1.0 Network Security

1.1 Explain the security function and purpose of network devices and technologies

• Firewalls
• Routers
• Switches
• Load Balancers
• Proxies
• Web security gateways
• VPN concentrators
• NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
• Protocol analyzers
• Sniffers
• Spam filter, all-in-one security appliances
• Web application firewall vs. network firewall
• URL filtering, content inspection, malware inspection

1.2 Apply and implement secure network administration principles

• Rule-based management
• Firewall rules
• VLAN management
• Secure router configuration
• Access control lists
• Port Security
• 802.1x
• Flood guards
• Loop protection
• Implicit deny
• Prevent network bridging by network separation
• Log analysis

1.3 Distinguish and differentiate network design elements and compounds

• DMZ
• Subnetting
• VLAN
• NAT
• Remote Access
• Telephony
• NAC
• Virtualization
• Cloud Computing
  • Platform as a Service
  • Software as a Service
  • Infrastructure as a Service

1.4 Implement and use common protocols

• IPSec
• SNMP
• SSH
• DNS
• TLS
• SSL
• TCP/IP
• FTPS
• HTTPS
• SFTP
• SCP
• ICMP
• IPv4 vs. IPv6

1.5 Identify commonly used default network ports

• FTP
• SFTP
• FTPS
• TFTP
• TELNET
• HTTP
• HTTPS
• SCP
• SSH
• NetBIOS

1.6 Implement wireless network in a secure manner

• WPA
• WPA2
• WEP
• EAP
• PEAP
• LEAP
• MAC filter
• SSID broadcast
• TKIP
• CCMP
• Antenna Placement
• Power level controls