From the course: Cisco Network Security: Core Security Concepts

Reviewing security services - Cisco Tutorial

From the course: Cisco Network Security: Core Security Concepts

Start my 1-month free trial

Reviewing security services

- [Instructor] The two main types of attacks in a computer system are passive attacks, such as sniffing traffic, and active, such as releasing malware or creating a denial of service. An attack can be against any of the security services, confidentiality, integrity, availability, or authentication. Let's take a look at each of these. Confidentiality is the protection of data against unauthorized disclosure. For example, if you're in a medical facility, you wouldn't want unauthorized individuals looking at patient information. Integrity is the protection of data from unauthorized modification. For example, if someone changed his or her salary from $12 an hour to $20 an hour, that would be a violation of integrity. Availability is ensuring data and services are available to authorized users. A denial-of-service attack locks out legitimate users and it's an attack against availability. Authentication is assurance that the communicating entity is who they say they are by verifying the identity of a user or a device. Now, hackers use various spoofing methods to gain access to privileged information. Defend against spoofing attacks by using authentication techniques. To reduce the overall risk to a network, security specialist should not only understand vulnerability scanning, but also ethical hacking skills as well. On any network, there are passive and active attacks. As we can see in this live attack map, monitor and defend against attacks in a layered approach with various methods to protect against passive and active attacks.

Contents