JB

04-IS421-Chapter-3-Lesson-1

Page 1

Title

IS421 IT INFRASTRUCTURE AND NETWORK TECHNOLOGIES

Page 2

Chapter Overview

  • Chapter 3: Focuses on Securing IT Infrastructure

    • Network Management and Security

    • Cybersecurity

    • Storage and Backup Architecture

Page 3

Focus Area

Network Management and Security

Page 4

Introduction to Network Security

  • Network security is complex and typically requires trained experts.

  • Increasing interconnectivity necessitates a broader understanding of network security basics.

Page 5

Definition of Network Security

  • Network Security: Measures, policies, and practices implemented to protect a computer network.

  • Objectives include protection from unauthorized access, misuse, data breaches, and cyberattacks.

  • Employs both hardware and software to maintain confidentiality, integrity, and availability of data.

Page 6

Importance of Network Security

  • Protects vital information while granting necessary access (e.g., trade secrets, medical records).

  • Ensures proper authentication and access control.

  • Guarantees resource availability.

Page 7

Vulnerable Entities

  • Financial institutions

  • Internet service providers

  • Pharmaceutical companies

  • Government and defense agencies

  • Contractors and multinational corporations

  • ANYONE on the network

Page 8

Security Objectives

  • Identification

  • Authentication

  • Access Control

Page 9

Identification

  • Unique identification of a user called UserID.

  • UserID may be a combination of:

    • User Name

    • User Student Number

    • User SSN

Page 10

Authentication

  • Process of verifying a user's identity based on:

    • Something the user knows: Password

    • Something the user has: Key, smart card

    • Something the user is: Biometrics (fingerprint, voice, retinal)

Page 11

Sub Concerns of Authentication

  • General Access Authentication: Controls overall access rights.

  • Functional Authentication: Determines actions authorized once identified.

Page 12

Major Authentication Protocols

  • Username/Password: Basic method (plaintext); vulnerable.

  • CHAP: Uses hashed passwords for secure transmission.

  • RADIUS: Central authentication method supporting various protocols.

  • Kerberos: Service authentication and authorization.

Page 13

Authentication Procedures

  • Two-party Authentication: User-Server authentication.

  • One-way Authentication: Only serves one entity.

  • Two-way Authentication: Mutual verification.

  • Third-party Authentication: Involves services like Kerberos and X.509.

  • Single Sign-On: Access multiple resources with one login.

Page 14

Two-party Authentication Flow

  • Client: UserID & Password → Authenticate → Authenticated ServerID & Password.

Page 15

Third-Party Authentication Flow

  • Security Server → Exchange keys → Exchange data with clients.

Page 16

Access Control

  • Security features to manage who can access system resources.

  • Applications define and enforce access controls.

Page 17

The CIA Triad

  • Confidentiality: Ensures authorized access only.

  • Integrity: Maintains data accuracy and reliability.

  • Availability: Ensures data is accessible when needed.

Page 18

Confidentiality

  • Protects sensitive data from unauthorized access.

  • Methods include:

    • Encryption

    • Access controls

    • Secure communications

Page 19

Integrity

  • Ensures data remains unchanged during storage and transmission.

  • Prevents unauthorized modification.

  • Methods include data validation, hashing, and digital signatures.

Page 20

Availability

  • Ensures resources are available to authorized users.

  • Involves mitigating disruptions from failures or attacks.

  • Methods include:

    • Redundancy

    • Disaster recovery planning

    • Backup systems

Page 21

Importance of the CIA Triad

  • Guides the implementation of security measures.

  • Balances the three core principles of security effectively.

Page 22

Encryption

  • Process of converting plaintext to ciphertext using algorithms.

  • Protects confidentiality and integrity of data.

Page 23

Types of Encryption

  1. Symmetric Encryption: Same key for encryption and decryption; challenges in key management.

  2. Asymmetric Encryption: Uses public and private keys; more secure for key management.

Page 24

Applications of Encryption

  • Disk encryption software

  • File/folder encryption

  • Database encryption

  • Communication encryption

  • Network Traffic Encryption Tools

Page 25

Example: Caesar Cipher

  • Simple encryption technique shifting letters by a number of positions.

  • Example: Plaintext HELLO shifted by 3 results in:

    • KHOOR

Page 26

Caesar Cipher Encryption Process

  • Alphabet shifts:

    • A → D, B → E, C → F, etc.

  • Result: KHOOR for HELLO

Page 27

Caesar Cipher Decryption Process

  • To decrypt, revert the shift:

    • K → H, H → E, O → L, R → O

  • Result: HELLO

Page 28

Analysis of Caesar Cipher

  • The shift key is 3.

  • Easily broken by modern techniques, compared to more secure methods (e.g., AES, RSA).

Page 29

Wireless Security

  • Measures taken to protect wireless networks and their transmissions.

  • Vulnerable to interception, emphasizing the need for strong security.

Page 30

802.11i (Wi-Fi Security Protocol)

  • Amendment to IEEE 802.11 standard for WLANs.

  • Ratified in 2004 to address vulnerabilities in older protocols (e.g., WEP).

Page 31

Features of 802.11i

  • WPA2: Implementation providing strong encryption and authentication.

  • Uses AES instead of insecure RC4 cipher for encrypting data.

Page 32

Bluetooth

  • Short-range wireless technology connecting devices (e.g., smartphones, computers).

  • Designed for quick connections over distances up to 100 meters.

Page 33

Key Features of Bluetooth

  • Low power consumption

  • Short-range communication

  • Bluetooth pairing

  • Data encrypted with mechanisms like SSP and E0 cipher.

Page 34

Bluetooth Versions

  • Bluetooth 4.0/4.2: Introduced low-energy capabilities for IoT.

  • Bluetooth 5.0/5.2: Enhanced range and speed for quicker transfers and larger capacities.

Page 35

WAP 2.0 (Wireless Application Protocol)

  • Standard allowing mobile devices access to internet content/services.

  • Developed for limited capability mobile devices.

Page 36

Key Features of WAP 2.0

  • HTTP and internet compatibility

  • Push and pull data services

  • XHTML support

  • Improved security features.

Page 37

Summary of Differences

Technology

Focus/Functionality

Security Case/Applications

802.11i

Securing wireless LANs

WPA2 using AES for encryption & strong authentication

Bluetooth

Short-range communication connections

Encryption via E0 and SSP

WAP 2.0

Mobile internet access protocol

WTLS security layer for early mobile web access

Page 38

Security Processes

  • Essential for maintaining data confidentiality, integrity, and availability.

  • Various strategies should combine technical measures and best practices.

Page 39

Effective Data Protection Measures

  • Encryption: Encrypt data transmissions to protect confidentiality.

  • Network Firewalls: Monitor traffic to prevent unauthorized access.

  • Access Control: Implement RBAC, MFA, and network segmentation.

Page 40

Additional Protective Measures

  • VPN: Encrypt remote connections to safeguard against eavesdropping.

  • Regular updates and patch management.

  • Adopt strong authentication policies.

  • Use DLP and antivirus solutions.

Page 41

Ethical Hacking

  • Authorized practice to identify and exploit vulnerabilities in systems.

  • Aims to enhance security by employing similar techniques as malicious hackers, legally.

Page 42

Goals of Ethical Hacking

  • Assess the security posture of systems/networks.

  • Identify weaknesses before they are exploited by malicious actors.

Page 43

Methodologies in Ethical Hacking

  • Reconnaissance: Gather information on the target system.

  • Scanning: Identify open ports and vulnerabilities.

  • Exploitation: Attempt to exploit vulnerabilities to evaluate impact.

Page 44

Ethical Hacking Steps Continuation

  • Post-Exploitation: Evaluate potential actions post-access.

  • Reporting: Document vulnerabilities and suggest mitigations.

Page 45

Ethical Hacking Certifications

  • Certified Ethical Hacker (CEH): Validates knowledge and techniques.

  • Offensive Security Certified Professional (OSCP): Focuses on penetration testing skills.

  • CompTIA PenTest+: Covers penetration testing and vulnerability assessment.

Page 46

Firewalls

  • Network security devices that monitor and control traffic based on rules.

  • Acts as a barrier between trusted and untrusted networks.

Page 47

Characteristics of Firewalls

  • This can be hardware or software-based implementations.

  • Firewalls limit access to networked hosts and prevent unauthorized access.

Page 48

Firewalls and Networking Structures

  • Diagram: Shows the flow of traffic between the Internet, DMZ, and Intranet through firewalls.

Page 49

Types of Firewalls

  1. Packet Filtering Firewalls: Examine packet headers and drop/block packets based on rules.

  2. Stateful Inspection Firewalls: Track ongoing connections to allow/filter packets based on session state.

  3. Proxy Firewalls: Intermediaries between user requests and the internet.

  4. Next-Generation Firewalls (NGFW): Include additional security features (e.g., IPS, deep packet inspection).

Page 50

Intrusion Detection Systems (IDS)

  • Monitors network traffic for suspicious activities and threats.

  • Alerts administrators to potential security incidents.

Page 51

Open Source IDS Example: Snort

  • Snort is an open-source IPS using defined rules to identify malicious activities.

  • Capable of packet sniffing and intrusion prevention.

Page 52

Types of Intrusion Detection Systems

  1. NIDS: Monitor network-wide traffic for intrusion signs.

  2. HIDS: Monitor individual devices for suspicious activities and analyze system integrity.

Page 53

Dictionary Attack

  • A method for breaking passwords using a list of common words.

  • Effective against users with weak passwords.

Page 54

Defense Against Dictionary Attacks

  • Create strong passwords with complexity.

  • Implement policies for complexity and regular changes to reduce risks.

Page 55

Denial of Service (DoS)

  • Aims to disrupt normal service by overwhelming the target with traffic.

  • Causes significant downtime and financial losses.

Page 56

Types of Denial of Service Attacks

  • DoS: Launches from a single source.

  • DDoS: Multiple compromised systems attack a single target.

  • Mitigations include rate limiting and DDoS protection services.

Page 57

DoS Diagram

  • Shows the ICMP echo attack with spoofed addresses flooding the victim.

Page 58

Packet Sniffing

  • Capturing and analyzing data packets traveling over a network using sniffing tools.

Page 59

Use Cases for Packet Sniffers

  1. Network Troubleshooting: Diagnose network issues and bandwidth analysis.

  2. Security Monitoring: Identify malicious activity through traffic analysis.

Page 60

Risks of Packet Sniffing

  • Can capture sensitive data if not properly encrypted.

  • Plaintext data, especially passwords, can be compromised easily.

Page 61

Protection Against Packet Sniffing

  • Use secure protocols (e.g., SSH, HTTPS) instead of unprotected methods (e.g., Telnet, FTP).

  • Implement network-layer confidentiality (e.g., IPsec).