1.0 Network Security

1.1 Implement security configuration parameters on network devices and other technologies.

• Firewalls
• Routers
• Switches
• Load Balancers
• Proxies
• Web security gateways
• VPN concentrators
• NIDS and NIPS
  • Behavior based
  • Signature based
  • Anomaly based
  • Heuristic
• Protocol analyzers
• Spam filter
• UTM security appliances
  • URL filter
  • Content inspection
  • Malware inspection
• Web application firewall vs. network firewall
• Application aware devices
  • Firewalls
  • IPS
  • IDS
  • Proxies

1.2 Given a scenario, use secure network administration principles.

• Rule-based management
• Firewall rules
• VLAN management
• Secure router configuration
• Access control lists
• Port Security
• 802.1x
• Flood guards
• Loop protection
• Implicit deny
• Network separation
• Log analysis
• Unified threat management

1.3 Explain network design elements and components.

• DMZ
• Subnetting
• VLAN
• NAT
• Remote Access
• Telephony
• NAC
• Virtualization
• Cloud Computing
  • PaaS
  • SaaS
  • IaaS
  • Private
  • Public
  • Hybrid
  • Community

1.4 Given a scenario, implement common protocols and services.

• Protocols
  • IPSec
  • SNMP
  • SSH
  • DNS
  • TLS
  • SSL
  • TCP/IP
  • FTPS
  • HTTPS
  • SFTP
  • SCP
  • ICMP
  • IPv4
  • IPv6
  • iSCSI
  • Fibre Channel
  • FCoE
  • FTP
  • SFTP
  • FTPS
  • TFTP
  • TELNET
  • HTTP
  • NetBIOS
• Ports
  • 21
  • 22
  • 25
  • 53
  • 80
  • 110
  • 139
  • 143
  • 443
  • 3389
• OSI relevance

1.5 Given a scenario, troubleshoot security issues related to wireless networking.

• WPA
• WPA2
• WEP
• EAP
• PEAP
• LEAP
• MAC filter
• Disable SSID broadcast
• TKIP
• CCMP
• Antenna Placement
• Power level controls
• Captive portals
• Antenna types
• Site surveys
• VPN (over open wireless)