Time
11 hours
Difficulty
Intermediate
CEU/CPE
15

Video Transcription

00:01
Hello. Welcome back, Cisco Certified Design associate Are you tall eyes in total 0.1.
00:07
I'm your instructor. Wait.
00:09
In a previous Vito we talked about, I promoted cussed From this video, we will begin to introduce never security Overview.
00:18
Here's the pre assessment question which free our security service is offered a through Siskel router Security. True. Three. A trust and identity be integrated. A fright control See Unified A wireless Now our security solution. Thesixty your connectivity e voice messaging security
00:38
af en pointe security
00:40
G Virtual security gate away It'll be a E and the deed.
00:46
Here's the topic of all. Discuss
00:49
security legislation. A number of the legislative bodies, along with the public, have insisted on security controls be in place to protect a private information on to make a certain that it is a handled properly. This legislative bodies influence never security by imposing man needs
01:08
with which organizations are required to comply.
01:11
These requirements, and that includes protecting customer information with regards to privacy and, in some cases, requiring encryption off the data. The United States has growing body of a security legislation that you need to be aware off
01:27
US public company accounting reform and a Master Protection Act of two on two
01:34
Serbians Oxley our socks focuses on the accuracy and controls imposed the companies of financial records. This U S federal law was passed because of the number of incorporate Ana conking scandals. They take place
01:52
payment car industry PC I data Security standard D S S P C eyes that they had a security standard that they find how to protect a credit cardholder data including the story agent of transfer of credit card holder information. Many retainers that accept credit cards have to meet a p C i. D. S s a standard
02:12
warp a stiff penalties on our subject to regular and recorders audience of for PC ideas as compliance
02:21
Gramm Leach Billey Financial Services Modernization Act Over 1999 Jobe a provides protection against the sale all the bank and a company information that regularly bought in a soda by financial institutions.
02:36
GOP A also guards against the practice of obtaining private information through false pretense ese
02:42
US Health Insurance Portability and Accountability Act. H i p. A HIPAA applies to the protection of a private health information that is used to electronica Lee The purpose is to enable better access to health information,
02:59
reduce fraud in a lower the cost of a health care
03:01
in the United States. E o Data Protection Directive 95 46 Easy calls for the protection of a people's right to privacy with respect to the processing of a personal data. This table described the security legislation and identifies its appropriation.
03:22
Securities writes. It is important to be aware over the different that title of attacks. The data can impact the security of I T systems. Security threats can be classified into the following categories. Reconnaissance. The goal of the reconnaissance is together as much information as possible about the party gave the host network
03:40
generally this terribly information gathering is done before and the attack is carried out.
03:46
Unauthorized access referred to the act of acting or exploiting the targeting system or a host operating system. The service's and physical access to the targeted host have no one system of honor, but of these data, the attacker can take advantage over Andi. I used to increase his or her privileges.
04:03
Socio engineering is another technique for obtaining confidential information from employees
04:10
by manipulation as a result of the attacker exploiting the host that can read a change or delete information from the system, causing interruption of service on all data loss. In some cases service disruption attacks aimed at disrupting normal infrastructure service's
04:29
that disruption can be cost about a following denial of service DOS attacks
04:33
DOS attacks I aim to overwhelm the resource is such his memory CPU and band with that impacted targeted system on deny allegedly meet users access distributed a dos si dos attacks in above the multiple sources working together to deliver the Courtenay data attack at where
04:53
automatically adds Used to generate a ram neo for the hackers that are seeking
04:58
monetary gains. Malware hostile software used to gain access to gather information or disrupt the normal operations. Spyware software that is used to Upton covert information secretly Disclosure in a modification of the data as data is interested on, the factor can use a packet of sniffing tours
05:16
to read it on the where well it is in flight
05:20
mein the middle attacks. It can also be used to inject the new information into the data packets. Network abuse. The network can be abused from here to beer file sharing out of a policy network uprising and access to forbidden content on the network is then the messaging systems can be a potential targeted for
05:40
spammers to send a solid stated messages. Data leaks that loss of data from the servers or users. Workstations?
05:48
Well, we in transit or ah arrest to prevent loss of data that allows a prevention T R P software. It can help to control what data users can transfer identity theft and a fraud.
06:00
Would be Attackers. Use a fishing techniques such as the email spam to gather personal information such as user names, passwords and the credit card accounts
06:09
by opposing as person who can't be trusted. This table all eyes that categorized the security threats,
06:17
security risks to protect the network. Resource is processes in the procedures. Technology needs the address of several security risks. Important network. A capture sticks that can be at risk from security threats include the system of inability data integrity and that they had a confidential
06:34
system. Availability should ensure on the interrupted the access to critical network and a computing resource is to prevent a service of disruption and the loss of productivity.
06:46
That integrity should ensure that Onley authorized. The users can change critical information and a guarantee the authenticity of data that a confidential the should ensure that only allegedly made. The users can view of sensitive information
07:00
to prevent theft, legal liabilities and the damage to the organization.
07:05
In addition, a usable returning the hardware and the encryption can significantly reduce the risks associated with the system availability. That integrity and the data confidential. T This table summarizes security risks types of where the descriptions
07:21
denial of service DOS attacks try to block or deny access to impact of the availability of network service is these times of the attacks that can interrupt businesses. Transactions caused considerable loss and the damage of the company's reputation. DOS attacks are fairly straightforward to carry out
07:41
even buying a skilled Attackers
07:44
distributed a DOS de DOS attacks are initiated by multiple sources, locations within the network to increase the attacks. The size and impact de DOS attacks occur when the attacker takes advantage of a vulnerabilities in a network. A host
07:59
here are some common theater employment's a network. The host, or ification, fails to process large amounts of data sent to it. We achieve crashes off breaks communication ability. Ah, host or application is unable to handle an unexpected foundation,
08:15
such as in properly formatted data on a memory or resource depletion.
08:20
Nearly all of those attacks were carried out the way this moving and a flooding methods. This table listed some DOS mitigating IOS software features
08:31
Learning Jack Question number one, which three Siskel Technologies came you used to detect in America Rights. Choose three NFL o B. If I will switch module Sea ice The V R P E asked flow go with a B SC
08:48
Question number two, which it of Energy's off security systems that are part of the Cisco ecosystem. A. There are no advantages. P There is a suite of products to choose from. See this Cisco ecosystem. Insure that partners can implement the dissolution.
09:03
See, there is a partners as well as supporting products. Increase the effectiveness of security systems. Go into D.
09:13
In today's brief lecture, we discussed the never security over to yield any questions. Feel free to contact me, otherwise I'll CEO in the next video bye for now

Up Next

CCDA (Cisco Certified Design Associate)

In this CCDA training you will learn the knowledge and skills involved in attaining your Cisco Certified Design Associate (CCDA) certification.

Instructed By

Instructor Profile Image
Wayne Xing
Network Solutions Architect
Instructor