Section 8.1: Network Threats 

Summary

In this section students will learn about threats to a network and the countermeasures to reduce the effects of an attack. Threats discussed include:

 

 

Generic countermeasures discussed include implementation of:

 

Specific countermeasures are presented to prevent:

 

Lecture Focus Questions:

Video/Demo                                                          Time

8.1.1 Network Threats                                                    16:09
8.1.2 Social Engineering                                                8:25
Total                                                                           24:34

Section 8.2: Firewalls

Summary

This section discusses using firewalls to allow or block network traffic. The following details about firewalls are discussed:

 

·         Network-based firewall

·         Host-based firewall

·         Filtering rules (also called access control lists (ACLs))

·         Firewall types

o   Packet filtering firewall

o   Circuit-level proxy

o   Application level gateway

·         Zones used with firewalls

·         Demilitarized zone (DMZ) configurations

·         Characteristics of network ports

·         ICANN categories for ports:

o   Well known ports

o   Registered ports

o   Dynamic ports (also called private or high)

·         Well known ports that correspond to common Internet services

 

Lecture Focus Questions:

Video/Demo                                           Time

8.2.1 Firewalls                                              15:47
8.2.4 Configuring Windows Firewall            3:50
Total                                                                   19:37

Lab/Activity

Section 8.3: VPNs

Summary

This section provides details of how a Virtual Private Network (VPN) uses encryption to secure IP traffic over a TCP/IP network. Facts discussed include:

 

·         The role of a tunneling protocol

·         The role of tunnel endpoints

·         Possible VPN implementations

·         Implementation methods

o   Host-to-host VPN

o   Site-to-site VPN

o   Remote access VPN

·         A comparison of common tunneling protocols

o   Point-to-Point Tunneling Protocol (PPTP)

o   Layer Two Tunneling Protocol (L2TP)

o   Internet Protocol Security (IPSec)

o   Secure Sockets Layer (SSL)

 

Lecture Focus Questions:

Video/Demo                                                          Time

 

8.3.1 Virtual Private Networks (VPNs)              10:16
8.3.3 Configuring a VPN Connection                12:40
Total                                                                           23:03

Lab/Activity

Section 8.4: Switch Security

 

 

Lecture Focus Questions:

Video/Demo                                                          Time

8.4.1 Switch Security                                                     13:01
8.4.2 Configuring VLANs                                               4:35
Total                                                                           17:36

Lab/Activity

Section 8.5: Authentication

 

·         The process to access resources on a network:

o   Identification

o   Authentication

·         Ways to prove identity to an authentication server:

o   Type 1 Something you know

o   Type 2 Something you have

o   Type 3 Something you are

·         Terms to measure the effectiveness of authentication solutions:

o   False negative

o   False positive

o   Crossover error rate

o   Processing rate

·         Authentication methods to increase security:

o   Two-factor, three-factor, multi-factor

o   Strong

o   One-factor

o   Mutual

·         Single Sign-on (SSO):

o   Advantages

o   Disadvantages

·         Authentication protocols:

o   Certificates

o   Public Key Infrastructure (PKI)

o   Certification Authorities (CAs)

o   Trusted CAs and certificates

o   Digital signatures

·         Authentication protocols

o   Challenge Handshake Authentication Protocol (CHAP)

o   Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

o   Extensible Authentication Protocol (EAP)

o   Kerberos

o   802.1x

 

Lecture Focus Questions:

Video/Demo                                                          Time

8.5.1 Authentication                                                       11:19

8.5.3 Authentication Protocols                                     14:05
8.5.4 Digital Certificates                                                  7:02

 Total                                                                           32:26

Section 8.6: Secure Protocols

 

·         Secure protocols

o   Secure Sockets Layer (SSL)

o   Transport Layer Security (TLS)

o   Secure Shell (SSH)

·         Comparison of unsecure and secure protocols:

 

Lecture Focus Questions:

Video/Demo                                                          Time

8.6.1 Secure Protocols                                                    4:50
8.6.2 Adding SSL to a Web Site                                    5:23

 Total                                                                           10:13

Section 8.7: Detection and Prevention

 

·         Network tools to monitor a network for threats include:

 

Lecture Focus Questions:

Video/Demo                                                          Time

8.7.1 Intrusion Detection and Prevention                                6:03

8.7.4 Vulnerability Assessment                                     4:54

 Total                                                                           10:57

Lab/Activity