Page 1

Title

IS421 IT INFRASTRUCTURE AND NETWORK TECHNOLOGIES

Page 2

Chapter Overview

• Chapter 3: Focuses on Securing IT Infrastructure

  • Network Management and Security

  • Cybersecurity

  • Storage and Backup Architecture

Page 3

Focus Area

Network Management and Security

Page 4

Introduction to Network Security

• Network security is complex and typically requires trained experts.

• Increasing interconnectivity necessitates a broader understanding of network security basics.

Page 5

Definition of Network Security

• Network Security: Measures, policies, and practices implemented to protect a computer network.

• Objectives include protection from unauthorized access, misuse, data breaches, and cyberattacks.

• Employs both hardware and software to maintain confidentiality, integrity, and availability of data.

Page 6

Importance of Network Security

• Protects vital information while granting necessary access (e.g., trade secrets, medical records).

• Ensures proper authentication and access control.

• Guarantees resource availability.

Page 7

Vulnerable Entities

• Financial institutions

• Internet service providers

• Pharmaceutical companies

• Government and defense agencies

• Contractors and multinational corporations

• ANYONE on the network

Page 8

Security Objectives

• Identification

• Authentication

• Access Control

Page 9

Identification

• Unique identification of a user called UserID.

• UserID may be a combination of:

  • User Name

  • User Student Number

  • User SSN

Page 10

Authentication

• Process of verifying a user's identity based on:

  • Something the user knows: Password

  • Something the user has: Key, smart card

  • Something the user is: Biometrics (fingerprint, voice, retinal)

Page 11

Sub Concerns of Authentication

• General Access Authentication: Controls overall access rights.

• Functional Authentication: Determines actions authorized once identified.

Page 12

Major Authentication Protocols

• Username/Password: Basic method (plaintext); vulnerable.

• CHAP: Uses hashed passwords for secure transmission.

• RADIUS: Central authentication method supporting various protocols.

• Kerberos: Service authentication and authorization.

Page 13

Authentication Procedures

• Two-party Authentication: User-Server authentication.

• One-way Authentication: Only serves one entity.

• Two-way Authentication: Mutual verification.

• Third-party Authentication: Involves services like Kerberos and X.509.

• Single Sign-On: Access multiple resources with one login.

Page 14

Two-party Authentication Flow

• Client: UserID & Password → Authenticate → Authenticated ServerID & Password.

Page 15

Third-Party Authentication Flow

• Security Server → Exchange keys → Exchange data with clients.

Page 16

Access Control

• Security features to manage who can access system resources.

• Applications define and enforce access controls.

Page 17

The CIA Triad

• Confidentiality: Ensures authorized access only.

• Integrity: Maintains data accuracy and reliability.

• Availability: Ensures data is accessible when needed.

Page 18

Confidentiality

• Protects sensitive data from unauthorized access.

• Methods include:

  • Encryption

  • Access controls

  • Secure communications

Page 19

Integrity

• Ensures data remains unchanged during storage and transmission.

• Prevents unauthorized modification.

• Methods include data validation, hashing, and digital signatures.

Page 20

Availability

• Ensures resources are available to authorized users.

• Involves mitigating disruptions from failures or attacks.

• Methods include:

  • Redundancy

  • Disaster recovery planning

  • Backup systems

Page 21

Importance of the CIA Triad

• Guides the implementation of security measures.

• Balances the three core principles of security effectively.

Page 22

Encryption

• Process of converting plaintext to ciphertext using algorithms.

• Protects confidentiality and integrity of data.

Page 23

Types of Encryption

1. Symmetric Encryption: Same key for encryption and decryption; challenges in key management.

2. Asymmetric Encryption: Uses public and private keys; more secure for key management.

Page 24

Applications of Encryption

• Disk encryption software

• File/folder encryption

• Database encryption

• Communication encryption

• Network Traffic Encryption Tools

Page 25

Example: Caesar Cipher

• Simple encryption technique shifting letters by a number of positions.

• Example: Plaintext HELLO shifted by 3 results in:

  • KHOOR

Page 26

Caesar Cipher Encryption Process

• Alphabet shifts:

  • A → D, B → E, C → F, etc.

• Result: KHOOR for HELLO

Page 27

Caesar Cipher Decryption Process

• To decrypt, revert the shift:

  • K → H, H → E, O → L, R → O

• Result: HELLO

Page 28

Analysis of Caesar Cipher

• The shift key is 3.

• Easily broken by modern techniques, compared to more secure methods (e.g., AES, RSA).

Page 29

Wireless Security

• Measures taken to protect wireless networks and their transmissions.

• Vulnerable to interception, emphasizing the need for strong security.

Page 30

802.11i (Wi-Fi Security Protocol)

• Amendment to IEEE 802.11 standard for WLANs.

• Ratified in 2004 to address vulnerabilities in older protocols (e.g., WEP).

Page 31

Features of 802.11i

• WPA2: Implementation providing strong encryption and authentication.

• Uses AES instead of insecure RC4 cipher for encrypting data.

Page 32

Bluetooth

• Short-range wireless technology connecting devices (e.g., smartphones, computers).

• Designed for quick connections over distances up to 100 meters.

Page 33

Key Features of Bluetooth

• Low power consumption

• Short-range communication

• Bluetooth pairing

• Data encrypted with mechanisms like SSP and E0 cipher.

Page 34

Bluetooth Versions

• Bluetooth 4.0/4.2: Introduced low-energy capabilities for IoT.

• Bluetooth 5.0/5.2: Enhanced range and speed for quicker transfers and larger capacities.

Page 35

WAP 2.0 (Wireless Application Protocol)

• Standard allowing mobile devices access to internet content/services.

• Developed for limited capability mobile devices.

Page 36

Key Features of WAP 2.0

• HTTP and internet compatibility

• Push and pull data services

• XHTML support

• Improved security features.

Page 37

Summary of Differences

Page 38

Security Processes

• Essential for maintaining data confidentiality, integrity, and availability.

• Various strategies should combine technical measures and best practices.

Page 39

Effective Data Protection Measures

• Encryption: Encrypt data transmissions to protect confidentiality.

• Network Firewalls: Monitor traffic to prevent unauthorized access.

• Access Control: Implement RBAC, MFA, and network segmentation.

Page 40

Additional Protective Measures

• VPN: Encrypt remote connections to safeguard against eavesdropping.

• Regular updates and patch management.

• Adopt strong authentication policies.

• Use DLP and antivirus solutions.

Page 41

Ethical Hacking

• Authorized practice to identify and exploit vulnerabilities in systems.

• Aims to enhance security by employing similar techniques as malicious hackers, legally.

Page 42

Goals of Ethical Hacking

• Assess the security posture of systems/networks.

• Identify weaknesses before they are exploited by malicious actors.

Page 43

Methodologies in Ethical Hacking

• Reconnaissance: Gather information on the target system.

• Scanning: Identify open ports and vulnerabilities.

• Exploitation: Attempt to exploit vulnerabilities to evaluate impact.

Page 44

Ethical Hacking Steps Continuation

• Post-Exploitation: Evaluate potential actions post-access.

• Reporting: Document vulnerabilities and suggest mitigations.

Page 45

Ethical Hacking Certifications

• Certified Ethical Hacker (CEH): Validates knowledge and techniques.

• Offensive Security Certified Professional (OSCP): Focuses on penetration testing skills.

• CompTIA PenTest+: Covers penetration testing and vulnerability assessment.

Page 46

Firewalls

• Network security devices that monitor and control traffic based on rules.

• Acts as a barrier between trusted and untrusted networks.

Page 47

Characteristics of Firewalls

• This can be hardware or software-based implementations.

• Firewalls limit access to networked hosts and prevent unauthorized access.

Page 48

Firewalls and Networking Structures

• Diagram: Shows the flow of traffic between the Internet, DMZ, and Intranet through firewalls.

Page 49

Types of Firewalls

1. Packet Filtering Firewalls: Examine packet headers and drop/block packets based on rules.

2. Stateful Inspection Firewalls: Track ongoing connections to allow/filter packets based on session state.

3. Proxy Firewalls: Intermediaries between user requests and the internet.

4. Next-Generation Firewalls (NGFW): Include additional security features (e.g., IPS, deep packet inspection).

Page 50

Intrusion Detection Systems (IDS)

• Monitors network traffic for suspicious activities and threats.

• Alerts administrators to potential security incidents.

Page 51

Open Source IDS Example: Snort

• Snort is an open-source IPS using defined rules to identify malicious activities.

• Capable of packet sniffing and intrusion prevention.

Page 52

Types of Intrusion Detection Systems

1. NIDS: Monitor network-wide traffic for intrusion signs.

2. HIDS: Monitor individual devices for suspicious activities and analyze system integrity.

Page 53

Dictionary Attack

• A method for breaking passwords using a list of common words.

• Effective against users with weak passwords.

Page 54

Defense Against Dictionary Attacks

• Create strong passwords with complexity.

• Implement policies for complexity and regular changes to reduce risks.

Page 55

Denial of Service (DoS)

• Aims to disrupt normal service by overwhelming the target with traffic.

• Causes significant downtime and financial losses.

Page 56

Types of Denial of Service Attacks

• DoS: Launches from a single source.

• DDoS: Multiple compromised systems attack a single target.

• Mitigations include rate limiting and DDoS protection services.

Page 57

DoS Diagram

• Shows the ICMP echo attack with spoofed addresses flooding the victim.

Page 58

Packet Sniffing

• Capturing and analyzing data packets traveling over a network using sniffing tools.

Page 59

Use Cases for Packet Sniffers

1. Network Troubleshooting: Diagnose network issues and bandwidth analysis.

2. Security Monitoring: Identify malicious activity through traffic analysis.

Page 60

Risks of Packet Sniffing

• Can capture sensitive data if not properly encrypted.

• Plaintext data, especially passwords, can be compromised easily.

Page 61

Protection Against Packet Sniffing

• Use secure protocols (e.g., SSH, HTTPS) instead of unprotected methods (e.g., Telnet, FTP).

• Implement network-layer confidentiality (e.g., IPsec).