Tài liệu, ebook Công Nghệ Thông Tin

Modern enterprise networks deploy wireless, VoIP, and SAN devices that require specialized security solutions. • Wireless technologies are the most prone to network attacks. A number of technologies have evolved to miligate these attacks. • With the increased adoption of VoIP, serveral security considerations specific to VoIP technology have ...

143 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1082 | Lượt tải: 0

Signatures may need to be tuned to a specifc netwok. • Continuously monitor an IPS solution to ensure that it is providing an adequate level of protection. • Implement Cisco IOS IPS using CLI or SDM • Modify IPS signatures using CLI or SDM • Use various CLI commends to verify and monitor a Cisco IOS IPS configuration. Học việ

83 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1075 | Lượt tải: 0

Zone-Based Policy Firewall (ZPF) , introduced in 2006, is the state of the art in modern firewalling. • ZPF operation centers around the creation of zones associated with various security levels. • Implementing ZPF with CLI is much more structured and easier to understand than CBAC . ZPF utilizes class maps and policy maps enabled by C3PL. •...

132 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1152 | Lượt tải: 0

In large or complex networks, AAA authentication can be implemented using server-based AAA. • AAA servers can use RADIUS or TACACS+ protocols to communicate with client routers. • The Cisco Access Control Server (ACS) can be used to provide AAA server services. • Server-based AAA authentication can be configured using CLI or SDM. • Server-b...

78 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1143 | Lượt tải: 0

Released in IOS version 12.3, Cisco AutoSecure is a feature that is initiated from the CLI and executes a script. • AutoSecure first makes recommendations for fixing security vulnerabilities and then modifies the security configuration of the router. • There are three forwarding plane services and functions: 1. Enables Cisco Express Forwardin...

175 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1144 | Lượt tải: 0

Keep patches up to date by installing them weekly or daily, if possible, to prevent buffer overflow and privilege escalation attacks. 2. Shut down unnecessary services and ports. 3. Use strong passwords and change them often 4. Control physical access to systems. 5. Mitigating Network Attacks Avoid unnecessary web page inputs. 6. Perform ba...

75 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1155 | Lượt tải: 0

The difficulty in troubleshooting Layer 2 technologies, such as PPP and Frame Relay, is the unavailability of common Layer 3 troubleshooting tools, such as ping, to assist with anything but the identification that the network is down. • Most of the problems that occur with PPP involve link negotiation.

73 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1083 | Lượt tải: 0

access-list 1 permit 10.0.0.0 0.0.0.255 • ip nat pool POOL200 200.0.0.3 200.0.0.6 netmask 255.255.255.248 • ip nat inside source list 1 pool POOL200 overload • Int f0/1 • Ip nat inside • Int s0/0/0 • Ip nat outside

107 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1131 | Lượt tải: 0

Components required to establish this VPN include: 1. An existing network with servers and workstations 2. A connection to the Internet 3. VPN gateways, such as routers, firewalls, VPN concentrators, and ASAs, that act as endpoints to establish, manage, and control VPN connections 4. Appropriate software to create and manage VPN tunnels

54 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1089 | Lượt tải: 0

Deny the DNS requests from the net1, net2 • Permit all other traffics • Access-list 111 deny udp any any eq 53 • Access-list 111 permit ip any any

86 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1079 | Lượt tải: 0