CIW培训：网络安全和防火墙.ppt

Network Security and Firewalls Time schedule Day 1 What’s Security? 什么是安全 Elements of Security 安全元素 Applied Encryption 应用加密 Types of Attack General Security Principles 通用安全原则 Time schedule Day 2 Protocol Layers and Security 协议层和安全 VPN 的概念，及实现方法 Attack type 常见的攻击方法和类型 Securing Resources 保护资源 Time schedule Day 3 Firewall 防火墙基础 Levels of Firewall Protection 防火墙体系结构 Detecting and Distracting Hackers 发现和迷惑黑客 Incident Respons 应急反应 Lesson 1:What Is Security? Lab1-1 Netbus Objectives Define security 定义安全 Explain the need for network security 解释网络安全的必要性 Identify resources that need security 识别需要保护的资源 Identify the two general security threat types 验证两种通用的安全威胁类型 List security standards and organizations What Is Security? Network Security the ability to identify and eliminate vulnerabilities（包括硬件和软件，培训等多种策略的组合） a continuing process Security that relate to the Internet 公开的 外露的 陌生人容易访问的 Hackers Statistics统计 CERT(Computer Emergency Response Team) 1/5的网站经历过安全损害，在美国由安全损害导致的损失超过100亿美元，每年网络入侵以50%递增，被调查的IT从业人员中52%经历过某种攻击，入侵，信息泄露。 Hacker activity is on the rise and costly 2300万美元 Most companies’ security measures have not stopped hacking attacks （攻击技术精密，互联网的快速发展，IT人员工作超负，资金溃缺，没有被充分保护的系统大量和快速的部署） 计算机信息安全杂志（） What Is the Risk? Many sites provide hacking resources or tools for Internet user Advice on how to begin to hack Scan network to determine what target to hack Bring network servers down Crash and penetrate network equipment （摧毁和渗透网络设备） Defeat and crack authentication and encryption schemes（击败和摧毁加密机制） () The Myth of 100 Percent Security 百分之百的安全(联通性就意味着安全，不可能实现绝对安全，但可以达到某种水平，使得轩客客几乎不可能入侵到你的系统) Security as balance Use solutions that are effective but that don’t burden legitimate users who want to access to needed information（实际上就是寻找复杂的安全技术和易使用性的平衡） Attributes of an Effective Security Matrix 安全系统的一般性原则 Security matrix All components used by a company to provide a security strategy. Operating System,