Chapter 3: Infrastructure and Connectivity

The Following Comptia Security+ Exam Objectives are Covered in this Chapter:

• 2.1 Remote Access

  • 2.1.1 802.1x

  • 2.1.2 VPN

  • 2.1.3 RADIUS

  • 2.1.4 TACACS/+

  • 2.1.5 L2TP/PPTP

  • 2.1.6 SSH

  • 2.1.7 IPSEC

  • 2.1.8 Vulnerabilities

• 2.2 Email

  • 2.2.3 Vulnerabilities

    • 2.2.3.1 Spam

    • 2.2.3.2 Hoaxes

• 2.3 Web

  • 2.3.1 SSL/TLS

  • 2.3.2 HTTP/S

  • 2.3.4 Vulnerabilities

    • 2.3.4.1 Java Script

    • 2.3.4.2 ActiveX

    • 2.3.4.3 Buffer Overflows

    • 2.3.4.4 Cookies

    • 2.3.4.5 Signed Applets

    • 2.3.4.6 CGI

    • 2.3.4.7 SMTP Relay

• 2.5 File Transfer

  • 2.5.1 S/FTP

  • 2.5.2 Blind FTP/Anonymous

  • 2.5.3 File sharing

  • 2.5.4 Vulnerabilities

    • 2.5.4.1 Packet Sniffing

• 3.1 Devices

  • 3.1.1 Firewalls

  • 3.1.2 Routers

  • 3.1.3 Switches

  • 3.1.4 Wireless–3.1.5 Modems

  • 3.1.6 RAS

  • 3.1.7 Telecomm/PBX

  • 3.1.8 VPN

  • 3.1.9 IDS

  • 3.1.10 Network Monitoring/Diagnostics

  • 3.1.11 Workstations

  • 3.1.12 Servers

  • 3.1.13 Mobile Devices

• 3.2 Media

  • 3.2.1 Coax

  • 3.2.2 UTP/STP

  • 3.2.3 Fiber

  • 3.2.4 Removable Media

    • 3.2.4.1 Tape

    • 3.2.4.2 CDR

    • 3.2.4.3 Hard Drives

    • 3.2.4.4 Diskettes

    • 3.2.4.5 Flashcards

    • 3.2.4.6 Smartcards

Your network is composed of a variety of media and devices that both facilitate communications and provide security. Some of these devices (such as routers, modems, and PBX systems) provide external connectivity from your network to other systems and networks. Some of the devices (such as CDRs, disks, and tape) provide both internal archival storage and working storage for your systems. In order to provide reasonable security, you must know how these devices work and how they provide or fail to provide security. This chapter deals with issues of infrastructure and media. They are key components of the Security+ exam and necessary for you to understand in order to secure your network.