Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Chapter 9 Case Study

    Hochgeladen von

    gabymena06
    154 Ansichten4 Seiten
    9 Case

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    9 Case

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    154 Ansichten4 Seiten

    Chapter 9 Case Study

    Hochgeladen von

    gabymena06
    9 Case

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 4

    CCNA Security Chapter 9 Case Study

    Objectives

    Describe the principles of secure network design.

    Describe operations security.

    Describe network security testing tools and techniques.

    Describe business continuity and disaster recovery.

    Describe the system development life cycle concept and its application to a secure network life
    cycle.

    Describe the purpose and function of a network security policy.

    Scenario
    Superior Health Care System will be implementing many changes over the next two years. Your team will
    have a major impact on the success of these changes. The CEO of the company has personally
    requested that your team participant in the following initiatives:

    Create a new information assurance policy and training program

    Test our existing equipment to identify the need for upgrades and replacements.

    Develop an RFP for a comprehensive penetration test of our systems and network.

    Identify the critical aspects of the systems and perform a network security test.

    Report all findings and make all necessary recommendations needed to secure our systems in
    the future.

    Tasks 9.1
    Your team will be responsible for developing the first draft for the following Information Assurance
    Policies:
    1. Acceptable use policy
    2. VPN implementation policy
    3. Virus and malicious code mitigation policy
    4. IDS/IPS implementation policy
    5. Authentication/Authorization policy
    6. Incident response policy
    Tasks 9.2
    As part of the reorganization, Superior Health Care System Corporations Chief Information Officer has
    created an action list for your team. She has requested that your team test the following features in our
    test lab facilities and report back on the results.
    1. Secure network devices with AAA, SSH, role-based CLI, syslog, SNMP, and NTP.
    2. Secure services using AutoSecure and one-step lockdown.
    2009 Cisco Learning Institute

    CCNA Security Chapter 9 Case Study

    3. Protect network endpoints, such as workstations and servers, against viruses, Trojan Horses, and
    worms with Cisco NAC, Cisco IronPort, and Cisco Security Agent.
    4. Use Cisco IOS Firewall and accompanying ACLs to secure resources internally while protecting
    those resources from outside attacks.
    5. Supplement Cisco IOS Firewall with Cisco IPS technology to evaluate traffic using an attack
    signature database.
    6. Protect the LAN by following Layer 2 and VLAN recommended practices and by using a variety of
    technologies, including BPDU guard, root guard, PortFast, and SPAN.
    Tasks 9.3
    We would like you to draft a two page document detailing the framework and components of a corporate
    wide information assurance education, training and awareness program. Please provide examples and
    resources that support your proposal.
    Tasks 9.4
    Our senior management team wants to make sure we have thoroughly tested and strengthened our
    systems and network. In an effort to respond to this priority, the Chief Information Assurance Officer has
    directed your team to compose an RFP to identify a company contracted to perform a penetration test on
    our systems and assist our staff in mitigating potential risk and vulnerabilities. Please have your team
    draft the document and make sure they include the following activities as part of the request:
    Internal/Intranet Testing

    Clients, Servers

    Databases

    Switches

    Routers

    Intranet

    Remote Management Hardware/Software

    IDS - IPS

    Patch Management

    Virus/Spyware

    External/DMZ/Extranet

    Web Sites

    Database Mining

    Mail Servers

    Advanced E-Mail Tracking and Tracing


    2009 Cisco Learning Institute

    CCNA Security Chapter 9 Case Study

    DNS Servers

    FTP Servers

    VPN Servers

    Wireless Networks

    Firewalls

    Physical Security

    Server Room

    Back-up Media

    Accessibility To Security Controls

    Cabling, Physical Access

    Key Loggers

    Documentation

    Lock Picking

    Hot Jacks

    Phone Systems

    Covert Wireless

    Component/Stages of the Test


    1. Establish the scope of the test
    2. Planning the test with sign offs
    3. Target acquisition
    4. Network mapping
    5. Fingerprinting
    6. Enumeration
    7. Vulnerability assessment
    8. Vulnerability exploitation
    9. Breakin
    10. Privilege escalate
    11. Hiding/Stealing data
    2009 Cisco Learning Institute

    CCNA Security Chapter 9 Case Study

    12. Planting backdoors


    13. Covering Tracks
    14. Test Result Analysis
    15. Reporting
    16. Post-Test consultation

    2009 Cisco Learning Institute

    Das könnte Ihnen auch gefallen