Network Security Auditing
|
|
- Estella Greer
- 7 years ago
- Views:
Transcription
1 Network Security Auditing Chris Jackson, CCIE No. 6256Cisco Press Cisco Press 800 East 96th Street Indianapolis, IN 46240
2 Contents Introduction xxi Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment 2 Prevention 3 Detection 3 Reaction 4 Recovery 4 Building a Security Program 4 Policy 5 Procedures 6 Standards 7 Security Controls 7 Administrative Controls 7 Technical Controls 8 Physical Controls 8 Preventative Controls 8 Detective Controls 8 Corrective Controls 8 Recovery Controls 9 Managing Risk 9 Risk Assessment 10 Risk Mitigation 14 Risk in the Fourth Dimension 16 How, What, and Why You Audit 17 Audit Charter 17 Engagement Letter 18 Types of Audits 19 Security Review 19 Security Assessment 19 Security Audit 20 The Role of the Auditor 20 Places Where Audits Occur 21 Policy Level 21 Procedure Level 21
3 Network Security Auditing Control Level 22 The Auditing Process 22 Planning Phase: Audit Subject, Objective, and Scope 22 Research Phase: Planning, Audit Procedures, and Evaluation Criteria Data Gathering Phase: Checklists, Tools, and Evidence 23 Data Analysis Phase: Analyze, Map, and Recommend 24 Audit Report Phase: Write, Present, and File the Audit Report 24 Follow-Up Phase: Follow up, Follow up, Follow up! 25 Summary 25 References in This Chapter 26 Chapter 2 Information Security and the Law 27 IT Security Laws 27 Hacking, Cracking, and Fraud Laws 29 Computer Fraud and Abuse Act 29 Access Device Statute 31 Electronic Communications Privacy Act 34 Title I: Wiretap Act 34 Title II: Stored Communications Act 37 Title III: Pen/Trap Statute 38 Intellectual Property Laws 39 Digital Millennium Copyright Act 39 Economic Espionage Act 41 CAN-SPAM Act of State and Local Laws 43 Reporting a Crime 44 Regulatory Compliance Laws 46 SOX 46 HIPAA 48 Privacy Rule 50 Security Rule 51 Transactions and Code Sets Standard Rule 52 Identifiers Rule 52 Enforcement Rule 52 GLBA 54 PCI DSS 55 Summary 59 References in This Chapter 60
4 ix Federal Hacking Laws 60 State Laws 60 Chapter 3 Information Security Governance, Frameworks, and Standards 61 Understanding Information Security Governance 61 People: Roles and Responsibilities 64 Information Security Governance Organizational Structure 65 Board of Directors 65 Security Steering Committee 65 CEO or Executive Management 66 CIO/CISO 66 Security Director 66 Security Analyst 66 Security Architect 66 Security Engineer 67 SystemsAdministrator 67 Database Administrator 67 IS Auditor 67 End User 67 Spotting Weaknesses in the People Aspect of Security 67 Process: Security Governance Frameworks 68 COSO 68 Control Environment 69 Risk Assessment 70 Control Activities 70 Information Monitoring 70 COBIT 71 ITIL 75 and Communication 70 Technology: Standards Procedures and Guidelines 76 ISO Series of Standards 76 NIST 78 Center for Internet Security 80 NSA 80 DISA 81 SANS 82 ISACA 83 Cisco Security Best Practices 84
5 Network Security Auditing Summary 85 References in This Chapter 86 Web Resources 86 Chapter 4 Auditing Tools and Techniques 87 Evaluating Security Controls 87 Auditing Security Practices 89 Testing Security Technology 91 Security Testing Frameworks 92 OSSTMM 93 ISSAF 93 NIST OWASAP 94 Security Auditing Tools 95 Service Mapping Tools 96 Nmap 96 Hping 100 Vulnerability Assessment Tools 101 Nessus 101 RedSealSRM 105 Packet Capture Tools 111 Tcpdump 111 Wiresbark/Tshark 114 Penetration Testing Tools 116 Core Impact 116 Metasploit 120 BackTrack 127 Summary 128 References in This Chapter 128 Security Testing Frameworks 12 8 Security Testing Tools 129 Chapter 5 Auditing Cisco Security Solutions 1 Auditors and Technology 131 Security as a System 132 Cisco Security Auditing Domains 133 Policy, Compliance, and Management Infrastructure Security 135 Perimeter Intrusion Prevention 136
6 xi Access Control 136 Secure Remote Access 137 Endpoint Protection 138 Unified Communications 139 Defining the Audit Scope of a Domain 139 Identifying Security Controls to Assess 141 Mapping Security Controls to Cisco Solutions 143 The Audit Checklist 144 Summary 150 Chapter 6 Policy, Compliance, and Management 153 Do You Know Where Your Policy Is? 153 Auditing Security Policies 154 Standard Policies 158 Acceptable Use 158 Minimum Access 158 Network Access 158 Remote Access 159 Internet Access 159 User Account Management 159 Data Classification 159 Change Management 160 Server Security 161 Mobile Devices 161 Guest Access 161 Physical Security 161 Password Policy 162 Malware Protection 162 Incident Handling 162 Audit Policy 162 Software Licensing 162 Electronic Monitoring and Privacy 163 Policies for Regulatory and Industry Compliance 163 Cisco Policy Management and Monitoring Tools 165 Cisco MARS 165 Cisco Configuration Professional 167 Cisco Security Manager 169 Cisco Network Compliance Manager 171
7 xii Network Security Auditing Checklist 174 Summary 176 References in This Chapter 176 Chapter 7 Infrastructure Security 177 Infrastructure Threats 177 Unauthorized Access 177 Denial of Service 178 Traffic Capture 178 Layer 2 Threats 179 Network Service Threats 180 Policy Review 180 Infrastructure Operational Review 181 The Network Map and Documentation 182 Logical Diagrams 182 Physical Diagrams 182 Asset Location and Access Requirements 182 Data Flow and Traffic Analysis 183 Administrative Accounts 183 Configuration Management 184 Vulnerability Management 184 Disaster Recovery 184 Wireless Operations 185 Infrastructure Architecture Review 185 Management Plane Auditing 186 Cisco Device Management Access 187 Syslog 193 NTP 194 Netflow 195 Control Plane Auditing 196 IOS Hardening 196 Routing Protocols 198 Protecting the Control Plane 199 Data Plane Auditing 201 Access Control Lists 202 iacls 202 Unicast Reverse Path Forwarding 203 Layer 2 Security 204
8 xiii VTP 204 Port Security 205 DHCP Snooping 205 Dynamic ARP Inspection 206 IP Source Guard 206 Disable Dynamic Trunking 206 Protecting Spanning Tree 207 Switch Access Controls Lists 208 Protect Unused Ports 209 Wireless Security 210 Wireless Network Architecture 210 Cisco Adaptive Wireless Intrusion Prevention System 211 Protecting Wireless Access 212 Wireless Service Availability 213 Rogue Access Point Detection 214 General Network Device Security Best Practices 216 Technical Testing 217 Router Testing 219 Switch Testing 221 Wireless Testing 225 Checklist 230 Summary 235 References in This Chapter 236 Chapter 8 Perimeter Intrusion Prevention 237 Perimeter Threats and Risk 237 Policy Review 238 Perimeter Operations Review 239 Management and Change Control 239 Monitoring and Incident Handling 240 Perimeter Architecture Review 242 What Are You Protecting? 243 Perimeter Design Review 243 Logical Architecture 244 Physical Architecture 245 What Is the Risk? 246 Good Design Practices 247
9 xiv Network Security Auditing Auditing Firewalls 247 Review Firewall Design 248 Simple Firewall 248 Screening Router and Firewall 248 Firewall with DMZ 249 Firewall with DMZ and Services Network 249 High Availability Firewall 250 IOS Firewall Deployment 250 Review Firewall Configuration 251 Firewall Modes of Operation 252 Firewall Virtualization 253 Filtering Methods 253 Network Address Translation 255 Secure Management 256 Logging 256 Other Configuration Checks 256 Review Rule Base 257 Cisco Firewall Rule Basics 257 Rule Review 259 Rule Optimization 260 TheASA Modular Policy Framework and Application Inspection 261 IOS Zone-Based Firewall 263 Auditing IPS 265 How IPS Works 266 Review IPS Deployment 268 Review IPS Configuration 269 Protect the Management Interface 271 Administrative Access and Authentication 271 NTP Configuration 274 Signature Updates 274 Event Logging 275 Review IPS Signatures 276 Signature Definitions 276 Even t Action Rules 2 77 Target Value Rating 277 IOS IPS 278
10 XV Technical Control Testing 279 Firewall Rule Testing 279 Testing the IPS 281 Conducting an IPS Test 282 Reviewing the Logs 284 Checklist 284 Summary 287 References in This Chapter 288 Chapter 9 Access Control 289 Fundamentals of Access Control 289 Identity and Authentication 290 Access Control Threats and Risks 291 Access Control Policy 292 Access Control Operational Review 293 Identity Operational Good Practices 293 Authorization and Accounting Practices 294 Administrative Users 296 Classification of Assets 297 Access Control Architecture Review 297 Identity and Access Control Technologies 298 Network Admission Control 298 NAC Components 299 How NAC Works 300 NAC Deployment Considerations 302 NAC Posture Assessment 303 Identity-Based Networking Services 304 Deployment Methods 305 NAC Guest Server 306 NAC Profiler 306 Technical Testing 308 Authentication and Identity Handling 308 Posture Assessment Testing 309 Testing for Weak Authentication 309 Checklist 313 Summary 315 References in This Chapter 315
11 xvi Network Security Auditing Chapter 10 Secure Remote Access 317 Defining the Network Edge 317 VPN Fundamentals 318 Confidentiality 319 Symmetric Encryption 320 Asymmetric Encryption 321 Integrity 323 Authentication and Key Management 324 IPsec, SSL, and dtls 326 IPsec 326 Secure Socket Layer 328 Datagram Transport Layer Security (dtls) 329 Remote Access Threats and Risks 329 Remote Access Policies 330 Remote Access Operational Review 331 VPN Device Provisioning 331 Mobile Access Provisioning 332 Mobile User Role-Based Access Control 333 Monitoring and Incident Handling 333 Remote Access Architecture Review 333 Site-to-Site VPN Technologies 335 Easy VPN 335 IPsec and Generic Router Encapsulation (GRE) 336 Dynamic Multipoint VPN (DMVPN) 336 Multi Protocol Label Switching (MPLS) and Virtual Routing and Forwarding (VRF) VPNs 337 GETVPN 339 Mobile User Access VPN 340 IPsec Client 341 Clientless SSL VPN 341 Cisco Secure Desktop 342 SSL Full Tunneling Client 344 VPN Network Placement 345 VPN Access Controls 346 Site-to-Site Access Controls 346 Mobile User Access Controls 347 Remote Access Good Practices 348
12 xvii Technical Testing 350 Authentication 350 IPsec 351 SSL 352 Site-to-Site Access Control Testing 353 Mobile User Access Control Testing 353 Monitoring and Log Review 354 Checklist 354 Summary 358 References in This Chapter 358 Chapter 11 Endpoint Protection 359 Endpoint Risks 359 Endpoint Threats 360 Malware 360 Web-Based Threats 362 Social Networking and Web Threats 366 Data Loss Threats 367 Policy Review 368 Endpoint Protection Operational Control Review 370 Current Threat Intelligence 370 Vulnerability and Patch Management 373 Monitoring and Incident Handling 373 Security Awareness Program 374 Endpoint Architecture Review 374 Cisco Security Intelligence Operations 375 SensorBase 375 Cisco Threat Operations Center 375 Dynamic Update Function 376 Web Controls 376 Web Security Appliance 376 ASA 378 IPS 379 CSA 380 Controls 380 Policy Enforcement 381
13 xviii Network Security Auditing Authentication 381 Data Loss Prevention 383 Web Client 385 Patch Management 386 Monitoring 386 Web MARS 388 Technical Testing 388 Acceptable Use Enforcement 388 Malware Detection and Quarantine 389 SPAM, Phishing, and Fraud 390 Encryption 390 Patch Management and Enforcement 390 Data Loss Prevention Testing 391 Detection and Response 391 Checklist 391 Summary 396 References in This Chapter 396 Chapter 12 Unified Communications 397 Unified Communications Risks 397 VoIP Threats 399 Denial of Service 399 Confidentiality 401 Fraud 401 UC Policy and Standards Review 403 UC Operational Control Review 404 User and Phone Provisioning 404 Change Management 405 Asset Management 405 Call Detail Record Review 406 Administrative Access 406 Vulnerability Management 406 Security Event Monitoring and Log Review 407
14 Disaster Recovery 408 UC Architecture Review 408 Unified Communications Fundamentals 409 H MGCP 412 SCCP 412 SIP 413 Session Border Controller 415 RTP and SRTP 416 Call Processing 416 Infrastructure Controls 418 Switch Security 418 ACLs and Firewalling 420 IPS 421 Gateway Protection 422 Site to Site 422 Wireless 423 Call Control Protection 423 Communications Manager Hardening 423 Authentication, Integrity, and Encryption Phone Proxy 426 Secure SIP Trunking 426 Toll Fraud Prevention 428 Application Controls 431 Voice Endpoint Controls 432 Monitoring and Management 433 Technical Testing 434 VLAN Separation 434 Eavesdropping 436 Gateway 438 Toll Fraud 438 Monitoring and Incident Detection 438 Checklist 439 Summary 444 References in This Chapter 445
Chapter 1 The Principles of Auditing 1
Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment Prevention Detection Reaction Recovery Building a Security Program Policy Procedures Standards Security Controls
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More information(d-5273) CCIE Security v3.0 Written Exam Topics
(d-5273) CCIE Security v3.0 Written Exam Topics CCIE Security v3.0 Written Exam Topics The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please
More informationIINS Implementing Cisco Network Security 3.0 (IINS)
IINS Implementing Cisco Network Security 3.0 (IINS) COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationVoice over IP Security
Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with
More informationTim Bovles WILEY. Wiley Publishing, Inc.
Tim Bovles WILEY Wiley Publishing, Inc. Contents Introduction xvii Assessment Test xxiv Chapter 1 Introduction to Network Security 1 Threats to Network Security 2 External Threats 3 Internal Threats 5
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationImplementing Cisco IOS Network Security v2.0 (IINS)
Implementing Cisco IOS Network Security v2.0 (IINS) Course Overview: Implementing Cisco IOS Network Security (IINS) v2.0 is a five-day instructor-led course that is presented by Cisco Learning Partners
More informationSecuring Networks with Cisco Routers and Switches 1.0 (SECURE)
Securing Networks with Cisco Routers and Switches 1.0 (SECURE) Course Overview: The Securing Networks with Cisco Routers and Switches (SECURE) 1.0 course is a five-day course that aims at providing network
More informationCconducted at the Cisco facility and Miercom lab. Specific areas examined
Lab Testing Summary Report July 2009 Report 090708 Product Category: Unified Communications Vendor Tested: Key findings and conclusions: Cisco Unified Communications solution uses multilayered security
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationSNRS. Securing Networks with Cisco Routers and Switches. Length 5 days. Format Lecture/lab
Length 5 days Format Lecture/lab Version 3.0 SNRS Course Description SNRS 1.0 is a 5-day, lab-intensive course that provides the knowledge and skills needed to secure Cisco IOS router and switch networks.
More informationCisco. A Beginner's Guide Fifth Edition ANTHONY T. VELTE TOBY J. VELTE. City Milan New Delhi Singapore Sydney Toronto. Mc Graw Hill Education
Cisco A Beginner's Guide Fifth Edition ANTHONY T. VELTE TOBY J. VELTE Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore Sydney Toronto Contents
More informationCCNA Security. IINS v2.0 Implementing Cisco IOS Network Security (640-554)
CCNA Security Öngereksinimler: CCNA http://www.cliguru.com/ccna Kurs Tanımı: CCNA Security network'ün temellerini anlamış olan katılımcılara network güvenliği hakkında temel bilgi sağlamaya yönelik hazırlanmış
More informationCisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release
Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release PB526545 Cisco ASA Software Release 8.2 offers a wealth of features that help organizations protect their networks against new threats
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Fundamental Principles of a Secure Network
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationInformation Security Policy
Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current
More informationSecuring end devices
Securing end devices Securing the network edge is already covered. Infrastructure devices in the LAN Workstations Servers IP phones Access points Storage area networking (SAN) devices. Endpoint Security
More informationAsheville-Buncombe Technical Community College Department of Networking Technology. Course Outline
Course Number: SEC 150 Course Title: Security Concepts Hours: 2 Lab Hours: 2 Credit Hours: 3 Course Description: This course provides an overview of current technologies used to provide secure transport
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationHow To Extend Security Policies To Public Clouds
What You Will Learn Public sector organizations without the budget to build a private cloud can consider public cloud services. The drawback until now has been tenants limited ability to implement their
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationPCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data
White Paper PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data Using credit cards to pay for goods and services is a common practice. Credit cards enable easy and
More informationHow To Secure A Voice Over Internet Protocol (Voip) From A Cyber Attack
DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page
More informationCCIE Security Written Exam (350-018) version 4.0
CCIE Security Written Exam (350-018) version 4.0 Exam Description: The Cisco CCIE Security Written Exam (350-018) version 4.0 is a 2-hour test with 90 110 questions. This exam tests the skills and competencies
More informationA host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationThe IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title
Introduction The CCNA Security IINS exam topics have been refreshed from version 2.0 to version 3.0. This document will highlight exam topic changes between the current 640-554 IINS exam and the new 210-260
More informationENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0
ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS Version 2.0 July 20, 2012 Table of Contents 1 Foreword... 1 2 Introduction... 1 2.1 Classification... 1 3 Scope... 1
More informationSECURE DATA CENTER DESIGN. Piotr Wojciechowski (CCIE #25543)
SECURE DATA CENTER DESIGN Piotr Wojciechowski (CCIE #25543) ABOUT ME Senior Network Engineer MSO at VeriFone Inc. Previously Network Solutions Architect at one of top polish IT integrators CCIE #25543
More informationCisco Certified Security Professional (CCSP)
529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Security Professional (CCSP) Program Summary This instructor- led program with a combination
More informationEC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led
EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.
More informationNEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus CSCI - 440 Network Security and Perimeter Protection 3-0-3 CATALOG DESCRIPTION This
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationPKI Uncovered. Cisco Press. Andre Karamanian Srinivas Tenneti Francois Dessart. 800 East 96th Street. Indianapolis, IN 46240
PKI Uncovered Andre Karamanian Srinivas Tenneti Francois Dessart Cisco Press 800 East 96th Street Indianapolis, IN 46240 Contents Introduction XIII Part I Core Concepts Chapter 1 Crypto Refresh 1 Confidentiality,
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More informationCisco ASA. Administrators
Cisco ASA for Accidental Administrators Version 1.1 Corrected Table of Contents i Contents PRELUDE CHAPTER 1: Understanding Firewall Fundamentals What Do Firewalls Do? 5 Types of Firewalls 6 Classification
More informationSECURITY. Risk & Compliance Services
SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize
More informationHögskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :
Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh Written Exam in Network Security ANSWERS May 28, 2009. Allowed aid: Writing material. Name (in block letters)
More informationSecuring Unified Communications for Healthcare
Securing Unified Communications for Healthcare Table of Contents Securing UC A Unique Process... 2 Fundamental Components of a Healthcare UC Security Architecture... 3 Making Unified Communications Secure
More informationVoice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005
Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in
More informationAutomating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0
WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,
More informationThings I can do to protect my network from getting Hacked!!!!!! Jazib Frahim, Technical Leader
Things I can do to protect my network from getting Hacked!!!!!! Jazib Frahim, Technical Leader Cisco Support Community Expert Series Webcast Today s featured expert is Cisco Technical Leader Ask him questions
More informationFirewall Audit Techniques. K.S.Narayanan HCL Technologies Limited
Firewall Audit Techniques K.S.Narayanan HCL Technologies Limited Firewall Management Technology Network Security Architecture Firewall Placement Firewall Appliance Rule base compliance with security policy
More informationSecure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco
Secure Access into Industrial Automation and Systems Industry Best Practice and Trends Serhii Konovalov Venkat Pothamsetty Cisco Vendor offers a remote firmware update and PLC programming. Contractor asks
More informationCisco ASA 5500 Series Unified Communications Deployments
5500 Series Unified Communications Deployments Cisco Unified Communications Solutions unify voice, video, data, and mobile applications on fixed and mobile networks, enabling easy collaboration every time,
More informationNetwork Security. Intertech Associates, Inc.
Network Security Intertech Associates, Inc. Agenda IT Security - Past to Future Security Vulnerabilities Protecting the Enterprise What do we need in each site? Requirements for a Security Architecture
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More information642 552 Securing Cisco Network Devices (SND)
642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,
More informationHow To Pass A Credit Course At Florida State College At Jacksonville
Form 2A, Page 1 FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE COURSE NUMBER: CTS 2658 COURSE TITLE: PREREQUISITE(S): COREQUISITE(S): Managing Network Security CNT 2210 with grade
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationDMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
More informationDeveloping the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009
Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in
More informationBest Practices for Outdoor Wireless Security
Best Practices for Outdoor Wireless Security This paper describes security best practices for deploying an outdoor wireless LAN. This is standard body copy, style used is Body. Customers are encouraged
More informationBest Practices for PCI DSS V3.0 Network Security Compliance
Best Practices for PCI DSS V3.0 Network Security Compliance January 2015 www.tufin.com Table of Contents Preparing for PCI DSS V3.0 Audit... 3 Protecting Cardholder Data with PCI DSS... 3 Complying with
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationCH ENSA EC-Council Network Security Administrator Detailed Course Outline
CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical
More informationProfessional Profile Company Experience & Biography SixNet Consulting Group .SixNetConsulting
Professional Profile Company Experience & Biography SixNet Consulting Group SixNet Consulting Group, LLC Michel Thomatis, CCIE #6778 March 12, 2007 Overview 10 Years of Networking & System Experience Cisco
More informationCisco ASA, PIX, and FWSM Firewall Handbook
Cisco ASA, PIX, and FWSM Firewall Handbook David Hucaby, CCIE No. 4594 Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA Contents Foreword Introduction xxii xxiii Chapter 1 Firewall
More informationIPv6 Security. Scott Hogg, CCIE No. 5133 Eric Vyncke. Cisco Press. Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA
IPv6 Security Scott Hogg, CCIE No. 5133 Eric Vyncke Cisco Press Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA Contents Introduction xix Chapter 1 Introduction to IPv6 Security 3 Reintroduction
More informationSecurity. AAA Identity Management. Premdeep Banga, CCIE #21713. Cisco Press. Vivek Santuka, CCIE #17621. Brandon J. Carroll, CCIE #23837
AAA Identity Management Security Vivek Santuka, CCIE #17621 Premdeep Banga, CCIE #21713 Brandon J. Carroll, CCIE #23837 Cisco Press 800 East 96th Street Indianapolis, IN 46240 ix Contents Introduction
More informationFirewalls and VPNs. Principles of Information Security, 5th Edition 1
Firewalls and VPNs Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to: Understand firewall technology and the various approaches
More informationNetworking: EC Council Network Security Administrator NSA
coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationNETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9
NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationCISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
More informationCisco IOS Advanced Firewall
Cisco IOS Advanced Firewall Integrated Threat Control for Router Security Solutions http://www.cisco.com/go/iosfirewall Presentation_ID 2007 Cisco Systems, Inc. All rights reserved. 1 All-in-One Security
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) Course Introduction Course Introduction Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function Organization of the
More informationInfor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationSecurity Controls What Works. Southside Virginia Community College: Security Awareness
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
More informationRequest for Proposal INFORMATION SECURITY ASSESSMENT SERVICES RFP #12-680-004. Addendum 1.0
Request for Proposal INFORMATION SECURITY ASSESSMENT SERVICES RFP #12-680-004 Addendum 1.0 ISSUE DATE: February 23, 2012 Receipt of this addendum should be acknowledged on the Proposal Form. Inquiries
More informationHEC Security & Compliance
HEC Security & Compliance SAP Security, Risk & Compliance Office November, 2014 Public Version 2.0 Details Introduction Overview Security Offering Approach Certifications Introduction Dear Customer, Information
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationSecurity Technology: Firewalls and VPNs
Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up
More informationSIP Trunking. Cisco Press. Christina Hattingh Darryl Sladden ATM Zakaria Swapan. 800 East 96th Street Indianapolis, IN 46240
SIP Trunking Christina Hattingh Darryl Sladden ATM Zakaria Swapan Cisco Press 800 East 96th Street Indianapolis, IN 46240 SIP Trunking Contents Introduction xix Part I: From TDM Trunking to SIP Trunking
More information"Charting the Course...
Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content
More informationRon Shuck, CISSP, CISM, CISA, GCIA Infrastructure Security Architect Spirit AeroSystems
Ron Shuck, CISSP, CISM, CISA, GCIA Infrastructure Security Architect Spirit AeroSystems VOIP Components Common Threats How Threats are Used Future Trends Provides basic network connectivity and transport
More informationNetwork Security Guidelines. e-governance
Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type
More informationIPS AIM for Cisco Integrated Services Routers
IPS AIM for Cisco Integrated Services Routers Technical Overview James Weathersby, TME, ARTG Tina Lam, Product Manager, ARTG 1 Cisco Integrated Threat Control Industry-Certified Security Embedded Within
More informationInternet Content Provider Safeguards Customer Networks and Services
Internet Content Provider Safeguards Customer Networks and Services Synacor used Cisco network infrastructure and security solutions to enhance network protection and streamline compliance. NAME Synacor
More informationSecuring Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
More informationFirewall and Router Policy
Firewall and Router Policy Approved By: \S\ James Palmer CSC Loss Prevention Director PCI Policy # 1600 Version # 1.1 Effective Date: 12/31/2011 Revision Date: 12/31/2014 December 31, 2011 Date 1.0 Purpose:
More informationState of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005
State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationNetwork Security Topologies. Chapter 11
Network Security Topologies Chapter 11 Learning Objectives Explain network perimeter s importance to an organization s security policies Identify place and role of the demilitarized zone in the network
More informationDescription: Objective: Attending students will learn:
Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of
More informationPCI Solution for Retail: Addressing Compliance and Security Best Practices
PCI Solution for Retail: Addressing Compliance and Security Best Practices Executive Summary The Payment Card Industry (PCI) Data Security Standard has been revised to address an evolving risk environment
More information"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary
Course Summary Description The objective of this course is to provide the foundational concepts and teach the skills necessary to implement, configure, secure and monitor a Citrix NetScaler system with
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More information