5.0 Network Security


5.1 Given a scenario, implement appropriate wireless security measures.

  • Encryption protocols:
    • WEP
    • WPA
    • WPA2
    • WPA Enterprise
  • MAC address filtering
  • Device placement
  • Signal strength

5.2 Explain the methods of network access security.

  • ACL:
    • MAC filtering
    • IP filtering
    • Port filtering
  • Tunneling and encryption:
    • SSL VPN
    • VPN
    • L2TP
    • PPTP
    • IPSec
    • ISAKMP
    • TLS
    • TLS2.0
    • Site-to-site and client-to-site
  • Remote access:
    • RAS
    • RDP
    • PPPoE
    • PPP
    • ICA
    • SSH

5.3 Explain methods of user authentication.

  • PKI
  • Kerberos
  • AAA (RADIUS, TACACS+)
  • Network access control (802.1x, posture assessment)
  • CHAP
  • MS-CHAP
  • EAP
  • Two-factor authentication
  • Multifactor authentication
  • Single sign-on

5.4 Explain common threats, vulnerabilities, and mitigation techniques.

  • Wireless:
    • War driving
    • War chalking
    • WEP cracking
    • WPA cracking
    • Evil twin
    • Rogue access point
  • Attacks:
    • DoS
    • DDoS
    • Man in the middle
    • Social engineering
    • Virus
    • Worms
    • Buffer overflow
    • Packet sniffing
    • FTP bounce
    • Smurf
  • Mitigation techniques:
    • Training and awareness
    • Patch management
    • Policies and procedures
    • Incident response

5.5 Given a scenario, install and configure a basic firewall.

  • Types:
    • Software and hardware firewalls
  • Port security
  • Stateful inspection vs. packet filtering
  • Firewall rules:
    • Block/allow
    • Implicit deny
    • ACL
  • NAT/PAT
  • DMZ

5.6 Categorize different types of network security appliances and methods.

  • IDS and IPS:
    • Behavior based
    • Signature based
    • Network based
    • Host based
  • Vulnerability scanners:
    • NESSUS
    • NMAP
  • Methods:
    • Honeypots
    • Honeynets

Recommended

 





Associates