Maintaining network security is a technology or system?

 If you wish to make your career in network, the Certifications is considered to be the best certification, to jump-start your career. But gaining this certification isn’t considered to be that much easy. You have to go through lots and lots of study process unless you have the help of the DAS C01 Dumps offered at the ExamClubs.

Network security needs technology support, and the long-term positive development of network security requires management management.

So no one is, it is impossible to rely on one party.

Let's combing the technology of current network security needs: mainly including physical security analysis technology, network structure security analysis technology, system security analysis technology, management safety analysis technology, and other security services and safety mechanism strategies . This is the combination of technology and systems.

1. Physical security technology </ strong>

Traditional views include equipment security, environmental security / facilities, and media security.

Equipment security technology elements include markers and markers of the equipment to prevent electromagnetic information leakage anti-electromagnetic interference, power protection, and equipment vibration, collision, impact adaptivity. Environmental safety technology elements include computer room selection, computer room shielding, fire prevention, waterproofing, lightning protection, anti-mouse, anti-theft, disrupt, distribution system, air conditioning system, integrated wiring, regional protection.

The safety technical elements of media security includes media self-safety and safety of media data.

Narrow Physical Security: refers to the physical security threat of information systems caused by hardware conditions of equipment, facilities and media. This is the topic discussed in this chapter.

Generalized physical security: It should also include physical security of the overall information system consisting of software, hardware, and operator, ie, including system physical security.

To ensure these security, the relevant operational specification guide is an essential system specification.

2. Physical security technology standard (system) </ strong>

(1) GB / T 21052-2007

National Standard "GB / T 21052-2007 Information Security Technology Information System Physical Safety Technical Requirements" is specifically based on physical security of the information system. This is what we learn physically safe and technical in the text.

(2) GB 17859-1999

National Standard "GB 17859-1999 Computer Information System Security Protection Level Division", based on the functional level of the information system.

(3) GB / T 20271-2006

National standard "GB / T 20271-2006-T information security technical information system general security technical requirements", for five security levels Different physical security technical requirements are proposed.

(4) Other related standards

"GB / T 2887-2000 Electronic Computer Space General Specification" "GB 8702-1988 Electromagnetic Radiation Protection Regulations"

"GB 4943-2001 Information Technology Equipment" "GB / T 9361-1988 Computer Space Safety Requirements"

"GB 50057-1994 Building Lightning Protection Design Specification" (2000 Edition) "GBJ16-1987 Building Design Fire Prevention Specification "(2001 Edition)).

Security requirements for IP network </ strong>

• network security management

  </ LI> </ ul>

  Network structure security, routing stability, security, security of each node device, and implementation of network security policies.

  • Information security management

    </ li> </ ul>

    security, billing / authentication information security, security of the information server.

    • Access security control

      </ li> </ ul>

      identity authentication, user isolation, access control.

      • Business Safety Conduct

        </ li> </ ul>

        to increase different business to take specific measures, such as high-speed Internet services need to guarantee the user Isolation, special line business needs to ensure QoS, virtual line services need to guarantee QoS and information security.

        IP network security model </ strong>

        • real-time dynamic detection: including device log, dynamic firewall, and dedicated intrusion detection.

          </ li>

        • Valid attack response: including automatic response such as alarms and policy changes, blacklists, etc. Manually respond.

          </ li>

        • Basic prevention protection: including user isolation, identity authentication, access control, data encryption, dynamic firewall and other technologies.

          </ li>

        • Core policy management: including network management and policy management technology.

          VRP platform security structure </ strong>

          management level: security management

          application level: security business

          • Enterprise access security

            </ li>

          • private network security

            </ li>

          • security VPN Business

            </ li>

          • rich e-commerce application

            </ li> </ ul>

            basic level: security technology

            • Firewall

              </ li>

            • address conversion / hiding

              </ li>

            • content filtering

              </ li>

            • < P> Data encryption</ li>
            • User authentication

              </ li>

            • intrusion detection

              </ li>

            • CA certification

              </ li>

            • security log

              </ li>

            • access control

              </ li> </ ul>

              Preventing network security attacks also include

              1. Firewall technology </ strong>

              • dedicated firewall: </ P > </ li> </ ul>

                Cisco Pix NetScreen

                • integrated on the router platform firewall:

                  </ li> </ ul>

                  Huawei VRP Cisco IOS

                  • package filter firewall

                    </ li> </ ul>

                    access list

                    • Status Firewall

                      </ li> </ ul>

                      ASPF (ApplicationSpecific Packet Filter

                      CBAC (Context-Based

                      Access Control)

                      2. Intrusion detection technology </ strong>

                      • host IDS:

                        </ li> </ ul>

                        → host Intrusion Detection System (HIDS) is a software application for monitoring activities on a single host. Monitoring methods include verifying operating systems and application calls and check log files, file system information and network connections.

                        • network IDS:

                          </ li> </ ul>

                          → network IDS (NIDS), this device can capture the information flow in the LAN area and Try to control the real-time information stream with known attack signatures.

                          3. Network security policy, etc. </ strong> </ strong>

                          • security policy is a formal The provisions, those who are allowed to access the technology and information resources of agency must comply with these regulations.

                            </ li>

                          • Real network security is a combination of product and services, technology and systems, including a comprehensive security policy.

                            </ li> </ ul>

                            so we can see that the two have complementary effects.

                            Although no system is ever 100 percent protected, the ability for differentiating between typical network traffic as well as potentially harmful malware is considered crucial and provides the focus of this associate-level certification path. Also, if you wish to acquire this certification, you should gain the SAP-C01 Dumps, which are being offered at the ExamClubs.