Security Risks Best Cisco CCNA Certification in Gurgaon Delhi

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

To protect network resources, processes, and procedures; technology needs to address security risks. Important network characteristics that can be at risk from security threats include data confidentiality, data integrity, and system availability:

• System availability should ensure uninterrupted access to critical network and computing resources to prevent business disruption and loss of productivity.
• Data integrity should ensure that only authorized users can change critical information and guarantee the authenticity of data.
• Data confidentiality should ensure that only legitimate users can view sensitive information to prevent theft, legal liabilities, and damage to the organization.

In addition, the use of redundant hardware and encryption can significantly reduce the risks associated with system availability, data integrity, and data confidentiality.

Targets

Given the wide range of potential threats, just about everything in the network has become vulnerable and is a potential target. Ordinary hosts top the list as the favorite target, especially for worms and viruses. After a host has been compromised, it is frequently used to start new attacks with other nearby systems.

Other high-value targets include devices that support the network. Here is a list of some devices, servers, and security devices that stand out as potential targets:

• Infrastructure devices— Routers, switches
• Security devices— Firewalls, IDS/IPS
• Network services— DHCP and DNS servers
• Endpoints— Management stations and IP phones
• Infrastructure— Network throughput and capacity

Loss of Availability

Denial-of-service (DoS) attacks try to block or deny access to impact the availability of network services. These types of attacks can interrupt business transactions, cause considerable loss, or damage the company's reputation. DoS attacks are fairly straightforward to carry out, even by an unskilled attacker. Distributed DoS (DDoS) attacks are initiated by multiple source locations within the network to increase the attack's size and impact.

DDoS attacks occur when the attacker takes advantage of vulnerabilities in the network and/or host. Here are some common failure points:

• A network, host, or application fails to process large amounts of data sent to it, which crashes or breaks communication ability.
• A host or application is unable to handle an unexpected condition, such as improperly formatted data and memory or resource depletion.

Nearly all DoS attacks are carried out with spoofing and flooding methods. Here are some ways to combat DoS attacks:

• DHCP snooping verifies DHCP transactions and prevents rogue DHCP servers from interfering with production traffic.
• Dynamic ARP inspection intercepts ARP packets and verifies that they have valid IP-to-MAC bindings.
• Unicast RPF prevents unknown source addresses from using the network as a transport mechanism to carry out attacks.
• Access control lists (ACLs) control what traffic is allowed on the network.
• Rate limiting controls the rate of bandwidth that incoming traffic is using, such as ARPs and DHCP requests.

Figure 13-1 shows a DoS threat on availability. The attacker is performing a DoS attack on the network and servers using a flood of packets. Keep in mind that this is an external attack; however, an internal attack is also certainly possible.

Integrity Violations and Confidentiality Breaches

When attackers change sensitive data without the proper authorization, this is called an integrity violation. For example, an attacker might access financial data and delete critical information. The effect of this change may not be felt for some time or until a significant loss has occurred. Integrity attacks like this are considered by many companies to be one of the most serious threats to their business. Furthermore, identifying these attacks can be very difficult, and the effects can be devastating.

Confidentiality breaches occur when the attacker attempts to read sensitive information. It is difficult to detect these types of attacks, and the loss of data can happen without the owner's knowledge.

It is important to use restrictive access controls to prevent integrity violations and confidentiality attacks. Here are some ways to enforce access control in order to reduce risks:

• Restrict access by separating networks (VLANs) and using packet-filtering firewalls.
• Restrict access with OS-based controls in both Windows and UNIX.
• Limit user access by using user profiles for different departmental roles.
• Use encryption techniques to secure data or digitally sign data.

Figure 13-2 shows an attacker viewing, altering, and stealing competitive information. Pay particular attention to the obstacles the attacker must go through to get to the data.