Scribd Logo
Upload

Welcome to Scribd!

  • Lab Cisco 11.2.2.6

    Uploaded by

    Estiven Valencia
    129 views4 pages
    Researching Network Security Threats

    Original Title

    Lab cisco 11.2.2.6

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Researching Network Security Threats

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    129 views4 pages

    Lab Cisco 11.2.2.6

    Uploaded by

    Estiven Valencia
    Researching Network Security Threats

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Lab – Researching Network Security Threats

    Objectives
    Part 1: Explore the SANS Website
    Part 2: Identify Recent Network Security Threats
    Part 3: Detail a Specific Network Security Threat

    Background / Scenario
    To defend a network against attacks, an administrator must identify external threats that pose a danger to the
    network. Security websites can be used to identify emerging threats and provide mitigation options for
    defending a network.
    One of the most popular and trusted sites for defending against computer and network security threats is
    SysAdmin, Audit, Network, Security (SANS). The SANS site provides multiple resources, including a list of the
    top 20 Critical Security Controls for Effective Cyber Defense and the weekly @Risk: The Consensus Security
    Alert newsletter. This newsletter details new network attacks and vulnerabilities.
    In this lab, you will navigate to and explore the SANS site, use the SANS site to identify recent network
    security threats, research other websites that identify threats, and research and present the details about a
    specific network attack.

    Required Resources
     Device with Internet access
     Presentation computer with PowerPoint or other presentation software installed

    Part 1: Exploring the SANS Website


    In Part 1, navigate to the SANS website and explore the available resources.

    Step 1: Locate SANS resources.


    Navigate to www.SANS.org. From the home page, highlight the Resources menu.
    List three available resources.
    __• Sala de lectura Infosec
    • Boletines de seguridad
    • IAD Top 10 mitigaciones__

    Step 2: Locate the Top 20 Critical Controls.


    The Twenty Critical Security Controls for Effective Cyber Defense listed on the SANS website are the
    culmination of a public-private partnership involving the Department of Defense (DoD), National Security
    Association, Center for Internet Security (CIS), and the SANS Institute. The list was developed to prioritize the
    cyber security controls and spending for DoD. It has become the centerpiece for effective security programs
    for the United States government. From the Resources menu, select Top 20 Critical Controls.
    Select one of the 20 Critical Controls and list three of the implementation suggestions for this control.
    _◦ Motor de servicios de identidad (ISE)
    ◦McAfee Vulnerability Manager
    ◦CCS, RAS____

    © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 4
    Lab – Researching Network Security Threats

    Step 3: Locate the Newsletters menu.


    Highlight the Resources menu, select Newsletters. Briefly describe each of the three newsletters available.
    __¡AY! es el boletín de concienciación sobre seguridad gratuito, líder en el mundo, diseñado para el público
    común.
    usuario de la computadora
    Un propósito clave de @RISK es proporcionar los datos que asegurarán que los 20 controles críticos (el
    El punto de referencia de EE. UU. Y el Reino Unido para la protección eficaz de los sistemas en red) sigue
    siendo el
    Defensas efectivas para todos los vectores de ataque conocidos.
    SANS NewsBites es un resumen ejecutivo semanal de alto nivel de los artículos de noticias más importantes
    que se han publicado sobre seguridad informática durante la última semana. Cada noticia es muy breve
    resumido e incluye una referencia en la web para obtener información detallada, si es posible__

    Part 2: Identify Recent Network Security Threats


    In Part 2, you will research recent network security threats using the SANS site and identify other sites
    containing security threat information.

    Step 1: Locate the @Risk: Consensus Security Alert Newsletter Archive.


    From the Newsletters page, select Archive for the @RISK: The Consensus Security Alert. Scroll down to
    Archives Volumes and select a recent weekly newsletter. Review the Notable Recent Security Issues and
    Most Popular Malware Files sections.
    List some recent attacks. Browse multiple recent newsletters, if necessary.
    _Título: Oracle lanza la actualización de revisión crítica trimestral para varios productos, incluido Java
    Descripción: Oracle ha publicado su conjunto trimestral de boletines de seguridad para vulnerabilidades que
    tienen
    Ha sido identificado en varios productos Oracle. El lanzamiento de este mes aborda 136 fallas de seguridad
    para
    productos como Oracle Database Server, Fusion Middleware, Java, MySQL, Sun Products y
    Más. Java tenía 9 fallas de seguridad parcheadas con todas ellas "explotables de forma remota sin
    autenticación. & quot;___

    Step 2: Identify sites providing recent security threat information.

    Besides the SANS site, identify some other websites that provide recent security threat information.
    SecurutyFocus
    List some of the recent security threats detailed on these websites.
    _Recientemente, vimos la acusación del jefe de los delitos informáticos Albert González, uno de los
    acusados
    mentes maestras detrás de las violaciones de datos de alto perfil en Heartland Payment Systems, Hannaford
    Bros.
    Supermercados, 7-Eleven, y TJX. La próxima semana, Core Security Technologies presentará un práctico

    © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 4
    Lab – Researching Network Security Threats

    mira los ataques que se cree que González y sus co-conspiradores usaron para violar estos
    organizaciones__

    Part 3: Detail a Specific Network Security Attack


    In Part 3, you will research a specific network attack that has occurred and create a presentation based on
    your findings. Complete the form below based on your findings.

    © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 4
    Lab – Researching Network Security Threats

    Step 1: Complete the following form for the selected network attack.

    Name of attack: Proyecto Chanology

    Type of attack: Ataque DDoS

    Dates of attacks: Enero 2008

    Computers / Organizations affected: Iglesia de scientology

    How it works and what it did:

    El ataque masivo de DDoS del grupo, coordinado con el mismo programa de software utilizado
    para pelear por Wikileaks esta semana, apuntó a Scientology.org, dejándolo momentáneamente
    fuera de línea.

    Mitigation options: Ninguno

    References and info links:

    http://www.thedailybeast.com/articles/2010/12/11/hackers-10-most-famous-attacks-
    worms-and-ddos-takedowns.html

    Step 2: Follow the instructor’s guidelines to complete the presentation.

    Reflection
    1. What steps can you take to protect your own computer?
    Limita acceso__
    2. What are some important steps that organizations can take to protect their resources?
    _ Restrinja las áreas que no son necesarias para el trabajo diario.__

    © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 4

    You might also like