分页: 1 / 1

Network General Training - 02 Securing the Network

发表于 : 2015年 1月 28日 21:52 星期三
admin
Securing the Network


Closed Networks
01.png
Open Networks
02.png

Re: Network General Training - 02 Securing the Network

发表于 : 2015年 1月 28日 21:54 星期三
admin
Threat Capabilities - More Dangerous and Easier to Use
03.png
E-Business Challenge
04.png

Re: Network General Training - 02 Securing the Network

发表于 : 2015年 1月 28日 21:58 星期三
admin
Adversaries, Adversary Motivations, and Classes of Attack
05.png
Common Threats

Physical installations

-Hardware threats
-Environmental threats
-Electrical threats
-Maintenance threats

Reconnaissance attacks

Learning information about a target network by using readily available information and applications

Access attacks

Attacks on networks or systems for these reasons:
-Retrieve data
-Gain access
-Escalate their access privileges

Password attacks

Tools used by hackers to compromise passwords

Password Attack Threat Mitigation

Here are password attack threat-mitigation techniques:
-Do not allow users to use the same password on multiple systems.
-Disable accounts after a certain number of unsuccessful login attempts.
-Do not use cleartext passwords.
-Use “strong” passwords; for example, “mY8!Rthd8y” rather than “mybirthday.”

Re: Network General Training - 02 Securing the Network

发表于 : 2015年 1月 28日 21:59 星期三
admin
Sophisticated attack tools and open networks continue to generate an increased need for network security policies and infrastructure to protect organizations from internally and externally based attacks.

Organizations must balance network security needs against e-business processes, legal issues, and government policies. Establishing a network security policy is the first step in changing a network over to a secure infrastructure.

Network adversaries come in many shapes and sizes and with multiple motivations.

It is very important to provide physical installation security for enterprise network devices.

Password attack threats can be mitigated.
-Restrict password use.
-Disable accounts after unsuccessful logins.
-Do not use cleartext passwords; use strong passwords.