CCSP-Cisco Certified Security Professional

External threats are threats from individuals outside the organization, often using the Internet or dial-up access. These attackers don’t have authorized access to the systems. In trying to categorize a specific threat, the result could ... [full story]

Internal threats originate from individuals who have or have had authorized access to the network. This could be a disgruntled employee, an opportunistic employee, or an unhappy past employee whose access is still active. In the case of a past ... [full story]

Structured threats are more focused by one or more individuals with higher-level skills actively working to compromise a system. The targeted system could have been detected through some random search process, or it might ... [full story]

Unstructured threats often involve unfocused assaults on one or more network systems, often by individuals with limited or developing skills. The systems being attacked and infected are probably unknown to the perpetrator. These attacks are often the result of people ... [full story]

In an attempt to categorize threats both to understand them better and to help in planning ways to resist them, the following four categories are typically used. Unstructured threats Structured threats Internal threats External threats [full story]

Many network devices have default settings that emphasize performance or ease of installation without regard for security issues. Installation without adequate attention to correcting these settings could create serious potential problems. Some common configuration issues include the following: Ineffective access control ... [full story]

Policy weakness is a catchall phrase for company policies, or a lack of policies, that inadvertently lead to security threats to the network system. Chapter 2 covers in detail the importance and implementation of a written security policy, which is ... [full story]

Whether IOS based or embedded in the circuitry, such as application-specific integrated circuit (ASIC), network devices can have vulnerabilities, often called “holes,” that can be exploited. Some might lay dormant for years until someone stumbles across one, and either exploits ... [full story]

Regardless of the manufacturer or whether it’s an open standard or proprietary product, every operating system (OS) has vulnerabilities that need to be addressed through patches, upgrades, and best practices. Every time a major upgrade comes out, the possibility for ... [full story]

Starting right at the top, TCP/IP wasn’t designed with security as a high priority. One of the drawbacks to being the first at anything is the inability to see how others might manipulate and transform a technology into something else. ... [full story]

Every technology has some known or unknown inherent weaknesses, or vulnerabilities that can be exploited by a sufficiently motivated troublemaker. Some weaknesses are publicized widely in the media because they’re associated with a well-known product. Don’t fall into the faulty ... [full story]

While many causes exist for security problems, at least three types of fundamental weaknesses open the door to security problems. Technology weakness Policy weakness Configuration weakness Obviously, we could probably add human weakness and some others, but our purpose is to concentrate on those ... [full story]

Pointing at the Internet and indicating that as the point in time when security had to become a part of everyone’s computing strategy is easy. Business and individuals alike were faced with protecting their computing resources from the many possible ... [full story]

Overview In this page, you will learn to: Identify the need for network security Recognize the causes of network security problems Distinguish the four primary types of threats Know the four primary types of network attack Discover Cisco AVVID and SAFE, and how they relate to ... [full story]