Validating identity on wireless network colombian women dating culture
153 Auditing Security Policies 154 Standard Policies 158 Acceptable Use 158 Minimum Access 158 Network Access 158 Remote Access 159 Internet Access 159 User Account Management 159 Data Classification 159 Change Management 160 Server Security 161 Mobile Devices 161 Guest Access 161 Physical Security 161 Password Policy 162 Malware Protection 162 Incident Handling 162 Audit Policy 162 Software Licensing 162 Electronic Monitoring and Privacy 163 Policies for Regulatory and Industry Compliance 163 Cisco Policy Management and Monitoring Tools 165 Cisco MARS 165 Cisco Configuration Professional 167 Cisco Security Manager 169 Cisco Network Compliance Manager 171 Checklist 174 Summary 176 References in This Chapter 176 Chapter 7 Infrastructure Security 177 Infrastructure Threats 177 Unauthorized Access 177 Denial of Service 178 Traffic Capture 178 Layer 2 Threats 179 Network Service Threats 180 Policy Review 180 Infrastructure Operational Review 181 The Network Map and Documentation 182 Logical Diagrams 182 Physical Diagrams 182 Asset Location and Access Requirements 182 Data Flow and Traffic Analysis 183 Administrative Accounts 183 Configuration Management 184 Vulnerability Management 184 Disaster Recovery 184 Wireless Operations 185 Infrastructure Architecture Review 185 Management Plane Auditing 186 Cisco Device Management Access 187 Syslog 193 NTP 194 Netflow 195 Control Plane Auditing 196 IOS Hardening 196 Routing Protocols 198 Protecting the Control Plane 199 Data Plane Auditing 201 Access Control Lists 202 i ACLs 202 Unicast Reverse Path Forwarding 203 Layer 2 Security 204 VTP 204 Port Security 205 DHCP Snooping 205 Dynamic ARP Inspection 206 IP Source Guard 206 Disable Dynamic Trunking 206 Protecting Spanning Tree 207 Switch Access Controls Lists 208 Protect Unused Ports 209 Wireless Security 210 Wireless Network Architecture 210 Cisco Adaptive Wireless Intrusion Prevention System 211 Protecting Wireless Access 212 Wireless Service Availability 213 Rogue Access Point Detection 214 General Network Device Security Best Practices 216 Technical Testing 217 Router Testing 219 Switch Testing 221 Wireless Testing 225 Checklist 230 Summary 235 References in This Chapter 236 Chapter 8 Perimeter Intrusion Prevention 237 Perimeter Threats and Risk 237 Policy Review 238 Perimeter Operations Review 239 Management and Change Control 239 Monitoring and Incident Handling 240 Perimeter Architecture Review 242 What Are You Protecting?243 Perimeter Design Review 243 Logical Architecture 244 Physical Architecture 245 What Is the Risk?The book also introduces leading IT governance frameworks such as COBIT, ITIL, and ISO 17799/27001, explaining their values, usages, and effective integrations with Cisco security products.This book arms you with detailed auditing checklists for each domain, realistic design insights for meeting auditing requirements, and practical guidance for using complementary solutions to improve any company’s security posture.
Key topics: PKI needs assessment Verify PKI Trust Concepts Is it Access & Identity or Encryption you really need?Traditional password authentication, access controls and network perimeter security safeguards often fall short in a dynamic mobile business environment.Data traveling over untrusted networks must be protected by encryption methods that are highly dependent on flexible and robust key management schemes.The goal of HSPD-12 is to require federal agencies to adopt a standard, secure, and reliable identification card (the “PIV card”) for employees and contractors – and to ensure that it's only issued only to intended individuals. Roles and responsibilities of Certificate Authorities (CAs) Registration and certification process Directories defined Certificate management Certificate value Cross certification Key recovery Leveraging certificates in applications SSL IPsec S/MIME Registration Authority (RA) Interfacing with PKCS & PKIX standards Contrasting online RA vs.Certificates and Signatures When are certificates and signatures used? offline RA Linking with PKI Repository Identifying with distinguished names Accessing the X.500 directory with LDAPv3 Choosing LDAP chaining or referrals X.509v2 Certificate Revocation List (CRL) Timeliness and salability solutions Selecting complete or delta CRL Publishing CA certificates and CRLs Validating certificates with OCSP Validating entity certificate Forming a certificate chain Locating the Trust Anchor Matching CA Certificates Validating via path processing Building a hierarchical trust model Distributing trust to subordinate CAs Increasing security with offline root Issuing CA vs intermediate CA Defining CPS with a policy CA Restricting with Qualified Subordination Constraining trust to subordinates Mapping policies with peer CAs Path processing a Certificate Trust List chain Product Comparisons and Demonstrations The information and answers you need to choose the products that match both your strategic objectives and your existing infrastructure.
Note The procedures in this guide do not include instructions for cases in which the User Account Control dialog box opens to request your permission to continue.