tailieunhanh - Course 2830: Designing security for Microsoft networks - Module 10

Module 10 - Creating a security design for data transmission. In this module, you will learn how to determine threats and analyze risks to data transmission in an organization. You will also learn how to design security for various types of data transmission, including traffic on local area networks (LANs), wide area networks (WANs), Virtual Private Networks (VPNs), wireless networks, and the Internet. | Module 10: Creating a Security Design for Data Transmission Overview Determining Threats and Analyzing Risks to Data Transmission Designing Security for Data Transmission Lesson: Determining Threats and Analyzing Risks to Data Transmission Overview of Data Transmission Why Securing Data Transmission Is Important Common Vulnerabilities to Data Transmission Practice: Analyzing Risks to Data Transmission Overview of Data Transmission Local area networks Wireless networks Wide area networks Remote access Web server traffic Branch Office Corporate Headquarters Web Server Internet Server LAN LAN Remote User VPN Wireless User Why Securing Data Transmission Is Important Internal Attacker Attacker Threat Example External Network monitoring Attacker intercepts wireless LAN packets that are secured with WEP, and then completes an offline attack on the WEP key. The attacker can now connect to the network locally. Internal E-mail forgery Attacker forges an e-mail to the company president from another employee that contains hyperlinks to Web sites that contain offensive content. External Attacker Internet WEP Key Common Vulnerabilities to Data Transmission Vulnerability Attacker: Network monitoring Views authentication traffic Reads e-mail packets Views network management traffic Reads wireless encryption packets Identity spoofing Spoofs IP address to make packets appear to come from the internal network in order to bypass the access control list (ACL) on a router Forges Internet Control Message Protocol (ICMP) packets to carry out an attack on a third party Sends forged e-mail from a company official Data modification Uses a man-in-the-middle attack to intercept network traffic Modifies data in transit Denial of service Floods a computer with Transmission Control Protocol (TCP) synchronization (SYN) messages Uses multiple computers to automatically flood network Practice: Analyzing Risks to Data Transmission Read the scenario Answer the questions Discuss answers as a class 1 | Module 10: Creating a Security Design for Data Transmission Overview Determining Threats and Analyzing Risks to Data Transmission Designing Security for Data Transmission Lesson: Determining Threats and Analyzing Risks to Data Transmission Overview of Data Transmission Why Securing Data Transmission Is Important Common Vulnerabilities to Data Transmission Practice: Analyzing Risks to Data Transmission Overview of Data Transmission Local area networks Wireless networks Wide area networks Remote access Web server traffic Branch Office Corporate Headquarters Web Server Internet Server LAN LAN Remote User VPN Wireless User Why Securing Data Transmission Is Important Internal Attacker Attacker Threat Example External Network monitoring Attacker intercepts wireless LAN packets that are secured with WEP, and then completes an offline attack on the WEP key. The attacker can now connect to the network locally. Internal E-mail forgery Attacker forges an e-mail to the company president from .