Network+ Guide to Networks, 8th Edition 9-1
Chapter 9
Network Risk Management
At a Glance
Instructor’s Manual Table of Contents
• Overview
• Objectives
• Teaching Tips
• Quick Quizzes
Network+ Guide to Networks, 8th Edition 9-2
Lecture Notes
Overview
In this chapter, students will learn about numerous threats to a network’s data and
infrastructure, how to manage those vulnerabilities, and, perhaps most important, how to
Chapter Objectives
After reading this chapter and completing the exercises, the student will be able to:
• Identify people, technology, and malware security risks to a network
• Describe tools used to evaluate the security of a network
Teaching Tips
Security Risks
1. Emphasize that different types of organizations have different levels of network security
risk.
3. Explain that a hacker is someone who masters the inner workings of computer hardware
and software in an effort to better understand them. Discuss the following different
types of hackers:
4. Define a vulnerability as a weakness of a system, process, or architecture that could lead
to compromised information or unauthorized access.
5. Point out that the act of taking advantage of a vulnerability is known as an exploit.
People Risks
1. Discuss the significance of looking at risks associated with people. Point out that by
2. Introduce students to social engineering, which involves manipulating social
relationships to gain access. Discuss the following types of social engineering:
4. Point out that the most important defense against social engineering is employee
training.
6. Discuss the measures that can be taken to reduce risks associated with people:
a. Background checks
Technology Risks
1. Discuss the following risks inherent in network hardware and design:
a. spoofing attack
b. DoS (denial of service) attack
c. DDoS (distributed DoS) attack
Network+ Guide to Networks, 8th Edition 9-4
Malware Risks
1. Explain that malware refers to any program or piece of code designed to intrude upon or
harm a system or its resources. Discuss the following:
a. virus
2. Discuss the following characteristics that can make malware harder to detect and
eliminate:
a. encryption
Security Assessment
1. Explain the difference between a posture assessment and a security audit.
2. Define and describe a security audit as a means of assessing security risks.
Scanning Tools
1. Explain that security experts often conduct simulated attacks on a network to determine
its weaknesses. Discuss three types of attack simulations:
2. Discuss scanning tools that can be used to discover crucial information about a network:
a. Nmap
Network+ Guide to Networks, 8th Edition 9-5
Honeypots and Honeynets
1. Define and explain a honeypot, which is a decoy system that is purposely vulnerable
and filled with what appears to be sensitive content.
3. Explain why honeypots and honeynets must be isolated from the rest of the network.
Quick Quiz 1
1. The act of taking advantage of a vulnerability is known as which of the following?
a. hacker
b. poisoning
c. snooping
d. exploit
2. ____________________ occurs when a person attempts to glean access or
authentication information by posing as someone who needs that information.
3. Which of the following describes an attack where a person redirects and captures secure
transmissions as they occur?
a. port scanning
b. DoS
c. phishing
d. man-in-the-middle
4. A program that disguises itself as something useful but actually harms your system is
known as which of the following?
a. backdoor
b. Trojan horse
c. worm
d. bot
5. In which type of vulnerability scan does the attacker begin on the perimeter of the
network, looking for vulnerabilities that do not require trusted user privileges?
Network+ Guide to Networks, 8th Edition 9-6
Physical Security
2. Explain that students should consider all points of compromise in physical security.
Emphasize that only trusted networking staff should have access to secure computer
Preventative Methods
1. Discuss how electronic locks can be combined with key locks. Describe the following
door access controls. Use Figures 9-11 through 9-15 in your discussion:
a. keypad or cipher lock
2. Describe electronic badge access. Discuss the difference between smart cards,
Detection Methods
1. Explain that the key to protecting sensitive data and systems is to detect intrusions as
quickly as possible and be prepared to respond appropriately.
2. Discuss the following methods of detecting physical intrusions and other kind of events:
a. motion detection
3. Review relevant questions that should be included in a security audit. The questions are
Device Hardening
1. Explain that device hardening is taking steps to secure network devices from network-
Network+ Guide to Networks, 8th Edition 9-7
Updates and Security Patches
1. Discuss how updates to applications, OSs, and device firmware address several issues,
such as:
2. Explain that the process of properly managing and applying security patches includes
the following:
a. discovery
b. standardization
Administrative Credentials
2. Point out that when configuring a device, students should make it a habit to change the
default administrative credentials before doing anything else.
4. Introduce students to a privileged user account and discuss the security precautions for
this type of account:
a. limited use
Services and Protocols
1. Explain that insecure services and protocols, such as Telnet and FTP, should be
disabled in a system whenever possible.
2. Discuss the following guidelines to help protect devices from attack:
a. Use secure protocols
b. Disable any running services on a computer that are not needed
Network+ Guide to Networks, 8th Edition 9-8
c. Minimize the number of startup programs to include only those apps that you
really need
Hashing
2. Discuss SHA (Secure Hash Algorithm) and introduce students to the various versions of
SHA:
Anti-Malware Software
2. Emphasize that malware protection requires choosing the most appropriate anti-
3. Introduce the concept of anti-malware software.
5. Explain why an implementation of anti-malware software depends on the computing
6. Describe the different options regarding where to install anti-malware packages:
a. host-based
b. server-based
Security Policies for Users
1. Explain how a thoroughly planned security policy can minimize the risk of break-ins.
2. Define a security policy.
Security Policy Goals
1. Discuss the typical goals for security policies as listed on page 534 of the text.
3. Explain that in order to understand an organization’s risks, a posture assessment
identifying vulnerabilities should be conducted
BYOD (Bring Your Own Device)
1. Define BYOD as the practice of allowing people to bring their smartphones, laptops, or
2. Discuss the variations of BYOD:
a. BYOA (bring your own appliance)
3. Point out that part of a BYOD policy might include on-boarding and off-boarding
AUP (Acceptable Use Policy)
1. Emphasize that the security policy should explain to users what they can and cannot do
2. Discuss some of the restrictions and AUP might include.
NDA (Non-Disclosure Agreement)
Password Policy
2. Explain that guidelines for selecting passwords should be part of an organization’s
security policy.
Privileged User Agreement
2. Point out that a privileged user agreement outlines:
a. Guidelines
3. Discuss the use of a PAM (privileged access management) tool.
Network+ Guide to Networks, 8th Edition 9-11
Anti-Malware Policy
1. Introduce the concept of anti-malware policies. Explain why it is important that all
network users understand how to prevent the spread of malware.
3. Point out to students that these policies are intended to protect the network from damage
Quick Quiz 2
1. Which of the following access control methods does not require direct contact with a
proximity reader in order to be detected?
a. smart card
b. biometric scanner
c. proximity card
d. key fob
2. Which of the following detection methods can detect physical penetration, temperature
extremes, input voltage variations, or certain kinds of radiation?
a. tamper detection sensor
b. motion detection sensor
c. video surveillance
d. asset tracking
3. What is the first phase of properly managing and applying security patches?
a. implementation
b. assessment
c. risk mitigation
d. discovery
4. What term best describes the process of transforming data through an algorithm that
generally reduces the amount of space needed for data?
a. hardening
b. hashing
c. disclosing
d. mitigating
5. True or False: Malware often leaves evidence of itself on a device.
Class Discussion Topics
1. As a class, discuss the implications of security breaches on technology adoption. Are
people hesitant to use the Internet or wireless technology for purchases due to security
concerns? Are people hesitant to use technology because of privacy concerns? Are these
concerns warranted and are they influenced by age, race, or gender?
2. As a class, discuss what the consequences should be for not adhering to security policy
guidelines. Where or how should these consequences be communicated to employees?
Additional Projects
1. Have students research the currently published security policy or policies for the school
2. Business Strategies International (BSI), established in 1989, is a leader in providing
innovative and integrated business services for small to medium businesses through to
Additional Resources
1. Audit Certification
2. A Preparation Guide to Information Security Policy
3. What are Biometric Locks?
4. What is Hashing?
5. Know the Different Types of Malware
Network+ Guide to Networks, 8th Edition 9-13
Key Terms
For definitions of key terms, see the Glossary near the end of the book.
➢ data breach
➢ DDoS (distributed DoS) attack
➢ deauth (deauthentication) attack
➢ device hardening
➢ DHCP snooping
➢ honeypot
➢ insider threat
➢ key fob
➢ logic bomb
➢ malware
➢ principle of least privilege
➢ privileged user account
➢ PUA (privileged user agreement)
➢ ransomware
➢ rogue DHCP server