LITMIR.BIZ

Скачать книгу

3.2 Explain the methods of network access security

      ■ Attacks/threats

      ■ Denial of service

      ■ Distributed DoS

      ■ Botnet

      ■ Traffic spike

      ■ Coordinated attack

      ■ Reflective / Amplified

      ■ DNS

      ■ NTP

      ■ Smurfing

      ■ Friendly / Unintentional DoS

      ■ Physical attack

      ■ Permanent DoS

      ■ ARP cache poisoning

      ■ Packet/protocol abuse

      ■ Spoofing

      ■ Wireless

      ■ Evil twin

      ■ Rogue AP

      ■ War driving

      ■ War chalking

      ■ Bluejacking

      ■ Bluesnarfing

      ■ WPA/WEP/WPS attacks

      ■ Brute force

      ■ Session hijacking

      ■ Social engineering

      ■ Man-in-the-middle

      ■ VLAN hopping

      ■ Compromised system

      ■ Effect of malware on the network

      ■ Insider threat/malicious employee

      ■ Zero day attacks

      ■ Vulnerabilities

      ■ Unnecessary running services

      ■ Open ports

      ■ Unpatched/Legacy Systems

      ■ Clear text credentials

      ■ Unsecure protocols

      ■ Telnet

      ■ HTTP

      ■ SLIP

      ■ FTP

      ■ TFTP

      ■ SNMPv1 and SNMPv2

      ■ TEMPEST/RF emanation

      ✓ 3.3 Given a scenario, implement network hardening techniques

      ■ Anti-malware software

      ■ Host-based

      ■ Cloud/server-based

      ■ Network/based

      ■ Switch port security

      ■ DHCP snooping

      ■ ARP inspection

      ■ MAC address filtering

      ■ VLAN assignments

      ■ Network segmentation

      ■ Security policies

      ■ Disable unneeded network services

      ■ Use secure protocols

      ■ SSH

      ■ SNMPv3

      ■ TLS/SSL

      ■ SFTP

      ■ HTTPS

      ■ IPsec

      ■ Access lists

      ■ Web/content filtering

      ■ Port filtering

      ■ IP filtering

      ■ Implicit deny

      ■ Wireless security

      ■ WEP

      ■ WPA/WPA2

      ■ Enterprise

      ■ Personal

      ■ TKIP/AES

      ■ 802.1x

      ■ TLS/TTLS

      ■ MAC filtering

      ■ User authentication

      ■ CHAP/MSCHAP

      ■ PAP

      ■ EAP

      ■ Kerberos

      ■ Multifactor authentication

      ■ Two-factor authentication

      ■ Single sign-on

      ■ Hashes

      ■ MD5

      ■ SHA

      ✓ 3.4 Compare and contrast physical security controls

      ■ Mantraps

      ■ Network closets

      ■ Video monitoring

      ■ IP cameras/CCTVs

      ■ Door access controls

      ■ Proximity readers/key fob

      ■ Biometrics

      ■ Keypad/cypher locks

      ■ Security guard

      ✓ 3.5 Given a scenario, install and configure a basic firewall

      ■ Types of firewalls

      ■ Host-based

      ■ Network-based

      ■ Software vs. Hardware

      ■ Application aware/context aware

      ■ Small office/Home office firewall

      ■ Stateful vs. stateless inspection

      ■ UTM

      ■ Settings/techniques

      ■ ACL

      ■ Virtual wire vs. routed

      ■ DMZ

      ■ Implicit deny

      ■ Block/allow

      ■ Outbound traffic

      ■ Inbound traffic

      ■ Firewall placement

      ■ Internal/external

      ✓ 3.6 Explain the purpose of various network access control methods

      ■ 802.1x

      ■ Posture assessment

      ■ Guest network

      ■ Persistent vs. non-persistent agents

      ■ Quarantine network

      ■ Edge vs. Access control

      ✓ 3.7 Summarize basic forensic concepts

      ■ First responder

      ■ Secure the area

      ■ Escalate when necessary

      ■ Document the scene

      ■ eDiscovery

      ■ Evidence/Data Collection

      ■ Chain of custody

      ■ Data transport

      ■ Forensics report

      ■ Legal hold

      Chapter 4: Domain 4 Troubleshooting

      ✓ 4.1 Given a scenario, implement the following network troubleshooting methodology:

      ■ Identify the problem

      ■ Gather information

      ■ Duplicate the problem

      ■ Question Users

      ■ Identify symptoms

      ■ Determine if anything has changed

      ■

Скачать книгу