Sec+ 07-08 Identify Network Security for an IT Network

Security+ Domain Network Security

Chapter Overview

Chapter 7: Network Security Fundamentals

Chapter 8: Administering Objectives

Types of Network Security Devices

• Overview: Different devices enhance the security of networks against unauthorized access, attacks, and vulnerabilities.

• Network Address Translation (NAT):

  • Definition: NAT translates private IP addresses to a public IP address, allowing multiple devices on a local network to share a single public IP.

  • Purpose: It helps in hiding internal network structures and reducing the risk of direct attacks on individual devices.

• Network Access Control (NAC):

  • Explanation: NAC manages device access to the network by assessing security posture, ensuring that only compliant devices that meet defined security requirements can connect.

  • Enhancements: Automatically contains non-compliant devices to prevent them from accessing sensitive resources, thereby reducing risks.

Common Network Protocols

• Protocols Overview: Protocols like TCP/IP, DNS, and ICMP are vital for communication across the internet. Each serves a unique function in ensuring data is transmitted securely and efficiently.

• Functions:

  • TCP/IP: Reliable data transmission through connection-oriented communication.

  • DNS: Translates domain names to IP addresses but can be vulnerable to attacks such as DNS spoofing.

  • ICMP: Used for network diagnostics but may be exploited in certain types of attacks (e.g. Ping floods).

Applying Network Administration Principles

• Principles Application: Effective network administration principles include regular updates, monitoring, and applying security best practices. These ensure the integrity and availability of network services.

• New Network Applications: New applications such as cloud services and IoT devices need specific security measures to protect against unique vulnerabilities.

Wireless Network Security

• Wireless Network Attacks: Types include eavesdropping, man-in-the-middle, and rogue access point attacks, which exploit the vulnerabilities inherent in wireless communications.

• Solutions for Securing Wireless Networks: Solutions include implementing WPA3 encryption, using strong passwords, and regularly changing network credentials to minimize the risk of unauthorized access.

Security Through Network Devices

• Security Requirements: Many network applications lack built-in security features; hence, relying on network devices like firewalls and intrusion detection systems is crucial.

Standard Network Devices

• Overview: Understanding the functions and security features of common devices such as switches, routers, and firewalls is crucial for designing a secure network.

Standard Network Devices (Pages 7-10)

• Hubs:

  • Connect devices but lack intelligence; they transmit data in a non-secure manner, exposing the network to significant risks.

• Switches:

  • More advanced than hubs, functioning at Layer 2 to forward frames intelligently, helping improve performance and security.

• Traffic Monitoring Methods: Techniques include:

  • Port Mirroring: A method that duplicates network traffic to a monitoring device for analysis.

  • Network Tap: A hardware device that allows access to data flowing in a network, useful for diagnostics and security checks.

Switch Attacks (Page 11)

• MAC Flooding:

  • An attack where the attacker sends numerous MAC addresses to overflow the switch’s table, causing it to operate in a wide-open mode.

• MAC Address Impersonation:

  • Using a duplicated MAC address to intercept data meant for another device, compromising data privacy.

• ARP Poisoning:

  • Exploiting the ARP protocol to send malicious updates, redirecting traffic to attackers instead of the intended devices.

Routers and Load Balancers (Pages 12-13)

• Router Functionality:

  • Operates at Layer 3, deciding the best path for packets across networks, and thus are critical in directing traffic properly while maintaining security standards.

• Load Balancers:

  • Distributes network traffic across multiple servers to enhance performance and reliability while aiding in preventing overloads and potential security breaches.

Network Security Hardware (Pages 15-23)

• Firewalls:

  • Inspect packets and filter traffic based on predefined rules, necessary for preventing unauthorized access and threats from the internet.

• Proxies:

  • Act as intermediaries between users and the internet, enhancing speed by caching web pages and protecting user identity by hiding IP addresses.

• Reverse Proxies:

  • Handles requests from external clients, routing them to the appropriate server while protecting the internal network.

Spam Filters and VPNs (Pages 26-31)

• Spam Filters:

  • Identifies and suppresses unwanted emails, protecting users and networks from phishing attempts and malware.

• VPN Overview:

  • Virtual Private Networks encrypt data tunneling, securing sensitive information during transmission over unsecured networks, ensuring privacy and confidentiality.

Network Technologies: NAT and Access Control (Pages 41-43)

• NAT:

  • Not only masks internal IPs but also conserves public IP addresses, essential in IPv4 networks.

• Network Access Control (NAC):

  • Uses various methods to assess device health and for access control, allowing or denying connection based on compliance with security policies.

Secure Network Design Elements (Pages 45-49)

• Key Design Concepts: Network design should include practices like implementing DMZs (Demilitarized Zones), VLANs (Virtual Local Area Networks), and proper subnetting strategies to increase security and manageability within the network.

Virtual LAN and Remote Access (Pages 50-52)

• VLANs:

  • Enable logical grouping of devices regardless of their physical location, providing enhanced network security and management.

• Remote Access Security:

  • Securing remote connections through technologies like VPNs and Multi-Factor Authentication (MFA), ensuring that remote workers have controlled and secure access.

Common Network Protocols (Pages 53-61)

• Protocols Overview: Essential for ensuring communication and function, protocols cover everything from messaging to data transfer.

Vulnerabilities**:

• Various protocols face threats, with malicious actors exploiting inherent weaknesses, highlighting the importance of constant updates and security monitoring.

File Transfer Protocols (Pages 63-67)

• FTP Vulnerabilities:

  • Lacks encryption, making it susceptible to interception.

• Secure Copy Protocol (SCP):

  • A secure alternative for file transfer, leveraging SSH (Secure Shell) for encryption.

IP Telephony and Cloud Computing (Pages 94-100)

• IP Telephony Vulnerabilities:

  • Issues with VoIP (Voice over Internet Protocol) include eavesdropping, call hijacking, and denial of service (DoS) attacks.

• Cloud Computing Overview:

  • Offers scalability but introduces challenges regarding user data isolation and requires robust transmission protection mechanisms to avoid breaches.