D315 Network and Security Foundations (trial)

Computer Networking

A network of two or more computers connected by media with applications supporting information sharing, file sharing, hardware sharing, communication through email or IM, and VoIP for speaking.

Routers

Layer 3 devices forwarding data packets based on IP addresses, connecting different networks, containing CPU, memory, and I/O interfaces, and types like broadband, wireless, edge, subscriber edge, inter-provider border, and core routers.

Cable and DSL Modems

Hardware devices for connecting to remote networks or the internet, including dial-up modems, DSL modems for digital signal transfer, and cable modems for fast internet via coaxial cable TV lines.

Wireless Access Points (WAPs)

Special devices for WLAN, acting as bridges between wired and wireless networks, extending wireless range, and providing security through SSID, with rogue access points and evil twins posing threats.

Wireless Range Extenders

Devices extending radio frequency range, functioning at layer 1 of OSI model, lacking intelligence, and enabling connectivity beyond the normal range of WAPs.

Transmission Media

Copper, coaxial, and glass/fiber cables supporting data transmission, with characteristics, applications, and types like UTP, STP, and coaxial cables for various data networking needs.

Structured Wiring Systems

Modular cabling solutions supporting end-to-end connectivity, rapid changes, and high-speed bandwidth, with components like workstation outlets, wiring closets, and backbone distributions.

STP vs UTP

Comparison of Shielded Twisted Pair and Unshielded Twisted Pair cables in terms of noise reduction, data rates, installation challenges, and applications in different environments.

Optical Fiber Cabling

Data transmission using light pulses over long distances, highly secure and immune to EMI, with single-mode and multi-mode fiber options.

Network Topology

Layout of network devices like computers, printers, servers, and routers connecting through wired or wireless connections, with considerations for physical and logical topologies.

Logical Topography

Focuses on how the network operates and data transfer, emphasizing logical connections at the Data Link layer.

Network Topology

Describes the general organization of a network, including types like Ring, Bus, Star, Point-to-point, Mesh, and Hybrid/star wired bus.

Point-to-Point Networks

Directly connect computers or devices, based on time slots and polling for data transmission.

Bus Topology

Common linear network type with physical limitations on distance and device connections, requiring transceivers for communication.

Ring Topology

Token ring network where devices transmit with permission granted by a circulating token, preventing collisions.

Star Topology

All nodes directly connected to a central hub or computer in a star-wired configuration.

Wireless Ad Hoc Networks

Built as devices are added, allowing each device to connect to others, bypassing the need for a router.

Infrastructure Networks

Devices connect to a wired network using access points, scalable with multiple APs but more complex and costly to set up.

On-Premise Deployments

Exist within enterprise infrastructure, providing physical access but requiring high costs for hardware and software.

Cloud Deployments

Utilize off-site servers and software as a service, offering potential cost savings and accessibility from personal devices.

10Base-T

Represents 10 Mbps speed, uses base-band signaling, and employs twisted-pair cabling.

100Base-TX

Operates at 100 Mbps speed, utilizes base-band signaling, and incorporates twisted-pair cabling for full-duplex communication.

1000Base-SX

Achieves 1000 Mbps speed, employs base-band signaling, and utilizes short wavelength over fiber for full-duplex communication.

10GBase-SR

Provides 10 Gbps speed over fiber, uses baseband signaling, employs short wavelength extended range, and is supported by CAT-6a cabling.

40GBase-SR4

Offers 40 Gbps speed, uses base-band signaling typically in data centers, and employs SR4 for range and cabling identification.

100GBase-SR10

Delivers 100 Gbps speed, utilizes base-band signaling, and employs SR10 for cabling and range identification.

TCP/IP Model

Represents a 4-layer model, including the Application Layer, Transport to Host-to-Host Layer, Network or Internet Layer, and Physical or Network Access Layer, for network communication.

Virtualization

Involves abstracting physical components into logical objects, such as hardware resources like memory, storage, processors, and network connectivity, using a hypervisor for operation.

Hypervisors

Software that arbitrates resources between physical resources and virtual machines, with Type 1 running directly on server hardware and Type 2 running within a traditional OS.

Cloud Computing

Offers online resource management, accessibility, cost efficiency, and security benefits, but poses risks like security, privacy, migration issues, and vendor lock-in.

Cloud Service Models

Include Infrastructure as a Service (IaaS) providing on-demand access to infrastructure resources, and Platform as a Service (PaaS) offering development tools and services for efficient app coding and deployment.

Information Security

The collection of activities that protect the information system and data within it, including safeguarding privacy data, corporate intellectual property, and online transactions.

Network Security

Aims to protect data, network, hardware, and software, prevent unauthorized access, monitor malicious activities, and ensure the security of network assets during transactions and at rest.

Software as a Service (SaaS)

Software designed for end users, deployed, delivered, and accessed over the internet, characterized by vendor hosting, multi-platform support, and vendor-managed updates.

Risk Management

The formal approach to identifying, assessing, and prioritizing risks, followed by implementing strategies to mitigate or address these risks, involving elements like assets, vulnerabilities, threats, and safeguards.

Risk Assessment

Involves quantitative and qualitative methods to evaluate risks, with quantitative assessment determining financial impact and qualitative assessment focusing on assigning ratings to identified risks.

Risk Response Strategy

Involves planning responses to risks, including reduction, transfer, acceptance, or avoidance of negative risks, and exploiting, sharing, enhancing, or accepting positive risks.

Acceptable Range of Risk

Determines the level of risk that an organization is willing to accept, guiding the definition of activities and countermeasures to manage risks effectively.

Security Controls

Safeguards or countermeasures used by organizations to avoid, counteract, or minimize loss or system unavailability, implemented as part of the risk response plan.

Administrative Controls

Controls that develop and ensure compliance with policies and procedures in managing different phases of people processes.

Technical Controls

Controls carried out by a computer system to manage different phases of people processes.

Detective Controls

Controls that identify threats that have entered a system, like an Intrusion Detection System (IDS).

Preventative Controls

Controls that stop threats from coming into contact with vulnerabilities, such as Intrusion Prevention Systems (IPS).

Corrective Controls

Controls that reduce the effects of a threat, like reloading a malware-infected machine's OS.

Deterrent Control

Controls that deter actions that can result in violations, such as confirmation boxes after system changes.

Compensating Controls

Controls implemented to address threats without a straightforward risk-mitigating solution.

Countermeasures

Safeguards and actions taken to address risks, including fixing software flaws and providing encryption capability.

Risks, Threats, and Vulnerabilities

Risk is the probability of an event, threat can damage assets, and vulnerability is a weakness in design or code.

CIA Triad

Confidentiality secures data access, Integrity ensures data accuracy, and Availability ensures network accessibility.

Network Security Scope

The seven domains of IT infrastructure, including User, LAN, WAN, and Remote Access.

Threat Types

Major threat types include Disclosure threats, Alteration threats, and Denial or Destruction threats.

Malicious Attack

An attack exploiting vulnerabilities, consisting of fabrications, interceptions, interruptions, and modifications.

Attacker Types

Includes Hackers, Ethical Hackers, Black-hat hackers, White-hat hackers, and Gray-hat hackers.

TLS 1.3

Utilizes symmetric cryptography for secure data transmission

Network Risk

Probability of negative events like data breach or unauthorized access

Threat

Potential negative occurrences such as DoS attacks or man-in-the-middle attacks

Vulnerability

Weakness in network design like software bugs or security architecture flaws

Network Security Controls

Administrative, Physical, and Technical measures to mitigate risks

VLAN Hopping

Misconfigured VLAN allowing unauthorized access to other VLANs

Network Threats

Compromised Access Controls, De-authentication, DoS/DDoS attacks, etc.

Network Vulnerabilities

Weaknesses or flaws in an organizations software, hardware, or organizational processes that can result in a security breach.

Risk Assessment

Process involving identifying assets, risks, and evaluating likelihood of occurrences

Compliance Laws

FERPA, FISMA, GDPR, GLBA, HIPAA, and PCI DSS for specific security requirements

Security Controls

Administrative, Physical, and Technical safeguards to counteract security risks

Security Policies

Data handling, Password, Acceptable Use, Bring Your Own Device, and Privacy policies

Human Centered Design

Focuses on root issue, people, system interactions, and iterative prototyping

Least Privilege

Providing minimum rights necessary for tasks to limit exposure and access

Fail Safe

System should fail to a safe state during failures, handling errors and exceptions securely

Least Common Mechanism

A security principle to prevent unintentional sharing of information and eliminate potential pathways for secret sharing.

Firewalls

Security devices that control traffic flow, prevent unauthorized network traffic, and offer filtering features like flood guard, loop protection, and network segmentation.

Firewall types

Stateful Inspection, Packet Filtering, Border, Application

Packet Filtering Firewall

Basic firewall type that compares traffic with rules for each packet passing through.

Stateful Inspection Firewall

Firewall that remembers communication status and checks rules only for new sessions.

Application Firewall

Firewall that acts as a proxy between systems, not allowing direct packet travel.

Border Firewalls

Basic approach separating the network from the internet, normally sits behind router and receives all communications passing from the private network to the internet

Screened Subnet

Used when it isn’t possible to block all traffic into a network, like from a public website or email server. Creates a special network called a demilitarized zone (DMZ)

Multilayered Firewall

Suitable for networks with different security levels.

Unified Threat management

Provides filtering and additional security services like URL and content inspection, and malware detection.

IDS/IPS

Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) that can be network-based (NIDS/NIPS) or host-based (HIDS/HIPS) and work through signatures and heuristics.

Encryption Techniques and Methods

Scrambles data using keys for encryption and decryption, with symmetric (AES, DES) and asymmetric (RSA, Diffie-hellman) encryption methods.

Device Hardware Hardening

Involves risk management, mitigation, and securing the network through centralized devices, dedicated countermeasures, and least privilege policies.

Defense in Depth

Security approach with layered controls to protect data, applications, and networks, including people security, physical security, network security, and data security layers.

IT Security Policy Framework

Consists of policies, standards, procedures, and guidelines to reduce risks, with components like policy, standard, procedures, and guidelines.

Risk Mitigation Strategies

Aim to reduce the likelihood or impact of threats based on risk appetite and tolerance, using risk-based methodologies and risk profiles to understand and manage risks.

Risk Appetite Types

Different levels of willingness to take risks, including risk averse, minimal, cautious, open, and hungry.

Security Risk Assessments

Processes to identify, assess, and implement security measures, focusing on preventing vulnerabilities and exploits, integral to an organization's risk management.

Data Classification Standards

Categorizing data into private, confidential, internal use only, and public-domain data, each requiring specific security controls.

Access Control Models

Different methods like DAC, RBAC, ABAC, RuBAC, and CBAC to manage and restrict access to resources based on roles, attributes, or rules.

Encryption

Using cryptography to transform data into unreadable forms for unauthorized users, securing data in passive, in process, or in transit states.

Security Operations and Administration

Involves security administration, access control, documentation, compliance, disaster recovery, and outsourcing considerations to ensure effective security management.

Professional Ethics

Upholding ethical guidelines, codes of ethics, and professional requirements to maintain professionalism and integrity in security practices.

Personnel Security Principles

Strategies like least privilege, separation of duties, job rotation, mandatory vacations, security training, and awareness to mitigate risks associated with human factors in security.

Baselines

Basic configurations for devices and services documented to ensure uniform operation.

Data Classification Standards

Assigns specific classifications based on data value, sensitivity, and criticality.

Information Classification Objectives

Identifies protection requirements, data value, and ensures appropriate protection.

Classification Procedures

Determines data handling based on data value criteria and includes assurance and configuration management.

Change Management Process

Involves configuration controls and change control to manage system changes securely.

Application Software Security

Involves System Life Cycle (SLC) and System Development Life Cycle (SDLC) for secure software development.

Testing application software

Ensures thorough testing for expected and unexpected events.

Systems procurement

Involves evaluating new software and hardware, monitoring contracts, and following procurement procedures.