Scribd
Upload
82 views15 pages

CCNAv2 Chapter 04

This document discusses security concepts and architectures. It defines key security terms like threats, vulnerabilities, and mitigation techniques. It also describes different types of security attacks like spoofing, denial-of-service, man-in-the-middle, and malware like trojan horses and viruses. The document summarizes different authentication methods like passwords, two-factor authentication using certificates or biometrics. It also provides a simplified view of authentication, authorization, and accounting (AAA) processes. The overall goal is to help readers understand security architectures and common security threats.

Uploaded by

medrek
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
82 views15 pages

CCNAv2 Chapter 04

This document discusses security concepts and architectures. It defines key security terms like threats, vulnerabilities, and mitigation techniques. It also describes different types of security attacks like spoofing, denial-of-service, man-in-the-middle, and malware like trojan horses and viruses. The document summarizes different authentication methods like passwords, two-factor authentication using certificates or biometrics. It also provides a simplified view of authentication, authorization, and accounting (AAA) processes. The overall goal is to help readers understand security architectures and common security threats.

Uploaded by

medrek
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

CCNA 200-301, Volume 2

Chapter 4
Security Architectures
Objectives
• Define key security concepts (threats,
vulnerabilities, exploits, and mitigation techniques)
• Describe security program elements (user
awareness, training, and physical access control)
• Describe security password policies elements, such
as management, complexity, and password
alternatives (multifactor authentication, certificates,
and biometrics)
• Differentiate authentication, authorization, and
accounting concepts
Example of an Enterprise Closed
System
Example Enterprise Extends Beyond Its
Own Boundary
Security Terminology Illustrated
Sample Spoofing Attack
Sample Denial-of-Service Attack
A Sample Reflection Attack
A Man-in-the-Middle Attack Begins
A Man-in-the-Middle Attack Succeeds
Summary of Address Spoofing Attacks
Goal DoS/DDoS Reflection Amplification Man-in-the-
Middle
Exhaust a system Yes No No No
service or resource;
crash the target system
Trick an unwitting No Yes Yes No
accomplice host to send
traffic to target
Eavesdrop on traffic No No No Yes
Modify traffic passing No No No Yes
through
Summary of Malware Types
Characteristic Trojan Horse Virus Worm
Packaged inside Yes No No
other software
Self-injected into No Yes No
other software
Propagates No No Yes
automatically
Summary of Human Security Vulnerabilities
Attack Type Goal
Social engineering Exploits human trust and social behavior
Phishing Disguises a malicious invitation as something legitimate
Spear phishing Targets group of similar users
Whaling Targets high-profile individuals
Vishing Uses voice calls
Smishing Uses SMS text messages
Pharming Uses legitimate services to send users to a compromised
site
Watering hole Targets specific victims who visit a compromised site
Summary of Password Authentication
and Alternatives

Characteristic Password Two- Digital Biometric


Only Factor Certificates
Something you know Yes Yes
Something you have Yes Yes
Something you are Yes
Simplified View of AAA

You might also like