Network Hardware and its Security Read and understand the situations outlined be
ID: 3920778 • Letter: N
Question
Network Hardware and its Security
Read and understand the situations outlined below and attempt to initiate the desired discussion:
Describe who should conduct a security audit and explain its advantages, if any. Explain how to block traffic attempting to exit a LAN and discuss why an administrator would want to do this. Define secure shell (SSH) and explain threats it guards against. Include an explanation of the encryption algorithms that may be used with it. Describe the two phases IPsec use to accomplish authentication.
Explanation / Answer
Security Audit:
Computer security audit is a systematic, measurable technical assessment of how the organization's security policy is employed at a specific site. Computer security auditors work with the full knowledge of the organization, at times with considerable inside information, in order to understand the resources to be audited.
If your IT Department has sufficient skills and time for routine posture audits, they can be performed in-house. A qualified consulting company can also conduct security audits for your network. If the company is accredited by an agency that sets network security standards, the assessment qualifies as a security audit. Certain customer for example, a military agency might require your company to pass an accredited security audit before they’ll do business with you. Regulators require some types of companies, such as accounting firms, to host periodic security audits. But even if an audit is optional, the advantage of having an objective third party analyze your network is that he might find risks that you over- looked because of your familiarity with your environment. Security audits might seem expensive, but if your network hosts confidential and critical data, they are well worth the cost.
SSH (Secure Shell) is a collection of protocols that does both. With SSH, you can securely log on to a host, execute commands on that host, and copy files to or from that host. SSH encrypts data exchanged throughout the session. It guards against a number of security threats, including unauthorized access to a host, IP spoofing, interception of data in transit (even if it must be transferred via intermediate hosts), and DNS spoofing, in which a hacker forges name server records to falsify his host’s identity. Depending on the version, SSH may use DES, Triple DES, RSA, Kerberos, or another, less common encryption algorithm or method
IPSec accomplishes authentication in two phases. The first phase is key management, and the second phase is encryption. Key management refers to the way in which two nodes agree on common para- meters for the keys they will use. IPSec relies on IKE (Internet Key Exchange) to negotiate and au- thenticate keys. A separate service, ISAKMP (Internet Security Association and Key Management Protocol), establishes policies for verifying the identity and the encryption methods that nodes will use for data transmission. After IKE has managed the shared keys and ISAKMP policies have ensured that both parties agree on the methods of secure transmission, IPSec invokes its second phase, encryption.