Importance of OSI
Not what you're looking for?
Why is it important to understand the different layers of the OCI model when working on network security?
What is the relationship between the OSI model and the TCP/IP Protocol.
Purchase this Solution
Solution Preview
Why is it important to understand the different layers of the OCI model when working on network security?
=================
Network Security problems map directly to the logical constructs presented in the OSI Seven Layer Network Model:
* Physical Layer Vulnerabilities
Loss of Power
Loss of Environmental Control
Physical Theft of Data and Hardware
Physical Damage or Destruction of Data And Hardware
Unauthorized changes to the functional environment (data connections,
removable media, adding/removing resources)
Disconnection of Physical Data Links
Undetectable Interception of Data
Keystroke & Other Input Logging
* Physical Layer Controls
Locked perimeters and enclosures
Electronic lock mechanisms for logging & detailed authorization
Video & Audio Surveillance
PIN & password secured locks
Biometric authentication systems
Data Storage Cryptography
Electromagnetic Shielding
------------------------------------------
* Link Layer Vulnerability Examples
MAC Address Spoofing (station claims the identity of another)
VLAN circumvention (station may force direct communication with other stations,
bypassing logical controls such as subnets and firewalls.)
Spanning Tree errors may be accidentally or purposefully introduced, causing the
layer two environment to transmit packets in infinite loops.
In wireless media situations, layer two protocols may allow free connection to the
network by unauthorized entities, or weak authentication and encryption may
allow a false sense of security.
Switches may be forced to flood traffic to all VLAN ports rather than selectively
forwarding to the appropriate ports, allowing interception of data by any
device connected to a VLAN.
* Link Layer Controls
MAC Address Filtering- Identifying stations by address and cross-referencing
physical port or logical access
Do not use VLANs to enforce secure designs. Layers of trust should be
physically isolated from one another, with policy engines such as firewalls
between.
Wireless applications must be carefully evaluated for unauthorized access
exposure. Built-in encryption, authentication, and MAC filtering may be
applied to secure networks.
--------------------------------------------
* Network Layer Vulnerabilities
Route spoofing - propagation of false network topology
IP Address Spoofing- false source addressing on malicious packets
Identity & Resource ID Vulnerability - Reliance on addressing to identify
resources and peers can be brittle and vulnerable
* Network Layer Controls
Route policy controls - Use strict anti-spoofing and route filters at network ...
Purchase this Solution
Free BrainMass Quizzes
Word 2010: Table of Contents
Ever wondered where a Table of Contents in a Word document comes from? Maybe you need a refresher on the topic? This quiz will remind you of the keywords and options used when working with a T.O.C. in Word 2010.
Inserting and deleting in a linked list
This quiz tests your understanding of how to insert and delete elements in a linked list. Understanding of the use of linked lists, and the related performance aspects, is an important fundamental skill of computer science data structures.
C# variables and classes
This quiz contains questions about C# classes and variables.
Word 2010: Tables
Have you never worked with Tables in Word 2010? Maybe it has been a while since you have used a Table in Word and you need to brush up on your skills. Several keywords and popular options are discussed as you go through this quiz.
C++ Operators
This quiz tests a student's knowledge about C++ operators.