CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [33]
In the most basic sense, progress is the computer security expert’s worst nightmare. As a Security+ certification holder, you’re part of the team that must evaluate threats to the systems currently installed and proactively be able to anticipate what should be done to keep your systems secure.
Dealing with Telephony Issues
When telephone technology is married with information technology, the result is known as telephony. A breach in your telephony infrastructure is just as devastating as any other violation and can lead to the loss of valuable data.
With the exodus from land lines to Voice over IP (VoIP) in order for companies to save money in full swing, it is imperative that you treat this part of the network the same as you would any other. As an example of some of the information available, SecureLogix markets a voice firewall (http://www.securelogix.com/ip-telephony-security.html), and Cisco has published a white paper on IP Telephony Security in Depth (http://www.cisco.com/warp/public/cc/so/cuso/epso/sqfr/safip_wp.pdf).
From a security standpoint, the biggest problem with VoIP and data being on the same line is that they are then both vulnerable in the event of a PBX (Private Brance Exchange) attack.
Summary
In this chapter, we covered the key elements that an information security specialist should consider. Every organization has a different set of priorities and a different focus when it comes to security. Your responsibility is to take this information and create or maintain a security-oriented environment to address these priorities and concerns.
You’ll encounter the following primary areas of responsibility:
■ Physical security
■ Operational security
■ Management and policies
You should consider actions that you perform in this environment to accomplish one or more of the goals of information security:
■ Prevention
■ Detection
■ Response
Security is a set of processes and products. In order for a security program to be effective, all of the following parts must work and be coordinated by the organization:
■ Antivirus software
■ Access control
■ Authentication
Typically, your network will run many different protocols and services. These protocols allow connections to other networks and products. However, they also create potential vulnerabilities that must be understood. You must work to find ways to minimize the vulnerabilities. Many protocols and services offered by modern operating systems are highly vulnerable to attack. New methods of attacking these systems are developed every day.
Security topologies provide a mechanism to design networks that have multiple ways of implementing security. Design goals for a security topology must address these four areas of security to be effective:
■ Confidentiality
■ Integrity
■ Availability
■ Accountability
Your network can be made more secure by considering the impact of security zones and access. Here are the three most common security zones you’ll encounter in the workplace:
■ Internets
■ Intranets
■ Extranets
You can improve the likelihood of a successful security implementation if you consider putting externally accessed servers into areas called DMZs.
You can take advantage of several technologies to minimize your network’s risk of being compromised:
■ VLANs
■ NAT
■ Tunneling
The final part of this chapter discussed business requirements in a security environment:
■ Identifying assets
■ Assessing risks