Uploaded by mahervijay2

web design

advertisement
CompTIA Network+ Exam N10-008
Lesson 17
Explaining Organizational and
Physical Security Concepts
Copyright © 2023 CompTIA, Inc. All Rights Reserved. | CompTIA.org
1
Objectives
• Explain organizational documentation and policies
• Explain physical security methods
• Compare and contrast Internet of Things devices
2
Lesson 17
Topic 17A
Explain Organizational
Documentation and Policies
Copyright © 2023 CompTIA, Inc. All Rights Reserved. | CompTIA.org
3
Operating Plans and Procedures
• Configuration management: Identifying and documenting all the
infrastructure and devices installed at a site.
•
Assets and configuration items
•
Baselines: configuration baseline (the ACL applied to a firewall, for instance) or a
performance baseline (such as the throughput achieved by the firewall).
• Change management
•
Reactive versus proactive
•
Change request and approval (a Request for Change (RFC))
• Standard Operating Procedures (SOPs)
4
System Life Cycle Plans and Procedures
•
Audit report
•
Identify and record assets
• An asset management database can be configured
to store as much or as little information as is
deemed necessary, though typical data would be
type, model, serial number, asset ID, location,
user(s), value, and service information.
• For each asset record, there should also be a copy
of or link to the appropriate vendor documentation
•
•
Assessment report
•
Evaluate configuration/performance
•
Compare to baselines
System life cycle
•
Acquisition, deployment, use, and decommissioning
5
Physical Network Diagrams
• Floor plan
• Detailed scale diagram
• Wiring diagram
• Illustrate and document cable termination/ports
• Distribution frame
• Port IDs
• Main versus intermediate distribution frames (MDF versus IDF)
• Site survey report
6
Rack Diagrams
• Rack format
• Standard 19” width
• 1.75” U multiples in height
• Stencils
• Position of appliances
• Label network and power ports
• Configuration and asset
information
7
Logical versus Physical Network Diagrams
• Diagram types
•
Detailed physical plans
•
Schematics (simplified) done in layers
• Constrain to single OSI layer per
diagram
•
PHY (Physical layer)
•
Data Link (layer 2)
•
Logical (IP/layer 3)
•
Application
• Standard icons
8
Security Response Plans and Procedures
• Incident response plan
•
Categorize incident types, such as data breach, malware/intrusion detection, denial of service
(DoS), …
•
Restoring security versus preserving evidence (tough choice…)
• Disaster recovery plan
•
Identify major incident scenarios
• Business continuity plan
•
Identify and prioritize functions for investment in fault tolerance/redundancy
•
Business impact analysis (BIA)
•
IT contingency planning (ITCP)
9
Hardening and Security Policies
• Security policy types
• Human Resources (HR)-led policies
• Onboarding
• Offboarding
10
Usage Policies
• Password policy
•
User behavior
•
System-enforced selection and change
rules
• Acceptable Use Policy (AUP)
• Bring your own device (BYOD) policies
•
BYOD versus corporate owned
•
Mobile Device Management
(MDM)/Enterprise Mobility Management
(EMM)
11
Data Loss Prevention
• Risks from data breach
• Data loss prevention (DLP)
software
• Use some sort of dictionary
database or algorithm (regular
expression matching) to identify
confidential or personal/sensitive
data.
• Control access, copying, e-mailing
and printing
12
Remote Access Policies
• Ensure remote devices and network connections do not create
vulnerabilities
• Malware protection and patching of remote hosts
• Protection of credentials
• Protection for data processed off-site
• Treat remote hosts and networks as untrusted
13
Common Agreements
• Service Level Agreement (SLA) requirements
• Non-Disclosure Agreement (NDA)
• Legal basis for protecting information assets
• Used in employment contracts and between companies
• Memorandum of Understanding (MoU)
• exploratory agreement to express an intent to work together.
14
Review Activity: Documentation and Policies
• Operating Plans and Procedures
• System Life Cycle Plans and Procedures
• Physical Network Diagrams and Rack Diagrams
• Logical versus Physical Network Diagrams
• Security Response Plans and Procedures
• Hardening and Security Policies
• Usage Policies
• Data Loss Prevention
• Remote Access Policies
• Common Agreements
15
Lab Activity
Assisted Lab: Develop
Network Documentation
• Lab types
•
Assisted labs guide you step-by-step through tasks
•
Applied labs set goals with limited guidance
• Complete lab
•
Submit all items for grading and check each progress box
•
Select “Grade Lab” from final page
• Save lab
•
Select the hamburger menu and select “Save”
•
Save up to two labs in progress for up to 7 days
• Cancel lab without grading
•
Select the hamburger menu and select “End”
16
Lesson 17
Topic 17B
Explain Physical Security
Methods
Copyright © 2023 CompTIA, Inc. All Rights Reserved. | CompTIA.org
17
Badges and Site Secure Entry Systems
• Access control hardware
• Badge reader
• Biometric
• Access control vestibule
• Prevent tailgating and piggybacking
• Turnstile
• “Mantrap”
18
Physical Security for Server Systems
• Locking racks
• Lock whole rack
• Bracket/shelf locks
• Locking cabinets
• Smart lockers
• Smart card/biometric lock
• Sensors to detect add/remove
19
Detection-Based Devices
• Surveillance systems and security guards
• Cameras
•
Fixed versus Pan-Tilt-Zoom (PTZ)
•
Focal length
•
Closed Circuit Television (CCTV) coax
networks
•
IP camera data and PoE networks
• Asset tags
•
Link asset to database/configuration
management
•
Radio Frequency ID (RFID) monitored tags
20
Alarms and Tamper Detection
• Alarm types
• Circuit/tamper detection
• Motion detection
• Alarms for rack systems and chassis
intrusion
• Tamper detection for cabling
• A physically secure cabled
network is referred to as a
Protected Distribution System
(PDS).
21
Asset Disposal
• Factory reset/configuration wipe
•
Remove accounts and passwords
•
Remove configuration information
•
Remove licensing keys and registration
• Data remnants and media sanitization
•
Physical destruction
•
Overwriting and HDDs versus SSDs
•
Secure Erase (SE)
•
Instant Secure Erase (ISE)
➢ It's important to know what a factory reset actually
does, though.
➢ It puts all applications back into their original state
and removes anything that wasn't there when the
computer left the factory.
➢ That means user data from the applications will
also be deleted.
➢ However, that data will still live on the hard drive
➢ In short, the reset can give you a false sense of
security.
22
Employee Training
• Security awareness
• Incident reporting
• Site security
• Data and credential handling
• Social engineering, malware, and
other threat awareness
• Role-based training
23
Review Activity: Physical Security Methods
• Badges and Site Secure Entry Systems
• Physical Security for Server Systems
• Detection-Based Devices
• Alarms and Tamper Detection
• Asset Disposal
• Employee Training
24
Lesson 17
Topic 17C
Compare and Contrast Internet
of Things Devices
Copyright © 2023 CompTIA, Inc. All Rights Reserved. | CompTIA.org
25
Internet of Things
• The global network of personal devices, home appliances, home control
systems, vehicles, and other items that have been equipped with sensors,
software, and network connectivity
• Consumer-grade smart devices
•
Hub versus device functions
• Physical access control systems and smart buildings
•
A network of monitored locks, intruder alarms, and video surveillance cameras.
•
Smart building for offices and datacenters can include PACS, but also network-based
configuration and monitoring of heating, ventilation, and air conditioning (HVAC),
fire control, power and lighting, and elevators and escalators, etc.
26
ICS/SCADA
• Industrial control systems (ICS) provides mechanisms for workflow and process automation
• Workflow and process automation systems
•
Power suppliers, water suppliers, health services, telecommunications, and national security services
•
Devices have a Programmable logic controller (PLC)
•
Mechanical devices and sensors
•
Human-machine interface (HMI)
• Supervisory Control and Data Acquisition (SCADA)
•
ICS distributed over large areas
•
Control software running on PCs
•
Cellular communications to link the SCADA server to field devices.
27
IoT Networks
•
•
Operational Technology (OT) networks
•
Serial data or industrial Ethernet
•
Require deterministic, low-latency delivery over bandwidth
Cellular networks
•
Specialized, low-latency versions of 4G/5G
• Narrowband-IoT (NB-IoT)—this refers to a low-power version of the Long Term Evolution (LTE) or 4G cellular standard.
• Narrowband also has greater penetrating power, making it more suitable for use in inaccessible locations, such as
tunnels or deep within buildings, where ordinary cellular connectivity would be impossible.
• LTE Machine Type Communication (LTE-M)—this is another low-power system but supports higher bandwidth (up to
about 1 Mbps).
•
Z-Wave and Zigbee
•
Wireless mesh for home automation devices
28
Placement and Security
• Consumer-grade smart devices
•
Vendor assessment
• Consumer-grade smart devices and home automation products can be poorly documented and patch
management/security response processes of vendors can be inadequate.
•
Risks from shadow IT where employees deploy a network-enabled device without going through a change and
configuration management process
• Smart buildings
•
Isolate management traffic from data networks
•
Include in configuration management/assessments
• ICS/SCADA
•
While an ICS or SCADA is typically implemented as a dedicated OT or wireless WAN network, there may be points
where these networks are inked to a corporate data network.
29
Review Activity: Internet of Things Devices
• Internet of Things
• ICS/SCADA
• IoT Networks
• Placement and Security
30
CompTIA Network+ Exam N10-008
Lesson 17
Summary
Copyright © 2023 CompTIA, Inc. All Rights Reserved. | CompTIA.org
31
Download