Upload
bmashrequi
View
220
Download
0
Embed Size (px)
Citation preview
8/11/2019 CIW Security
1/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Web Security
Associate
8/11/2019 CIW Security
2/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 1:
What Is Security?
8/11/2019 CIW Security
3/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 1 Objectives
1. Define security2. Identify the importance of network security
3. Identify potential risk factors for data security,including improper authentication
4. Identify security-related organizations, warning
services and certifications
5. Identify key resources that need specializedsecurity measures
6. Identify the general types of securitythreat/attacker
7. Select security equipment and software based onease of use
8/11/2019 CIW Security
4/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Network Security Background
Internet-related security threats: Security problems with browsers
Attacks by hackers
Threats from viruses
Internet inherently insecure
8/11/2019 CIW Security
5/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Network Security Background
Sophistication of Tools vs. Technical Knowledge
8/11/2019 CIW Security
6/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
What Is Security
Local area networks (LANs)
Wide area networks (WANs)
Virtual private networks (VPNs)
Network perimeters Illicit servers (service or daemon installed on a host, allow unauthorized remote users)
Trojans (e.g. Netbus170 form https://packetstormsecurity.com)
Securityas a conditionis the degree of resistance to, or protection from, harm. It
applies to any vulnerable and valuable asset, such as a person, dwelling,community, nation, or organization. Establishing or maintaining a sufficient degreeof security is the aim of the work, structures, and processes called "security.
Securityin a networking environment is the ability to identify and eliminate threatsand vulnerabilities.
CIW:
Wikipedia:
8/11/2019 CIW Security
7/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Hacker Statistics(www.cert.org/stats)
Reported incidents have risen steadily: From 252 in 1990
To 9,859 in 1999
To 137,529 in 2003
Total vulnerabilities cataloged have also risen steadily:
From 417 in 1999
To 3,784 in 2003
To 7,236 in 2007
According to U.S. Federal Bureau of investigation (www.fbi.gov)
Losses due to security breaches are estimated at $67.2billion (2005)
8/11/2019 CIW Security
8/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
The Myth of100-Percent Security
Balance in security Security policies
8/11/2019 CIW Security
9/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Attributes of anEffective Security Matrix
Allows access control Access given to legitimate users only
Max. the ability to communicate and Min. possibility of hacker access
Min. the possibility for damage in the event of hacker access
Easy to use
Appropriate cost of ownership Initial cost, upgrading cost and services
Cost of administration, no. of employees, skill level
Flexible and scalable Allows the company to do the business
The system can grow as the company grows
Superior alarming and reporting Logs and notifications
alerts to administrators
8/11/2019 CIW Security
10/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
What You AreTrying to Protect
Assets to protect:
End-user resources Windows XP, 2003, Linux or Macintosh hosts used by employees.
Potential Threat: Viruses, Trojans, and java applets can damage localsystems. End users can also introduce problems through illicit activity
Network resources Routers, Switches, Wiring closets, telephony
Potential Threat: IP spoofing, system snooping and obtaining information
Server resources Potential Threat: Unauthorized entry, interrupted service and Trojans.
Server resources are the primary in most cases
Information-storage resources Human resources and e-commerce database
Potential Threat: Obtaining trade secrets, customer data and so forth.
8/11/2019 CIW Security
11/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Who Is the Threat?
Casual attackers thrill seeker (he/she hacking systems simply because it is there
They can be stopped with the proper application of security
Determined attackers The will gain access to your system, regardless of difficulty or
consequences
Get access via internet or by manipulating careless or uninformedemployee
Spies and industrial espionage Their aim is to gain information or disrupt service
Auditing is the most effective tool to stop such hackers
Using auditing result to contact the law enforcement agencies such aslocal authorities.
End users End users constitute the first line of defense in network security End users may cause network problem through ignorance, carelessness,
or luck of effective and continual awareness training
To solve: short training at the time of hire continual training Reminders
Explain common procedures Do not ignore end user
8/11/2019 CIW Security
12/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Security Standards
Security Services (ISO 7498-2)
Defines the security as minimizing the vulnerability of assets and resources
Authentication
Access control
Data confidentiality
Data integrity Non-repudiation
Security mechanisms
Other government and industry standards in
addition to ISO 7498-2
8/11/2019 CIW Security
13/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 1 Summary
Define security Identify the importance of network security
Identify potential risk factors for data security,including improper authentication
Identify security-related organizations, warning
services and certifications Identify key resources that need specialized
security measures
Identify the general types of securitythreat/attacker
Select security equipment and software based onease of use
8/11/2019 CIW Security
14/148Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 2:
Elements of Security
8/11/2019 CIW Security
15/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 2 Objectives
1.1.7: Identify ways in which increased security mechanisms canresult in increased latency
1.1.8: Define the significance of a security policy
1.1.9: Identify and develop basic components of an effectivesecurity policy
1.1.10: Identify the key user authentication methods
1.1.11: Define the significance of access control methods
1.1.12: Define the functions of access control lists (ACLs) andexecution control lists (ECLs)
1.2.1: Identify the three main encryption methods used ininternetworking
1.2.5: Identify the importance of auditing
1.2.6: Select security equipment and software based on ease of
use 1.2.7: Identify security factors related to transmission of
unencrypted data across the network
1.2.9: Identify the significance of encryption in enterprise networks
8/11/2019 CIW Security
16/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Security Elementsand Mechanisms
Audit Administration
Encryption Access Control
User Authentication
Corporate Security Policy
Elements of effective security
8/11/2019 CIW Security
17/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
Allows you to build an effective securityinfrastructure
It must provide guidance for the entireorganization and is the first line of defense inestablishing secure systems use
It should not conflict with bussiness goal
8/11/2019 CIW Security
18/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
To reduce the risk, you should take the following steps:
Classify systems
Prioritize resources
Assign risk factors
Define acceptable and unacceptableactivities
Define security measures to apply toresources
Define education standards for employees
Determine who is responsible for
administering the policies
8/11/2019 CIW Security
19/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
Classify systems
You must identify and then classify systems and Data
based on their importance to the organization Level 1:central to business operation e.g.
Web server, Employee Database, e-mailserver
Level 2:needed but are not critical to dailyoperation. Though they cannot be down forlong, a day or two of lost time would notcripples the company
Level 3:whose loss does not affect operations
e.g. A user PC desktop
8/11/2019 CIW Security
20/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
Prioritize resources
After classification, you should create a prioritized threat
list and an action list, prioritized by system, in your securityimplementation plan.
8/11/2019 CIW Security
21/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
Prioritize resources
After classification, you should create a prioritized threat
list and an action list, prioritized by system, in your securityimplementation plan.
Assign risk factors
A risk factor is the likelihood that a hacker would
attack a resource. Risk factors should be determined for each resource
you have defined
Rule: the more sensitive the resource, the higher the riskfactor.
PeopledrivePolicy
PolicyGuides
Technology
technologyservesPeople
Policy and Technology
8/11/2019 CIW Security
22/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
Define acceptable and unacceptable activities
The security implementation should specify both
acceptable (permitted) and unacceptable (forbidden)activity. It varies form one organization to another.
Define security measures to apply to resources
You must determine the appropriate security
techniques for each elements in your network E.g. Firewall and using encryption
List the measures that you will implement with eachresource, e.g. implement packet filtering
8/11/2019 CIW Security
23/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
The Security Policy
Define education standards for employees
The best way to achieve effective security is to teach the
members of an organization about the key securityprinciples.
Determine who is responsible for administering thepolicies
The security policy should list the parties responsible forsecuring specific systems
Separating security management form systemadministration helps ensure that audits are properlyconducted and that goal are met.
8/11/2019 CIW Security
24/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Determining Backups
To recover data lost due to an attack:
Enable a backup device
e.g. Imaging server, Tape backup, external Hard
disk, etc. Enable a backup service
Backup data to a third party (online)
8/11/2019 CIW Security
25/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Encryption
It is the process of making somethingreadable only to the intended recipients.
It can be occur at both the network anddocument levels
8/11/2019 CIW Security
26/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Encryption
Encryption categories
Symmetric (private key cryptography)
Uses the same key for encryption and decryption
Asymmetric (public key cryptography) Encrypt data using a key pair (private & public key)
One used to encrypts, the other used to decrypt
Hash Encrypts data using a mathmatical equation calleda hash function
Creates a hash code, which is a fixed-lengthrepresentation of a message
8/11/2019 CIW Security
27/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Encryption
Unencrypted data can be sniffed by packet sniffers(e.g. wireshark)
Encryption services
Data confidentiality
To ensure that only the intended recipients ofinformation can view it.
Data integrity
Using hash to determine if the data has been modified
Authentication
Digital signature provide authentication (who are you)
Non-repudiation
Digital signatures allow users to prove that aninformation exchange actually occurred.
8/11/2019 CIW Security
28/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Encryption
Encryption strength
It is based on three factors Algorithm strength
Use tested industry standard
Security of the keyNo algorithm will protect you form compromised key
Length of the key
The greater length of the key, the longer it will taketo break.
Adding a bit to the length of the key double thenumber of possible keys (2n)
8/11/2019 CIW Security
29/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Authentication
Authentication methods
What you knowPassword, pin code, etc.
What you have
Entry card, smart cad, token, etc.
Who you are
The science of mapping physical, biologicalcharacteristics to individual identity.
e.g. fingerprint, hand geometry, voicerecognition, retinal scans, Iris scans, face
recognition and Vascular patterns. Where you are
The weakest authentication, based on yourlocation (e.g. your IP local or outside)
Specific
8/11/2019 CIW Security
30/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
SpecificAuthentication Techniques
Kerberos Its a key management scheme that authenticatesunknown principals who want to communicate witheach other securely (e.g. people, servers,
One-time passwords (OTP)
8/11/2019 CIW Security
31/148
8/11/2019 CIW Security
32/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Auditing
Passive auditing Active auditing
8/11/2019 CIW Security
33/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Security Tradeoffsand Drawbacks
Increased complexity
Slower system response time
Consider:
Ease of installation An intuitive interface
Effective customer support
8/11/2019 CIW Security
34/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 2 Summary
1.1.7: Identify ways in which increased security mechanisms canresult in increased latency
1.1.8: Define the significance of a security policy
1.1.9: Identify and develop basic components of an effectivesecurity policy
1.1.10: Identify the key user authentication methods
1.1.11: Define the significance of access control methods
1.1.12: Define the functions of access control lists (ACLs) andexecution control lists (ECLs)
1.2.1: Identify the three main encryption methods used ininternetworking
1.2.5: Identify the importance of auditing
1.2.6: Select security equipment and software based on ease ofuse
1.2.7: Identify security factors related to transmission ofunencrypted data across the network
1.2.9: Identify the significance of encryption in enterprise networks
8/11/2019 CIW Security
35/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 3:
Applied Encryption
8/11/2019 CIW Security
36/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 3 Objectives
1.2.2: Define symmetric (private-key) encryption 1.2.3: Define asymmetric (public-key) encryption, including
distribution schemes, Public Key Infrastructure (PKI)
1.2.4: Define one-way (hash) encryption
1.2.8: Identify the function of parallel processing in relationto cryptography
1.2.10: Identify the impact of encryption protocols andprocedures on system performance
1.2.11: Create a trust relationship using public-keycryptography
1.2.12: Identify specific forms of symmetric, asymmetric and
hash encryption, including Advanced EncryptionStandard (AES)
1.4.1: Deploy Pretty Good Privacy (PGP) / Gnu PrivacyGuard (GPG) in Windows and Linux/UNIX systems
8/11/2019 CIW Security
37/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Reasons to Use Encryption
Make data confidential
Help authenticate users
Ensure data integrity
8/11/2019 CIW Security
38/148
8/11/2019 CIW Security
39/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Symmetric-KeyEncryption
One key is used to encrypt and decryptmessages
Benefits
Fast and strong
Difficult to change the key regularly
Drawbacks
Key distribution
8/11/2019 CIW Security
40/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Symmetric-Key Algorithms
Data EncryptionStandard (DES)
Triple DES
Symmetric
algorithms createdby RSA SecurityCorporation
International Data
EncryptionAlgorithm (IDEA)
Blowfish Twofish
Skipjack
MARS
Rijndael
Serpent
AdvancedEncryption
Standard (AES)
Asymmetric-Key
8/11/2019 CIW Security
41/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Asymmetric KeyEncryption
Uses a key pair in the encryption process. A key
pair is a mathematically matched key set inwhich one half of the pair encrypts, and theother half decrypts (what Aencrypts, Bdecryptsand what Bencrypts, Adecrypts)
Benefits So difficult/time consuming to get private key form public key
Public key can be distributed via the Internet
Drawbacks Slow (intensive Mathematical equitation required)
Asymmetric-Key
8/11/2019 CIW Security
42/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Asymmetric KeyEncryption
How do browsers use public-key encryption?
After your Web browser recognizes that aWeb servers certificate has been assignedby trusted authority, the SSL sessionautomatically, as long as the browser verifies
that:
The certificate has been signed by a trusted authority
The Web server has the same name as given un the certificate
The certificate is still valid and has not expired
If any of these checks fails, most of Web browsers will warn you andask if you want to proceed
Asymmetric-Key
8/11/2019 CIW Security
43/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Asymmetric KeyEncryption
Asymmetric-key encryption elements
RSA DSA
Diffie-Hellman
8/11/2019 CIW Security
44/148
8/11/2019 CIW Security
45/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
AppliedEncryption Processes
PGP and GPG
Secure MIME
Proprietary asymmetric encryption Encrypting drives
Secure Sockets Layer (SSL) and SecureHTTP
Transport Layer Security / Secure SocketsLayer (TLS/SSL)
8/11/2019 CIW Security
46/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Encryption Review
Encryption Authentication
Key
Symmetric-key (private-key) encryption
Asymmetric-key (public-key) encryption
Message integrity by hash mark and signature
8/11/2019 CIW Security
47/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 3 Summary
1.2.2: Define symmetric (private-key) encryption
1.2.3: Define asymmetric (public-key) encryption,including distribution schemes, Public KeyInfrastructure (PKI)
1.2.4: Define one-way (hash) encryption
1.2.8: Identify the function of parallel processing in relation
to cryptography 1.2.10: Identify the impact of encryption protocols andprocedures on system performance
1.2.11: Create a trust relationship using public-keycryptography
1.2.12: Identify specific forms of symmetric, asymmetric
and hash encryption, including AdvancedEncryption Standard (AES)
1.4.1: Deploy Pretty Good Privacy (PGP) / Gnu PrivacyGuard (GPG) in Windows and Linux/UNIX systems
8/11/2019 CIW Security
48/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 4:Types of Attacks
8/11/2019 CIW Security
49/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 4 Objectives
1.2.5: Identify the importance of auditing 1.4.3: Identify specific types of security
attacks
1.4.4: Identify a brute-force attack
1.4.5: Identify a dictionary attack 1.4.6: Identify routing issues and security
1.4.7: Determine the causes and results ofa denial-of-service (DOS) attack
1.4.8: Recognize attack incidents
1.4.9: Distinguish between illicit serversand trojans
8/11/2019 CIW Security
50/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Network Attack Categories
Brute force Dictionary
System bugs
Back doors
Malware
Social engineering
Denial of service (DOS)
Distributed denial ofservice (DDOS)
Spoofing
Scanning
Man in the middle
Bots and botnets SQL injection
8/11/2019 CIW Security
51/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Brute-Force andDictionary Attacks
Brute-force attack
Repeated access attempts
Dictionary attack
Customized version of brute-force attack
8/11/2019 CIW Security
52/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
System Bugsand Back Doors
Bug
Unintentional flaw in a program
Back door
Deliberately-placed opening in anoperating system
Buffer overflow
8/11/2019 CIW Security
53/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Malware(Malicious Software)
Viruses
Worms
Trojans and root kits
Illicit servers Logic bombs
Zero-day attacks
Managing viruses, worms and illicit programs
Avoiding viruses, worms and trojans
8/11/2019 CIW Security
54/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Social Engineering Attacks
Call and ask for password Fake e-mail
Phishing
Pharming
Securing desktops
8/11/2019 CIW Security
55/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Denial-of-Service (DOS) Attacks
Flooding Malformed packets
Teardrop/Teardrop2
Ping of Death
Land attack Miscellaneous attacks
Physical denial-of-service attacks
8/11/2019 CIW Security
56/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Distributed Denial-of-Service (DDOS) Attacks
Components: Controlling application
Illicit service
Zombie
Target Smurf and Fraggle attacks
Ways to diagnose DOS and DDOS attacks
Mitigating vulnerability and risk
Unintentional DOS
8/11/2019 CIW Security
57/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Spoofing Attacks
IP spoofing ARP spoofing
DNS spoofing
Spoofing and traceback
Protecting against spoofing attacks
8/11/2019 CIW Security
58/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Scanning Attacks
Stack fingerprinting and operating systemdetection
Sequence prediction
Network Mapper (Nmap)
8/11/2019 CIW Security
59/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Man-in-the-Middle Attacks
Packet sniffing and network switches Connection hijacking
Registration hijacking
Voicemail compromises
Impersonated calls DNS and ARP cache poisoning
Avoiding man-in-the-middle attacks
8/11/2019 CIW Security
60/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Bots and Botnets
Bot Software application that runs automated,
repetitive tasks over the Internet
Botnet
Group of computers infected with a bot Avoiding bot attacks
8/11/2019 CIW Security
61/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
SQL Injection
SQL injection Hacking technique in which malicious
code is inserted into SQL command strings
Preventing SQL injection attacks
8/11/2019 CIW Security
62/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Auditing
Checking password databases regularly Checking log files
Scanning systems
Identifying information leakage
Necessary information Unnecessary information
8/11/2019 CIW Security
63/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 4 Summary
1.2.5: Identify the importance of auditing
1.4.3: Identify specific types of securityattacks
1.4.4: Identify a brute-force attack
1.4.5: Identify a dictionary attack 1.4.6: Identify routing issues and security
1.4.7: Determine the causes and results ofa denial-of-service (DOS) attack
1.4.8: Recognize attack incidents 1.4.9: Distinguish between illicit servers
and trojans
8/11/2019 CIW Security
64/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 5:Recent Networking
Vulnerability Considerations
8/11/2019 CIW Security
65/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 5 Objectives
1.1.3: Identify potential risk factors for data security,including improper authentication
1.2.5: Identify the importance of auditing
1.4.3: Identify specific types of security attacks
1.4.8: Recognize attack incidents
Additional topics:
Security issues associated with wireless networktechnologies
Security issues associated with convergence networkingtechnologies
Security issues associated with Web 2.0 technologies
Additional security issues, including greynet applications,data at rest, trusted users within an organization,anonymous downloads and indiscriminate link-clicking
8/11/2019 CIW Security
66/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Wireless NetworkTechnologies and Security
Wireless Ethernet elements
Wireless signals
FHSS
DSSS
OFDM
8/11/2019 CIW Security
67/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
IEEE 802.11Wireless Standards
802.11 (WiFi)
802.11a
802.11b
802.11e
802.11g
802.11h
802.11i
802.11n (most current)
8/11/2019 CIW Security
68/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Wireless Networking Modes
Ad-hoc mode Infrastructure mode
Wireless access points (APs)
Wireless cells
Authentication types in wireless networks BSSID
SSID
Wireless AP beacon
Host association
8/11/2019 CIW Security
69/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
WirelessApplication Protocol (WAP)
WAP services:
Uniform scripting standards for wirelessdevices
A method of encrypting devices from
WAP-enabled phones
Wireless Transport Layer Security (WTLS):
WTLS benefits
Problems with WTLS
Languages used in WAP
8/11/2019 CIW Security
70/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
WirelessNetwork Security Problems
Cleartext transmission
Access control
Unauthorized APs and wireless systems
Corporate users participating in ad hocnetworks
Weak and/or flawed encryption
Encryption and network traffic
War driving
8/11/2019 CIW Security
71/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
WirelessNetwork Security Solutions
WEP
MAC address filtering
WPA2 (802.11i)
IEEE 802.1x
RADIUS
Physical and configuration solutions
8/11/2019 CIW Security
72/148
8/11/2019 CIW Security
73/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
ConvergenceNetworking and Security
Convergence technologies and equipment:
Private Branch Exchange (PBX)
Voice over IP (VoIP) devices
End-user telephone connections
Virtual LANs (VLANs)
VLAN hopping
Firewall conflicts
DNS loops
8/11/2019 CIW Security
74/148
8/11/2019 CIW Security
75/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Greynet Applications
Instant messaging (IM) Peer-to-peer (P2P) applications
File transfer and the 8.3 naming convention
Securing IM and P2P
8/11/2019 CIW Security
76/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Vulnerabilitieswith Data at Rest
Data on network drives and in network shares
Data on vulnerable systems
Database data and SQL injection
i
8/11/2019 CIW Security
77/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Security Threatsfrom Trusted Users
Security breaches due to:
Carelessness
Noncompliance with established securitymeasures
Following inadequate security policies
l d
8/11/2019 CIW Security
78/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Anonymous Downloadsand Indiscriminate Link-Clicking
Poisoned Web sites
Drive-by downloads
Guidelines to help avoid contact withpoisoned Web sites
8/11/2019 CIW Security
79/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 5 Summary 1.1.3: Identify potential risk factors for data security,
including improper authentication
1.2.5: Identify the importance of auditing
1.4.3: Identify specific types of security attacks
1.4.8: Recognize attack incidents
Additional topics: Security issues associated with wireless network
technologies
Security issues associated with convergence networkingtechnologies
Security issues associated with Web 2.0 technologies
Additional security issues, including greynet applications,data at rest, trusted users within an organization,anonymous downloads and indiscriminate link-clicking
8/11/2019 CIW Security
80/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 6:General Security Principles
8/11/2019 CIW Security
81/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 6 Objectives
1.3.1: Identify the universal guidelines andprinciples of effective network security
1.3.2: Define amortization and chargebackissues related to network securityarchitectures
1.3.3: Use universal guidelines to createeffective specific solutions
C
8/11/2019 CIW Security
82/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
CommonSecurity Principles
Be paranoid
Have a securitypolicy
No system or
technique standsalone
Minimize damage
Deploy company-
wide enforcement
Provide training
Integrate securitystrategies
Place equipment
according to needs
Identify securitybusiness issues
Consider physical
security
8/11/2019 CIW Security
83/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 6 Summary
1.3.1: Identify the universal guidelines andprinciples of effective network security
1.3.2: Define amortization and chargebackissues related to network securityarchitectures
1.3.3: Use universal guidelines to createeffective specific solutions
8/11/2019 CIW Security
84/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 7:Protocol Layers
and Security
8/11/2019 CIW Security
85/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 7 Objectives
1.3.4: Identify potential threats at differentlayers of the TCP/IP stack
1.3.7: Secure TCP/IP services, includingHTTP, FTP
1.4.6: Identify routing issues and security 1.4.7: Determine the causes and results of a
denial-of-service (DOS) attack
8/11/2019 CIW Security
86/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
TCP/IP Security Introduction
TCP/IP protocol stack TCP/IP and network security
8/11/2019 CIW Security
87/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
OSI Reference Model Review
Application layer Presentation layer
Session layer
Transport layer
Network layer Data link layer
Physical layer
8/11/2019 CIW Security
88/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Data Encapsulation
The TCP/IP Stack
8/11/2019 CIW Security
89/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
The TCP/IP Stackand the OSI Reference Model
8/11/2019 CIW Security
90/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Link/Network Access Layer
Media that defines this layer:
Fiber
Coaxial cable
Twisted pair
Free space (infrared, short-range wireless,microwave, satellite)
Network topologies
8/11/2019 CIW Security
91/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Network/Internet Layer
Internet Protocol (IP)
Packets are not signed
Packets are not encrypted
Packets can be manipulated easily
Internet Control Message Protocol (ICMP) ICMP message types
Why block ICMP?
8/11/2019 CIW Security
92/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Transport Layer
Transmission Control Protocol (TCP)
The TCP handshake
The TCP header
Establishing a TCP connection:
SYN and ACK Terminating a TCP connection:
FIN and ACK
User Datagram Protocol (UDP)
Ports
8/11/2019 CIW Security
93/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Application Layer
File Transfer Protocol (FTP)
Active FTP
Passive FTP
Hypertext Transfer Protocol (HTTP)
Telnet Simple Network Management Protocol
(SNMP)
Domain Name System (DNS)
Additional application layer protocols
8/11/2019 CIW Security
94/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Protocol Analyzers
Monitor network traffic to identify networktrends
Identify network problems and send alertmessages
Identify specific problems
Test network connections, devices andcables
8/11/2019 CIW Security
95/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 7 Summary
1.3.4: Identify potential threats at differentlayers of the TCP/IP stack
1.3.7: Secure TCP/IP services, includingHTTP, FTP
1.4.6: Identify routing issues and security
1.4.7: Determine the causes and results of adenial-of-service (DOS) attack
8/11/2019 CIW Security
96/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 8:Securing Resources
8/11/2019 CIW Security
97/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 8 Objectives
1.3.5: Consistently apply security principles
1.3.6: Identify ways to protect operating systems,routers and equipment against physical attacks
1.3.7: Secure TCP/IP services, including HTTP, FTP
1.3.8: Identify the significance of testing and
evaluating systems and services 1.3.9: Identify network security management
applications, including network scanners,operating system add-ons, log analysis tools
1.4.7: Determine the causes and results of a denial-of-
service (DOS) attack
TCP/IP
8/11/2019 CIW Security
98/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
TCP/IPSecurity Vulnerabilities
Internet Protocol version 4 (IPv4) Internet Protocol version 6 (IPv6)
Determining which IP version to implement
8/11/2019 CIW Security
99/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Implementing Security
Publish the security policy
Categorize resources and needs
Secure each resource and service
Log, test and evaluate
Repeat the process and keep current
8/11/2019 CIW Security
100/148
Web Security AssociateCopyright 2010 Certification Partners, LLC -- All Rights Reserved
Resources and Services
Protecting services
Protect against profiling
Coordinate methods and techniques
Protect services by changing default
settings Remove unnecessary services
8/11/2019 CIW Security
101/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Protecting TCP/IP Services
Specialized accounts
The Web Server
CGI scripts
CGI and programming
Securing Apache2 FTP servers
Access control
Simple Mail
8/11/2019 CIW Security
102/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Simple MailTransfer Protocol (SMTP)
The Internet Worm Buffer overflows
The Melissa virus
Access control for e-mail
E-mail and virus scanning
h i l S it
8/11/2019 CIW Security
103/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Physical Security
Protecting the network against commonphysical attacks
Ensuring access control
Securing wireless cells
Shielding network equipment Securing removable media
Controlling the environment
Fire detection and suppression
T ti S t
8/11/2019 CIW Security
104/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Testing Systems
Testing existing systems
Implementing a new system or testing a newsecurity setting
Security
8/11/2019 CIW Security
105/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
SecurityTesting Software
Specific tools Network scanners
Operating system add-ons
Logging and log analysis tools
S it d R titi
8/11/2019 CIW Security
106/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Security and Repetition
Understanding the latest exploits
Continually improve and test your securitysystem
L 8 S
8/11/2019 CIW Security
107/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 8 Summary
1.3.5: Consistently apply security principles
1.3.6: Identify ways to protect operating systems,routers and equipment against physical attacks
1.3.7: Secure TCP/IP services, including HTTP, FTP
1.3.8: Identify the significance of testing and evaluating
systems and services 1.3.9: Identify network security management
applications, including network scanners,operating system add-ons, log analysis tools
1.4.7: Determine the causes and results of a denial-of-
service (DOS) attack
8/11/2019 CIW Security
108/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9:Firewalls and
Virtual Private Networks
L 9 Obj ti
8/11/2019 CIW Security
109/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Objectives
1.1.3: Identify potential risk factors for data security,
including improper authentication 1.2.3: Define asymmetric (public-key) encryption,
including distribution schemes, Public KeyInfrastructure (PKI)
1.4.2: Define IPSec concepts
1.4.6: Identify routing issues and security 1.5.1: Define the purpose and function of various firewall
types
1.5.2: Define the role a firewall plays in a company'ssecurity policy
1.5.3: Define common firewall terms 1.5.4: Identify packet filters and their features
1.5.5: Identify circuit-level gateways and their features
L 9 Obj ti
8/11/2019 CIW Security
110/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Objectives (contd)
1.5.6: Identify application-level gateways and their
features
1.5.7: Identify features of a packet-filtering firewall,including rules, stateful multi-layer inspection
1.5.8: Identify fundamental features of a proxy-basedfirewall (e.g., service redirection, service passing,
gateway daemons), and implement proxy-levelfirewall security
1.5.9: Define the importance of proxy caching relatedto performance
1.6.1: Implement a packet-filtering firewall
1.6.2: Customize your network to manage hackeractivity
Definition and
8/11/2019 CIW Security
111/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Description of a Firewall
Firewall Demilitarized zone (DMZ)
Daemon
8/11/2019 CIW Security
112/148
Firewall Terminology
8/11/2019 CIW Security
113/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Terminology
Packet filter
Proxy server
Application-layer proxy
Circuit-level proxy
Network Address Translation (NAT) Bastion host
Operating system hardening
Screening and choke routers
Demilitarized zone (DMZ)
Web security gateway
Firewall Configuration Defaults
8/11/2019 CIW Security
114/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Configuration Defaults
By default, a firewall can be configured toeither:
Deny all traffic, in which case you wouldspecify certain types of traffic to allow inand out of your network
Allow all traffic, in which case you wouldspecify certain types of traffic to deny
Creating
8/11/2019 CIW Security
115/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
gPacket Filter Rules
Process Rules and fields
Standard FTP clients and creating packet filterrules
Passive FTP clients and packet filter rules
Packet Filter
8/11/2019 CIW Security
116/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Advantages and Disadvantages
Drawbacks Stateful multi-layer inspection
Popular packet-filtering products
Using the ipchainsand iptablescommands in
Linux
Configuring
8/11/2019 CIW Security
117/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Proxy Servers
Recommending a proxy-oriented firewall Proxy server advantages and features
Authentication
Logging and alarming
Caching
Fewer rules
Reverse proxies and proxy arrays
Proxy server drawbacks Client configuration
Speed
URL Filtering
8/11/2019 CIW Security
118/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
URL Filtering
Techniques to filter outbound URLs
Techniques to filter inbound URLs
Remote Access and
8/11/2019 CIW Security
119/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Virtual Private Networks (VPNs)
Three types of VPNs: Workstation-to-server
Firewall-to-firewall
Workstation-to-workstation
Tunneling protocols
Internet Protocol Security (IPsec)
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP) VPN vulnerabilities
8/11/2019 CIW Security
120/148
Lesson 9 Summary
8/11/2019 CIW Security
121/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Summary
1.1.3: Identify potential risk factors for data security,
including improper authentication 1.2.3: Define asymmetric (public-key) encryption,
including distribution schemes, Public KeyInfrastructure (PKI)
1.4.2: Define IPSec concepts
1.4.6: Identify routing issues and security
1.5.1: Define the purpose and function of variousfirewall types
1.5.2: Define the role a firewall plays in a company'ssecurity policy
1.5.3: Define common firewall terms
1.5.4: Identify packet filters and their features
1.5.5: Identify circuit-level gateways and their features
Lesson 9 Summary (contd)
8/11/2019 CIW Security
122/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 9 Summary (cont d)
1.5.6: Identify application-level gateways and their
features 1.5.7: Identify features of a packet-filtering firewall,
including rules, stateful multi-layer inspection
1.5.8: Identify fundamental features of a proxy-basedfirewall (e.g.; service redirection, service passing,
gateway daemons), and implement proxy-levelfirewall security
1.5.9: Define the importance of proxy caching relatedto performance
1.6.1: Implement a packet-filtering firewall
1.6.2: Customize your network to manage hackeractivity
8/11/2019 CIW Security
123/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 10:Levels of
Firewall Protection
8/11/2019 CIW Security
124/148
Designing a Firewall
8/11/2019 CIW Security
125/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Designing a Firewall
Firewall design principles
Keep design simple
Make contingency plans
8/11/2019 CIW Security
126/148
Hardware Issues
8/11/2019 CIW Security
127/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Hardware Issues
Choosing the operating system
Firewall appliances
Services
Daemons
Proxy servers
CommonFi ll D i
8/11/2019 CIW Security
128/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Designs
Screening routers Screened host firewall (single-homed bastion)
Screened host firewall (dual-homed bastion)
Screened subnet firewall (demilitarized zone)
CommonFi ll D i
8/11/2019 CIW Security
129/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Designs
Screening routers
CommonFi ll D i
http://www.google.com.bh/url?sa=i&rct=j&q=screening+routers&source=images&cd=&cad=rja&docid=g4m-H4Z2OZqDeM&tbnid=pF-d0vaEsNN-2M:&ved=0CAUQjRw&url=http://www.textoscientificos.com/redes/firewalls-distribuidos/firewalls/convencionales&ei=7JCIUfOGJ7SZ0AX39IGIBA&bvm=bv.45960087,d.bGE&psig=AFQjCNHE73jIcEv7GecbXieuwwaLQNf1IQ&ust=13679907879351098/11/2019 CIW Security
130/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Designs
Screened host firewall (single-homed bastion)
http://www.google.com.bh/url?sa=i&rct=j&q=single-homed+bastion+host&source=images&cd=&cad=rja&docid=49SF2XFkO0ItKM&tbnid=92eSmftr-7lkLM:&ved=0CAUQjRw&url=http://clchnd.blogspot.com/2011/04/introduction-to-firewalls-hnd-and-bsc.html&ei=T5GIUbnuJeeq0QW64YHABg&bvm=bv.45960087,d.bGE&psig=AFQjCNEUqa_07SEyOmLD1OjfWegEINxT6w&ust=13679909760621458/11/2019 CIW Security
131/148
CommonFi ll D i
8/11/2019 CIW Security
132/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Firewall Designs
Screened subnet firewall (demilitarized zone)
Modern Firewall Design
http://www.google.com.bh/url?sa=i&rct=j&q=demilitarized+zone+firewall&source=images&cd=&cad=rja&docid=p5q-GpjL6TBpeM&tbnid=lb8uETB_nn0UrM:&ved=0CAUQjRw&url=http://www.bluechaos.be/blogs/index.php/2009/03/firewall-architecture&ei=NpKIUb3yOqi70QXbsoDQAg&bvm=bv.45960087,d.bGE&psig=AFQjCNHq24EK6F6CxmeLnX4DTMxPOHYoCw&ust=13679911236127368/11/2019 CIW Security
133/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 10 Summary
8/11/2019 CIW Security
134/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
y
1.4.6: Identify routing issues and security
1.5.1: Define the purpose and function ofvarious firewall types
1.5.3: Define common firewall terms
1.6.1: Implement a packet-filtering firewall
1.6.2: Customize your network to managehacker activity
8/11/2019 CIW Security
135/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 11:Detecting and
Distracting Hackers
Lesson 11 Objectives
8/11/2019 CIW Security
136/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
j
1.6.2: Customize your network to manage
hacker activity
1.6.3: Implement proactive detection
1.6.4: Distract hackers and contain theiractivity
1.6.5: Deploy tripwires and other traps on anetwork host
ProactiveDetection
8/11/2019 CIW Security
137/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Detection
Automated security scans Login scripts
Automated auditing
Distracting the Hacker
8/11/2019 CIW Security
138/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
g
Dummy accounts
Dummy files
Dummy password files
Tripwire scripts
Automated checksums Jails
Deterring the Hacker
8/11/2019 CIW Security
139/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
g
Methods for deterring hackers
Log traffic and send e-mail messages
Conduct reverse scans
Drop the connection
Contact the ISP Tools for responding to hackers
Problems with retaliation
Lesson 11 Summary
8/11/2019 CIW Security
140/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
y
1.6.2: Customize your network to manage
hacker activity
1.6.3: Implement proactive detection
1.6.4: Distract hackers and contain theiractivity
1.6.5: Deploy tripwires and other traps on anetwork host
8/11/2019 CIW Security
141/148
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Lesson 12:Incident Response
Lesson 12 Objectives
8/11/2019 CIW Security
142/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
1.6.6: Respond appropriately to a security
breach
1.6.7: Identify security organizations that canhelp in case of system attack
1.6.8: Subscribe to respected security alerting
organizations
1.6.9: Identify appropriate authorities tocontact regarding data theft and otherattacks
Creating anIncident Response Policy
8/11/2019 CIW Security
143/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Incident Response Policy
Decide ahead of time Do not panic
Document everything
Determining ifan Attack Has Occurred
8/11/2019 CIW Security
144/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
an Attack Has Occurred
Determine the scope of the breachFind out if the hacker at
Stage 1 (discovery)
Stage 2 (penetration)
Stage 3 (control, and spreading to other system)
Stop or contain activity
Executingthe Response Plan
8/11/2019 CIW Security
145/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
the Response Plan
Notifying affected individuals Breaking the link or creating a jail
Notifying appropriate authorities
Contacting the hackers
Tracing connections and conducting otherchecks to future map the hackers activity
Reconfiguring the firewall
Notifying Internet agencies
Analyzing and Learning
8/11/2019 CIW Security
146/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
Ask questions of everyone involved
Record specific lessons you have learned
Update your security policy
Lesson 12 Summary
8/11/2019 CIW Security
147/148
Web Security Associate
Copyright 2010 Certification Partners, LLC -- All Rights Reserved
1.6.6: Respond appropriately to a security
breach
1.6.7: Identify security organizations that canhelp in case of system attack
1.6.8: Subscribe to respected security alerting
organizations
1.6.9: Identify appropriate authorities tocontact regarding data theft and otherattacks
Web Security Associate
8/11/2019 CIW Security
148/148
What Is Security?
Elements of Security Applied Encryption
Types of Attacks
Recent Networking Vulnerability Considerations
General Security Principles
Protocol Layers and Security
Securing Resources
Firewalls and Virtual Private Networks
Levels of Firewall Protection
Detecting and Distracting Hackers
Incident Response