Lecture CCNA security partner - Chapter 7: Planning a Threat Control Strategy

Planning a Threat Control Strategy © 2012 Cisco and/or its affiliates. All rights reserved. 1 Contents In this chapter, we will • Evaluate the current state of enterprise security in the presence of evolving threats • Describe design considerations for a threat protection strategy to mitigate threats as part of a risk management strategy • Describe how Cisco strategizes threat control and containment © 2012 Cisco and/or its affiliates. All rights reserved. 2 Trends in Network Security Threats Recent threat vectors include the following: • Cognitive threats: social networks (likejacking) • Smartphones, tablets, and consumer electronics exploits • Widespread website compromises • Disruption of critical infrastructure • Virtualization exploits • Memory scraping • Hardware hacking © 2012 Cisco and/or its affiliates. All rights reserved. 3 Trends in Network Security Threats The following is a list of the specific trends that can be gathered from the evolution of threats in information security: •Insidious motivation, high impact •Targeted, mutating, stealth threats •Threats consistently focusing on the application layer •Social engineering front and center •Threats exploiting the borderless network © 2012 Cisco and/or its affiliates. All rights reserved. 4 Threat Mitigation and Containment: Design Fundamentals The result of the recent trends in information security threats is the need for an updated, carefully planned threat control and mitigation strategy, and a revision of old design paradigms. • Policies and process definition • Mitigation technologies • End-user awareness © 2012 Cisco and/or its affiliates. All rights reserved. 5 ... - tailieumienphi.vn