CST3607 Class Notes 2022-05-10

News & Tools

Exam 3 Debriefing

…Chapter 13…

Authentication, Authorization, and Accounting, or AAA

  • AAA is a technology that gives us substantial control over users and what they’re permitted to do inside of our networks.
  • RADIUS and TACACS+ security servers like Integrated Services Engine ISE help us implement a centralized security plan by recording network events to the security server, or to a Syslog server via logging.

Network Security Threats

The four (4) primary threats to network security

  • Unstructured Threats
  • Structured Threats
  • External Threats
  • Internal Threats

Three Primary Network Attacks

  • Reconnaissance Attacks
  • Access Attacks
  • Denial of Service (DoS) Attacks

Network Attacks

  • Evesdropping
  • Denial-of-Service Attacks
  • Unauthorized Access
  • WareZ
  • Masquerade attack (IP spoofing)
  • Session replaying or hijacking
  • Rerouting
  • Repudiation
  • Smurfing (smurf attack)
  • Password attacks
  • Man-in-the-middle attacks (MitM)
  • Application-layer attacks
  • Trojan Horse Programs, Viruses, and Worms
  • HTML attacks

Security Program Elements

  • User awareness
  • Training
  • Physical security

Layer 2 Security Features

  • The bottom layer of this model, the Access Layer, controls user and workgroup access to internetwork resources.
  • Sometimes it’s referred to as the desktop layer.

Authentication Methods

  • Username and Password
  • PAP, and CHAP authentication
  • Windows Authentication
  • Security Server Authentication

Managing User Accounts

This is very important… When a user leaves the organization, you have three options:

  • Leave the account in place
  • Disable the account
  • Delete the account

Security Password Policy Elements

  • Password Management

User-Authentication Methods

  • Public Key Infrastructure (PKI)
  • Kerberos

Setting Passwords

  • There are five passwords you’ll need to secure your Cisco routers

Read / Watch / Do

CCNA Certification Study Guide, Volume 2

  • Read Chapter 17: Internet Protocol v6 (IPv6)
  • Do the Written Labs
  • Answer the Review Questions
    • Do not submit your answers for this chapter. The answers are in Appendix.