SlideShare a Scribd company logo

Cisco cybersecurity essentials chapter - 6

Mukesh Chinta
Mukesh Chinta

This is the Sixth Chapter of Cisco Cyber Security Essentials course Which discusses the issues related to maintaining the high availability.

1 of 27
Chapter 6: The Five Nines Concept
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 2 Chapter 6: The Five Nines Concept Cybersecurity Essentials v1.1
Presentation_ID 3© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter 6 - Sections & Objectives 6.1 Explain the concept of high availability. 6.2 Explain how high availability measures are used to improve availability. 6.3 Describe how an incident response plan improves high availability. 6.4 Describe how disaster recovery planning plays an important role in implementing high availability.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 4 2.1 High Availability
Presentation_ID 5© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  Five nines mean that systems and services are available 99.999% of the time. It also means that both planned and unplanned downtime is less than 5.26 minutes per year.  High availability refers to a system or component that is continuously operational for a given length of time. To help ensure high availability:  Eliminate single points of failure  Design for reliability  Detect failures as they occur
Presentation_ID 6© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  Although the cost of sustaining high availability may be too costly for some industries, several environments require five nines.  The finance industry needs to main high availability for continuous trading, compliance, and customer trust.  Healthcare facilities require high availability to provide around-the-clock care for patients.  The public safety industry includes agencies that provide security and services to a community, state, or nation.  The retail industry depends on efficient supply chains and the delivery of products to customers. Disruption can be devastating, especially during peak demand times such as holidays.
Presentation_ID 7© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  The following threats pose a high risk to data and information availability.  An unauthorized user successfully penetrates and compromises an organization’s primary database  A successful DoS attack significantly affects operations  An organization suffers a significant loss of confidential data  A mission-critical application goes down  A compromise of the Admin or root user occurs  The detection of a cross-site script or illegal file server share  The defacement of an organization’s website impacts public relations  A severe storm such as a hurricane or tornado  A catastrophic event such as a terrorist attack, building bombing, or building fire  Long-term utility or service provider outage  Water damage as the result of flooding or sprinkler failure
Presentation_ID 8© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  High availability incorporates three major principles to achieve the goal of uninterrupted access to data and services: - single point of failure can include central routers or switches, network services, and even highly skilled IT staff. High availability clusters is one way to provide redundancy. - refers to the capability to maintain availability of data and operational processing despite attacks or disrupting event. This requires redundant systems, in terms of both power and processing, so that should one system fail, the other can take over operations without any break in service. - enables a system to continue to operate if one or more components fail. Data mirroring is one example of fault tolerance.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 9 6.2 Measures to Improve Availability
Presentation_ID 10© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Asset Identification: An organization needs to know what hardware and software assets they have in order to protect them. Asset management includes a complete inventory of hardware and software. This means that the organization needs to know all of components that can be subject to security risks, including:  Every hardware system  Every operating system  Every hardware network device  Every network device operating system  Every software application  All firmware  All language runtime environments  All individual libraries Many organizations may choose an automated solution to keep track of assets.
Presentation_ID 11© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Asset classification - assigns all resources of an organization into a group based on common characteristics. An organization should apply an asset classification system to documents, data records, data files, and disks. The most critical information needs to receive the highest level of protection and may even require special handling. An organization can adopt a labeling system according to how valuable, how sensitive, and how critical the information is. Complete the following steps to identify and classify the assets of an organization: 1. Determine the proper asset identification category. 2. Establish asset accountability by identifying the owner for all information assets and application software. 3. Determine the criteria for classification. 4. Implement a classification schema. Asset Standardization - as part of an IT asset management system, an organization specifies the acceptable IT assets that meet its objectives
Presentation_ID 12© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Threat Identification - The United States Computer Emergency Readiness Team (US-CERT) and the U.S. Department of Homeland Security sponsor a dictionary of common vulnerabilities and exposure (CVE). The CVE identification contains a standard identifier number with a brief description, and references to related vulnerability reports and advisories. Risk Analysis - is the process of analyzing the dangers posed by natural and human-caused events to the assets of an organization. A user performs an asset identification to help determine which assets to protect. Identify assets and their value • Identify vulnerabilities and threats • Quantify the probability and impact of the identified threats • Balance the impact of the threat against the cost of the countermeasure There are two approaches to risk analysis - Quantitative Risk Analysis & Qualitative Risk Analysis
Presentation_ID 13© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential A quantitative analysis assigns numbers to the risk analysis process. Qualitative Risk Analysis uses opinions and scenarios
Presentation_ID 14© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Mitigation - Mitigation involves reducing the severity of the loss or the likelihood of the loss from occurring. Many technical controls mitigate risk including authentication systems, file permissions, and firewalls. Organization and security professionals must understand that risk mitigation can have both positive and negative impact on the organization. There are four common ways to reduce risk: 1. Accept the risk and periodically re-assess 2. Reduce the risk by implementing controls 3. Avoid the risk by totally changing the approach 4. Transfer the risk to a third party
Presentation_ID 15© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Defense in depth will not provide an impenetrable cyber shield, but it will help an organization minimize risk by keeping it one step ahead of cyber criminals. To make sure data and information remains available, an organization must create different layers of protection. A layered approach provides the most comprehensive protection. If cyber criminals penetrate one layer, they still have to contend with several more layers with each layer being more complicated than the previous one. is creating a barrier of multiple defenses that coordinate together to prevent attacks.
Presentation_ID 16© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential access to data and information reduces the possibility of a threat. An organization should restrict access so that users only have the level of access required to do their job. Technology-based solutions such as using file permissions are one way to limit access; an organization should also implement procedural measures. refers to changing the controls and procedures at different layers. Breaching one layer of security does not compromise the whole system. An organization may use different encryption algorithms or authentication systems to protect data in different states. information can also protect data and information. An organization should not reveal any information that cyber criminals can use to figure out what version of the operating system a server is running or the type of equipment it uses. does not necessarily guarantee security. If the process or technology are too complex, misconfigurations or failure to comply can result. Simplicity can actually improve availability.
Presentation_ID 17© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential A single point of failure must be identified and addressed. A single point of failure can be a specific piece of hardware, a process, a specific piece of data, or even an essential utility. Single points of failure are the weak links in the chain that can cause disruption of the organization's operations. The organization can also build redundant components into the critical operation to take over the process should one of these points fail. N+1 redundancy ensures system availability in the event of a component failure. Components (N) need to have at least one backup component (+1). For example, a car has four tires (N) and a spare tire in the trunk in case of a flat (+1).
Presentation_ID 18© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential A redundant array of independent disks (RAID) combines multiple physical hard drives into a single logical unit to provide data redundancy and improve performance. RAID takes data that is normally stored on a single disk and spreads it out among several drives. If any single disk is lost, the user can recover data from the other disks where the data also resides. RAID can also increase the speed of data recovery. Using multiple drives will be faster retrieving requested data instead of relying on just one disk to do the work. When designers build physical redundancy in to a network, loops and duplicate frames occur. Loops and duplicate frames have severe consequences for a switched network. Spanning Tree Protocol (STP) addresses these issues. The basic function of STP is to prevent loops on a network when switches interconnect via multiple paths. STP ensures that redundant physical links are loop-free. It ensures that there is only one logical path between all destinations on the network. STP intentionally blocks redundant paths that could cause a loop.
Presentation_ID 19© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential : The default gateway is typically the router that provides devices access to the rest of the network or to the Internet. If there is only one router serving as the default gateway, it is a single point of failure.  The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as first-hop redundancy.  The following list defines the options available for router redundancy based on the protocol that defines communication between network devices: Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP) and Gateway Load Balancing Protocol (GLBP) - An organization may need to consider location redundancy depending on its needs. The following outlines three forms of location redundancy: • Synchronous - Synchronizes both locations in real time, requires high bandwidth and locations must be close together to reduce latency. • Asynchronous Replication - Not synchronized in real time but close to it, requires less bandwidth and sites can be further apart because latency is less of an issue. • Point-in-time-Replication - Updates the backup data location periodically and is the most bandwidth conservative option because it does not require a constant connection.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 20 6.3 Incident Response Phases
Presentation_ID 21© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Incident response defines the procedures that an organization follows after an event occurs outside the normal range. When an incident occurs, the organization must know how to respond. Organizations needs to develop an incident response plan and put together a Computer Security Incident Response Team (CSIRT) to manage the response. Incident response has consist of four phases: – planning for potential incidents - discovering the incident. Detection and analysis includes Alerts/notifications and Monitoring/follow-up. Incident analysis helps to identify the source, extent, impact, and details of a data breach - efforts to immediately contain or eradicate the threat and begin recovery efforts. The recovery stage includes the actions that the organization needs to take in order to resolve the breach and restore the systems involved. After remediation, the organization needs to restore all systems to their original state before the breach. – investigate the cause of the incident and ask questions to better understand the nature of the threat
Presentation_ID 22© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential There are many technologies that are used to implement an incident response:  Network Admission Control (NAC) - allows network access for authorized users with compliant systems. A compliant system meets all of the policy requirements of the organization.  Intrusion Detection Systems (IDSs) - monitor the traffic on a network. IDS systems are passive.  Intrusion Prevention Systems - operates in inline mode. It can detect and immediately address a network problem.  NetFlow and IPFIX - NetFlow is a Cisco IOS technology that provides statistics on packets flowing through a Cisco router or multilayer switch. The Internet Engineering Task Force (IETF) used Cisco’s NetFlow Version 9 as the basis for IP Flow Information Export (IPFIX).  Advanced Threat Intelligence - can help organizations detect attacks during one of the stages of the cyberattack (and sometimes before with the right information).
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 23 6.4 Disaster Recovery
Presentation_ID 24© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Types of Disasters - It is critical to keep an organization functioning when a disaster occurs. A disaster includes any natural or human-caused event that damages assets or property and impairs the ability for the organization to continue operating. - geological disasters (earthquakes, landslides, volcanoes, and tsunamis), meteorological disasters (hurricanes, tornadoes, snow storms, lightning, and hail), health disasters (widespread illnesses, quarantines, and pandemics) and miscellaneous disasters (fires, floods, solar storms, and avalanches). - Human-caused disasters - labor events (strikes, walkouts, and slowdowns), social-political events (vandalism, blockades, protests, sabotage, terrorism, and war), materials events (hazardous spills and fires) and utilities disruptions (power failures, communication outages, fuel shortages, and radioactive fallout) The Disaster Recovery Plan (DRP) includes the activities the organization takes to assess, salvage, repair, and restore damaged facilities or assets. A DRP needs to identify which processes in the organization are the most critical.
Presentation_ID 25© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  Need for Business Continuity - Business continuity is one of the most important concepts in computer security. Even though companies do whatever they can to prevent disasters and loss of data, it is impossible to predict every scenario. It is important for companies to have plans in place that ensure business continuity regardless of what may occur. A business continuity plan is a broader plan than a DRP because it includes getting critical systems to another location while repair of the original facility is under way. Personnel continue to perform all business processes in an alternate manner until normal operations resume.  Business Continuity Considerations - Business continuity controls are more than just backing up data and providing redundant hardware. Business Continuity Considerations should include:  Documenting configurations  Establishing alternate communications channels  Providing power  Identifying all dependencies for applications and processes  Understanding how to carry out automated tasks manually
Presentation_ID 26© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Business Continuity Best Practices 1. Write a policy that provides guidance to develop the business continuity plan and assigns roles to carry out the tasks. 2. Identify critical systems and processes, and prioritize them based on necessity. 3. Identify vulnerabilities, threats, and calculate risks. 4. Identify and implement controls and countermeasures to reduce risk. 5. Devise methods to bring back critical systems quickly. 6. Write procedures to keep the organization functioning when in a chaotic state. 7. Test the plan. 8. Update the plan regularly.
Presentation_ID 27© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

Recommended

Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
Mukesh Chinta
 
Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5
Mukesh Chinta
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
Mukesh Chinta
 
Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8
Mukesh Chinta
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4
Mukesh Chinta
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2
Mukesh Chinta
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1
Mukesh Chinta
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
Unisys Corporation
 

Recommended

Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7
Mukesh Chinta
 
Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5Cisco cybersecurity essentials chapter -5
Cisco cybersecurity essentials chapter -5
Mukesh Chinta
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
Mukesh Chinta
 
Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8Cisco cybersecurity essentials chapter 8
Cisco cybersecurity essentials chapter 8
Mukesh Chinta
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4
Mukesh Chinta
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2
Mukesh Chinta
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1
Mukesh Chinta
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical InfrastructurePotential Impact of Cyber Attacks on Critical Infrastructure
Potential Impact of Cyber Attacks on Critical Infrastructure
Unisys Corporation
 
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
Happiest Minds Technologies
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
Dr. Loganathan R
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AbhishekDas794104
 
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site ConnectivityCCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
Vuz Dở Hơi
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
MohanPandey31
 
Security policies
Security policiesSecurity policies
Security policies
Nishant Pahad
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
Nada G.Youssef
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
Carl Ceder
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING Sweta Leena Panda
 
Network security
Network securityNetwork security
Network security
Simranpreet Singh
 
Application Attacks & Application Layer Attacks
Application Attacks & Application Layer AttacksApplication Attacks & Application Layer Attacks
Application Attacks & Application Layer Attacks
LearningwithRayYT
 
Security policy
Security policySecurity policy
Security policy
Dhani Ahmad
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
Sibghatullah Khattak
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
IGZ Software house
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the network
Vuz Dở Hơi
 
Cyber Security - Flier
Cyber Security - FlierCyber Security - Flier
Cyber Security - FlierSunit Belapure
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
Mohammad512578
 

More Related Content

What's hot

Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
Happiest Minds Technologies
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
Dr. Loganathan R
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AbhishekDas794104
 
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site ConnectivityCCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
Vuz Dở Hơi
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
MohanPandey31
 
Security policies
Security policiesSecurity policies
Security policies
Nishant Pahad
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
Nada G.Youssef
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
Carl Ceder
 
Network security
Network securityNetwork security
Network security
Simranpreet Singh
 
Application Attacks & Application Layer Attacks
Application Attacks & Application Layer AttacksApplication Attacks & Application Layer Attacks
Application Attacks & Application Layer Attacks
LearningwithRayYT
 
Security policy
Security policySecurity policy
Security policy
Dhani Ahmad
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
Sibghatullah Khattak
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
IGZ Software house
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the network
Vuz Dở Hơi
 
Cyber Security - Flier
Cyber Security - FlierCyber Security - Flier
Cyber Security - FlierSunit Belapure
 

What's hot (20)

Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site ConnectivityCCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Network security
Network security Network security
Network security
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
 
Security policies
Security policiesSecurity policies
Security policies
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
 
Network security
Network securityNetwork security
Network security
 
Application Attacks & Application Layer Attacks
Application Attacks & Application Layer AttacksApplication Attacks & Application Layer Attacks
Application Attacks & Application Layer Attacks
 
Security policy
Security policySecurity policy
Security policy
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
 
CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the network
 
Cyber Security - Flier
Cyber Security - FlierCyber Security - Flier
Cyber Security - Flier
 

Similar to Cisco cybersecurity essentials chapter - 6

SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
Mohammad512578
 
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUEScompTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
EMERSON EDUARDO RODRIGUES
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET Journal
 
Access Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayAccess Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance Essay
Dotha Keller
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
sarah david
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET Journal
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
sarah david
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External Attacks
Emmanuel Oshogwe Akpeokhai
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
GE코리아
 
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxExcel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
gitagrimston
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
jenkinsmandie
 
IRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on CloudIRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on Cloud
IRJET Journal
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operations
Piyush Jain
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
Kristen Wilson
 
Secure Financial Intelligence System
Secure Financial Intelligence SystemSecure Financial Intelligence System
Secure Financial Intelligence SystemJoseph Yosi Margalit
 
Information Technology Question.pdf
Information Technology Question.pdfInformation Technology Question.pdf
Information Technology Question.pdf
bkbk37
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017
Atef Yassin
 
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptxCompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
Infosectrain3
 
Ransomware Defense and Remediation with Pure Storage.
Ransomware Defense and Remediation with Pure Storage.Ransomware Defense and Remediation with Pure Storage.
Ransomware Defense and Remediation with Pure Storage.
SoulStoneBR
 

Similar to Cisco cybersecurity essentials chapter - 6 (20)

SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
 
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUEScompTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
compTIA guide to get the CERTIFICATION EMERSON EDUARDO RODRIGUES
 
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
IRJET- Image Steganography using Pixel Pattern Matching in Cloud Data Sto...
 
Access Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayAccess Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance Essay
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection SystemIRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
How Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External AttacksHow Organizations can Secure Their Database From External Attacks
How Organizations can Secure Their Database From External Attacks
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docxExcel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
Excel Data Reporting Assignment 3 Data Analysis (Feasibility .docx
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
 
IRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on CloudIRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on Cloud
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operations
 
Advantages And Disadvantages Of Nc
Advantages And Disadvantages Of NcAdvantages And Disadvantages Of Nc
Advantages And Disadvantages Of Nc
 
Secure Financial Intelligence System
Secure Financial Intelligence SystemSecure Financial Intelligence System
Secure Financial Intelligence System
 
Information Technology Question.pdf
Information Technology Question.pdfInformation Technology Question.pdf
Information Technology Question.pdf
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017
 
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptxCompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
 
Ransomware Defense and Remediation with Pure Storage.
Ransomware Defense and Remediation with Pure Storage.Ransomware Defense and Remediation with Pure Storage.
Ransomware Defense and Remediation with Pure Storage.
 

More from Mukesh Chinta

CCNA-2 SRWE Mod-10 LAN Security Concepts
CCNA-2 SRWE Mod-10 LAN Security ConceptsCCNA-2 SRWE Mod-10 LAN Security Concepts
CCNA-2 SRWE Mod-10 LAN Security Concepts
Mukesh Chinta
 
CCNA-2 SRWE Mod-11 Switch Security Configuration
CCNA-2 SRWE Mod-11 Switch Security ConfigurationCCNA-2 SRWE Mod-11 Switch Security Configuration
CCNA-2 SRWE Mod-11 Switch Security Configuration
Mukesh Chinta
 
CCNA-2 SRWE Mod-12 WLAN Concepts
CCNA-2 SRWE Mod-12 WLAN ConceptsCCNA-2 SRWE Mod-12 WLAN Concepts
CCNA-2 SRWE Mod-12 WLAN Concepts
Mukesh Chinta
 
CCNA-2 SRWE Mod-13 WLAN Configuration
CCNA-2 SRWE Mod-13 WLAN ConfigurationCCNA-2 SRWE Mod-13 WLAN Configuration
CCNA-2 SRWE Mod-13 WLAN Configuration
Mukesh Chinta
 
CCNA-2 SRWE Mod-15 Static IP Routing
CCNA-2 SRWE Mod-15 Static IP RoutingCCNA-2 SRWE Mod-15 Static IP Routing
CCNA-2 SRWE Mod-15 Static IP Routing
Mukesh Chinta
 
CCNA-2 SRWE Mod-14 Routing Concepts
CCNA-2 SRWE Mod-14 Routing ConceptsCCNA-2 SRWE Mod-14 Routing Concepts
CCNA-2 SRWE Mod-14 Routing Concepts
Mukesh Chinta
 
Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4
Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4
Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4
Mukesh Chinta
 
Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3
Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3
Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3
Mukesh Chinta
 
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Mukesh Chinta
 
The need for Cybersecurity - Cisco Intro to Cybersec Chap-1
The need for Cybersecurity - Cisco Intro to Cybersec Chap-1The need for Cybersecurity - Cisco Intro to Cybersec Chap-1
The need for Cybersecurity - Cisco Intro to Cybersec Chap-1
Mukesh Chinta
 
Protocols and Reference models CCNAv7-1
Protocols and Reference models CCNAv7-1Protocols and Reference models CCNAv7-1
Protocols and Reference models CCNAv7-1
Mukesh Chinta
 
Basic Switch and End Device configuration CCNA7 Module 2
Basic Switch and End Device configuration CCNA7 Module 2Basic Switch and End Device configuration CCNA7 Module 2
Basic Switch and End Device configuration CCNA7 Module 2
Mukesh Chinta
 
Introduction to networks CCNAv7 Module-1
Introduction to networks CCNAv7 Module-1Introduction to networks CCNAv7 Module-1
Introduction to networks CCNAv7 Module-1
Mukesh Chinta
 
Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)
Mukesh Chinta
 
OS - Process Concepts
OS - Process ConceptsOS - Process Concepts
OS - Process Concepts
Mukesh Chinta
 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structures
Mukesh Chinta
 
Introduction to Operating Systems
Introduction to Operating SystemsIntroduction to Operating Systems
Introduction to Operating Systems
Mukesh Chinta
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mukesh Chinta
 
Mobile IP
Mobile IPMobile IP
Mobile IP
Mukesh Chinta
 
Wireless communication
Wireless communicationWireless communication
Wireless communication
Mukesh Chinta
 

More from Mukesh Chinta (20)

CCNA-2 SRWE Mod-10 LAN Security Concepts
CCNA-2 SRWE Mod-10 LAN Security ConceptsCCNA-2 SRWE Mod-10 LAN Security Concepts
CCNA-2 SRWE Mod-10 LAN Security Concepts
 
CCNA-2 SRWE Mod-11 Switch Security Configuration
CCNA-2 SRWE Mod-11 Switch Security ConfigurationCCNA-2 SRWE Mod-11 Switch Security Configuration
CCNA-2 SRWE Mod-11 Switch Security Configuration
 
CCNA-2 SRWE Mod-12 WLAN Concepts
CCNA-2 SRWE Mod-12 WLAN ConceptsCCNA-2 SRWE Mod-12 WLAN Concepts
CCNA-2 SRWE Mod-12 WLAN Concepts
 
CCNA-2 SRWE Mod-13 WLAN Configuration
CCNA-2 SRWE Mod-13 WLAN ConfigurationCCNA-2 SRWE Mod-13 WLAN Configuration
CCNA-2 SRWE Mod-13 WLAN Configuration
 
CCNA-2 SRWE Mod-15 Static IP Routing
CCNA-2 SRWE Mod-15 Static IP RoutingCCNA-2 SRWE Mod-15 Static IP Routing
CCNA-2 SRWE Mod-15 Static IP Routing
 
CCNA-2 SRWE Mod-14 Routing Concepts
CCNA-2 SRWE Mod-14 Routing ConceptsCCNA-2 SRWE Mod-14 Routing Concepts
CCNA-2 SRWE Mod-14 Routing Concepts
 
Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4
Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4
Protecting the Organization - Cisco: Intro to Cybersecurity Chap-4
 
Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3
Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3
Protecting Your Data and Privacy- Cisco: Intro to Cybersecurity chap-3
 
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
Attacks, Concepts and Techniques - Cisco: Intro to Cybersecurity Chap-2
 
The need for Cybersecurity - Cisco Intro to Cybersec Chap-1
The need for Cybersecurity - Cisco Intro to Cybersec Chap-1The need for Cybersecurity - Cisco Intro to Cybersec Chap-1
The need for Cybersecurity - Cisco Intro to Cybersec Chap-1
 
Protocols and Reference models CCNAv7-1
Protocols and Reference models CCNAv7-1Protocols and Reference models CCNAv7-1
Protocols and Reference models CCNAv7-1
 
Basic Switch and End Device configuration CCNA7 Module 2
Basic Switch and End Device configuration CCNA7 Module 2Basic Switch and End Device configuration CCNA7 Module 2
Basic Switch and End Device configuration CCNA7 Module 2
 
Introduction to networks CCNAv7 Module-1
Introduction to networks CCNAv7 Module-1Introduction to networks CCNAv7 Module-1
Introduction to networks CCNAv7 Module-1
 
Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)
 
OS - Process Concepts
OS - Process ConceptsOS - Process Concepts
OS - Process Concepts
 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structures
 
Introduction to Operating Systems
Introduction to Operating SystemsIntroduction to Operating Systems
Introduction to Operating Systems
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Mobile IP
Mobile IPMobile IP
Mobile IP
 
Wireless communication
Wireless communicationWireless communication
Wireless communication
 

Recently uploaded

Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Arya
abh.arya
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
ethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.pptethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.ppt
Jayaprasanna4
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
Kamal Acharya
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
addressing modes in computer architecture
addressing modes in computer architectureaddressing modes in computer architecture
addressing modes in computer architecture
ShahidSultan24
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
Osamah Alsalih
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
fxintegritypublishin
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
FluxPrime1
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Dr.Costas Sachpazis
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Pipe Restoration Solutions
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
gdsczhcet
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
The role of big data in decision making.
The role of big data in decision making.The role of big data in decision making.
The role of big data in decision making.
ankuprajapati0525
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
AafreenAbuthahir2
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
seandesed
 
ethical hacking in wireless-hacking1.ppt
ethical hacking in wireless-hacking1.pptethical hacking in wireless-hacking1.ppt
ethical hacking in wireless-hacking1.ppt
Jayaprasanna4
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
Kamal Acharya
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 

Recently uploaded (20)

Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Arya
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
ethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.pptethical hacking-mobile hacking methods.ppt
ethical hacking-mobile hacking methods.ppt
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
addressing modes in computer architecture
addressing modes in computer architectureaddressing modes in computer architecture
addressing modes in computer architecture
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
The role of big data in decision making.
The role of big data in decision making.The role of big data in decision making.
The role of big data in decision making.
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 
ethical hacking in wireless-hacking1.ppt
ethical hacking in wireless-hacking1.pptethical hacking in wireless-hacking1.ppt
ethical hacking in wireless-hacking1.ppt
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 

Cisco cybersecurity essentials chapter - 6

  • 1. Chapter 6: The Five Nines Concept
  • 2. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 2 Chapter 6: The Five Nines Concept Cybersecurity Essentials v1.1
  • 3. Presentation_ID 3© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter 6 - Sections & Objectives 6.1 Explain the concept of high availability. 6.2 Explain how high availability measures are used to improve availability. 6.3 Describe how an incident response plan improves high availability. 6.4 Describe how disaster recovery planning plays an important role in implementing high availability.
  • 4. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 4 2.1 High Availability
  • 5. Presentation_ID 5© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  Five nines mean that systems and services are available 99.999% of the time. It also means that both planned and unplanned downtime is less than 5.26 minutes per year.  High availability refers to a system or component that is continuously operational for a given length of time. To help ensure high availability:  Eliminate single points of failure  Design for reliability  Detect failures as they occur
  • 6. Presentation_ID 6© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  Although the cost of sustaining high availability may be too costly for some industries, several environments require five nines.  The finance industry needs to main high availability for continuous trading, compliance, and customer trust.  Healthcare facilities require high availability to provide around-the-clock care for patients.  The public safety industry includes agencies that provide security and services to a community, state, or nation.  The retail industry depends on efficient supply chains and the delivery of products to customers. Disruption can be devastating, especially during peak demand times such as holidays.
  • 7. Presentation_ID 7© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  The following threats pose a high risk to data and information availability.  An unauthorized user successfully penetrates and compromises an organization’s primary database  A successful DoS attack significantly affects operations  An organization suffers a significant loss of confidential data  A mission-critical application goes down  A compromise of the Admin or root user occurs  The detection of a cross-site script or illegal file server share  The defacement of an organization’s website impacts public relations  A severe storm such as a hurricane or tornado  A catastrophic event such as a terrorist attack, building bombing, or building fire  Long-term utility or service provider outage  Water damage as the result of flooding or sprinkler failure
  • 8. Presentation_ID 8© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  High availability incorporates three major principles to achieve the goal of uninterrupted access to data and services: - single point of failure can include central routers or switches, network services, and even highly skilled IT staff. High availability clusters is one way to provide redundancy. - refers to the capability to maintain availability of data and operational processing despite attacks or disrupting event. This requires redundant systems, in terms of both power and processing, so that should one system fail, the other can take over operations without any break in service. - enables a system to continue to operate if one or more components fail. Data mirroring is one example of fault tolerance.
  • 9. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 9 6.2 Measures to Improve Availability
  • 10. Presentation_ID 10© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Asset Identification: An organization needs to know what hardware and software assets they have in order to protect them. Asset management includes a complete inventory of hardware and software. This means that the organization needs to know all of components that can be subject to security risks, including:  Every hardware system  Every operating system  Every hardware network device  Every network device operating system  Every software application  All firmware  All language runtime environments  All individual libraries Many organizations may choose an automated solution to keep track of assets.
  • 11. Presentation_ID 11© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Asset classification - assigns all resources of an organization into a group based on common characteristics. An organization should apply an asset classification system to documents, data records, data files, and disks. The most critical information needs to receive the highest level of protection and may even require special handling. An organization can adopt a labeling system according to how valuable, how sensitive, and how critical the information is. Complete the following steps to identify and classify the assets of an organization: 1. Determine the proper asset identification category. 2. Establish asset accountability by identifying the owner for all information assets and application software. 3. Determine the criteria for classification. 4. Implement a classification schema. Asset Standardization - as part of an IT asset management system, an organization specifies the acceptable IT assets that meet its objectives
  • 12. Presentation_ID 12© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Threat Identification - The United States Computer Emergency Readiness Team (US-CERT) and the U.S. Department of Homeland Security sponsor a dictionary of common vulnerabilities and exposure (CVE). The CVE identification contains a standard identifier number with a brief description, and references to related vulnerability reports and advisories. Risk Analysis - is the process of analyzing the dangers posed by natural and human-caused events to the assets of an organization. A user performs an asset identification to help determine which assets to protect. Identify assets and their value • Identify vulnerabilities and threats • Quantify the probability and impact of the identified threats • Balance the impact of the threat against the cost of the countermeasure There are two approaches to risk analysis - Quantitative Risk Analysis & Qualitative Risk Analysis
  • 13. Presentation_ID 13© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential A quantitative analysis assigns numbers to the risk analysis process. Qualitative Risk Analysis uses opinions and scenarios
  • 14. Presentation_ID 14© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Mitigation - Mitigation involves reducing the severity of the loss or the likelihood of the loss from occurring. Many technical controls mitigate risk including authentication systems, file permissions, and firewalls. Organization and security professionals must understand that risk mitigation can have both positive and negative impact on the organization. There are four common ways to reduce risk: 1. Accept the risk and periodically re-assess 2. Reduce the risk by implementing controls 3. Avoid the risk by totally changing the approach 4. Transfer the risk to a third party
  • 15. Presentation_ID 15© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Defense in depth will not provide an impenetrable cyber shield, but it will help an organization minimize risk by keeping it one step ahead of cyber criminals. To make sure data and information remains available, an organization must create different layers of protection. A layered approach provides the most comprehensive protection. If cyber criminals penetrate one layer, they still have to contend with several more layers with each layer being more complicated than the previous one. is creating a barrier of multiple defenses that coordinate together to prevent attacks.
  • 16. Presentation_ID 16© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential access to data and information reduces the possibility of a threat. An organization should restrict access so that users only have the level of access required to do their job. Technology-based solutions such as using file permissions are one way to limit access; an organization should also implement procedural measures. refers to changing the controls and procedures at different layers. Breaching one layer of security does not compromise the whole system. An organization may use different encryption algorithms or authentication systems to protect data in different states. information can also protect data and information. An organization should not reveal any information that cyber criminals can use to figure out what version of the operating system a server is running or the type of equipment it uses. does not necessarily guarantee security. If the process or technology are too complex, misconfigurations or failure to comply can result. Simplicity can actually improve availability.
  • 17. Presentation_ID 17© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential A single point of failure must be identified and addressed. A single point of failure can be a specific piece of hardware, a process, a specific piece of data, or even an essential utility. Single points of failure are the weak links in the chain that can cause disruption of the organization's operations. The organization can also build redundant components into the critical operation to take over the process should one of these points fail. N+1 redundancy ensures system availability in the event of a component failure. Components (N) need to have at least one backup component (+1). For example, a car has four tires (N) and a spare tire in the trunk in case of a flat (+1).
  • 18. Presentation_ID 18© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential A redundant array of independent disks (RAID) combines multiple physical hard drives into a single logical unit to provide data redundancy and improve performance. RAID takes data that is normally stored on a single disk and spreads it out among several drives. If any single disk is lost, the user can recover data from the other disks where the data also resides. RAID can also increase the speed of data recovery. Using multiple drives will be faster retrieving requested data instead of relying on just one disk to do the work. When designers build physical redundancy in to a network, loops and duplicate frames occur. Loops and duplicate frames have severe consequences for a switched network. Spanning Tree Protocol (STP) addresses these issues. The basic function of STP is to prevent loops on a network when switches interconnect via multiple paths. STP ensures that redundant physical links are loop-free. It ensures that there is only one logical path between all destinations on the network. STP intentionally blocks redundant paths that could cause a loop.
  • 19. Presentation_ID 19© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential : The default gateway is typically the router that provides devices access to the rest of the network or to the Internet. If there is only one router serving as the default gateway, it is a single point of failure.  The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as first-hop redundancy.  The following list defines the options available for router redundancy based on the protocol that defines communication between network devices: Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP) and Gateway Load Balancing Protocol (GLBP) - An organization may need to consider location redundancy depending on its needs. The following outlines three forms of location redundancy: • Synchronous - Synchronizes both locations in real time, requires high bandwidth and locations must be close together to reduce latency. • Asynchronous Replication - Not synchronized in real time but close to it, requires less bandwidth and sites can be further apart because latency is less of an issue. • Point-in-time-Replication - Updates the backup data location periodically and is the most bandwidth conservative option because it does not require a constant connection.
  • 20. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 20 6.3 Incident Response Phases
  • 21. Presentation_ID 21© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Incident response defines the procedures that an organization follows after an event occurs outside the normal range. When an incident occurs, the organization must know how to respond. Organizations needs to develop an incident response plan and put together a Computer Security Incident Response Team (CSIRT) to manage the response. Incident response has consist of four phases: – planning for potential incidents - discovering the incident. Detection and analysis includes Alerts/notifications and Monitoring/follow-up. Incident analysis helps to identify the source, extent, impact, and details of a data breach - efforts to immediately contain or eradicate the threat and begin recovery efforts. The recovery stage includes the actions that the organization needs to take in order to resolve the breach and restore the systems involved. After remediation, the organization needs to restore all systems to their original state before the breach. – investigate the cause of the incident and ask questions to better understand the nature of the threat
  • 22. Presentation_ID 22© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential There are many technologies that are used to implement an incident response:  Network Admission Control (NAC) - allows network access for authorized users with compliant systems. A compliant system meets all of the policy requirements of the organization.  Intrusion Detection Systems (IDSs) - monitor the traffic on a network. IDS systems are passive.  Intrusion Prevention Systems - operates in inline mode. It can detect and immediately address a network problem.  NetFlow and IPFIX - NetFlow is a Cisco IOS technology that provides statistics on packets flowing through a Cisco router or multilayer switch. The Internet Engineering Task Force (IETF) used Cisco’s NetFlow Version 9 as the basis for IP Flow Information Export (IPFIX).  Advanced Threat Intelligence - can help organizations detect attacks during one of the stages of the cyberattack (and sometimes before with the right information).
  • 23. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 23 6.4 Disaster Recovery
  • 24. Presentation_ID 24© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Types of Disasters - It is critical to keep an organization functioning when a disaster occurs. A disaster includes any natural or human-caused event that damages assets or property and impairs the ability for the organization to continue operating. - geological disasters (earthquakes, landslides, volcanoes, and tsunamis), meteorological disasters (hurricanes, tornadoes, snow storms, lightning, and hail), health disasters (widespread illnesses, quarantines, and pandemics) and miscellaneous disasters (fires, floods, solar storms, and avalanches). - Human-caused disasters - labor events (strikes, walkouts, and slowdowns), social-political events (vandalism, blockades, protests, sabotage, terrorism, and war), materials events (hazardous spills and fires) and utilities disruptions (power failures, communication outages, fuel shortages, and radioactive fallout) The Disaster Recovery Plan (DRP) includes the activities the organization takes to assess, salvage, repair, and restore damaged facilities or assets. A DRP needs to identify which processes in the organization are the most critical.
  • 25. Presentation_ID 25© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential  Need for Business Continuity - Business continuity is one of the most important concepts in computer security. Even though companies do whatever they can to prevent disasters and loss of data, it is impossible to predict every scenario. It is important for companies to have plans in place that ensure business continuity regardless of what may occur. A business continuity plan is a broader plan than a DRP because it includes getting critical systems to another location while repair of the original facility is under way. Personnel continue to perform all business processes in an alternate manner until normal operations resume.  Business Continuity Considerations - Business continuity controls are more than just backing up data and providing redundant hardware. Business Continuity Considerations should include:  Documenting configurations  Establishing alternate communications channels  Providing power  Identifying all dependencies for applications and processes  Understanding how to carry out automated tasks manually
  • 26. Presentation_ID 26© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Business Continuity Best Practices 1. Write a policy that provides guidance to develop the business continuity plan and assigns roles to carry out the tasks. 2. Identify critical systems and processes, and prioritize them based on necessity. 3. Identify vulnerabilities, threats, and calculate risks. 4. Identify and implement controls and countermeasures to reduce risk. 5. Devise methods to bring back critical systems quickly. 6. Write procedures to keep the organization functioning when in a chaotic state. 7. Test the plan. 8. Update the plan regularly.
  • 27. Presentation_ID 27© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential