Chapter 7 of the document discusses various measures to protect a cybersecurity domain, including defending systems and devices, server hardening, network hardening, and physical security. It emphasizes the importance of technologies, processes, and procedures in securing systems while detailing physical security measures such as perimeter barriers and biometric authentication systems. Additionally, it highlights the role of surveillance in monitoring and managing access to sensitive areas.

1. Chapter 7:
Protecting a Cybersecurity Domain

2. © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 2
Chapter 7:
Protecting a Cybersecurity
Domain
Cybersecurity Essentials v1.1

3. Presentation_ID 3
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Chapter 7 - Sections & Objectives
7.1 Defending Systems and Devices
Describe how cybersecurity domains are used within the CIA triad.
Explain how technologies, processes and procedures protect systems.
7.2 Server Hardening
Explain how to protect servers on a network.
7.3 Network Hardening
Explain how to implement security measures to protect network devices.
7.4 Physical Security
Explain how physical security measures are implemented to protect network
equipment.

4. © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 4
7.1 Defending Systems and
Devices

5. Presentation_ID 5
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

6. Presentation_ID 6
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

7. Presentation_ID 7
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

8. Presentation_ID 8
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

9. Presentation_ID 9
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

10. Presentation_ID 10
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

11. Presentation_ID 11
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

12. © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 12
7.2 Server Hardening

13. Presentation_ID 13
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

14. Presentation_ID 14
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

15. Presentation_ID 15
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

16. © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 16
7.3 Network Hardening

17. Presentation_ID 17
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

18. Presentation_ID 18
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

19. Presentation_ID 19
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

20. © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 20
7.4 Physical Security

21. Presentation_ID 21
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Physical Access Control
- Physical barriers are the first thing that comes to
mind when thinking about physical security. This is the outermost layer of
security, and these solutions are the most publicly visible. A perimeter
security system typically consists of perimeter fence system, security gate
system, bollards, vehicle entry barriers and guard shelters.
When designing the perimeter, fencing systems use the following rules:
 1 meter (3-4 ft.) will only deter casual trespassers
 2 meters (6-7 ft.) are too high to climb by casual trespassers
 2.5 meters (8 ft.) will offer limited delay to a determined intruder
Top guards provide an added deterrent and can delay the intruder by severely
cutting the intruder. Inspect fencing systems regularly. Fences require regular
maintenance.

22. Presentation_ID 22
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
- are the automated methods of recognizing an individual based on a
physiological or behavioral characteristic. Biometric authentication systems include
measurements of the face, fingerprint, hand geometry, iris, retina, signature, and
voice. Biometric technologies can be the foundation of highly secure identification
and personal verification solutions.
 When comparing biometric systems there are several important factors to consider
including accuracy, speed or throughput rate, acceptability to users, uniqueness of the
biometric organ and action, resistance to counterfeiting, reliability, data storage
requirements, enrollment time, and intrusiveness of the scan. Accuracy is expressed in
error types and rates.
– A badge allows an individual to gain access to an area
with automated entry points. An entry point can be a door, a turnstile, a gate, or
other barrier. Access badges use various technologies such as a magnetic stripe,
barcode, or biometrics. The system logs the transaction for later retrieval. Reports
reveal who entered what entry points at what time.

23. Presentation_ID 23
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Physical Security
Surveillance
All physical access controls including deterrent
and detection systems ultimately rely on personnel to intervene and
stop the actual attack or intrusion. In highly secure information system
facilities, guards control access to the organization’s sensitive areas.
This type of surveillance can
supplement or in some cases, replace security guards. The benefit of
video and electronic surveillance is the ability to monitor areas even
when no guards or personnel are present, the ability to record and log
surveillance videos and data for long periods, and the ability to
incorporate motion detection and notification.
These types of surveillance are
used to manage and locate important information system assets.

24. Presentation_ID 24
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential