Scribd
Upload
229 views41 pages

Managing A Secure Network: CCNA Security v2.0

Uploaded by

Youssef YL
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
229 views41 pages

Managing A Secure Network: CCNA Security v2.0

Uploaded by

Youssef YL
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Chapter 11:

Managing a Secure Network

CCNA Security v2.0


11.0 Introduction
11.1 Network Security Testing
11.2 Developing a
Comprehensive Security Policy
11.3 Summary

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Upon completion of this section, you should be able to:
Describe the techniques used in network security testing.

Describe the tools used in network security testing.

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Operational Status of the Network:
Penetration testing

Network scanning

Vulnerability scanning

Password cracking

Log review

Integrity checks

Virus detection

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Nmap/Zenmap

SuperScan

SIEM

GFI LANguard

Tripwire

Nessus

L0phtCrack

Metasploit

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Sample Nmap Screenshot Sample Zenmap Screenshot

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Essential functions:
Forensic Analysis

Correlation

Aggregation

Retention

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Upon completion of this section, you should be able to:
Explain the purpose of a comprehensive security policy.

Describe the structure of a comprehensive security policy.

Describe the standards, guidelines, and procedures of a security policy.

Explain the roles and responsibilities entailed by a security policy.

Explain security awareness and how to achieve through education and training.

Explain how to respond to a security breach.

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Determine what the assets of an organization are by asking:
What does the organization have that others want?

What processes, data, or information systems are critical to the


organization?
What would stop the organization from doing business or fulfilling its
mission?

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Audience Determines Security Policy Content

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
A governing policy includes:
Statement of the issue that the policy addresses

How the policy applies in the environment

Roles and responsibilities of those affected by the policy

Actions, activities, and processes that are allowed (and not allowed)

Consequences of noncompliance

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Technical components:
General policies

Telephony policy

Email and communication policy

Remote access policy

Network policy

Application policy

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Customize End-User Policies for Groups

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
NIST Information Technology Portal

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
NSA Website

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Common Criteria Website

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Chief Executive Officer (CEO) Chief Security Officer (CSO)

Chief Technology Officer (CTO) Chief Information Security


Officer (CISO)
Chief Information Officer (CIO)

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Primary components:
Awareness campaigns

Training and education

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Chapter Objectives:
Explain the various techniques and tools used for network security testing.

Explain how to develop a comprehensive security policy.

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Thank you.
Remember, there are
helpful tutorials and user
guides available via your
NetSpace home page. 1
([Link] 2
These resources cover a
variety of topics including
navigation, assessments,
and assignments.
A screenshot has been
provided here highlighting
the tutorials related to
activating exams, managing
assessments, and creating
quizzes.

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41

You might also like