Security+ Domain 2.0: Technologies and Tools, Chapter 6

  1. Security+ Certification
  2. Security+: Definitions and Catchwords
  3. Security+ Domain 1.0: Threats, Attacks and Vulnerabilities
  4. Security+ Domain 2.0: Technologies and Tools, Chapter 6
  5. Security+ Domain 2.0: Technologies and Tools, Chapter 7
  6. Security+ Domain 2.0: Technologies and Tools, Chapter 8
  7. Security+ Domain 2.0: Technologies and Tools, Chapter 9
  8. Security+ Domain 2.0: Technologies and Tools, Chapter 10
  9. Security+ Domain 3.0: Architecture and Design: Chapter 11
  10. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12
  11. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12 cont’d
  12. Security+ Domain 3.0: Architecture and Design: Chapter 13: Embedded Systems
  13. Security+ Domain 3.0: Architecture and Design: Chapter 14: Application Development
  14. Security+ Domain 3.0: Architecture and Design: Chapter 15: Cloud and Virtualization
  15. Security+ Domain 3.0: Architecture and Design: Chapter 16: Resiliency and Automation
  16. Security+ Domain 3.0: Architecture and Design: Chapter 17: Physical Security
  17. Security+ Domain 4.0: Identity and Access Management: Chapter 18
  18. Security+ Domain 4.0: Identity and Access Management: Chapter 19
  19. Security+ Domain 4.0: Identity and Access Management: Chapter 20
  20. Security+ Domain 5.0: Risk Management: Chapter 21
  21. Security+ Domain 5.0: Risk Management: Chapter 22
  22. Security+ : Sample Questions
  23. Security+ Domain 5.0: Risk Management: Chapter 23
  24. bastion.inf
  25. Security+ Domain 5.0: Risk Management: Chapter 24
  26. Security+ Domain 5.0: Risk Management: Chapter 25
  27. Security+ Domain 5.0: Risk Management: Chapter 26
  28. Security+ Domain 5.0: Risk Management: Chapter 27
  29. Security+ Domain 5.0: Risk Management: Chapter 28
  30. Security+ Domain 5.0: Risk Management: Chapter 29
  31. Security+: My Favorite Free Tools

Chapter 6: Network Components

You should be (deeply) familiar with bridges and repeaters, hubs and switches, routers, firewalls and edge devices from your Network+ studies.

Be clear that the functions of many of the edge devices are more and more often all found merged in one box. Depending on the size of your enterprise, that box may be from Cisco, Juniper, Fortinet or many others. If you have less to spend you’ll be looking at free/community edition edge devices or software (which will often be called “firewalls” though they do much more).

VPNs

IPsec

SSL / TLS

Types of Firewalls

  • Packet filters (Layer 3)
  • NAT
  • Stateful packet filtering (Layer5)
  • ACLs
  • Application proxies (Layer 7)
  • Network proxies (Layer 3)
  • Host-based vs. Network-based

pfSense

https://www.pfsense.org/

“pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network. It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.” – https://en.wikipedia.org/wiki/PfSense

A Comparison: Ubiquity, pfSense, Untangle

IDS / IPS

  • Signature-based
  • Heuristic
  • Anomaly
  • Inline vs. Passive
  • In-band vs. Out-of-band
  • Detection and notification vs. detection and prevention
  • Snort
  • Host-based vs. Network based

Analytics

False positive

False negative

Routers

ACLs

Antispoofing

Switches

Port security:

  1. Static learning
  2. Dynamic learning
  3. Sticky learning

Loop prevention

Flood guard

Load Balancers

Scheduling:

  • Affinity
  • Round-robin

Active-Passive

Active-Active

Virtual IPs

WiFi

SSID

BSSID

ESSID

MAC filtering

Signal strength

Band and Bandwidth

Antenna Types

Fat vs. Thin APs

Controller-based vs. Standalone

SIEM: Security Incident Event Management

Functions:

  • Aggregation
  • Correlation
  • Automated Alerts and Triggers
  • Time synchronization
  • Deduplication
  • Log analysis

DLP: Data Lost Prevention

Cloud

email

USB

NAC: Network Access Control (802.1x)

Mail Gateways

Spam filtering

SSL/TLS Accelerators

For busy secure sites