|< Free Open Study >|
Of all the topics you need that to study regarding the Security+ exam as well as other security certification available today, you will find security baselines to be the most general and undefined subject of them all. This is simply because there is no particular set of standards or defined baseline rules that can be applied to every possible network infrastructure in use. Simply put, if you are responsible for
Here are some good general guidelines to follow when creating a security baseline for your network:
Evaluate your company's current processes, business plans, technical environment, and current security structure.
Identify your company's security risk. This can be accomplished with a fundamental risk analysis and a good network security analysis scanner.
Plan and set up a strong authentication method for your network. Implement encryption
Plan and provide protection for remote users through the use of VPNs, firewalls, and extranets
Define a security policy.
Secure all resources and services.
Perform testing, evaluation, and logging.
Create multiple network segments.
Segment operating systems from data. Partition hard
Do not take this section lightly. There is a good possibility that the general guidelines just mentioned contain several answers to questions you will face on the exam. For example, what should you do first in preparation for avoiding potential risk? The exam is most likely going to drill you with such questions. Use your technical knowledge and common sense to answer the easier exam questions.
In order to create a structured network security baseline, you have to know the location of your vulnerabilities. In other words, you need a tool that identifies your network's weaknesses. There are some great tools available that will help network security personnel assess weaknesses and create security baselines. One of the best on the market is Enterprise Security Manager by Symantec. For more information on these as well as other
|< Free Open Study >|
|< Free Open Study >|
It has been stated already that security is a very broad topic. In order to prepare yourself for the Security+ exam and the
These Test Tips serve primarily as a review of the chapter. However, you might notice that some of the tips have not been discussed. Be prepared and learn to be surprised by the unexpected. The real exam will show you no mercy. Know these tips inside and out!
Multiplexing is the combining of data channels over a single transmission line.
ATM (Asynchronous Transfer Mode)
is a dedicated switching technology that transmits data in fixed-length, 53-byte units called
A Demilitarized Zone (DMZ) is a neutral area between an internal network and the Internet that typically contains one host system or a small network of systems.
Network Address Translation (NAT) is an Internet standard most often used with routers to provide firewall security by hiding an internal private network's range of IP addresses from outside networks.
Secure Remote Procedure Call (RPC)
is a protocol that is used to allow a client-side application program to execute or request a service from a server computer without being
IPSec employs two encryption modes: transport and tunnel . Using the transport mode, only the data portion (or payload ) of a packet is encrypted while the header remains unchanged. In tunnel mode, security is further enhanced because both the payload and header are encrypted. IPSec offers security services such as connectionless integrity, data origin authentication, and confidentiality.
Frame relay is also much faster than X.25 and can take advantage of T1 (1.544 Mbps) and T3 (Mbps) speeds. Frame relay uses public switched WANs that can redirect packets if a segment goes bad.
is a packet filter that relays packets from one host to another based on the protocol and IP address. A circuit gateway forms a
Point-to-Point Tunneling protocol (PPTP)
allows a virtual private network (VPN) to be created using the Internet. PPTP is
Leased-line speeds are as
DS-0 (Digital Signal Level 0): One channel transmits 64KBps on T1 line.
DS-1 (Digital Signal Level 1): Transmits 1.544MBps on T1 line.
DS-3 (Digital Signal Level 3): Transmits 44.736 MBps on a T3 line.
is also referred to
. It carries a data signal 100
Application proxies or gateways are concerned more with specific applications and actual data. The application proxy offers much more control than packet filters and circuit gateways by controlling or limiting user access from within the protocol itself. In other words, with an application proxy, administrators can actually control what information can be sent out of or pulled into a network.
CHAP uses a secret one-way hash value that is generated by the requester and sent to the server.
SMTP (Simple Mail Transfer Protocol) is an unsafe protocol used to send e-mail messages between mail servers. SMTP was not originally developed to protect against e-mail and e-mail server attacks. The best way to protect your e-mail server and e-mail in general is to scan and filter all messages and secure each e-mail message with encryption.
SNMP (Simple Network Management Protocol) is an unsafe network management protocol that allows the use of clear text passwords. SNMP traffic should be filtered at the firewall.
Devices such as routers, hubs, and switches are a single point of failure. Each of these devices should be protected with a UPS (Uninterruptible Power Supply) in the event of power surges, spikes, and brownouts.
The four primary types of firewall architectures are as follows:
Packet filter: A packet filter router uses an ACL (Access Control List). It is the oldest of the mentioned architectures. It separates a private network from a public network.
Screened host: This firewall architecture combines a bastion host and a packet filter firewall, which requires the intruder to get by two separate systems in order to reach an internal network. This is more secure than a traditional packet filtering firewall.
Screened subnet: This firewall architecture combines the security of two packet filters and a bastion host. This is the most secure of the firewall architectures and requires high overhead. This overhead is realized in high-maintenance requirements.
VoIP (Voice over IP)
technology is essentially the delivery of voice in digital packets over IP networks. This technology is
Security services are a combination of security techniques, files, policies, and procedures. The following six security services are defined by OSI communication standards in order to provide secure communications:
Monitoring and logging
In order for
When the functionality of devices such as a network bridge and a network router are combined, the result is a device known as a brouter .
Most communication takes place at the Data Link layer of the OSI reference model.
is part of a private network (intranet) that is extended to customers,
|< Free Open Study >|