Objective 6.5: Device Security

« Network Security
Objective 6.5: Device Security		 »
Objective 6.4: User Authentication Objective 6.6: Threat Mitigation


Objective 6.5: Explain issues that affect device security

Physical security

Electronic access control

Physical security describes both measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media and guidance on how to design structures to resist various hostile acts. It can be as simple as a locked door or as elaborate as multiple layers of armed security guards and guardhouses.

In a well designed system, these features must complement each other. There are at least four layers of physical security:

  • Environmental design
  • Mechanical and electronic access control
  • Intrusion detection
  • Video monitoring

The goal is to convince potential attackers that the likely costs of attack exceed the value of making the attack.

↑Jump back a section

Restricting local and remote access

↑Jump back a section

Secure methods vs. unsecure methods

Secure Method Unsecure Method
SSH (Secure Shell) Telnet and RSH (Remote Shell)
HTTPS (Hypertext Transfer Protocol Secure) HTTP (Hypertext Transfer Protocol)
SFTP (Secure File Transfer Protocol) FTP (File Transfer Protocol)
SNMPv3 (Simple Network Management Protocol version 3) SNMPv1/2 (Simple Network Management Protocol version 1 or 2)
SCP (Secure Copy Protocol) RCP (Remote Copy Protocol)

Objective 1.1 also requires knowledge of some of these protocols.

« Network Security
Objective 6.5: Device Security		 »
Objective 6.4: User Authentication Objective 6.6: Threat Mitigation
Wikipedia-logo.png
 Parts of this page are based on materials from:
Wikipedia: the free encyclopedia.
↑Jump back a section
Last modified on 24 May 2010, at 15:54