protection. Visibility is essentially the ability to “see”
everything that is happening in the network.
Segmentation is the ability of the network to reduce the
surface attack to contain the spread. Protection is the
ability to stop any breaches from happening.
Figure 11-1 Cisco’s Security Portfolio: Visibility,
Segmentation, and Protection
Potential Threats and Vulnerabilities
Anything we are trying to protect against—whether it is
code or a person—is known as a threat. A threat tries to
get access to an asset in order to control or damage the
asset.
A vulnerability is a weakness or gap in protection efforts.
It can be exploited by threats to gain unauthorized access
to an asset.
Cybersecurity threats comprise a wide range of
potentially illegal activities on the Internet. At a very
high level, certain activities may be classified into two
categories:
Malicious activities that target networks or devices directly:
Examples include malware, viruses, and denial-of-service attacks.
Malicious activities aided by computer networks or devices:
Examples include fraud, identity theft, phishing scams, information
warfare, and cyberstalking.Most Common Threats
Table 11-2 describes some of the most common threats
that can be posed to an entity due to lack of security
awareness.