Practical Network Security
eBook - ePub

Practical Network Security

An auditee's guide to zero findings

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Practical Network Security

An auditee's guide to zero findings

About this book

Prepare yourself for any type of audit and minimise security findings Key Features
It follows a lifecycle approach to information security by understanding:

  • Why we need Information security
  • How we can implement
  • How to operate securely and maintain a secure posture
  • How to face audits


Description
This book is a guide for Network professionals to understand real-world information security scenarios. It offers a systematic approach to prepare for security assessments including process security audits, technical security audits and Penetration tests. This book aims at training pre-emptive security to network professionals in order to improve their understanding of security infrastructure and policies.
With our network being exposed to a whole plethora of security threats, all technical and non-technical people are expected to be aware of security processes. Every security assessment (technical/ non-technical) leads to new findings and the cycle continues after every audit. This book explains the auditor's process and expectations. What You Will Learn

  • This book is solely focused on aspects of Information security that Network professionals (Network engineer, manager and trainee) need to deal with, for different types of Audits.
  • Information Security Basics, security concepts in detail, threat
  • Securing the Network focuses on network security design aspects and how policies influence network design decisions.
  • Secure Operations is all about incorporating security in Network operations.
  • Managing Audits is the real test.

  • Who This Book is For IT Heads, Network managers, Network planning engineers, Network Operation engineer or anybody interested in understanding holistic network security. Table of Contents
    1. Basics of Information Security
    2. Threat Paradigm
    3. Information Security Controls
    4. Decoding Policies Standards Procedures & Guidelines
    5. Network security design
    6. Know your assets
    7. Implementing Network Security
    8. Secure Change Management
    9. Vulnerability and Risk Management
    10. Access Control
    11. Capacity Management
    12. Log Management
    13. Network Monitoring
    14. Information Security Audit
    15. Technical Compliance Audit
    16. Penetration Testing About the Author
    Neha Saxena is currently teaching at Symbiosis International (Deemed University) as guest faculty and working as a Freelance security consultant with various organizations.
    She has previously worked with HP Singapore, Etihad airways Abu Dhabi, Quadrant Risk Management Dubai, Noor Islamic bank Dubai as Information security Officer (ISO), Senior Consultant and Team Lead. Her recently concluded projects include ISO27001 audit preparation for one of Dubai's government subsidiary and Process Gap assessment at a Bank in Abu Dhabi.
    During her tenure at various jobs she wore many hats including Pen Tester, Application security assessor, Security Trainer, ISO27001 Implementer etc. Later on she moved to leading Audit and Compliance team. Currently she enjoys the thrill of challenges posed by doing different type of security/ teaching assignments as well as flexibility of working as a Freelancer. She takes each project as an opportunity to learn new things, new environment and meet interesting people around the world.
    She holds a Master's degree in Computer Applications from Symbiosis International (Deemed University). She resides with her family in Pune, India currently. When not working she indulges herself in reading books, watching movies & paranormal/fantasy TV series, yoga and meditation.

Trusted byĀ 375,005 students

Access to over 1 million titles for a fair monthly price.

Study more efficiently using our study tools.

Chapter 1

Basics of Information Security

1.1 Why Information Security

We are living in an information age. Everything we know of has turned digital; our finances, business strategies, physical facilities are all centered around information. Even at the personal front, money in our account is just a number on banking portal, we WhatsApp our friends rather than writing letters, we read newspapers online and express ourselves on social media, we even see time in mobiles. Information age has permeated in all aspects of our lives. We can love it, hate it but we canā€™t get away with it.
If so much of our lives depend on information, we will have to learn to protect this information if not today then tomorrow. It does not matter what profession we are in; we need to safeguard our information from falling into wrong hands.
Below Newspaper headlines will give you enough reasons of why you need to have security controls in your organization. These are some of the most notorious security breaches which made headlines in last 2 years. Successful breaches have resulted in major financial and reputational losses, loss of customers and even closure of the whole organization.
As we all know whenever a new technology evolves, its capability of misuse also comes along. Itā€™s part and parcel of digital age and we canā€™t accept only the beneficial part and completely ignore the evil twin. With technology advancement hackers are also growing at a rapid pace in terms of numbers as well as skills. Financial gain is the main motivator for developing different kinds of attack. Hackers are now even providing Ransomware as a service. User may not know anything about hacking, he just needs to buy the service, infect whoever he wants to and extort money. Some percentage of ransom amount goes to the original hacker (in this case Ransomware service provider).
We have to strategize and be prepared for the evil twin while using the technology. Today all organizations either have an active online presence or they are in the process of having one. With so much of exposure, organizations are responsible to protect themselves and their customersā€™ information. Most of the countries now have some form of Information Security Laws in place that require organizations to keep customersā€™ information safe and secure at all times.
E.g. According to Indian IT Law, any organization storing customer personal information including name/address/Aadhar card number (UID) etc., are liable to secure this information.

1.2 What is Information Security

Information Security can be understood in a nutshell with this simple diagram:

1.3 Goals

What are the goals of information security? In other words, what are the aspects of information assets which are needed to be secured in order to ensure information protection?
There are 3 major aspects of information that are needed to be secured to ensure information protection:
Confidentiality: Unauthorized people canā€™t access information asset.
Confidentiality aspect protects privacy of data. It ensures that information assets can only be accessed by intended personnel or authorized people and it prevents unauthorized people or attackers to get access to data, at any point of time. Data or Information has two states ā€“ At rest or in motion. At rest data is sitting on storage media like servers/tapes and in motion it is being transferred over network internally or externally.
E.g. router configuration files are only accessible to authorized employees of network department and they are stored securely so that no one except from authorized personnel can access the files.
When at rest, data can be protected by encrypting data and with access control.
In Motion, data can be protected by encrypting data or sending through an encrypted channel like SSL VPNs.
We will understand more about these controls in Chapter 3.
Integrity: Unauthorized people canā€™t modify information assets.
Integrity protects accuracy and reliability of data. It prevents data from accidently or intentionally being modified by unauthorized users. Integrity protection provides a way to implement authorized changes and prevent any unauthorized changes.
E.g. Only HR payroll staff should be authorized to modify payroll database and no one else should have modification rights to it. Only authorized people in bank should be able to change customerā€™s account balance. Unauthorized access or modification to customerā€™s account will lead to loss of credibility of the Bank.
Often an integrity check uses hash function to ensure data remains unchanged at rest and after transit.
We will understand more on integrity controls and hashing in Chapter 3.
Availability: Authorized people should have access to information assets whenever they need
Availability provides protection for the use of a resource in a timely and effective manner. It ensures resources are available to authorized personnel whenever they need those.
Often, availability-protection controls support sufficient bandwidth and efficient processing as deemed necessary by the organization or situation.
When availability is protected, users can perform their task productively and customers can access services provided by organization without any hindrance. If availability is violated, employees may not be able to perform their work effectively and customers may not be able to access organizationā€™s services.
Availability can be violated through the destruction or modification of a resource, overloading of a resource host, interference with communications to a resource host, or prevention of a client from being able to communicate with a resource host.
E.g. If internet routers are non-functional for 5 hours, internet capability of the whole organization may get impacted which leads to the loss of precious man hours for the company.
Attacks or Violation of Information asset availability is known as Denial of Service (DOS)
Some of the technologies or concepts that focus on protecting availability include redundancy, fault tolerance, capacity management and patching.
We will understand these in detail in Chapter 3.

1.4 Methods

Methods focus on aspects of information security planning.
Prevent:
First priority of any information security plan is to prevent any breach in confidentiality, integrity and availability of information. Most of the security investment is done in deploying prevention techniques. Organizations have to understand threats, risks to information and ways to prevent threats from materializing.
Network Intrusion prevention system (NIPS), Firewalls, Passwords, MAC address filtering etc. are some examples of prevention techniques.
Detect:
As we are all aware itā€™s simply not possible to stop each and every attack, our next goal is to detect the attack as soon as possible. There have been instances when attacker was able to infiltrate the network and remain there for up to few months without detection. Prolonged exposures give attackers ample time to sit through, analyze and extract meaningful and sensitive information from the network. Timely detection of an attack in progress can largely minimize impact of a successful attack. With advent of crypto mining malwares attackers aim to stealthily stay in the network for as long as possible to utilize resources (computational power and bandwidth).
Log Analysis, Network Intrusion Detection System (NIDS), Closed circuit TVs (CCTV), Motion detection cameras, Security Audits etc. are some examples of detection techniques.
Response:
Whether or not detection process was effective, once it is obvious that organization is under threat, appropriate ways to respond to any situation is the next goal of information security.
Response focuses on minimizing and containing the damage which may include shutting down the systems or disconnecting victim systems from network. It also focuses on Business continuity if primary servers/network have to be disconnected which may mean operating from a secondary site, or moving to manual processes. Server and data recovery is also part of this phase.
Once attack is stopped and business continuity is dealt with, damage assessment and thorough investigation is required to trace back source of attack, intermediary attack points and the extent of damage caused. Professional forensic investigators may be required for this phase.
Next phase is to correct the mistakes so that such instance could never happen again.
Network intrusion prevention system (NIPS), Business continuity and disaster recovery methods, Forensic tools are some examples of response techniques.

1.5 Tools

Tools focus on means or resources to be used for protecting information security. People, process and technology are the ways by which prevention, detection and respond techniques can be deployed to protect confidentiality, integrity and availability of Information.
People:
Security is not achieved by security professionals alone. Each and every person included in a business process has to act individually and collectively to create a successful security plan.
Responsibility of security lies with o...

Table of contents

  1. Cover
  2. Practical Network Security An Auditee's Guide to Zero Findingsem
  3. Copyright
  4. copyright.xhtml
  5. Acknowledgement
  6. Acknowledgement
  7. Introduction
  8. Table of Contents
  9. Chapter 1: Basics of Information Security
  10. Chapter 2: Threat Paradigm
  11. Chapter 3: Information Security Controls
  12. Chapter 4: Decoding Policies Standards Procedures & Guidlines
  13. Chapter 5: Network Security Design
  14. Chapter 6: Know your assets
  15. Chapter 7: Implementing Network Security.
  16. Chapter 8: Secure Change Management.
  17. Chapter 9: Vulnerability and Risk Management.
  18. Chapter 10: Access Control
  19. Chapter 11: Capacity Management
  20. Chapter 12: Log Management
  21. Chapter 13: Network Monitoring
  22. Chapter 14: Information Security Audit.
  23. Chapter 15: Technical Compliance Audit
  24. Chapter 16: Penetration Testing
  25. Appendix

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, weā€™ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Practical Network Security by Neha Saxena in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.