Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
CCNA Security 210-260 Certification Guide

You're reading from   CCNA Security 210-260 Certification Guide Build your knowledge of network security and pass your CCNA Security exam (210-260)

Arrow left icon
Product type Paperback
Published in Jun 2018
Publisher Packt
ISBN-13 9781787128873
Length 518 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (3):
Arrow left icon
Glen D. Singh Glen D. Singh
Author Profile Icon Glen D. Singh
Glen D. Singh
Vijay Anandh Vijay Anandh
Author Profile Icon Vijay Anandh
Vijay Anandh
Michael Vinod Michael Vinod
Author Profile Icon Michael Vinod
Michael Vinod
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Exploring Security Threats FREE CHAPTER 2. Delving into Security Toolkits 3. Understanding Security Policies 4. Deep Diving into Cryptography 5. Implementing the AAA Framework 6. Securing the Control and Management Planes 7. Protecting Layer 2 Protocols 8. Protecting the Switch Infrastructure 9. Exploring Firewall Technologies 10. Cisco ASA 11. Advanced ASA Configuration 12. Configuring Zone-Based Firewalls 13. IPSec – The Protocol that Drives VPN 14. Configuring a Site-to-Site VPN 15. Configuring a Remote-Access VPN 16. Working with IPS 17. Application and Endpoint Security 18. Other Books You May Enjoy

Important terms in network security

Network security is a very broad concept; it starts with authenticating users and authorizing resources. It deals with security threats analysis and vulnerability checks.

Threats

A threat is the potential for an attacker to take advantage of a vulnerability on a system. An example of a threat can be a disgruntled employee who has been given a warning letter in an organization. This person may want to inflict harm to the company's network and has decided to research exploitation.

Some further examples of threats include malware, Denial of Service (DoS), and phishing.

Let's now discuss risk and countermeasure:

  • Risk: A risk is the likelihood of a threat actor taking advantage of a vulnerability that can attack a network system, which leads to damage to the network
  • Countermeasure: A countermeasure can be a combination of a process and a device that can act together as a safeguard against potential attacks, thereby reducing security risks
A firewall is configured with an access control list, and a server with security policies.

Vulnerability

Vulnerability is a weakness of the system, data, or any application, by which unauthorized persons can exploit it. Vulnerability on the network may occur due to various reasons:

  • Result of a malicious attack
  • Failure of a policy
  • Weakness of the system or a policy
  • Weakness of a protocol

Vulnerabilities are found in operating systems, routers, switches, firewalls, applications, antivirus software, and so on. An attacker uses these vulnerabilities to create a threat to the network. Generally, vulnerabilities arise due to high complexity or human error while developing an application and designing a network.

Analyzing vulnerability

Vulnerability analysis is the process of identifying security weaknesses on a computing platform or network. This aids the internal security team (blue team) in remediating any flaws that have been discovered. A security team is also responsible for conducting a vulnerability assessment to evaluate the cybersecurity risk and try to minimize/mitigate it as much as possible. Vulnerability assessments are usually conducted before and after applying any countermeasures within the organization. This helps with the evaluation process to determine whether the attack surfaces are reduced; it also ensures the proper practices are used and applied correctly.

The blue team is a group of individuals who's responsibilities are to perform security analysis on the information systems of an organization.

When an administrator dealing with security installs a patch on the endpoint security tool, there are chances of manual errors or misconfigurations in the tool that may open a door for a hacker to attack the node.

Periodic vulnerability testing/analysis is essential in such situations.

Vulnerability assessments have the following advantages:

  • Help administrators to keep their data safe from hackers and attackers, which eliminates business risks.
  • Vulnerability assessment tools help administrators to check for loopholes in the network architecture. These tools also examine whether there are any possible destructive actions that can cause damage to your application, software, or network.
  • Vulnerability assessment tools detect attack pathways that may get missed in manual assessment, which increases the ROI.

Before performing a vulnerability assessment, the administrators should create a test plan, develop a threat model and verify the URLs, and access credentials.

There are two ways of conducting a vulnerability assessment. The first one is the automated dynamic scanning and the other is the manual Vulnerability and Penetration Testing (VAPT).

In the automated method, a tool, such as Burp Suite Pro, IBM Rational AppScan, is used to scan the application and find security flaws. The manual testing is performed in the following steps:

  1. Check SQL injection, XML injection, and LDAP injection flaws
  2. Inspect poor authentication methods and cracked login processes
  3. Inspect cookies and other session details
  4. Inspect the default settings in the security configurations in the devices
  5. Inspect broken encryption algorithms and other ciphers to secure the communications

Choose either automatic or manual testing methods to verify the scan results, collect evidence, and complete the reports.

You have been reading a chapter from
CCNA Security 210-260 Certification Guide
Published in: Jun 2018
Publisher: Packt
ISBN-13: 9781787128873
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime