Objective 6.5: Device Security

From Wikibooks, open books for an open world
Jump to navigation Jump to search


Objective 6.5: Explain issues that affect device security

Physical security[edit | edit source]

Electronic access control
Electronic access control

Physical security describes both measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media and guidance on how to design structures to resist various hostile acts. It can be as simple as a locked door or as elaborate as multiple layers of armed security guards and guardhouses.

In a well designed system, these features must complement each other. There are at least four layers of physical security:

  • Environmental design
  • Mechanical and electronic access control
  • Intrusion detection
  • Video monitoring

The goal is to convince potential attackers that the likely costs of attack exceed the value of making the attack.

Restricting local and remote access[edit | edit source]

Secure methods vs. unsecure methods[edit | edit source]

Secure Method Unsecure Method
SSH (Secure Shell) Telnet and RSH (Remote Shell)
HTTPS (Hypertext Transfer Protocol Secure) HTTP (Hypertext Transfer Protocol)
SFTP (Secure File Transfer Protocol) FTP (File Transfer Protocol)
SNMPv3 (Simple Network Management Protocol version 3) SNMPv1/2 (Simple Network Management Protocol version 1 or 2)
SCP (Secure Copy Protocol) RCP (Remote Copy Protocol)

Objective 1.1 also requires knowledge of some of these protocols.

« Network Security
Objective 6.5: Device Security
»
Objective 6.4: User Authentication Objective 6.6: Threat Mitigation