CCNAS - Ch10 - Managing A Secure Network

Chapter 10: Managing
a Secure Network
CCNA Security
Presentation_ID
2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
Chapter 10: Objectives

In this chapter, you will:
Describe the high-level considerations for ensuring that a network is secure.
Describe the benefits of risk management and the measures to take to optimize risk management.
Describe the overarching concepts of operations security.
Describe the core principles of operations security.
Describe the purpose of and the techniques used in network security testing.
Describe the tools used in network security testing.
Describe business continuity planning and disaster recovery.
Configure the Cisco Secure Copy feature.
Describe the SDLC.
Describe the five phases of the SDLC.
Describe the goals of a security policy.
Describe the structure of a security policy.
Describe the standards, guidelines, and procedures of a security policy.
Describe the roles and responsibilities entailed within a security policy.
Describe the concepts of security awareness and how to achieve security awareness through education and training.
Describe ethical guidelines and laws for network security.
Describe how to respond to a security breach.
Presentation_ID
Cisco Confidential
Chapter 10
10.0 Introduction
10.1 Principles of Secure Network Design
10.2 Security Architecture
10.3 Operations Security
10.4 Network Security Testing
10.5 Business Continuity Planning and Disaster Recovery
10.6 System Development Life Cycle
10.7 Developing a Comprehensive Security Policy
10.8 Summary
Presentation_ID
Cisco Confidential
10.1 Principles of Secure

Network Design
Presentation_ID
Cisco Confidential
Ensuring a Network is Secure
Secure End-to-End Network Approach
Secure network devices with AAA, SSH, role-based CLI, syslog, SNMP,
and NTP. Secure services using AutoSecure and one-step lockdown.
Presentation_ID
Cisco Confidential
Secure End-to-End Network Approach Cont.
Protects network endpoints, such as workstations and servers, against

viruses, Trojan Horses, and worms with Cisco NAC, Cisco IronPort, and
Cisco Security Agent.
Presentation_ID
Cisco Confidential
Uses Cisco IOS Firewall and accompanying ACLs to secure resources

internally while protecting those resources from outside attacks.
Presentation_ID
Cisco Confidential
Supplements Cisco IOS Firewall with Cisco IPS technology to evaluate

traffic using an attack signature database.
Presentation_ID
Cisco Confidential
Protects the LAN by following Layer 2 and VLAN recommended practices

and by using a variety of technologies, including BPDU guard, root
guard, PortFast, and SPAN.
Presentation_ID
Cisco Confidential
Where are all of these security approaches documented?
Presentation_ID
Cisco Confidential
10
Security Policies
Created and maintained to mitigate existing
and new kinds of attacks.
Enforce a structured, informed, consistent
approach to securing the network.
Designed to address the following:
Business needs
Presentation_ID
Threat Identification
Risk analysis
Security needs
Industry-recommended practices
Security operations
Cisco Confidential
11
Security Policies Cont.

Business needs:
What does the organization want to do with the network?

What are the organizational needs?
Threat identification - What are the most likely types of threats

given the organizations purpose?
Risk analysis:
Presentation_ID
What is the cost versus benefit analysis of implementing various

security technologies?
How do the latest security techniques affect the network
environment and what is the risk if they are not implemented?
Cisco Confidential
12
Security Policies Cont.

Security needs:
What are the policies, standards, and guidelines needed to address

business needs and risks?
Industry-recommended practices:
What are the reliable, well-understood, and recommended security

practices that similar organizations currently employ?
Security operations:
Presentation_ID
What are the current procedures for incident response, monitoring,

maintenance, and auditing of the system for compliance?
Cisco Confidential
13
Avoid Wrong Assumptions

There are guidelines to help you avoid making wrong assumptions:
Expect that any aspect of a security system might fail.
Identify any elements that fail-open. Fail-open occurs when a
failure results in a complete bypass of the security function
Try to identify all attack possibilities.
Use top-down analysis of possible system failures, which involves

evaluating the simplicity and probability of every attack on a
system.
Known an attack tree analysis.
Presentation_ID
Cisco Confidential
14
Avoid Wrong Assumptions Cont.

Evaluate the probability of exploitation. Focus on the resources
that are needed to create an attack, not the obscurity of a
particular vulnerability.
Assume that people make mistakes.
Attackers might not use common and well-established techniques
to compromise a system..
Check all assumptions with other people. Peers might have a
fresh perspective on potential threats and their probability.
Presentation_ID
Cisco Confidential
15
Threat Identification and Risk Analysis
Identifying Threats
When identifying threats, it is important to ask two questions:

1. What are the possible vulnerabilities of a system?
2. What are the consequences if system vulnerabilities are exploited?
Presentation_ID
Cisco Confidential
16
Risk Analysis in IT
Risk analysis is the systematic

study of uncertainties and
risks.
It identifies the risks,
determines how and when
those risks might arise, and
estimates the impact (financial
or otherwise) of adverse
outcomes.
After the threats are evaluated
for severity and likelihood, the
information is used in a risk
analysis.
Presentation_ID
Cisco Confidential
17
Risk Analysis in IT Cont.

The first step in developing a risk analysis is to evaluate each
threat to determine its severity and probability.
For example, threats in an e-banking system may include:
Internal system compromise
Stolen customer data
Phony transactions if external server is breached
Phony transactions using a stolen customer PIN or smart
card
Insider attack on the system
Data input errors
Data center destruction
Presentation_ID
Cisco Confidential
18
Risk Analysis in IT Cont.

After the threats are evaluated for severity and likelihood, this
information is used in a risk analysis.
There are two types of risk analysis in information security:
Presentation_ID
Quantitative Risk Analysis - Uses a mathematical model that

assigns a monetary figure to the value of assets, the cost of
threats being realized, and the cost of security implementations.
Qualitative Risk Analysis - Can be used when the risk
assessment must either be done in a relatively short time, under
a tight budget, or when relevant data or lack of expertise is not
readily available.
Cisco Confidential
19
Single Loss Expectancy Quantitative Risk Analysis

Quantitative risk analysis relies on specific formulas to
determine the value of the risk decision variables.
These include formulas that calculate the:
Presentation_ID
Asset Value (AV)

Exposure Factor (EF)
Cisco Confidential
21
Single Loss Expectancy Quantitative Risk Analysis Cont.
Single Loss Expectancy (SLE) - Represents the expected loss from a single occurrence of
the threat.
Asset Value (AV) - Includes the cost of development or purchase price, deployment, and
maintenance.
Exposure Factor (EF) - An estimate of the degree of destruction that could occur.
Annualized Loss Expectancy (ALE) - Addresses the cost to the organization if it does
nothing to counter existing threats.
Annualized Rate of Occurrence (ARO) - Estimates the frequency of an event and is used
to calculate the ALE.
Presentation_ID
Cisco Confidential
22

Flood threat
Exposure Factor is: 60 percent
AV of the enterprise is: $10,000,000
SLE is:
$10,000,000 * .60
SLE is equal to:
$ 6,000,000
Presentation_ID
Cisco Confidential
23
Data entry error

Exposure Factor is:
AV of the enterprise is:
.001 percent
$1,000,000
SLE is:
$1,000,000 * .00001
SLE is equal to:
$ 10
Presentation_ID
Cisco Confidential
24
Annualized Rate of Occurrence Quantitative Risk Analysis Cont.
Annualized Loss Expectancy
Annualized Rate of Occurrence
Flood threat
SLE is:
ARO is:
$ 6,000,000
.01
ALE is:
$ 6,000,000 * .01
ALE is equal to:
$ 60,000
Presentation_ID
Cisco Confidential
25
Annualized Rate of Occurrence Quantitative Risk Analysis
Annualized Loss Expectancy
Annualized Rate of Occurrence
Data entry error

SLE is:
ARO is:
$ 10
125,000
ALE is:
$10 * 125,000
ALE is equal to:
$ 1,250,000
Presentation_ID
Cisco Confidential
26
Quantitative Risk Analysis

It is necessary to perform a quantitative risk analysis for all threats
identified during the threat identification process.
Then prioritize the threats and address the most serious threat
first to enable management to focus resources where they do the
most good.
Presentation_ID
Cisco Confidential
27
Risk Management and Risk Avoidance
Methods of Handling Risks

When the threats are identified and the risks are assessed, a
protection strategy must be deployed to protect against the risks.
There are two very different methods to handle risks:
Presentation_ID
Risk management - Deploys protection mechanisms to reduce

risks to acceptable levels.
Risk avoidance - Eliminates risk by avoiding the threats altogether.
Cisco Confidential
28
Risk Management
Method deploys protection mechanisms to reduce risks to

acceptable levels.
Risk management is perhaps the most basic and the most difficult
aspect of building secure systems, because it requires a good
knowledge of risks, risk environments, and mitigation methods.
Presentation_ID
Cisco Confidential
29
Risk Management Cont.

Not all mitigation techniques are implemented based on the risk
versus cost formula used in the quantitative risk analysis:
Presentation_ID
Internal system compromise

Stolen customer data
Phony transactions if external server is broken into
Phony transactions using a stolen customer PIN or smart card
Insider attack on the system Data input error
Data center destruction
Cisco Confidential
30
Risk Management Cont.

Using the risk avoidance approach, a company might decide
against offering e-banking services as it is deemed too risky.
Such an attitude might be valid for some military organizations,
but is usually not an option in the commercial world.
Organizations that can manage the risks are traditionally the most
profitable.
Presentation_ID
Cisco Confidential
31
Introducing Operations Security
Operations Security
Operations security is concerned with the day-to-day practices
necessary to first deploy and later maintain a secure system.
It starts with the planning and implementation process of a
network.
Presentation_ID
During these phases, the operations team proactively analyzes

designs, identifies risks and vulnerabilities, and makes the
necessary adaptations.
After a network is set up, the actual operational tasks begin,
including the continual day-to-day maintenance of the environment.
Cisco Confidential
33
Operations Security Team

The responsibilities of the operations team pertain to everything
that takes place to keep the network, computer systems,
applications, and the environment up and running in a secure and
protected manner.
The operations team usually has the objectives of preventing
reoccurring problems, reducing hardware failures to an
acceptable level, and reducing the impact of hardware failure or
disruption.
Presentation_ID
Cisco Confidential
34
Operations Security Team Cont.

To ensure a secure working environment within the operations
department, certain core principles should be integrated into the
day-to-day activities:
Separation of duties
Rotation of duties
Trusted recovery
Change and configuration controls
Presentation_ID
Cisco Confidential
35
Principles of Operations Security
Separation of Duties
Is the most difficult and sometimes
the most costly control to achieve.
SoD states that no single
individual has control over two or
more phases of a transaction or
operation.
Presentation_ID
Instead, responsibilities are

assigned in a way that
incorporates checks and
balances.
This makes a deliberate fraud
more difficult to perpetrate
because it requires a collusion of
two or more individuals or
parties.
Cisco Confidential
36
Rotation of Duties
Trained individuals are given a specific

assignment for a certain amount of time
before moving to a new assignment.
A peer review is built into the practice of
rotation of duties. For example, when
five people do one job in the course of
the week, each person reviews the work
of the others.
Rotation of duties also prevents
boredom and gives individuals a greater
breadth of exposure to the entire
network operation and creates a strong
and flexible operations department.
Presentation_ID
Cisco Confidential
37
Trusted Recovery
Systems eventually fail!
Therefore a process for recovery

must be established.
Back up data on a regular basis.
Backing up data is standard

practice in most IT departments.
Being prepared for system failure
is also an important part of
operations security:
Back up critical data on a

regular basis.
Evaluate who has access to the

files to back them up and what
kind of access they have.
Secure the backup media.
Presentation_ID
Cisco Confidential
38
Configuration and Change Control

Ensures that standardized methods and procedures are used to
efficiently handle all changes.
It should address three major components:
The processes in place to minimize system and network disruption

Backups and reversing changes that go badly
Guidance on the economic utilization of resources and time
A few suggestions are recommended to accomplish configuration

changes in an effective and safe manner:
Presentation_ID
Ensure that the change is implemented in an orderly manner with

formalized testing.
Ensure that the end users are aware of the coming change when
necessary.
Analyze the effects of the change after it is implemented.
Cisco Confidential
39
Configuration and Change Control Cont.

Step 1. Apply to introduce the change.
Step 2. Catalog the proposed change.
Step 3. Schedule the change.
Step 4. Implement the change.
Step 5. Report the change to the relevant parties.
Presentation_ID
Cisco Confidential
40
10.4 Network Security

Testing
Presentation_ID
Cisco Confidential
41
Introducing Network Security Testing
Network Security Testing

Network security testing is testing that is performed on a network
to ensure all security implementations are operating as expected.
Testing is typically conducted during the implementation and
operational stages.
During the implementation stage, security testing is conducted on
specific parts of the security system.
After a network is fully integrated and operational, a Security Test
and Evaluation (ST&E) is performed. ST&E is an examination or
analysis of the protective measures that are placed on an
operational network.
Tests should be repeated periodically and whenever a change is
made to the system. Test more frequently on critical information or
hosts that are exposed to constant threat.
Presentation_ID
Cisco Confidential
42
Network Security Tests

Many tests can be conducted to assess the operational status of
the system:
Penetration testing
Network scanning
Vulnerability scanning
Password cracking
Log review
Integrity checkers
Virus detection
Presentation_ID
Cisco Confidential
43
Network Security Tests Cont.

Penetration testing
Network penetration tests, or pen testing, simulate attacks from

malicious sources.
The goal is to determine the feasibility of an attack and possible

consequences if one were to occur.
Network scanning
Presentation_ID
Includes software that can ping computers, scan for listening TCP
ports and display which types of resources are available on the
network.
Some scanning software can also detect usernames, groups, and
shared resources.
Network administrators can use this information to strengthen their
networks.
Cisco Confidential
44

Vulnerability scanning
Includes software that can detect potential weaknesses in the

tested systems.
These weaknesses can include misconfiguration, blank or default

passwords, or potential targets for DoS attacks.
Some software allows administrators to attempt to crash the
system through the identified vulnerability.
Password cracking
Presentation_ID
Includes software that is used to test and detect weak passwords

that should be changed.
Password policies should include guidelines to prevent weak
passwords.
Cisco Confidential
45

Log review
System administrators should review security logs to identify

potential security threats.
Abnormal activity should be investigated using filtering software to

scan lengthy log files.
Integrity checkers
An integrity checking system detects and reports on changes in the

system.
Most of the monitoring is focused on file system. However, some
checking systems can report on login and logout activities.
Virus detection
Presentation_ID
Virus detection software can be used to identify and remove

computer viruses and other malware.
Cisco Confidential
46
Applying Network Test Results

Network security testing results can be used in several ways:
To define mitigation activities to address identified vulnerabilities
As a benchmark to trace the progress of an organization in
meeting security requirements
To assess the implementation status of system security
requirements
To conduct cost and benefit analysis for improvements to system
security
To enhance other activities, such as risk assessments,
certification and authorization (C&A), and performance
improvement efforts
As a reference point for corrective action
Presentation_ID
Cisco Confidential
47
Network Security Testing Tools
Network Testing Tools

Nmap - Discovers computers and services on a computer network, thus
creating a map of the network
SuperScan - Port scanning software designed to detect open TCP and UDP
ports, what services are running on those ports, and run queries, such as
whois, ping, traceroute, and hostname lookups
GFI LANguard - Network and security scanner which detects vulnerabilities
Tripwire - Assesses and validates IT configurations against internal policies,
compliance standards, and security best practices
Nessus - Vulnerability scanning software, focusing on remote access,
misconfiguration passwords, and DoS against the TCP/IP stack
L0phtcrack - Password auditing and recovery application
Metasploit - Provides information about vulnerabilities and aids in penetration
testing and IDS signature development
Presentation_ID
Cisco Confidential
48
Nmap
Nmap is a low-level scanner that has an array of excellent features

which can be used for network mapping and reconnaissance.
Classic TCP and UDP port scanning - Searches for different
services on one host.
Classic TCP and UDP port sweeping - Searches for the
same service on multiple hosts.
Stealth TCP and UDP port scans and sweeps - Similar to
classic scans and sweeps, but harder to detect by the target
host or IPS.
Remote operating system identification - This is also known
as OS fingerprinting.
Presentation_ID
Cisco Confidential
49
Nmap Cont.
Presentation_ID
Cisco Confidential
50
SuperScan
SuperScan is a Microsoft Windows port scanning tool.

SuperScan version 4 has a number of useful features:
Adjustable scanning speed
Support for unlimited IP ranges
Improved host detection using multiple ICMP methods
TCP SYN scanning
UDP scanning (two methods)
Simple HTML report generation
Source port scanning
Fast hostname resolving
Extensive banner grabbing
Massive built-in port list description database
IP and port scan order randomization
A selection of useful tools, such as ping, traceroute, and whois
Extensive Windows host enumeration capability
Presentation_ID
Cisco Confidential
51
SuperScan Cont.
Presentation_ID
Cisco Confidential
52
10.5 Business Continuity

and Business
Planning
Presentation_ID
Cisco Confidential
53
Continuity Planning and Disaster Recovery
Business Continuity Planning

Business continuity planning addresses the continuing operations
of an organization in the event of a disaster or prolonged service
interruption that affects the mission of the organization.
These plans address:
An emergency response phase

A recovery phase
A return to normal operation phase
Business continuity planning may include plans, such as:
Moving or relocating critical business components and people to a

remote location while the original location is being repaired.
Using different channels of communication to deal with customers,

shareholders, and partners until operations are returned to normal.
Presentation_ID
Cisco Confidential
54
Continuity Planning and Disaster Recovery
Disaster Recovery
Disaster recovery is the process of regaining access to the data,

hardware, and software necessary to resume critical business
operations after a natural or human-induced disaster.
It includes plans for coping with the unexpected or sudden loss of
key personnel.
Presentation_ID
Cisco Confidential
55
Recovery Plans and Redundancy
Recovery Plans
When planning for disaster

recovery and business
continuity, the first step is
identifying the possible types of
disasters and disruptions.
Not all disruptions to business
operations are equal.
A good disaster recovery plan
considers the magnitude of the
disruption, recognizing that
there are differences between
catastrophes, disasters, and
minor incidents.
Presentation_ID
Cisco Confidential
56
Recovery Plans and Redundancy
Redundancy
Large organizations might require a redundant facility if some

catastrophic event results in facility destruction.
Hot sites:
A completely redundant facility with almost identical equipment.
Warm site:
Physically redundant facilities, but software and data are not stored and
updated on the equipment.
A disaster recovery team is required to physically go to the redundant

facility and get it operational.
Depending on how much software and data is involved, it can take days
before operations are ready to resume.
Cold site:
Presentation_ID
An empty datacenter with racks, power, WAN links, and heating,

ventilation, and air conditioning (HVAC) already present, but no equipment.
Cisco Confidential
57
Secure Copy
Secure Copy
The primary goal of disaster recovery is to restore the network to
a fully functional state.
Two of the most critical components of a functional network are
the router configuration and the router image files.
Every disaster recovery plan should include backup and retrieval
of these files.
Because an organization's network configuration includes private
or proprietary information, these files must be copied in a secure
manner.
The secure copy (SCP) feature provides a secure and
authenticated method for copying router configuration or router
image files.
Presentation_ID
Cisco Confidential
58
Secure Copy
Secure Copy Cont.
Presentation_ID
Cisco Confidential
59
Secure Copy
SCP Server Configuration

Because SCP relies on SSH for secure transport, before enabling
SCP, you must correctly configure SSH, and the router must have
an RSA key pair.
To configure the router for server-side SCP, perform these steps:
Step 1. Enable AAA with the aaa new-model global configuration
mode command.
Presentation_ID
Cisco Confidential
60
Secure Copy
SCP Server Configuration Cont.

Step 2. Define a named list of authentication methods, with the
aaa authentication login {default |listname} method1 [method2...] command.
Presentation_ID
Cisco Confidential
61
Secure Copy

Step 3. Configure command authorization with the aaa
authorization {network | exec | commands
level} {default | list-name} method1...
[method4] command.
Presentation_ID
Cisco Confidential
62
Secure Copy

Step 4. Configure a username and password to use for local
authentication with the username name [privilege
level] {password encryption-type password}
command. This step is optional if using network-based
authentication such as TACACS+ or RADIUS.
Presentation_ID
Cisco Confidential
63
Secure Copy

Step 5. Enable SCP server-side functionality with the ip scp
server enable command.
Presentation_ID
Cisco Confidential
64
Secure Copy
Presentation_ID
Cisco Confidential
65
Secure Copy
Presentation_ID
Cisco Confidential
66
10.7 Developing a
Comprehensive
Security Policy
Presentation_ID
Cisco Confidential
76
Security Policy Overview
Secure Network Life Cycle

The Secure Network Life Cycle is a
process of assessment and reevaluation of equipment and security
needs as the network changes.
One important aspect of this ongoing
evaluation is to understand which assets
an organization must protect, even as
those assets are changing.
Determine what the assets of an

organization are by asking questions:
What does the organization have that

others want?
What processes, data, or information

systems are critical to the organization?
What would stop the organization from

doing business or fulfilling its mission?
Presentation_ID
Cisco Confidential
77
Security Policy
A security policy is a set of security objectives for a
company, rules of behavior for users and administrators,
and system requirements.
These objectives, rules, and requirements collectively
ensure the security of a network and the computer systems
in an organization.
A security policy is a constantly evolving document based
on changes in technology, business, and employee
requirements.
Presentation_ID
Cisco Confidential
78
Security Policy
A comprehensive security policy has a number of benefits:
Demonstrates an organizations commitment to security
Sets the rules for expected behavior
Ensures consistency in system operations, software and hardware
acquisition and use, and maintenance
Defines the legal consequences of violations
Gives security staff the backing of management
Security policies are used to inform users, staff, and managers of an
organizations requirements for protecting technology and information
assets
A security policy also specifies the mechanisms that are needed to
meet security requirements and provides a baseline from which to
acquire, configure, and audit computer systems and networks for
compliance.
Presentation_ID
Cisco Confidential
79
Security Policy
A security policy may include the following:
Identification and Authentication Policies Specifies authorized persons that can have
access to network resources and verification
procedures.
Password Policies - Ensures passwords meet
minimum requirements and are changed
regularly.
Acceptable Use Policies - Identifies network
applications and usages that are acceptable to
the organization. It may also identify
ramifications if this policy is violated.
Remote Access Policies - Identifies how
remote users can access a network and what is
accessible via remote connectivity.
Network Maintenance Policies - Specifies
network device operating systems and end user
application update procedures.
Incident Handling Procedures - Describes how
Presentation_ID security incidents are handled.
Cisco Confidential
80
Security Policy Audience

The audience for the security policy is anyone who has access to the
network.
Internal audience includes various personnel, such as managers
and executives, departments and business units, technical staff,
and employees.
External audience is also a varied group that includes partners,
customers, suppliers, consultants, and contractors.
Presentation_ID
Cisco Confidential
81
Structure of a Security Policy
Security Policy
Hierarchy
These documents are often broken into a hierarchical structure:

Governing policy - High-level treatment of the security guidelines that are
important to the entire company. Managers and technical staff are the intended
audience. The governing policy controls all security-related interactions among
business units and supporting departments in the company.
Technical policy - Used by security staff members as they carry out security
responsibilities for the system. These policies are more detailed than the
governing policy and are system-specific or issue-specific. For example,
access control and physical security issues are described in a technical policy.
End user policy - Covers all security topics that are important to end users.
End users can include employees, customers, and any other individual user of
the network.
Presentation_ID
Cisco Confidential
82
Governing Policy
The governing policy outlines the companys overall
security goals for managers and technical staff.
It covers all security-related interactions among business
units and supporting departments in the company.
Includes several components:
Statement of the issue that the policy addresses
How the policy applies in the environment
Roles and responsibilities of those affected by the policy
Actions, activities, and processes that are allowed (and not
allowed)
Consequences of noncompliance
Presentation_ID
Cisco Confidential
83
Technical Policy
Technical policies are detailed documents that are used by

technical staff in the conduct of their daily security
responsibilities.
Technical policies are broken down into specified technical
areas, including:
General Policies
Telephony Policy
Email and Communications Policy
Remote Access Policy
Network Policy
Application Policy
Presentation_ID
Cisco Confidential
84
End User Policies

End user policies cover all rules pertaining to information
security that end users should know about and follow.
End user policies might overlap with technical policies, but
may also include:
Identity Policy
Password Policy
Anti-Virus Policy
Presentation_ID
Cisco Confidential
85
Standards, Guidelines, and Procedures
Security Policy Documents

The security policy documents are high-level overview
documents.
These include:
Standards documents
Guidelines documents
Procedures documents
Presentation_ID
Cisco Confidential
86
Standard Documents
One of the most important security principles is consistency and

therefore it is necessary for organizations to establish standards.
Each organization develops standards to support its unique
operating environment.
Device configuration standards are defined in the technical
section of an organization's security policy.
Presentation_ID
Cisco Confidential
87
Guideline Documents
Guidelines provide a list of suggestions on how to do things

better.
They are similar to standards, but are more flexible and are not
usually mandatory.
Guidelines can be used to define how standards are developed and
to guarantee adherence to general security policies.
A number of guidelines are widely available:
National Institute of Standards and Technology (NIST) Computer

Security Resource Center
National Security Agency (NSA) Security Configuration Guides

The Common Criteria Standard
Presentation_ID
Cisco Confidential
88
Procedure Documents
Procedure documents are longer and more detailed than
standards and guidelines.
Procedure documents include implementation details, usually with
step-by-step instructions and graphics.
Procedure documents are extremely important for large
organizations to have the consistency of deployment that is
necessary for a secure environment.
Presentation_ID
Cisco Confidential
89
Roles and Responsibilities
Organizational Reporting Structure

All persons in an organization, from the Chief Executive Officer
(CEO) to the newest hires, are considered end users of the
network and must abide by the organizations security policy.
Developing and maintaining the security policy is delegated to
specific roles within the IT department.
Presentation_ID
Cisco Confidential
90
Common Executive Titles

Chief Executive Officer (CEO)
Is ultimately responsible for the success of an organization.
All executive positions report to the CEO.
Chief Technology Officer (CTO)
Identifies and evaluates new technologies and drives new

technology development to meet organization objectives.
Maintains and enhances the enterprise systems, while providing

direction in all technology-related to support operations.
Presentation_ID
Cisco Confidential
91
Common Executive Titles

Chief Information Officer (CIO)
Responsible for the information technology and computer systems that support enterprise
goals, including successful deployment of new technologies and work processes.
Small-to-medium-sized organizations typically combine the responsibilities of CTO and

CIO into a single position.
When an organization has both a CTO and CIO, the CIO is generally responsible for
processes and practices supporting the flow of information, and the CTO is responsible for
technology infrastructure.
Chief Security Officer (CSO)
Develops, implements, and manages the organizations security strategy, programs, and
processes associated with all aspects of business operation, including intellectual
property.
A major aspect of this position is to limit exposure to liability in all areas of financial,
physical, and personal risk.
Chief Information Security Officer (CISO)
Similar to the CSO, except that this position has a specific focus on IT security.
CISO must develop and implement the security policy, either as the primary author or
management of authorship. In either case, the CISO is responsible and accountable for
security policy content.
Presentation_ID
Cisco Confidential
92
Security Awareness and Training
Security Awareness Program

Where is the weakest link in any network infrastructure?
The User!
To help ensure the enforcement of the security policy, a security
awareness program must be put in place.
Presentation_ID
Cisco Confidential
93
Security Awareness Program Cont.

A security awareness program usually has two major
components:
Awareness campaigns
Training and education
A good security awareness program:
Presentation_ID
Informs users of their IT security responsibilities.

Explains all IT security policies and procedures for using the IT
systems and data within a company.
Helps protect the organization from loss of intellectual capital,
critical data, and even physical equipment.
Must also detail the sanctions that the organization imposes for
noncompliance.
Should be part of all new hire orientation.
Cisco Confidential
94
Awareness Campaigns
Awareness is not training. The
purpose of awareness presentations
is simply to focus attention on
security. Awareness presentations
are intended to allow individuals to
recognize IT security concerns and
respond accordingly. In awareness
activities, the learner is the recipient
of information... Awareness relies on
reaching broad audiences with
attractive packaging techniques.
(NIST Special Publication 800-16)
Presentation_ID
Cisco Confidential
95
Awareness Campaigns Cont.

There are several methods of
increasing security awareness:
Posters, newsletter articles, and

bulletins
Lectures, videos
Awards for good security

practices
Reminders, such as login

banners, mouse pads, coffee
cups, and notepads, etc.
Presentation_ID
Cisco Confidential
96
Security Training Course
Presentation_ID
Cisco Confidential
97
Security Training Course Cont.

An effective security training course requires proper planning,
implementation, maintenance, and periodic evaluation.
The life cycle of a security training course includes several steps:
Step 1. Identify course scope, goals, and objectives.
Step 2. Identify and educate training staff.
Step 3. Identify target audiences.
Step 4. Motivate management and employees.
Step 5. Administer the courses.
Step 6. Maintain the courses.
Step 7. Evaluate the courses.
Presentation_ID
Cisco Confidential
98
Educational Program
Education integrates all the security skills and competencies of
the various functional specialties into a common body of
knowledge.
It adds a multidisciplinary study of concepts, issues, and principle,
both technological and social, and strives to produce IT security
professionals capable of vision and proactive response.
An example of an educational program is a degree program at a
college or university.
Presentation_ID
Cisco Confidential
99
Laws and Ethics
Laws
A big reason for setting security policies and implementing awareness programs
is compliance with the law.
You must be familiar with the laws and codes of ethics that are binding for
Information Systems Security (INFOSEC) professionals.
Most countries have three types of laws:
Criminal law:
Civil law (also called tort):

Focuses on correcting situations in which entities have been harmed
and an economic award can help.
Imprisonment is not possible in civil law.
For example: suing for patent infringement.
Administrative law:
Involves government agencies enforcing regulations.
Presentation_ID
Concerned with crimes, and its penalties usually involve fines or

imprisonment, or both.
For example: a company might owe its employees vacation pay.

Cisco Confidential
100
Laws and Ethics
Ethics
Ethics is a standard that is higher than the law.

It is a set of moral principles that govern civil behavior and are
often referred to as codes of ethics.
Ethical principles are often the foundation of many of the laws
currently in place.
Individuals that violate the code of ethics can face consequences
such as loss of certification, loss of employment, and even
prosecution by criminal or civil court.
Presentation_ID
Cisco Confidential
101
Laws and Ethics
Ethics Cont.
The information security profession has a number of formalized
codes:
International Information Systems Security Certification
Consortium, Inc (ISC)2 Code of Ethics
Computer Ethics Institute (CEI)
Internet Activities Board (IAB)
Generally Accepted System Security Principles (GASSP)
Presentation_ID
Cisco Confidential
102
Laws and Ethics
Code of Ethics
Code of Ethics Preamble
Safety of the commonwealth, duty to our principals, and to each other
requires that we adhere, and be seen to adhere, to the highest ethical
standards of behavior. Therefore, strict adherence to this Code is a
condition of certification.
Code of Ethics Canons
Presentation_ID
Protect society, the commonwealth, and the infrastructure.

Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principals.
Advance and protect the profession.
Cisco Confidential
103
Responding to a Security Breach
Motive, Opportunity, and Means

Different countries have different legal standards. In most
countries and courts, to successfully prosecute an individual, it is
necessary to establish motive, opportunity, and means.
Motive answers the question of why a person committed the
illegal act.
Opportunity answers the question of when and where the person
committed the crime.
Means answers the question of how the person committed the
crime.
Establishing motive, opportunity, and means is a standard for
finding and prosecuting individuals of all types of crimes.
Presentation_ID
Cisco Confidential
104
Responding to a Security Breach
Collecting Data
The process of collecting data must be done precisely and

quickly.
When a security breach occurs, it is necessary to isolate the
infected system immediately.
After data is collected, but before equipment is disconnected, it is
necessary to photograph the equipment in place.
If security protocols are established and followed, organizations
can minimize the loss and damages resulting from attacks.
Presentation_ID
Cisco Confidential
105
2012 Cisco and/or its affiliates. All rights reserved.
106
Presentation_ID
Cisco Confidential
107

CCNAS - Ch10 - Managing A Secure Network

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNAS - Ch10 - Managing A Secure Network

Uploaded by

Copyright:

Available Formats

Chapter 10: Managing

2008 Cisco Systems, Inc. All rights reserved.

Chapter 10: Objectives

Describe the high-level considerations for ensuring that a network is secure.

Describe the overarching concepts of operations security.

Describe the core principles of operations security.

Describe the tools used in network security testing.

Describe business continuity planning and disaster recovery.

Configure the Cisco Secure Copy feature.

Describe the SDLC.

Describe the five phases of the SDLC.

Describe the goals of a security policy.

Describe the structure of a security policy.

Describe the standards, guidelines, and procedures of a security policy.

Describe the roles and responsibilities entailed within a security policy.

Describe ethical guidelines and laws for network security.

Describe how to respond to a security breach.

2008 Cisco Systems, Inc. All rights reserved.

2008 Cisco Systems, Inc. All rights reserved.

10.1 Principles of Secure

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Secure End-to-End Network Approach

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Secure End-to-End Network Approach Cont.

Protects network endpoints, such as workstations and servers, against

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Secure End-to-End Network Approach Cont.

Uses Cisco IOS Firewall and accompanying ACLs to secure resources

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Secure End-to-End Network Approach Cont.

Supplements Cisco IOS Firewall with Cisco IPS technology to evaluate

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Secure End-to-End Network Approach Cont.

Protects the LAN by following Layer 2 and VLAN recommended practices

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Secure End-to-End Network Approach Cont.

Where are all of these security approaches documented?

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Security Policies Cont.

What does the organization want to do with the network?

Threat identification - What are the most likely types of threats

What is the cost versus benefit analysis of implementing various

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Security Policies Cont.

What are the policies, standards, and guidelines needed to address

What are the reliable, well-understood, and recommended security

What are the current procedures for incident response, monitoring,

2008 Cisco Systems, Inc. All rights reserved.

Ensuring a Network is Secure

Avoid Wrong Assumptions

Use top-down analysis of possible system failures, which involves

Known an attack tree analysis.

2008 Cisco Systems, Inc. All rights reserved.