers and security experts. Unfortunately, no rules or limitations exist on the information that can be posted, so it’s easy for harmful information to be widely distributed.

The secure network design example is to lay a basic design foundation for discussions throughout the book. Basically, three types of networks are separated by a firewall device, which can be a router running firewall features, a server running firewall features, or a dedicated firewall device. The three types of networks are the following:

  • Inside Those trusted hosts and networks that make up the area to be protected.

  • Outside Those hosts and networks that pose a threat to the inside network. In many cases, the outside includes a perimeter router, the ISP, the Internet, and any networks attached to it.

  • DMZ A network of shared servers, or bastion hosts, that provide resources to both the outside network and the inside network users.

The firewall configuration allows relatively free access from the outside to the DMZ; access from the DMZ to the inside is limited to sessions originating inside; and access from the outside to the inside is generally blocked, except in rare well-protected exceptions.

The three most common weaknesses or vulnerabilities that cause network security problems include technology weaknesses, such as IP or OS holes; policy weaknesses, such as missing or weak security policies; and configuration weaknesses, such as insecure default settings.

The four primary threat designations are unstructured, structured, inside, and outside. These designations can be used in combinations like outside�"unstructured to better define the type of attack.

The four most common attack types include reconnaissance attacks, access attacks, denial of service attacks, and data manipulation attacks. Many references, including the PIX Firewall exam, consider data manipulation attacks to be variations of access attacks.

Cisco Architecture for Voice, Video, and Integrated Data (AVVID) and SAFE are Cisco-comprehensive strategies that help organizations to successfully and securely develop and implement end-to-end network designs.


230 times read

Related news
» Demilitarized Zone (DMZ)
by alperen posted on Jul 06,2009
» Demilitarized Zone (DMZ)-Network-Cisco
by alperen posted on Aug 28,2009
» Inside Network 2
by alperen posted on Aug 28,2009
» Firewall DMZ Cisco Network
by alperen posted on Aug 28,2009
» Reconnaissance Attacks
by admin posted on Nov 24,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.