SlideShare une entreprise Scribd logo

Introduction to Network Diagramming

VICTOR MAESTRE RAMIREZ
VICTOR MAESTRE RAMIREZ

The document provides an introduction to network diagramming. It discusses the importance of network topology diagrams for incident response. The document outlines common network architecture principles and designs. It also categorizes the general steps to create network topology diagrams, which include identifying network components, sketching the diagram, choosing a diagramming application, building the diagram, creating a legend, and maintaining the diagram. Additional resources on the topic are also provided.

Formation
1  sur  31
Télécharger pour lire hors ligne
C I S A | C YB E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y INTRODUCTION TO NETWORK DIAGRAMMING
Notice Commercial Endorsement Disclaimer: The United States Government through the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) does not endorse any commercial product or service. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA or DHS. Simulated Non-Production Data Disclaimer: No production data was used in this demonstration. Sensitive Information Disclaimer: Be aware that this event is live! Events such as these are attended by people from many different federal agencies. As a student, PLEASE DO NOT DISCLOSE ANY AGENCY SENSITIVE INFORMATION DURING THIS EVENT. CISA Comment Policy: This course abides by the CISA Comment Policy (www.cisa.gov/comment- policy). DISCLAIMER: This webinar is being recorded and may be made public for the benefit of other students. While you are encouraged to engage with the speaker, you are advised against disclosing personally identifiable information (PII) on the recording. Please contact licensing@cisa.dhs.gov with any questions or comments. 2
1 2 3 4 Agenda Introduction and Overview ▪ Learning Objectives ▪ Network Topology Explained Topology Basics ▪ Logical vs Physical ▪ Common Topologies ▪ Network Architecture Diagramming Process ▪ Steps Knowledge Check ▪ Questions ▪ Summary ▪ Resources 3
Course Learning Objectives Terminal Objective Enable you to visualize where your network’s physical and logical devices and connections are by creating or reviewing network topology diagrams. Enabling Objectives: ▪ Define what a network topology diagram is ▪ Explain how network topology diagrams can help organizations during incident response ▪ Describe the common network architecture security principles and designs ▪ Categorize the general steps used to create network topology diagrams Photo source: library.techsmith.com 4
5
Legacy Architecture 6
Modern Architecture https://www.slideteam.net/0914-complex-networking-diagram-main-office-and-branch-office-wan-lan-and-cloud-ppt-slide.html 7
Incident Response 287days 8 Federal Network Authorization (FNA) Request for TechnicalAssistance (RTA)
Defining Network Topologies – Logical Logical Topology ▪ Abstract ▪ Intangible parts of the network https://www.conceptdraw.com/examples/which- network-topology-is-used-in-computer-lab 9
Defining Network Topologies – Physical Physical Topology ▪ Physical layout of network ▪ All tangible assets https://www.pcwdld.com 10
Topology Types BUS RING STAR MESH HYBRID https://www.pngwing.com 11
Network Architecture The complete design and framework of an organization’s network. 12 https://ipcisco.com/
Asset Discovery and Mapping – Capabilities https://www.solarwinds.com/ 13
Asset Discovery & Mapping – Complex vs Simple https://www.solarwinds.com Sample of small network diagram in PowerPoint 14
Data Flow and Storage Data Flow The movementof data through a system composed of software, hardware, or a combination of both. Also known as data-in-transit or data-in-motion. https://www.techuseful.com/how-to-protect-data-in-motion-through-managed-file-transer 15
Network Entry and Exit Points Consider: ▪ Access authorization ▪ Wired or Wireless ▪ External connections ▪ Data transfer rules 16
Segmented Networks 17 Helps to limit direct access to information such as databases, sensitive information, and unauthorized applications by a malicious actor.
Segmentation Unsegmented Network Segmented Network https://www.cisa.gov 18
Network Diagramming Process Maintain the Diagram Create a Legend Build the Diagram Select a Network Template Choosean Application Sketch the Diagram Identify Network Components 19
Identify Network Components ✓ Asset names ✓ Types ✓ Models ✓ IP address ✓ Remote sites ✓ Cloud services with entry and exit points https://www.solarwinds.com https://www.lansweeper.com 20
Sketch the Diagram 21
Choose a Diagramming Application 22
https://support.microsoft.com 23
Build the Diagram ▪ Components denote physical entities ▪ Connectors denote communication paths 24
Create a Legend Quick and easy reference to understand symbols used https://www.swotster.com 25
Maintain the Diagram 26
Knowledge check 27
Summary ✓ Defined what a network topology diagram is ✓ Explained importance of network topology diagrams during incident response ✓ Described the common network architecture security principles and designs ✓ Categorized the general steps used to create network topology diagrams 28
Additional Resources 29 NIST Framework for Improving Critical Infrastructure Cybersecurity https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf NIST Special Publication 1800-5 IT Asset Management https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1800-5.pdf CISALayering Network Security Through Segmentation https://www.cisa.gov/sites/default/files/publications/layering-network-security- segmentation_infographic_508_0.pdf Trusted Internet Connections 3.0 https://www.cisa.gov/sites/default/files/publications/CISA%20TIC%203.0%20Reference%20 Architecture%20v1.1.pdf Computer Security Incident Handling Guide https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf Security and Privacy Controls for Information Systems and Organizations https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
CISAWebsite https://www.cisa.gov IR Training Website https://www.cisa.gov/incident-response-training CISAGitHub https://www.cisa.gov/github CISAYouTube Channel https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A FedVTE https://fedvte.usalearning.gov CISACommenting Policy https://www.cisa.gov/comment-policy Additional Resources 2 30
Closing slide

Recommandé

Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
Cisco Canada
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber Security
Ernest Staats
 
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
NetworkCollaborators
 
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
Ignyte Assurance Platform
 
SCADA and Control Systems Security Summit
SCADA and Control Systems Security SummitSCADA and Control Systems Security Summit
SCADA and Control Systems Security Summit
Nicole Waddell
 
CMMC for Contractors and Manufacturers – What to Know for 2023
CMMC for Contractors and Manufacturers – What to Know for 2023CMMC for Contractors and Manufacturers – What to Know for 2023
CMMC for Contractors and Manufacturers – What to Know for 2023
Withum
 
Power Grid Identity Management addressed with NIST 1-800
Power Grid Identity Management addressed with NIST 1-800Power Grid Identity Management addressed with NIST 1-800
Power Grid Identity Management addressed with NIST 1-800
David Sweigert
 
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocenceCisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Canada
 

Recommandé

Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
Cisco Canada
 
A guide to Sustainable Cyber Security
A guide to Sustainable Cyber SecurityA guide to Sustainable Cyber Security
A guide to Sustainable Cyber Security
Ernest Staats
 
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
Cisco Connect 2018 Malaysia - Secure data center-building a secure zero-trus...
NetworkCollaborators
 
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
How CMMC Auditors Recommend You Defend Your Organization - Completed March, 2...
Ignyte Assurance Platform
 
SCADA and Control Systems Security Summit
SCADA and Control Systems Security SummitSCADA and Control Systems Security Summit
SCADA and Control Systems Security Summit
Nicole Waddell
 
CMMC for Contractors and Manufacturers – What to Know for 2023
CMMC for Contractors and Manufacturers – What to Know for 2023CMMC for Contractors and Manufacturers – What to Know for 2023
CMMC for Contractors and Manufacturers – What to Know for 2023
Withum
 
Power Grid Identity Management addressed with NIST 1-800
Power Grid Identity Management addressed with NIST 1-800Power Grid Identity Management addressed with NIST 1-800
Power Grid Identity Management addressed with NIST 1-800
David Sweigert
 
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocenceCisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Canada
 
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
NetworkCollaborators
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
Eryk Budi Pratama
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
ThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
ThousandEyes
 
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.comCmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
ULLPTT
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
Joseph Holbrook, Chief Learning Officer (CLO)
 
Preventing Cloud Data Breaches.pdf
Preventing Cloud Data Breaches.pdfPreventing Cloud Data Breaches.pdf
Preventing Cloud Data Breaches.pdf
Chinatu Uzuegbu
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to KnowCMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
PECB
 
Csc520 you are a senior level employee and you must tailor your deliverables ...
Csc520 you are a senior level employee and you must tailor your deliverables ...Csc520 you are a senior level employee and you must tailor your deliverables ...
Csc520 you are a senior level employee and you must tailor your deliverables ...
leonardjonh145
 
What's Next with Government Big Data
What's Next with Government Big Data What's Next with Government Big Data
What's Next with Government Big Data
GovLoop
 
093049ov4.pptx
093049ov4.pptx093049ov4.pptx
093049ov4.pptx
NguyenNM
 
NIST_Ignyte_OSCALWorkshop_2022.pdf
NIST_Ignyte_OSCALWorkshop_2022.pdfNIST_Ignyte_OSCALWorkshop_2022.pdf
NIST_Ignyte_OSCALWorkshop_2022.pdf
Ignyte Assurance Platform
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
APNIC
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
Tuan Phan
 
Application of the Common Criteria to Building Trustworthy Automotive SDLC
Application of the Common Criteria to Building Trustworthy Automotive SDLCApplication of the Common Criteria to Building Trustworthy Automotive SDLC
Application of the Common Criteria to Building Trustworthy Automotive SDLC
Seungjoo Kim
 
World Wide Technology: Is backing up to the cloud right for you?
World Wide Technology: Is backing up to the cloud right for you?World Wide Technology: Is backing up to the cloud right for you?
World Wide Technology: Is backing up to the cloud right for you?
Angie Clark
 
19 secure iccp-integration
19 secure iccp-integration19 secure iccp-integration
19 secure iccp-integration
Ivan Carmona
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Canada
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015
Inbalraanan
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
VICTOR MAESTRE RAMIREZ
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ
 

Contenu connexe

Similaire à Introduction to Network Diagramming

NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to KnowCMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
PECB
 
World Wide Technology: Is backing up to the cloud right for you?
World Wide Technology: Is backing up to the cloud right for you?World Wide Technology: Is backing up to the cloud right for you?
World Wide Technology: Is backing up to the cloud right for you?
Angie Clark
 
19 secure iccp-integration
19 secure iccp-integration19 secure iccp-integration
19 secure iccp-integration
Ivan Carmona
 

Similaire à Introduction to Network Diagramming (20)

Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.comCmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
 
Preventing Cloud Data Breaches.pdf
Preventing Cloud Data Breaches.pdfPreventing Cloud Data Breaches.pdf
Preventing Cloud Data Breaches.pdf
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to KnowCMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
CMMC 2.0 vs. ISO/IEC 27001 vs. NIST 800-171: What You Need to Know
 
Csc520 you are a senior level employee and you must tailor your deliverables ...
Csc520 you are a senior level employee and you must tailor your deliverables ...Csc520 you are a senior level employee and you must tailor your deliverables ...
Csc520 you are a senior level employee and you must tailor your deliverables ...
 
What's Next with Government Big Data
What's Next with Government Big Data What's Next with Government Big Data
What's Next with Government Big Data
 
093049ov4.pptx
093049ov4.pptx093049ov4.pptx
093049ov4.pptx
 
NIST_Ignyte_OSCALWorkshop_2022.pdf
NIST_Ignyte_OSCALWorkshop_2022.pdfNIST_Ignyte_OSCALWorkshop_2022.pdf
NIST_Ignyte_OSCALWorkshop_2022.pdf
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
 
Application of the Common Criteria to Building Trustworthy Automotive SDLC
Application of the Common Criteria to Building Trustworthy Automotive SDLCApplication of the Common Criteria to Building Trustworthy Automotive SDLC
Application of the Common Criteria to Building Trustworthy Automotive SDLC
 
World Wide Technology: Is backing up to the cloud right for you?
World Wide Technology: Is backing up to the cloud right for you?World Wide Technology: Is backing up to the cloud right for you?
World Wide Technology: Is backing up to the cloud right for you?
 
19 secure iccp-integration
19 secure iccp-integration19 secure iccp-integration
19 secure iccp-integration
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015
 

Plus de VICTOR MAESTRE RAMIREZ

Plus de VICTOR MAESTRE RAMIREZ (20)

Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Advanced Machine Learning for Business Professionals
Advanced Machine Learning for Business ProfessionalsAdvanced Machine Learning for Business Professionals
Advanced Machine Learning for Business Professionals
 
Intermediate Deep Learning with PyTorch - DataCamp
Intermediate Deep Learning with PyTorch - DataCampIntermediate Deep Learning with PyTorch - DataCamp
Intermediate Deep Learning with PyTorch - DataCamp
 
Gestión de Incidentes de Cibersegurdad - Centro Criptológico Nacional
Gestión de Incidentes de Cibersegurdad - Centro Criptológico NacionalGestión de Incidentes de Cibersegurdad - Centro Criptológico Nacional
Gestión de Incidentes de Cibersegurdad - Centro Criptológico Nacional
 
Modernes Leistungsmanagement - Management
Modernes Leistungsmanagement - ManagementModernes Leistungsmanagement - Management
Modernes Leistungsmanagement - Management
 
Generative AI for Cybersecurity - EC-Council
Generative AI for Cybersecurity - EC-CouncilGenerative AI for Cybersecurity - EC-Council
Generative AI for Cybersecurity - EC-Council
 
Deep Learning for Images with PyTorch - Datacamp
Deep Learning for Images with PyTorch - DatacampDeep Learning for Images with PyTorch - Datacamp
Deep Learning for Images with PyTorch - Datacamp
 
Werteorientiertes Management - Management
Werteorientiertes Management - ManagementWerteorientiertes Management - Management
Werteorientiertes Management - Management
 
Artificial Intelligence for Business Leaders
Artificial Intelligence for Business LeadersArtificial Intelligence for Business Leaders
Artificial Intelligence for Business Leaders
 
Hands-on SQL for Data Science - EC-Council
Hands-on SQL for Data Science - EC-CouncilHands-on SQL for Data Science - EC-Council
Hands-on SQL for Data Science - EC-Council
 
Becoming a Network Security Engineer - EC-Council
Becoming a Network Security Engineer - EC-CouncilBecoming a Network Security Engineer - EC-Council
Becoming a Network Security Engineer - EC-Council
 
Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019
 
Unit Testing for Data Science in Python - DataCamp
Unit Testing for Data Science in Python - DataCampUnit Testing for Data Science in Python - DataCamp
Unit Testing for Data Science in Python - DataCamp
 
Project Management Foundations: Risk Management
Project Management Foundations: Risk ManagementProject Management Foundations: Risk Management
Project Management Foundations: Risk Management
 
Project Management Foundations: Communication
Project Management Foundations: CommunicationProject Management Foundations: Communication
Project Management Foundations: Communication
 
Project Management Foundations: Teams
Project Management Foundations: TeamsProject Management Foundations: Teams
Project Management Foundations: Teams
 
Project Management Foundations: Budgets
Project Management Foundations: BudgetsProject Management Foundations: Budgets
Project Management Foundations: Budgets
 

Dernier

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 

Dernier (20)

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 

Introduction to Network Diagramming

  • 1. C I S A | C YB E R S E C U R I T Y A N D I N F R A S T R U C T U R E S E C U R I T Y A G E N C Y INTRODUCTION TO NETWORK DIAGRAMMING
  • 2. Notice Commercial Endorsement Disclaimer: The United States Government through the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) does not endorse any commercial product or service. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA or DHS. Simulated Non-Production Data Disclaimer: No production data was used in this demonstration. Sensitive Information Disclaimer: Be aware that this event is live! Events such as these are attended by people from many different federal agencies. As a student, PLEASE DO NOT DISCLOSE ANY AGENCY SENSITIVE INFORMATION DURING THIS EVENT. CISA Comment Policy: This course abides by the CISA Comment Policy (www.cisa.gov/comment- policy). DISCLAIMER: This webinar is being recorded and may be made public for the benefit of other students. While you are encouraged to engage with the speaker, you are advised against disclosing personally identifiable information (PII) on the recording. Please contact licensing@cisa.dhs.gov with any questions or comments. 2
  • 3. 1 2 3 4 Agenda Introduction and Overview ▪ Learning Objectives ▪ Network Topology Explained Topology Basics ▪ Logical vs Physical ▪ Common Topologies ▪ Network Architecture Diagramming Process ▪ Steps Knowledge Check ▪ Questions ▪ Summary ▪ Resources 3
  • 4. Course Learning Objectives Terminal Objective Enable you to visualize where your network’s physical and logical devices and connections are by creating or reviewing network topology diagrams. Enabling Objectives: ▪ Define what a network topology diagram is ▪ Explain how network topology diagrams can help organizations during incident response ▪ Describe the common network architecture security principles and designs ▪ Categorize the general steps used to create network topology diagrams Photo source: library.techsmith.com 4
  • 5. 5
  • 8. Incident Response 287days 8 Federal Network Authorization (FNA) Request for TechnicalAssistance (RTA)
  • 9. Defining Network Topologies – Logical Logical Topology ▪ Abstract ▪ Intangible parts of the network https://www.conceptdraw.com/examples/which- network-topology-is-used-in-computer-lab 9
  • 10. Defining Network Topologies – Physical Physical Topology ▪ Physical layout of network ▪ All tangible assets https://www.pcwdld.com 10
  • 11. Topology Types BUS RING STAR MESH HYBRID https://www.pngwing.com 11
  • 12. Network Architecture The complete design and framework of an organization’s network. 12 https://ipcisco.com/
  • 13. Asset Discovery and Mapping – Capabilities https://www.solarwinds.com/ 13
  • 14. Asset Discovery & Mapping – Complex vs Simple https://www.solarwinds.com Sample of small network diagram in PowerPoint 14
  • 15. Data Flow and Storage Data Flow The movementof data through a system composed of software, hardware, or a combination of both. Also known as data-in-transit or data-in-motion. https://www.techuseful.com/how-to-protect-data-in-motion-through-managed-file-transer 15
  • 16. Network Entry and Exit Points Consider: ▪ Access authorization ▪ Wired or Wireless ▪ External connections ▪ Data transfer rules 16
  • 17. Segmented Networks 17 Helps to limit direct access to information such as databases, sensitive information, and unauthorized applications by a malicious actor.
  • 18. Segmentation Unsegmented Network Segmented Network https://www.cisa.gov 18
  • 19. Network Diagramming Process Maintain the Diagram Create a Legend Build the Diagram Select a Network Template Choosean Application Sketch the Diagram Identify Network Components 19
  • 20. Identify Network Components ✓ Asset names ✓ Types ✓ Models ✓ IP address ✓ Remote sites ✓ Cloud services with entry and exit points https://www.solarwinds.com https://www.lansweeper.com 20
  • 24. Build the Diagram ▪ Components denote physical entities ▪ Connectors denote communication paths 24
  • 25. Create a Legend Quick and easy reference to understand symbols used https://www.swotster.com 25
  • 28. Summary ✓ Defined what a network topology diagram is ✓ Explained importance of network topology diagrams during incident response ✓ Described the common network architecture security principles and designs ✓ Categorized the general steps used to create network topology diagrams 28
  • 29. Additional Resources 29 NIST Framework for Improving Critical Infrastructure Cybersecurity https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf NIST Special Publication 1800-5 IT Asset Management https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1800-5.pdf CISALayering Network Security Through Segmentation https://www.cisa.gov/sites/default/files/publications/layering-network-security- segmentation_infographic_508_0.pdf Trusted Internet Connections 3.0 https://www.cisa.gov/sites/default/files/publications/CISA%20TIC%203.0%20Reference%20 Architecture%20v1.1.pdf Computer Security Incident Handling Guide https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf Security and Privacy Controls for Information Systems and Organizations https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
  • 30. CISAWebsite https://www.cisa.gov IR Training Website https://www.cisa.gov/incident-response-training CISAGitHub https://www.cisa.gov/github CISAYouTube Channel https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A FedVTE https://fedvte.usalearning.gov CISACommenting Policy https://www.cisa.gov/comment-policy Additional Resources 2 30