Datasheet
468
Chapter Summary
Chapter Summary
This chapter covers the fundamental concepts regarding network security.
It is an important topic, but understand that this chapter only scratches the
surface of security concepts. For the CCENT certification, be familiar with
the following facts about security:
✦ Authentication is proving your identity to the system.
✦ Authorization is granting someone access to a system or resource after
he has been authenticated.
✦ CIA stands for confidentiality, integrity, and availability.
✦ A social engineering attack is when the hacker tries to trick someone into
compromising security through an e-mail or phone call.
✦ A buffer overflow attack is when the hacker sends too much data to an
application, which normally results in administrative control of the
system in a command shell.
✦ There are three types of password attacks: dictionary, hybrid, and brute
force.
✦ A denial of service (DoS) attack is when a hacker attacks a system or
device by overloading it and causing it to crash or be too busy to perform
its job.
✦ Firewalls control what traffic can enter the network.
✦ An intrusion detection system detects suspicious activity and alerts the
administrator.
✦ A VPN creates an encrypted tunnel over an unsecure network such as
the Internet.
Lab Exercises
This chapter introduces you to the world of security by exposing you to
some popular security terms and attack types. The following labs help you
review the security concepts discussed in this chapter.
Lab 1-1: Security terminology
In this lab, review basic security terms by matching the term with the
appropriate description.
22_647486-bk04ch01.indd 46822_647486-bk04ch01.indd 468 10/15/10 11:27 PM10/15/10 11:27 PM