Computer Networks/Security

From Wikiversity
Jump to navigation Jump to search

This lesson introduces network security.

Objectives and Skills[edit]

Objectives and skills for the network security portion of Network+ certification include:[1]

  • Compare and contrast risk related concepts
    • Disaster recovery
    • Business continuity
    • Battery backups/UPS
    • First responders
    • Data breach
    • End user awareness and training
    • Single point of failure
      • Critical nodes
      • Critical assets
      • Redundancy
    • Adherence to standards and policies
    • Vulnerability scanning
    • Penetration testing
  • Compare and contrast common network vulnerabilities and threats
    • Attacks/threats
      • Denial of service
        • Distributed DoS
          • Botnet
          • Traffic spike
          • Coordinated attack
        • Reflective/amplified
          • DNS
          • NTP
          • Smurfing
        • Friendly/unintentional DoS
        • Physical attack
          • Permanent DoS
      • ARP cache poisoning
      • Packet/protocol abuse
      • Spoofing
      • Wireless
        • Evil twin
        • Rogue AP
        • War driving
        • War chalking
        • Bluejacking
        • Bluesnarfing
        • WPA/WEP/WPS attacks
      • Brute force
      • Session hijacking
      • Social engineering
      • Man-in-the-middle
      • VLAN hopping
      • Compromised system
      • Effect of malware on the network
      • Insider threat/malicious employee
      • Zero day attacks
    • Vulnerabilities
      • Unnecessary running services
      • Open ports
      • Unpatched/legacy systems
      • Unencrypted channels
      • Clear text credentials
      • Unsecure protocols
        • TELNET
        • HTTP
        • SLIP
        • FTP
        • TFTP
        • SNMPv1 and SNMPv2
      • TEMPEST/RF emanation
  • Given a scenario, implement network hardening techniques
    • Anti-malware software
      • Host-based
      • Cloud/server-based
      • Network-based
    • Switch port security
      • DHCP snooping
      • ARP inspection
      • MAC address filtering
      • VLAN assignments
        • Network segmentation
    • Security policies
    • Disable unneeded network services
    • Use secure protocols
      • SSH
      • SNMPv3
      • TLS/SSL
      • SFTP
      • HTTPS
      • IPsec
    • Access lists
      • Web/content filtering
      • Port filtering
      • IP filtering
      • Implicit deny
    • Wireless security
      • WEP
      • WPA/WPA2
        • Enterprise
        • Personal
      • TKIP/AES
      • 802.1x
      • TLS/TTLS
      • MAC filtering
    • User authentication
      • CHAP/MSCHAP
      • PAP
      • EAP
      • Kerberos
      • Multifactor authentication
      • Two-factor authentication
      • Single sign-on
    • Hashes
      • MD5
      • SHA
  • Compare and contrast physical security controls
    • Mantraps
    • Network closets
    • Video monitoring
      • IP cameras/CCTVs
    • Door access controls
    • Proximity readers/key fob
    • Biometrics
    • Keypad/cipher locks
    • Security guard
  • Summarize basic forensic concepts
    • First responder
    • Secure the area
      • Escalate when necessary
    • Document the scene
    • eDiscovery
    • Evidence/data collection
    • Chain of custody
    • Data transport
    • Forensics report
    • Legal hold
  • Given a scenario, troubleshoot and resolve common security issues
    • Misconfigured firewall
    • Misconfigured ACLs/applications
    • Malware
    • Denial of service
    • Open/closed ports
    • ICMP related issues
      • Ping of death
      • Unreachable default gateway
    • Unpatched firmware/OSs
    • Malicious users
      • Trusted
      • Untrusted users
      • Packet sniffing
    • Authentication issues
      • TACACS/RADIUS misconfigurations
      • Default passwords/settings
    • Improper access/backdoor access
    • ARP issues
    • Banner grabbing/OUI
    • Domain/local group configurations
    • Jamming

Readings[edit]

  1. Wikipedia: Network security and related articles.

Multimedia[edit]

  1. YouTube: Business Risk - CompTIA Network+ N10-006 - 3.1
  2. YouTube: Single Point of Failure - CompTIA Network+ N10-006 - 3.1
  3. YouTube: Vulnerability Scanning - CompTIA Network+ N10-006 - 3.1
  4. YouTube: Penetration Testing - CompTIA Network+ N10-006 - 3.1
  5. YouTube: Denial of Service - CompTIA Network+ N10-006 - 3.2
  6. YouTube: Wireless Network Attacks - CompTIA Network+ N10-006 - 3.2
  7. YouTube: Wireless Protocol Attacks - CompTIA Network+ N10-006 - 3.2
  8. YouTube: Brute Force Attacks - CompTIA Network+ N10-006 - 3.2
  9. YouTube: Session Hijacking - CompTIA Network+ N10-006 - 3.2
  10. YouTube: Social Engineering - CompTIA Network+ N10-006 - 3.2
  11. YouTube: Man in the Middle Attacks - CompTIA Network+ N10-006 - 3.2
  12. YouTube: VLAN Hopping - CompTIA Network+ N10-006 - 3.2
  13. YouTube: Compromised Systems - CompTIA Network+ N10-006 - 3.2
  14. YouTube: Insider Threats - CompTIA Network+ N10-006 - 3.2
  15. YouTube: Zero-day Attacks - CompTIA Network+ N10-006 - 3.2
  16. YouTube: Operating System Vulnerabilities - CompTIA Network+ N10-006 - 3.2
  17. YouTube: Anti-Malware Software - CompTIA Network+ N10-006 - 3.3
  18. YouTube: Switch Port Security - CompTIA Network+ N10-006 - 3.3
  19. YouTube: Security Policies - CompTIA Network+ N10-006 - 3.3
  20. YouTube: Disabling Unneeded Network Services - CompTIA Network+ N10-006 - 3.3
  21. YouTube: Using Secure Protocols - CompTIA Network+ N10-006 - 3.3
  22. YouTube: Access Lists - CompTIA Network+ N10-006 - 3.3
  23. YouTube: Wireless Security - CompTIA Network+ N10-006 - 3.3
  24. YouTube: User Authentication - CompTIA Network+ N10-006 - 3.3
  25. YouTube: Hashing - CompTIA Network+ N10-006 - 3.3
  26. YouTube: Physical Security Controls - CompTIA Network+ N10-006 - 3.4
  27. YouTube: Basic Forensic Concepts - CompTIA Network+ N10-006 - 3.7
  28. YouTube: Troubleshooting Firewall Security Issues - CompTIA Network+ N10-006 - 4.7
  29. YouTube: Troubleshooting Operating System Security Issues - CompTIA Network+ N10-006 - 4.7
  30. YouTube: Troubleshooting Denial of Service - CompTIA Network+ N10-006 - 4.7
  31. YouTube: Troubleshooting ICMP and ARP - CompTIA Network+ N10-006 - 4.7
  32. YouTube: Troubleshooting Malicious User Activities - CompTIA Network+ N10-006 - 4.7
  33. YouTube: Troubleshooting Authentication Issues - CompTIA Network+ N10-006 - 4.7

Activities[edit]

  1. Manage user accounts, group accounts, and permissions.
  2. Configure Password Policy and Account Lockout Policy.
  3. Use a network scanner to audit your network.
  4. Back up your system and restore files.
    • Review Microsoft: Back Up Files.
    • Perform a full system backup. If you don't have enough external storage space for a full backup, consider backing up important files and folders to cloud storage.
    • Restore one or more files from the backup.
  5. Examine physical security and risk scenarios for your network environment.
    • What physical security controls are in place for your building and your network / computer equipment?
    • What risk management practices are in place, such as disaster recovery plans, battery backup, data backup, redundancy, vulnerability scanning, and user training?
    • Are any changes necessary to improve physical security or reduce risk?

Lesson Summary[edit]

Key Terms[edit]

See Also[edit]

References[edit]