Security Risk Assessment!
Networking protocols provide the rules needed for computers to communicate with each other on a network. Some of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocols, such as TCP and IP, provide basic connectivity. Other protocols, such as Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP), support specific types of traffic
Transmission Control Protocol (TCP) provides connection-oriented traffic (guaranteed delivery).TCP uses a three-way handshake. The Figure below shows the TCP handshake process. To start a TCP session, the client sends a SYN (synchronize) packet. The server responds with a SYN/ACK (synchronize/acknowledge) packet, and the client completes the third part of the handshake with an ACK packet to establish the connection.
way handshake). ICMP traffic, such as audio and video streaming, uses UDP. Many network-based denial-of-service (DoS) attacks use UDP. TCP/IP traffic is either connection-oriented TCP traffic or connectionless UDP.
IP. The Internet Protocol (IP) identifies hosts in a TCP/IP network and delivers traffic from one host to another using IP addresses. IPv4uses 32-bit addresses represented
1
in dotted decimal format, such as 192.168.1.100. IPv6 uses 128-bit addresses using
hexadecimal code, such as FE80:0000:0000:0000:20D4:3FF7:003F:DE62.cludes tools such as ping, pathping, and tracert. As an example, ping can check for basic connectivity between two systems. Many DoS attacks use ICMP. Because of how often ICMP is used in attacks, it has become common to block ICMP at firewalls and routers, which disables a ping response. Blocking ICMP prevents attackers from discovering devices in a network with a host enumeration sweep.
ARP. Address Resolution Protocol (ARP) resolves IPv4 addresses to media access control (MAC) addresses. MACs are also called physical addresses, or hardware addresses. TCP/IP uses the IP address to get a packet to a destination network, but once it arrives on the destination network, it uses the MAC address to get it to the correct host. In other words, ARP is required once the packet reaches the destination subnet. ARP poisoning uses ARP packets to give clients false hardware address updates and attackers use it to redirect or interrupt network traffic. Neighbor Discovery Protocol (NDP) performs several functions on IPv6. For example, it performs functions similar to IPv4’s ARP. It also performs auto configuration of device 1Pv6 addresses and discovers other devices on the network such as the 1Pv6 address of the default gateway. This videos cover Information security governance Establish and/or maintain an
information security governance framework and supporting processes to
ensure that the information security strategy is aligned with
organizational goals and objectives.
• Information risk management Manage information risk to an
acceptable level based on risk appetite to meet organizational goals and
objectives.
• Security program development and management Develop and maintain an information security program that identifies, manages, and
protects the organization’s assets while aligning to information security
strategy and business goals, thereby supporting an effective security
posture.
• Information security incident management Plan, establish, and manage
the capability to detect, investigate, respond to, and recover from
information security incidents to minimize business impact.
Video Created using SQUIGL to learn more go to https://app.squiglit.com/
Content from CISM Certified Information Security Manager All-in-One Exam Guide by Gregory, Peter H
by Angel Beauty By Design
simple network management protocol
