2 cissp ® Official Study Guide Eighth Edition

530
Chapter 12 
■
Secure Communications and Network Attacks
service that enables people to communicate, exchange data, collaborate on materials/data/
documents, and otherwise perform work tasks together can be considered a remote meeting 
technology service.
No matter what form of multimedia collaboration is implemented, the attendant security 
implications must be evaluated. Does the service use strong authentication techniques? Does 
the communication occur across an open protocol or an encrypted tunnel? Does the solution 
allow for true deletion of content? Are activities of users audited and logged? Multimedia 
collaboration and other forms of remote meeting technology can improve the work environ-
ment and allow for input from a wider range of diverse workers across the globe, but this is 
only a benefit if the security of the communications solution can be ensured.
Instant Messaging
Instant messaging (IM)
is a mechanism that allows for real-time text-based chat between 
two users located anywhere on the internet. Some IM utilities allow for file transfer, multi-
media, voice and videoconferencing, and more. Some forms of IM are based on a peer-to-
peer service while others use a centralized controlling server. Peer-to-peer-based IM is easy 
for end users to deploy and use, but it’s difficult to manage from a corporate perspective 
because it’s generally insecure. It has numerous vulnerabilities: It’s susceptible to packet 
sniffing, it lacks true native security capabilities, and it provides no protection for privacy.
Many forms of traditional instant messaging lack common security features, such as 
encryption or user privacy. Many stand-alone IM clients have been susceptible to malicious 
code deposit or infection through their file transfer capabilities. Also, IM users are often 
subject to numerous forms of social-engineering attacks, such as impersonation or convinc-
ing a victim to reveal information that should remain confidential (such as passwords).
There are several modern instant messaging solutions to consider for both person-to-
person interactions and collaboration and communications among a group. Some are 
public services, such as Twitter, Facebook Messenger, and Snapchat. Others are designed 
for private or internal use, such as Slack, Google Hangouts, Cisco Spark, Workplace by 
Facebook, and Skype. Most of these messaging services are designed with security as a key 
feature, often employing multifactor authentication and transmission encryption.
Manage Email Security
Email is one of the most widely and commonly used internet services. The email infra-
structure employed on the internet primarily consists of email servers using 
Simple Mail 
Transfer Protocol (SMTP)
to accept messages from clients, transport those messages to 
other servers, and deposit them into a user’s server-based inbox. In addition to email servers,
the infrastructure includes email clients. Clients retrieve email from their server-based 
inboxes using 
Post Office Protocol version 3 (POP3)
or 
Internet Message Access Protocol 
(IMAP)
. Clients communicate with email servers using SMTP. Many internet-compatible 
email systems rely on the X.400 standard for addressing and message handling.

Manage Email Security 
531
Sendmail is the most common SMTP server for Unix systems, and Exchange is the most 
common SMTP server for Microsoft systems. In addition to these three popular products, 
numerous alternatives exist, but they all share the same basic functionality and compliance 
with internet email standards.
If you deploy an SMTP server, it is imperative that you properly configure authentication 
for both inbound and outbound mail. SMTP is designed to be a mail relay system. This 
means it relays mail from sender to intended recipient. However, you want to avoid turning 
your SMTP server into an 
open relay
(also known as an open relay agent or 
relay agent
), 
which is an SMTP server that does not authenticate senders before accepting and relaying 
mail. Open relays are prime targets for spammers because they allow spammers to send 
out floods of emails by piggybacking on an insecure email infrastructure. As open relays 
are locked down, becoming closed or authentication relays, a growing number of SMTP 
attacks are occurring through hijacked authenticated user accounts.
Another option to consider for corporate email is a SaaS email solution. Examples of cloud 
or hosted email include Gmail (Google Apps for Business) and Outlook/Exchange Online. SaaS 
email enables you to leverage the security experience and management expertise of some of the 
largest internet-focused organizations to support your company’s communications. Benefits 
of SaaS email include high availability, distributed architecture, ease of access, standardized 
configuration, and physical location independence. However, there are some potential risks 
using a hosted email solution, including blacklisting issues, rate limiting, app/add-on restric-
tions, and what (if any) additional security mechanisms you can deploy.

Download 19,3 Mb.

Do'stlaringiz bilan baham: