Wikibooks

Objective 6.5: Device Security

< Network Plus Certification | Security
« Network Security
Objective 6.5: Device Security 		»
Objective 6.4: User Authentication Objective 6.6: Threat Mitigation


Objective 6.5: Explain issues that affect device security

Physical security

edit
 
Electronic access control

Physical security describes both measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media and guidance on how to design structures to resist various hostile acts. It can be as simple as a locked door or as elaborate as multiple layers of armed security guards and guardhouses.

In a well designed system, these features must complement each other. There are at least four layers of physical security:

  • Environmental design
  • Mechanical and electronic access control
  • Intrusion detection
  • Video monitoring

The goal is to convince potential attackers that the likely costs of attack exceed the value of making the attack.

Restricting local and remote access

edit

Secure methods vs. unsecure methods

edit
Secure Method Unsecure Method
SSH (Secure Shell) Telnet and RSH (Remote Shell)
HTTPS (Hypertext Transfer Protocol Secure) HTTP (Hypertext Transfer Protocol)
SFTP (Secure File Transfer Protocol) FTP (File Transfer Protocol)
SNMPv3 (Simple Network Management Protocol version 3) SNMPv1/2 (Simple Network Management Protocol version 1 or 2)
SCP (Secure Copy Protocol) RCP (Remote Copy Protocol)

Objective 1.1 also requires knowledge of some of these protocols.

« Network Security
Objective 6.5: Device Security 		»
Objective 6.4: User Authentication Objective 6.6: Threat Mitigation
Parts of this page are based on materials from:
Wikipedia: the free encyclopedia.
Retrieved from "https://en.wikibooks.org/w/index.php?title=Network_Plus_Certification/Security/Device_Security&oldid=3219957"