Chapter 5: Implementing and Maintaining a Secure Network

The Following Comptia Security+ Exam Objectives are Covered in this Chapter:

• 2.4 Directory – Recognition not administration

  • 2.4.2 LDAP

• 3.5 Security Baselines

  • 3.5.1 OS/NOS Hardening (Concepts and processes)

    • 3.5.1.1 File System

    • 3.5.1.2 Updates (Hotfixes, Service Packs, Patches)

  • 3.5.2 Network Hardening

    • 3.5.2.1 Updates (Firmware)

    • 3.5.2.2 Configuration

    • 3.5.2.2.1 Enabling and Disabling Services and Protocols

    • 3.5.2.2.2 Access Control Lists

  • 3.5.3 Application Hardening

    • 3.5.3.1 Updates (Hotfixes, Services Packs, Patches)

    • 3.5.3.2 Web Servers

    • 3.5.3.3 E-Mail Servers

    • 3.5.3.4 FTP Servers

    • 3.5.3.5 DNS Servers

    • 3.5.3.6 NNTP Servers

    • 3.5.3.7 File/Print Servers

    • 3.5.3.8 DHCP Servers

    • 3.5.3.9 Data Repositories

      • 3.5.3.9.1 Directory Services

      • 3.5.3.9.2 Databases

The operating systems, applications, and network products that you deal with are usually secure when they are implemented the way the manufacturer intends. This chapter deals with the process of ensuring that the products you use are as secure as they can be. Hardening refers to the process of reducing or eliminating weaknesses, securing services, and attempting to make your environment immune to attacks.

In this chapter you will learn the general process involved in securing or hardening the systems, network, and applications that are typically found in a business. This chapter also develops the issues of threats to your network, and the concept of developing a security baseline. Many of the topics in this section are for your knowledge and understanding. They are not covered in the current Security+ exam.