3.0 Network Security
✓ 3.1 Compare and contrast risk related concepts
■ Disaster Recovery
■ Business Continuity
■ Battery Backups/UPS
■ First Responders
■ Data Breach
■ End user awareness and training
■ Single point of failure
■ Critical nodes
■ Critical assets
■ Redundancy
■ Adherence to standards and policies
■ Vulnerability scanning
■ Penetration Testing
✓ 3.2 Explain the methods of network access security
■ Attacks/threats
■ Denial of service
■ Distributed DoS
■ Botnet
■ Traffic spike
■ Coordinated attack
■ Reflective / Amplified
■ DNS
■ NTP
■ Smurfing
■ Friendly / Unintentional DoS
■ Physical attack
■ Permanent DoS
■ ARP cache poisoning
■ Packet/protocol abuse
■ Spoofing
■ Wireless
■ Evil twin
■ Rogue AP
■ War driving
■ War chalking
■ Bluejacking
■ Bluesnarfing
■ WPA/WEP/WPS attacks
■ Brute force
■ Session hijacking
■ Social engineering
■ Man-in-the-middle
■ VLAN hopping
■ Compromised system
■ Effect of malware on the network
■ Insider threat/malicious employee
■ Zero day attacks
■ Vulnerabilities
■ Unnecessary running services
■ Open ports
■ Unpatched/Legacy Systems
■ Clear text credentials
■ Unsecure protocols
■ Telnet
■ HTTP
■ SLIP
■ FTP
■ TFTP
■ SNMPv1 and SNMPv2
■ TEMPEST/RF emanation
✓ 3.3 Given a scenario, implement network hardening techniques
■ Anti-malware software
■ Host-based
■ Cloud/server-based
■ Network/based
■ Switch port security
■ DHCP snooping
■ ARP inspection
■ MAC address filtering
■ VLAN assignments
■ Network segmentation
■ Security policies
■ Disable unneeded network services
■ Use secure protocols
■ SSH
■ SNMPv3
■ TLS/SSL
■ SFTP
■ HTTPS
■ IPsec
■ Access lists
■ Web/content filtering
■ Port filtering
■ IP filtering
■ Implicit deny
■ Wireless security
■ WEP
■ WPA/WPA2
■ Enterprise
■ Personal
■ TKIP/AES
■ 802.1x
■ TLS/TTLS
■ MAC filtering
■ User authentication
■ CHAP/MSCHAP
■ PAP
■ EAP
■ Kerberos
■ Multifactor authentication
■ Two-factor authentication
■ Single sign-on
■ Hashes
■ MD5
■ SHA
✓ 3.4 Compare and contrast physical security controls
■ Mantraps
■ Network closets
■ Video monitoring
■
