Poor configuration, including poor passwords, is the primary cause of breaches. Basic rules in this area include • Make certain attack surfaces are well understood and each apparent vulnerability is
Poor Configuration– Cisco Attacks and ThreatsPoor Configuration– Cisco Attacks and Threats
Attackers use social engineering to convince users to turn over their internal access credentials, allow someone into a secured area (such as a corporate office), or access some resource. For
Chapter Review– Cisco Security and Privacy ConceptsChapter Review– Cisco Security and Privacy Concepts
Because forming a mental map of the terms and ideas in a domain is an important place to start your learning journey, this chapter began with an overview of the
Protecting Logged User Information– Cisco Security and Privacy ConceptsProtecting Logged User Information– Cisco Security and Privacy Concepts
How can network engineers use privacy tools to protect users? Suppression is not as helpful as minimization in network operations. Network operations should record the minimal information possible to maintain
Defining Attacks and Threats– Cisco Attacks and ThreatsDefining Attacks and Threats– Cisco Attacks and Threats
Figure 19-1, a fortified wall, will be used as a reference in this discussion of security terms. Figure 19-1 Security Terminology Engineers often use the metaphor of a fortified wall,
“Do I Know This Already?” Quiz– Cisco Attacks and Threats“Do I Know This Already?” Quiz– Cisco Attacks and Threats
Take the quiz (either here or use the PTP software) if you want to use the score to help you decide how much time to spend on this chapter. Appendix
A Security Taxonomy– Cisco Security and Privacy ConceptsA Security Taxonomy– Cisco Security and Privacy Concepts
Security can be roughly divided into two broad domains: • Organizational security: Protecting the assets and operations of organizations of all sizes and shapes. • Personal security: Protecting the dignity
Privacy Concepts– Cisco Security and Privacy ConceptsPrivacy Concepts– Cisco Security and Privacy Concepts
Most engineers—especially network engineers—are happy to leave user privacy to security and privacy professionals. At first glance, it does not seem as though network engineers should worry too much about
The Law and Privacy– Cisco Security and Privacy ConceptsThe Law and Privacy– Cisco Security and Privacy Concepts
Privacy has become a rich area of legislation and legal action over the last decade. Many nations and regions (such as the European Union), following broad public concern, have enacted
Noise Injection– Cisco Security and Privacy ConceptsNoise Injection– Cisco Security and Privacy Concepts
Rather than stripping out, or suppressing, data, noise injection inserts or replaces existing information with false data. Figure 18-6 illustrates noise injection. Figure 18-6 Noise Injection Figure 18-6 shows two