CH 2
CH 2
CH 2
Security Threats
Chapter Outline
Securing Networks
Network Threats
Mitigating Threats
1.Securing Networks
Securing networks is an essential aspect of network security, as it involves implementing
measures to prevent unauthorized access, protect data, and ensure the continuity of operations.
By following these best practices, organizations can improve their network security posture and
reduce the risk of cyber-attacks.
1.Securing Networks
key steps Establish a security policy: Develop a comprehensive security policy that
outlines the rules, procedures, and technologies required to secure the network.
to
consider Secure network infrastructure: Secure the network infrastructure by
when implementing firewalls, intrusion detection and prevention systems, and access
control mechanisms.
securing
networks: Implement strong authentication mechanisms: Implement strong authentication
mechanisms such as multi-factor authentication (MFA) and strong passwords to
ensure that only authorized users can access the network.
1.Securing Networks
key steps
to Educate users
consider
when
securing Use data encryption: Use encryption to protect data as it is transmitted
across the network. Encryption can help to prevent eavesdropping and
networks: ensure that data remains confidential and secure.
1.Securing Networks
Vectors of data loss refers to the various ways in which data can be lost or become
inaccessible. These vectors can include:
Email/Webmail
Unencrypted Devices
Removable Media
Hard Copy
A network topology is the physical and logical arrangement of nodes and connections
in a network. Nodes usually include devices such as switches, routers and software
with switch and router features. Network topologies are often represented as a graph.
Bring your Own Device (BYOD) is the set of policies in a business that allows
employees to use their own devices – phone, laptop, tablet or whatever – to
access business applications and data.
Data encryption, PIN enforcement, data wipe, data loss prevention and root detection
2. Network Threats
2.1 Who is Hacking Our Networks?
A White Hat Hacker : A White Hat hacker is someone who deals with ethical hacking.
A Black Hat hacker is someone unethical in nature and breaks into systems for personal gains.
A Grey Hat hacker is something between a white and a black hat hacker.
◦ They generally do not have intentions to hurt anyone and do not exploit systems for any
personal benefits but may knowingly or unknowingly commit malicious acts during their
exploits.
Penetration testing tools
Password crackers, wireless hacking, network scanning and hacking, packet sniffers, rootkit
detectors, search vulnerabilities, Forensic, debuggers, hacking operating systems, encryption,
vulnerability exploitation and vulnerability Scanners
2.2 Hackers Tools
Exploitation Tools: These are tools used to find and exploit vulnerabilities
in computer systems, applications, and networks.
Categories of Password Cracking Tools: These tools are used to crack or guess
attack tools used passwords, which can be used to gain unauthorized access to systems or
in cybersecurity data.
Network Scanning Tools: These tools are used to scan networks for open
ports, operating systems, and other system information that can be used in
attack process.
2.2 Hackers Tools
Sniffing and Spoofing Tools: These tools are used to intercept and manipulate network traffic,
allowing attackers to steal data or launch further attacks.
Denial of Service (DoS) Tools: These tools are used to flood a target system or network with
Categories of traffic, making it unavailable to legitimate users.
attack tools used
in cybersecurity
Social Engineering Tools: These tools are used to trick people into revealing sensitive
information or performing actions that can be used to compromise a system or network
Remote Access Tools: These tools are used to gain remote access to a system or network, often
by exploiting vulnerabilities or using stolen credentials.
Various Types of Malware
Trojan Horse Classification
Security software disabler
Remote-access
Data-sending
Destructive
Proxy
FTP
DoS
Worms
Implement firewalls
Provide cybersecurity Conduct regular Develop an incident
and intrusion detection
training for employees security assessments response plan
systems
2.3 Mitigating
Threats
Risk assessment
Security policy
Organization of information security
Asset management
Human resources security
Physical and environmental security
Communications and operations management
Information systems acquisition, development, and maintenance
Access control
Information security incident management
Defending the Network
Best practices:
Develop a written security policy.
Educate employees about the risks of social engineering, and develop strategies to validate identities over the phone, via
email, or in person.
Control physical access to systems.
Use strong passwords and change them often.
Encrypt and password-protect sensitive data.
Implement security hardware and software.
Perform backups and test the backed-up files on a regular basis.
Shut down unnecessary services and ports.
Keep patches up-to-date by installing them weekly or daily to prevent buffer overflow and privilege escalation attacks.
Perform security audits to test the network.
Mitigat
ing
Malwar
e
Mitigating Worms
Containment
Inoculation Quarantine
Treatment
Mitigating
Reconnais
sance
Attacks
Mitigatin
g Access
Attacks
Mitigating
DoS
Attacks