Network Infrastructure
Shon Harris
The fast, powerful way to prepare for your CompTIA Security+ exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains Almost eight …
Network Infrastructure
Shon Harris
The fast, powerful way to prepare for your CompTIA Security+ exam!
Get all the hands-on training you need to pass (ISC)²’s tough SSCP exam, get certified, and move forward in your IT security career! In this online video, the world’s #1 information security trainer walks you through every skill and concept you’ll need to master. This online video contains Almost eight hours of training adapted from Shon Harris’s legendary five-day SSCP boot camps–including realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-world settings!
Comprehensive coverage of CompTIA Security+ domains of knowledge:
. Networking Communications
. Types of Networks
. Cabling Types
. Port and Protocol Relationship
. Security Associations
. Wireless Technologies
About the Shon Harris Security Series
This online video is part of a complete library of books, online services, and videos designed to help security professionals enhance their skills and prepare for their certification exams. Every product in this series reflects Shon Harris’s unsurpassed experience in teaching IT security professionals.
Category: Security
System Requirements
OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4
(Tiger) or later
MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card
with speakers
COMPUTER: 500MHz or higher CPU; 128MB RAM or more
Course Introduction
Domain 2 - Network Infrastructure
Agenda 1
Networking Communications
An Older Model
Data Encapsulation
Application Layer
OSI - Application Layer
Presentation Layer
OSI - Presentation Layer
OSI - Session Layer
Client/Server Model
Client/Server Session Layer
Transport Layer
Transport Layer Analogy
OSI - Network Layer
Here to There
Network Layer
OSI - Data Link
Data Link
Sublayers
OSI - Physical Layer
Layers Working Together
Devices Work at Different Layers
Types of Networks
Network Topologies - Physical Layer
Topology Type - Bus
Topology Type - Ring
Topology Type - Star
Network Topologies - Mesh
Summary of Topologies
Agenda 2
Media Access
One Goal of Media Access Technologies
Collision Domain
Back Off, Buddy
Carrier Sense Multiple Access
CSMA/Collision Avoidance (CSMA/CA)
Media Access Technologies - Ethernet
Media Access Technologies - Token Passing
Token’s Role
Other Technologies
Media Access Technologies - Polling
Agenda 3
Cabling Types - Twisted Pair
Cable Types
Multimode versus Single Mode
Signal and Cable Issues
Signaling Issues
Transmission Types - Analog and Digital
Transmission Types - Synchronous
Asynchronous
Transmission Types
Cabling Issues - Plenum-Rated
Transmission Types - Number of Receivers
Internet Group Management Protocol
Multicasting
Network Technologies
Extranet
Network Technologies (Cont.)
EDI Evolution
Networking Devices
Network Device - Hub
Networking Device - Bridge
Forwarding Table Example
Network Devices - Switch
Virtual LAN
VLAN
Interfaces and VLANs
Sniffers
Networking Devices - Router
Hops
Routers
Bridges Compared to Routers
Network Devices - Gateway
Agenda 4
Client Ports
Conceptual Use of Ports
TCP/IP Suite
UDP versus TCP
TCP Segment
SYN Flood
Teardrop Attack
Source Routing
Source Routing Types
IP Address Ranges
IPv6
Protocols
Protocols - ARP
IP to MAC Mapping
How ARP Works
ARP Poisoning
ICMP Packets
A Way Hackers Use ICMP
Ping Steps
Protocols - SNMP
SNMP in Action
SNMP
SNMP Output
POP3 and SMTP
Protocols - SMTP
Mail Relay
Protocols - FTP, TFTP, Telnet
Protocols - RARP and BootP
DHCP - Dynamic Host Configuration Protocol
Agenda 5
Network Configurations
DMZ Configurations
Firewall Comparisons
Network Devices - Firewalls
Packet Filtering Firewall
Packet Filtering Firewall Weaknesses
Packet Filtering
Rule Set Example
Firewall Types - Proxy Firewalls
Firewall Types - Circuit-Level Proxy Firewall
Firewall Types - Application-Layer Proxy
Application-Layer Proxy Advantages
Application-Layer Proxy Disadvantages
Dedicated Proxy Servers
Firewall Types - Stateful
Compare
Firewall Types - Kernel Proxies
Firewall Based VPN Devices
Best Practices
Firewall Placement
Packet Filtering (Cont.)
Screened Host
Firewall Architecture Types - Multi- or Dual-Homed
Screened Subnet
Agenda 6
Dial-Up Protocol - SLIP
Dial-Up Protocol - PPP
PPP
PPP versus SLIP
Authentication Protocols - PAP
Authentication Protocols - CHAP
Authentication Protocol - EAP
Data Inspection
Virtual Private Network Technologies
What Is a Tunneling Protocol?
Analogy
Tunneling Protocols - Examples
Tunneling Protocols - PPTP
Tunneling Protocols - L2TP
L2TP Encapsulation
Tunneling Protocols - IPSec
IPSec Basic Features
IPSec Modes
Security Associations (SAs)
Combining Sas
Agenda 7
Layer 3 at Layer 2
MPLS
Multiprotocol Label Switching
Quality of Service (QoS)
QoS Services
Autonomous Systems
Routing Protocols
Routing
Routing Protocols (Cont.)
OSPF
IGRP
BGP
Routing Protocol Attacks
Metropolitan Area Network Technologies
FDDI
SONET Rings
MAN Technologies - SONET
Connecting Networks
Network Services
DNS Server Structure
Name Resolving Steps
Split DNS
Host Name Resolution Attacks
Network Service - NAT
PAT
NIS
Storing Data
NIS+ Authentication
Agenda 8
PSTN
Circuit Switching
Steps of Connections
Multiplexing
Types of Multiplexing
TDM Process
Statistical Time Division Multiplexing
FDM
Packet Switching
Circuit versus Packet Switching
WAN Technologies - Packet Switched
WAN Technologies - X.25
X.25
WAN Technologies - Frame Relay
WAN Example
Frame Relay
WAN Technologies - ATM
Cell Switching
Wide Area Network Technologies
WAN Technologies - ISDN
On-Demand
ISDN Service Types
WAN Technologies - DSL
WAN Technologies - Cable Modem
Cable Modems
Satellites
Hybrid Connection
Satellite Coverage
Network Perimeter Security
Complexity only Increases
A Layered Approach
Agenda 9
PSTN (Cont.)
Private Branch Exchange
PBX Vulnerabilities
PBX Best Practices
IP Telephony
IP Telephony Components
Media Gateways
IP Telephony Issues
Telephony Protection Mechanisms
Telephony Security
IP Telephony with Wireless
IP Phones Security
Mobile Technology Generations
Mobile Phone Security
Mobile Device Security
Cell Phone
Agenda 10
Wireless Technologies - Access Point
Wireless Frequencies
Alphabet Soup of Standards
Spread Spectrum
OFDM
Where Does Spread Spectrum Work?
802.11n
Wireless Technologies - Access Point (Cont.)
Architectures
Wireless Technologies - Service Set ID
Authenticating to an AP
802.11 Authentication
Wireless Technologies - WEP
Wireless Technologies - More WEP Woes
Lack of Integrity
Frequency Management
802.11 Security Solutions
802.1x
802.1x Authentication
Types of 802.11 Security
IEEE 802.11i Standard
Wireless EAP
Wireless Technologies - Common Attacks
Wireless Technologies - War Driving
NetStumbler Example
Warchalking
Countermeasures
Wireless Attacks
Wormhole Attack
Wireless Technologies - WAP
Wireless Technologies - WTLS
i-mode
Bluetooth
Vampire Tap
Tapping
Fiber Tapping
Domain Name Kiting
Null Session
Sniffers (Cont.)
Packet Sniffer
Packet Sniffer - Uses
Spoofing Attacks
E-mail Spoofing
Spoofing - Instructional E-mails
Email Spoofing - Common Messages
Countermeasures (Cont.)
Authentication and Encryption
IP Spoofing
Header Components
Man-in-the-Middle
Man-in-the-Middle Attack
Replay Attack
Countermeasures (Cont.)
Session Hijacking
Programs For Session Hijacking
TCP/IP Hijacking
Sequence Numbers
Finding TCP Sequence Numbers
SYN, SYN/ACK, ACK and ISN
Denial of Service
Reasons for DoS Attacks
TCP Handshake
SYN Flood (Cont.)
TCP
SYN Attacks Defense
UDP Floods
DDoS
DDoS - Example
DDoS Countermeasures
Subnetting
Network Access Control (NAC)
NAC - Features and Benefits
NAC Architecture
Honeypot
Honeypot - Types
Honeypot (2)
Honeynet
Types of Honeypots
Internet Content Filters
Bluesnarfing
Domain 2 Review