Date post: | 22-Dec-2015 |
Category: |
Documents |
Upload: | caroline-lambert |
View: | 217 times |
Download: | 0 times |
Physical and Hardware Security
Chapter 15Networking Essentials
Spring, 2013
Defining FirewallsFirewalls are a combination of ___ & ___
What is a “black box?” (p. 502)
Default deny or default allow – which one?
Types of FirewallsNetwork-based firewalls protect __ from __.
Host-based firewalls protect ____.
Access Control ListsHow they are processed
Lines are compared in sequential orderAfter a match is made, ACL is exitedImplicit deny at the end – why?
Standard ACLs vs Extended ACLsInbound vs outbound ACLs
Ways to make things more secure
DMZ - Image on page 507Protocol switching – shift to IPX – why?Proxy Services
IP proxyWeb proxyFTP proxySMTP proxy
More Firewall StuffNetwork Layer Firewalls
Stateful – Stateless –
Application Layer FirewallsSlower, because they …
Scanning ServicesDefault Scanning Settings:
Filtering for ContentCommon things to filter:
Local Browser SettingsZones
Trusted Sites
Customizing Settings
Intrusion Detection Systems (IDS)
More of a watchdog than a firewallCan be software or an actual devicePassive responses:
(honeypot) -
VPN ConcentratorsLike a firewall, but made for VPNs
Allows for higher-speed throughput
Allows for encryption
Problems Affecting Device Security
Physical security – where to keep stuff
Climate conditions –
Three barriers to your server –
Security zones ID Badges
Logical Security Configurations
Logging On LocallyOnly administrator can log onto server
Administrator must log on locally – why?
Access-Control PrinciplesUtilize implicit denies
(UNIX) - .allow file(UNIX) - .deny file
Least-privilege model
Separate administrative duties
Rotate administrator jobs
Access Control MethodsMandatory Access Control (MAC) Model…Discretionary Access Control (DAC)… Role-Based Access Control (RBAC)…Rule-Based Access Control (RBAC)…
Unsecure Protocols (UNIX) –(UNIX) –
Secure Protocols