CCNA 200-301 Volume 2 Chapter 4 Security Architectures
In this chapter, key security concepts and program elements are defined, along with discussions on password policies, authentication, authorization, and accounting. Various security attacks like spoofing, DoS, and malware types are illustrated and explained. The content also covers enterprise system examples and security terminology.
Download Presentation

Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
CCNA 200-301, Volume 2 Chapter 4 Security Architectures
Objectives Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques) Describe security program elements (user awareness, training, and physical access control) Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics) Differentiate authentication, authorization, and accounting concepts
Example Enterprise Extends Beyond Its Own Boundary
Summary of Address Spoofing Attacks Goal DoS/DDoS Reflection Amplification Man-in-the- Middle No Exhaust a system service or resource; crash the target system Trick an unwitting accomplice host to send traffic to target Eavesdrop on traffic Modify traffic passing through Yes No No No Yes Yes No No No No No No No Yes Yes
Summary of Malware Types Characteristic Packaged inside other software Self-injected into other software Propagates automatically Trojan Horse Yes Virus No Worm No No Yes No No No Yes
Summary of Human Security Vulnerabilities Attack Type Social engineering Phishing Spear phishing Whaling Vishing Smishing Pharming Goal Exploits human trust and social behavior Disguises a malicious invitation as something legitimate Targets group of similar users Targets high-profile individuals Uses voice calls Uses SMS text messages Uses legitimate services to send users to a compromised site Targets specific victims who visit a compromised site Watering hole
Summary of Password Authentication and Alternatives Characteristic Password Only Yes Two- Factor Yes Yes Digital Certificates Biometric Something you know Something you have Something you are Yes Yes