isaca – charlotte chapter june 3, 2014 mark krawczyk, cisa, cissp, ccna
TRANSCRIPT
![Page 1: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/1.jpg)
ISACA – Charlotte ChapterJune 3, 2014
Mark Krawczyk, CISA, CISSP, CCNA
![Page 2: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/2.jpg)
• Routers and Switches direct and control much of the data flowing across computer networks.
• The services provided are critical to the proper functioning and secure operations of Corporate networks.
• Properly configured secure routers and switches can greatly improve the overall security posture of a network.
![Page 3: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/3.jpg)
• Network devices are subject to various attacks: • Unauthorized access – compromise device, routing
tables, MAC tables. • Session hijacking - an attacker can insert falsified IP
packets after session establishment via IP spoofing.• Rerouting - manipulating router updates to cause traffic
to flow to unauthorized destinations (route injection).• Masquerading - manipulates IP packets to falsify IP
addresses.• Denial of Service (DoS) - flooding the router with traffic
or requests designed to consume all of some limited resource.
• Eavesdropping – insecure protocols, packet sniffers
![Page 4: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/4.jpg)
• Routing is accomplished using the IP addresses of the source and destination hosts and intermediary network devices such as Routers or Multilayer switches.
• The router examines the destination network address for each packet and then checks the routing table for forwarding information.
![Page 5: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/5.jpg)
![Page 6: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/6.jpg)
• The routing table stores information about connected and remote networks. • Connected networks are directly attached to one of the
router interfaces. • Remote networks are not directly connected to the
router. Routes to these networks can be manually configured on the router or learned automatically using dynamic routing protocols.
![Page 7: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/7.jpg)
![Page 8: ISACA – Charlotte Chapter June 3, 2014 Mark Krawczyk, CISA, CISSP, CCNA](https://reader035.vdocument.in/reader035/viewer/2022062323/5697bf701a28abf838c7d8b8/html5/thumbnails/8.jpg)
• Static Routing - Routes to remote networks are manually configured on the router. A default route can be statically configured.
• Dynamic Routing- As routers become aware of changes to the networks this information is passed on to other routers. When a router receives information about new or changed routes, it updates its own routing table and, in turn, passes the information to other routers.