Network Security
Download
Report
Transcript Network Security
BTEC IT Unit 09 - Lesson 11
Network Security
Mr C Johnston
ICT Teacher
www.computechedu.co.uk
Session Objectives
Know risks associated with unsecure networks,
Know different security measures which network technicians
and managers use to keep a network secure,
Carry out a range of different configurations which will help to
protect a network from potential security threats.
Network Security
Networks are part of our everyday lives and are often as risk
from potential security threats,
Ensuring that network are secure is paramount not only to
protect the data which is held on servers but also the
potential impact of network failure can be financially costly.
As a network administrator you must ensure that:
Security software is up to date on all clients and servers,
Firewalls are check regually,
Privileges (who has access to what and why) are checked frequently,
No business decision will compromise the network and vice versa.
Hijacking
USB drives /
optical media
Wireless access
points / WIFI
Lack of
employee
alertness
DoS
Trojans /
Trojan Humans
Eavesdropping
Potential
Potential
Network
Network Security
Security
Threats
Threats
Flooding
Identity Spoofing (IP
Address Spoofing)
Sniffing
Data
Modification
Mapping
Social
engineering
Employees
bringing in own Man-in-thedevices
Middle Attack
CompromisedPasswordE-mail
ApplicationKey Attack
Based Attacks
Layer Attack
(denial of service attacks)
Measures to Help Prevent
Potential Security Threats
Password policies
Authentication techniques
Access control list
Permissions and user rights
Backing up and restoring
Encrypting
Biometrics
Vetting and control of personnel
Physical security measures (CCTV, Lock and key)
Firewalls
Software protection
Impacts to Consider
Each potential network security threat will cause some form of
harm to an organisation
Impacts to consider include
The impact of loss of service,
The impact of loss of business or income e.g. through loss of customer
records,
Potential increased costs,
The impact of loss of confidentially,
The impact of compromised data integrity,
The impact of potential security issues caused by a viral infections,
malware, Trojans, worms, spyware and adware
M3 Instructions1
For Each Potential Network Security Threat Report on…..
What the threat is
Potential impacts of the security threat on VeNew’s
business
The impact of loss of service,
The impact of loss of business or income e.g. through loss of customer
records,
Potential increased costs,
The impact of loss of confidentially,
The impact of compromised data integrity,
The impact of potential security issues
How VeNew could prevent the threat
M3 Instructions2
Security Threat
Description
Impacts on VeNew’s
Business
Potential
Prevention
Method
M3: Impacts to Business from Insecure Network Security Threats
Security Threat
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Impacts of Security Threat on VeNew
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Potential Methods to Prevent The Threat
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
M3 Instructions3
For M3 the impact of each security threat you have explained
must be fully thought about and explained, as well as an
overview of the threat and how to prevent it.
Explain (almost stress test) the impacts of each threat against
these factors
network services lost by the threat and their impact on VeNew
any potential loss of business / income caused by the threat and the
impact on VeNew
any potential costs to the VeNew of sorting out the security threat
any potential breach of confidentially caused by the threat and the
impact of that on VeNew
any potential comprise to data integrity caused by the threat and the
impact of that on VeNew
Making Network Secure Activities
Activities which can help to make a network secure include:
Creating a new user account with a sensible username and password,
Apply permissions to the account for group membership, restrict login hours, restrict machines can log
into etc.
Create a security group and add users to it,
Create a group policy object to restrict what users have access to on a client machine,
Set authorisation permissions for the user to access a shared drive or folder on the network,
Grant the user with Read, Write and Execute access controls to a shared drive or folder on the network,
Create a password policy on the server,
Set an access control rule on the servers file wall – open up / restrict ports,
Schedule a folder to be backed up to either the NAS box or to tape,
Delete and then restore the folder from the last available back‐up,
Encrypt the data stored in the shared drive or folder so that it remains secure,
Review the physical security of the server and recommend how this could be improved,
Install Anti-Virus software on a client machine and ensure its scheduled to automatically scan the
machine and update,
Install a screen saver with a password on a client workstation,
Remove a virus using Antivirus software.
Activity Guidance
P6 requires you to complete as many of the activities on the
list as possible,
Some activities can be done on the E108 network others can
be done on stand alone machines –
Some software will be available to assist you on my website,
Create screenshot evidence to illustrate each activity.
P6 – Make a networked system secure
M3 – Report on the business risks of insecure networks and how they
can be minimised
•
•
Programming Constructs
P6 will be evidenced with observation records and/or witness statements, which
should be supplemented with screen shots and other paperwork to show what
activities have been carried
For M3 you need to try and apply the risks to VeNew - the verb report suggests that
you simply give information on the fact requested.