CCNA 200-301 Volume 2 Chapter 4 Security Architectures

In this chapter, key security concepts and program elements are defined, along with discussions on password policies, authentication, authorization, and accounting. Various security attacks like spoofing, DoS, and malware types are illustrated and explained. The content also covers enterprise system examples and security terminology.

• CCNA
• Security Architectures
• Cybersecurity
• Network Security
• Threats

zea_iya Follow

Uploaded on Feb 18, 2025 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. CCNA 200-301, Volume 2 Chapter 4 Security Architectures

2. Objectives Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques) Describe security program elements (user awareness, training, and physical access control) Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics) Differentiate authentication, authorization, and accounting concepts

3. Example of an Enterprise Closed System

4. Example Enterprise Extends Beyond Its Own Boundary

5. Security Terminology Illustrated

6. Sample Spoofing Attack

7. Sample Denial-of-Service Attack

8. A Sample Reflection Attack

9. A Man-in-the-Middle Attack Begins

10. A Man-in-the-Middle Attack Succeeds

11. Summary of Address Spoofing Attacks Goal DoS/DDoS Reflection Amplification Man-in-the- Middle No Exhaust a system service or resource; crash the target system Trick an unwitting accomplice host to send traffic to target Eavesdrop on traffic Modify traffic passing through Yes No No No Yes Yes No No No No No No No Yes Yes

12. Summary of Malware Types Characteristic Packaged inside other software Self-injected into other software Propagates automatically Trojan Horse Yes Virus No Worm No No Yes No No No Yes

13. Summary of Human Security Vulnerabilities Attack Type Social engineering Phishing Spear phishing Whaling Vishing Smishing Pharming Goal Exploits human trust and social behavior Disguises a malicious invitation as something legitimate Targets group of similar users Targets high-profile individuals Uses voice calls Uses SMS text messages Uses legitimate services to send users to a compromised site Targets specific victims who visit a compromised site Watering hole

14. Summary of Password Authentication and Alternatives Characteristic Password Only Yes Two- Factor Yes Yes Digital Certificates Biometric Something you know Something you have Something you are Yes Yes

15. Simplified View of AAA