Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 11: Policies and ProceduresSummary • The security policy cycle defines the overall process for developing a security policy • There are four steps in risk identification: – Inventory the assets and their attributes – Determine what threats exist against the assets and by which threat agents – Determine whether vulnerabilities exist that can be exploited by surveying ...
43 trang | Chia sẻ: vutrong32 | Ngày: 17/10/2018 | Lượt xem: 1475 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 10: Operational SecuritySummary • Adequate physical security is one of the first lines of defense against attacks • Physical security involves restricting with access controls, minimizing social engineering attacks, and securing the environment and infrastructure • Business continuity is the process of assessing risks and developing a management strategy to ensure th...
37 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1311 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 9: Using and Managing KeysSummary • One of the advantages of symmetric cryptography is that encryption and decryption using a private key is usually fast and easy to implement • A digital signature solves the problem of authenticating the sender when using asymmetric cryptography • With the number of different tools required for asymmetric cryptography, an organization ...
34 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1357 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 8: Scrambling Through CryptographySummary • Cryptography seeks to fulfill five key security functions: confidentiality, authentication, integrity, nonrepudiation, and access control • Hashing, also called a one-way hash, creates a ciphertext from plaintext • Symmetric encryption algorithms use a single key to encrypt and decrypt a message
46 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1359 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 7: Protecting Advanced CommunicationsSummary • The FTP protocol has several security vulnerabilities—it does not natively use encryption and is vulnerable to man-in-the-middle attacks • FTP can be hardened by using secure FTP (which encrypts using SSL) • Protecting remote access transmissions is particularly important in today’s environment as more users turn to the Internet as t...
54 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1390 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 6: Web SecuritySummary • Protecting basic communication systems is a key to resisting attacks • E-mail attacks can be malware, spam, or hoaxes • Web vulnerabilities can open systems up to a variety of attacks • A Java applet is a separate program stored on the Web server and downloaded onto the user’s computer along with the HTML code
48 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1376 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 5: Securing the Network InfrastructureSummary • Cable plant: physical infrastructure (wire, connectors, and cables that carry data communication signals between equipment) • Removable media used to store information include: – Magnetic storage (removable disks, hard drives) – Optical storage (CD and DVD) – Electronic storage (USB memory sticks, FlashCards)
56 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1331 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 4: Security BaselinesSummary • Establishing a security baseline creates a basis for information security • Hardening the operating system involves applying the necessary updates to the software • Securing the file system is another step in hardening a system
39 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1500 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 3: Security BasicsSummary • Creating and maintaining a secure environment cannot be delegated to one or two employees in an organization • Major tasks of securing information can be accomplished using a bottom-up approach, where security effort originates with low-level employees and moves up the organization chart to the CEO • In a top-down approach, the effor...
38 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1412 | Lượt tải: 0
Bài giảng Security+ Guide to Network Security Fundamentals - Chapter 2: Attackers and Their AttacksSummary • Six categories of attackers: hackers, crackers, script kiddies, spies, employees, and cyberterrorists • Password guessing is a basic attack that attempts to learn a user’s password by a variety of means • Cryptography uses an algorithm and keys to encrypt and decrypt messages
46 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1424 | Lượt tải: 0
