APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/



Similar documents
Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Instructions on TLS/SSL Certificates on Yealink Phones

Cornerstones of Security

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using Voltage Secur

Information Security

Ensuring the security of your mobile business intelligence

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Client Server Registration Protocol

Voltage's Encrypted

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Using etoken for Securing s Using Outlook and Outlook Express

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Securing your Online Data Transfer with SSL

Is your data safe out there? -A white Paper on Online Security

Network Security - ISA 656 Security

CSE/EE 461 Lecture 23


CS 356 Lecture 28 Internet Authentication. Spring 2013

Secure Frequently Asked Questions

Content Teaching Academy at James Madison University

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Security Digital Certificate Manager

Network Security Protocols

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Ensuring the security of your mobile business intelligence

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Network Security Administrator

Security Digital Certificate Manager

Building A Secure Microsoft Exchange Continuity Appliance

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

White Paper. Securing and Integrating File Transfers Over the Internet

Why you need secure

Advanced Administration

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.

Webmail Using the Hush Encryption Engine

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

Networking: EC Council Network Security Administrator NSA

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

McAfee Firewall Enterprise 8.2.1

Overview. SSL Cryptography Overview CHAPTER 1

VPN. Date: 4/15/2004 By: Heena Patel

ERserver. iseries. Secure Sockets Layer (SSL)

Network Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering

Introduction to Cyber Security / Information Security

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

Fundamentals of Network Security - Theory and Practice-

Internet Programming. Security

User Security Education and System Hardening

Getting a Secure Intranet

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Implementing Cisco IOS Network Security

McAfee Firewall Enterprise 8.3.1

Chapter 8. Network Security

Implementing Cisco IOS Network Security v2.0 (IINS)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

Setting Up Scan to SMB on TaskALFA series MFP s.

Fundamentals of a Windows Server Infrastructure MOC 10967

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

Securing Internet Facing. Applications. Technical White Paper. configuration drift, in which IT members open up ports or make small, supposedly

Security: Focus of Control. Authentication

Reading an sent with Voltage Secur . Using the Voltage Secur Zero Download Messenger (ZDM)

Secure Mail Registration and Viewing Procedures

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

Passing PCI Compliance How to Address the Application Security Mandates

Blue Jeans Network Security Features

INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM

Security Management. Keeping the IT Security Administrator Busy

Chapter 10. Network Security

Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester

Who Controls Your Information in the Cloud?

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

WHITE PAPER. Managed File Transfer: When Data Loss Prevention Is Not Enough Moving Beyond Stopping Leaks and Protecting

Complying with PCI Data Security

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Frequently Asked Questions. Frequently Asked Questions SSLPost Page 1 of 31 support@sslpost.com

COSC 472 Network Security

Chapter 8 Security Pt 2

Strong Security in Multiple Server Environments

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

NATIONAL SECURITY AGENCY Ft. George G. Meade, MD

Secur User Guide

Savitribai Phule Pune University

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Enhanced Security for Online Banking

EXAM questions for the course TTM Information Security May Part 1

Information Security Basic Concepts

Readiness Assessments: Vital to Secure Mobility

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Website Privacy Policy Statement York Rd Lutherville, MD We may be reached via at

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

Understanding Digital Certificates and Secure Sockets Layer (SSL)

The Benefits of SSL Content Inspection ABSTRACT

Personal Secure Certificate

Transcription:

DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing attack? Would a firewall be able to prevent a phishing attack? Why or why not? 9/13/2014 1:18:42 PM Phishing attacks can pretty much happen anytime, anywhere---meaning, it could happen via your home email, work email, personal mobile phone, work mobile phone, instant messaging services. The first level of defense is training and educating yourself about phishing attacks (APWG, n.d.). I know in the company I work, we have once a year training about phishing attacks, along with other hacking attempts (such as social engineering). Honestly, a phishing attack is a form of social engineering, in that the attempt is masked as a legitimate communication. The whole point of phishing is to get user information related to security, such as usernames and passwords. If I were the network manager, I would make sure to provide good examples of what phishing looks like for other staff members; this would include being aware of a sender s address (even a spoofed one), watching out for scam-like email content, and instruction to never click on links in emails, especially pictures which may contain hidden links. Do firewalls prevent phishing attacks? The answer to this is yes and no. If there are known domains and URLs for phishing sites, they can be added to the firewall to restrict access to those sites (Warren, 2005). We actually have something like this where I work; we call them black listed. Black listed sites will not allow traffic going in or out to the known phishing sites. The real problem extends beyond just the known sites; thus a firewall will not and cannot prevent all phishing attacks. The best approach is to have a multi-tiered strategy for reducing or preventing phishing scams---training, firewalls, network appliances, and anti-phishing software. Something that is quite scary, is that as social networking and media are exploding onto the scene, phishing scams are also increasing. That means we need to become more aware of what we are clicking on, and whether or not the information or media is from a reputable site. Some other good practices would include not signing online posts with your email address or leaving telephone numbers on blogs. Something else to consider is that phishing can happen even through instant messaging; which is something many mobile users use these days. Ultimately, it is our responsibility to make sure we know what we re clicking on and what we re opening--- inside and outside of the business world. References APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

Warren, Steven. (2005/8/4). 12 steps to avoid phishing scams. Retrieved from http://www.techrepublic.com/article/12-steps-to-avoid-phishing-scams/ 9/13/2014 3:02:00 PM DB2 The ISO defines five key areas of network management. Would you say that one of these key areas is more important than the others? Why or why not? When considering network management, ISO defines five primary categories---they are fault management, accounting management, configuration management, performance management, and security management (Cisco, n.d.). Fault management is about detecting network problems and automatically fixing them. Accounting management is assessing network utilization for accounting purposes. Configuration management is where hardware and software versioning are tracked to increase the network s efficiency, to maintain inventory, and to aide in maintenance and upgrade schedules. Performance management is just how it sounds; it is used for performance reporting on network devices and servers, which can in turn be used for network efficiency, upgrades, and troubleshooting. Now, which one is more important? Personally, I think they all have their own level of importance within the network management model. However, Cisco (n.d.) does say one is implemented more than the rest; and that is fault management. Fault management can detect possible faults even before they happen; this is accomplished through network discovery, management data browsers, performance data collectors and graphers, and event handlers (Cisco, n.d., para. 7). Even when network faults happen, they can be isolated and corrected automatically; thus, I believe the most important area would be fault management. Do checkout the Cisco site listed in my references; they have done an excellent job detailing each of the areas. References Cisco. (n.d.). Network Management System: Best Practices White Paper. Retrieved from http://www.cisco.com/c/en/us/support/docs/availability/high-availability/15114-nmsbestpractice.html Respond

9/14/2014 1:25:01 PM You made some excellent points about what system admins can do to reduce or stop phishing attacks. Of course, educating the staff is always good, but I completely forgot about policies. Policies give companies a way to enforce the organizations rules. For example, if it is company policy that employees not download, respond, or open emails from unknown users, or from unknown addresses, the policy will help make sure employees follow the rules (or else suffer the consequences). I know for us, we have a whole book of policies around security and privacy, which include social engineering. 9/14/2014 1:52:01 PM Those are excellent examples for reducing phishing attacks. It really is important to address phishing at multiple levels; this would include education, policies, firewalls, and even hardware and software anti-spam products. At the company I work for, we have yearly training on security. Of course, phishing goes beyond just the workplace; it also includes our personal and private lives. I recently received an email from Microsoft (supposedly) asking me to reset my password and to follow a link to do it. When I hovered over the sender s address, it said it was Gmail. This was an obvious phishing scam. 9/14/2014 2:15:42 PM I agree; all security controls are important to hardening the network. Like most things in life, there is always more than one way to do something; hardening the network is no different. The fault management area is good (possibly the best) but cannot stand alone. I know for most companies there is a NOC (network operation center), InfoSec (information security) team, as well as your network engineers all working to maintain a network. You mentioned corporate assets; corporate assets are definitely important, and need to be constantly and consistently reviewed for administrative purposes; this is where the different areas of network management are important. 9/14/2014 2:53:43 PM That is a great analogy about the car and three wheels. Network management and security is very much like that analogy. It takes multiple systems, models, strategies, and even teams of people to properly maintain the security and integrity of networks. I did actually choose fault management as the most important, but only because Cisco stated that area of management is the most implemented. Fault management s main purpose is detection and automatically fixing problems. I do see this particular area of management as highly important, because if any type of problem can be resolved without human intervention, it saves the company money.

Network Security and Management In the first part of this unit, fundamental cryptography techniques for encrypting information, authenticating the receiver of the information, and ensuring message integrity will be covered. Fundamental cryptography principles that are used to create secure networking protocols will be examined. Securing e-mail, securing a TCP connection, providing security at the network layer, and how to secure a wireless LAN will also be explored. Operational security, which is about protecting organizational networks from attacks, will be discussed. Firewalls and intrusion detection systems that enhance the security of an organizational network will also be discussed. With potentially thousands of network components spread out over a wide area, a network administrator in a network operations center (NOC) requires specific tools for managing a network. The architecture, protocols, and information base used by network administrators to monitor, manage and control a network will also be examined. Outcomes After completing this unit, you should be able to: Explain several network security protocols and their similarities and differences. Evaluate a variety of network security and management tools. Recommend the most appropriate network security design for a given scenario. Plan and describe methods of implementing firewalls and IDS systems. Assess network administration tools and examine their significance in a range of network environments. Course outcome(s) practiced in this unit: IT530-2: Explore management aspects of protocols and topologies. What do you have to do in this unit?

Complete assigned Reading. Complete the Mini-Lab and Reflection Activity in the Reading area. Participate in Discussion. Complete unit Assignment. Complete Portfolio Assignment. Review Program Portfolio. Textbook Reading for this Unit: Read Chapter 8, Security in Computer Networks and Chapter 9, Network Management. Textbook Reading Summary: Network security depends on a number of components all working together to provide a secure environment. Encryption techniques ensure that messages remain private between a sender and the intended recipient. Message integrity techniques ensure that messages are not altered during transmission. Information and network security techniques can be implemented throughout the layers of a network architecture to provide privacy and integrity, as well as protecting the network and its users from a variety of attacks. Network management includes a variety of tools and techniques for administering networks of all sizes. A network manager administering a large distributed network will require a different tool-set from a manager administering a LAN-sized network, but many of the principles involved remain the same. There are a number of security principles that provide a foundation for secure communications. These principles include cryptographic techniques that allow users to encrypt and decrypt data, including symmetric key cryptography, public key cryptography, as well as DES and RSA. Message integrity can be ensured using message authentication codes and digital signatures. Both techniques use hash functions and allow a sender to verify the source of a message as well as the integrity of the message itself. Digital signatures are used to create digital certificates, which are used in turn to verify the validity of public keys.

PGP, SSL, IPsec, and wireless security all require the use of symmetric key cryptography. In order to manage a network of any size, the infrastructure of the network must be well understood. For any network, there will be three principal components of a network management infrastructure: the managing entity, the managed devices and a network management protocol. Confidentiality: The quality of ensuring that the contents of a message will not be seen or understood by any other party other than the authorized sender and authorized recipient. Message integrity: A method for ensuring that the contents of a message when received are identical to the contents as when sent. End-point authentication: Methods for confirming the identity of both sender and receiver of a message. Cryptography: A variety of methods for disguising data in such a manner that it can only be read by recipients that have the appropriate method and key for "undisguising" the data. Symmetric key cryptography: Symmetric key cryptography requires both sender and receiver to have an identical secret key in order to encrypt or decrypt data. Asymmetric key cryptography: Asymmetric key cryptography requires a public key and a private key. Only the sender holds the private key, while the public key can be seen and used by anyone. Traffic monitoring: A mechanism for monitoring network traffic in order to discern patterns. Network management: The administration of network hardware, software, and user activity. Network management also includes monitoring and evaluating the performance of the network, as well as securing the network from exterior intrusions or exploits. Source: Kurose, J. F., & Ross, K. W. (2013). Computer networking: A top-down approach. (6 ed.). Boston, Massachusetts: Addison-Wesley.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information