mod 7
Managed vs unmanaged switches (STP, BPDU guard)
managed:
-configured via a command-line interface or a web-based management GUI
-has Assigned IP addresses to continue managing
unmanaged:
-provides plug-and-play capability with minimal configuration
-no IP address, capabilities are limited
Spanning Tree Protocol
prevents traffic loops and chooses the most efficient paths
BPDU guard:
-STP information is transmitted between switches via BPDUs
-enhance security by preventing a rogue switch or computer connected to one of these ports from hijacking the network’s STP paths
Subnet Masks
Subnet masks are used to divide IP networks into different sections, often called subnets
Subnetting divides an IP address into two parts, namely network address and host address
helps solve the fundamental problem with classful addressing
Using subnets, instead of all devices on the same network being visible to attackers, they would only have access to other devices on the same subnet
what is the difference between static and dynamic routing
Static routing: A network administrators configures a routing table to direct messages along specific paths
Ex. a static route between a small business and its ISP (Internet Service Provider)
Dynamic routing: A router automatically calculates the best path between two networks and maintains this information in a routing - The router can detect problems with failed/congested routes and reroute the messages
-dynamic routing ensures that a new router’s routing tables are updated.
CHECK ANALOGY PAGE FA DIS JOINT IT'LL HELP
Types of hackers(3)
white hat: is an IT security expert hired by organizations to identify security vulnerabilities
• They are sometimes called an ethical hacker
black hat: are groups or individuals that cause damage, steal data, or compromise privacy
grey hat: abide by a code of ethics all their own
• They might engage in illegal activity, but their intent is to educate and assist
Zero trust
A security model where everything in the network is considered untrustworthy until proven otherwise.
Virtualization (2)
Virtualization is a virtual, or logical, version of something rather than the actual, or physical, version
hypervisor types >>>
type 1 - installs on a computer before any operating system (OS) ... installed directly on the host machine’s physical hardware, not through an operating system.
Type 2 – You install it on the machine, where it runs as an application... negotiates with the operating system to obtain underlying system resources.
Network Segmentation
Segmentation divides a computer network into smaller parts. The purpose is to improve network performance and security.
-Enhance security
-Improve performance
-Simplify troubleshooting
Distance vector vs. Link state protocols
Distance vector: calculate path based on distance to the destination
-focus more on the number of hops
Link-state routing protocols: enables routers to communicate beyond neighboring routers so they can independently map the network and determine da best path
-focus more on the state of a connection.
CHECK ANALOGY PAGE FA DIS JOINT IT'LL HELP
Social engineering
is a strategy to gain a user’s password
Common types of social engineering:
• Phishing
• Baiting
• Quid pro quo
• Tailgating
• Piggybacking
• Shoulder surfing
ACL !!
access control list:
a set of rules that control who can access a network or system, and what they can do with that access
A list of statements used by a router or other device to permit or deny the forwarding of traffic on a network based on one or more criteria.
Pros and cons of virtualization
pros:
Efficient use of resources
Cost and energy savings
Fault and threat isolation
Simple backups, recovery, and replication
cons:
Compromised performance
Increased complexity
Increased licensing costs
Single point of failure
VLSM
Variable Length Subnet Mask:
allows subnets to be further subdivided into smaller
and smaller groupings until each subnet is about the same size as the necessary IP address space
Types of WAN connections (5)
1.DSL(Digital Subscriber Line) :
-operates over the PSTN (public switched telephone network)
-supports multiple data and voice channels over a single line
-uses advanced data modulation techniques
2. Cable: standardized coaxial cable wiring used for TV signals
cable modem> modulates and demodulates signals for transmission and reception via cable wiring >
3. Fiber: Internet backbone runs on fiber
4. Satellite: used for transmitting consumer voice, video, music, and data
5. Cellular
-initially designed for analog phone service
Types of malware (5)
Malware is a generalized term that refers to many kinds of malicious software
1. Virus
a program that replicates itself with the intent to infect more computers
2. Trojan horse (Trojan)
a program that disguises itself as something useful but actually
harms your system
3. Worm
a programs that runs independently and travels between computers and across
networks
4. Bot
a program that runs automatically without requiring a person to start or stop it
5.Ransomware
a program that locks a user’s data or computer system until a ransom is
paid
AAA
(authentication, authorization, and accounting)
A category of protocols that authenticate a client’s identity, authorize a user for certain privileges on a system or network, and keep an account of the client’s system or network usage.
Cloud Service Models
1. On-premises – All hardware, software, and everything else is located and managed at the organization’s location.
2. Infrastructure as a Service – Hardware services and network infrastructure devices are provided virtually
3. Platform as a Service – Includes the OS, runtime libraries or modules the OS provides to applications, and the hardware on which the OS runs (reword this jawn its confusing)
4. Software as a Service – Applications are provided.
Online email services such as Gmail and Yahoo! are good examples of SaaS
5. Anything as a Service – The cloud can provide any combination of functions depending on the client’s exact needs. In this broader model, the “X” represents an unknown, just as it does in algebra
CHECK ANALOGY PAGE FA DIS JOINT IT'LL HELP
VLAN
virtual local area network:
groups ports on a switch so that some of the local
traffic on the switch is forced to go through a router
Reasons for using VLANs include the following:
• Identify groups of devices whose data should be given priority handling
• Isolate connections with heavy or unpredictable traffic patterns
• Isolate groups of devices that rely on legacy protocols incompatible with the majority of
the network’s traffic
• Separate groups of users who need special security or network functions
• Configure temporary networks
• Reduce the cost of networking equipment
Interior vs Exterior Gateway Protocols
IGPs: routing protocols used by core routers and edge
routers WITHIN autonomous systems
- grouped according to the algorithms they
use to calculate best paths
EGPs: used by edge routers and exterior routers to distribute data OUTSIDE of autonomous systems
• The only EGP currently in use is BGP
CHECK ANALOGY PAGE 4 DIS JOINT IT'LL HELP
Physical security
Physical access to critical components must be restricted and controlled
SSO
single sign-on:
A form of authentication in which a client signs on once to access multiple systems or resources.
Cloud deployment models (4)
Public cloud
Service provided over public transmission lines such as the Internet.
EX: An online retail giant rocks public cloud services to handle its e-commerce platform
Private cloud
Service established on an organization’s own servers in its own data center
EX: Financial institutions or healthcare providers create strict control and data security compliance, they keep their critical info locked down
Community cloud
Service shared between multiple organizations but not available publicly.
Hybrid cloud
A combination of the other service models into a single deployment and a combination of public and private cloud resources.
EX: retailers go through crazy ups and downs during holiday seasons. They take the hybrid cloud route to handle all that chaos without breaking the bank. When things get wild and need extra power, they burst their workloads into a public cloud.
(mod. 12) Qos
method to implement, traffic policing/shaping, and importance?
Quality of Service
method to implement:
traffic prioritization which involves assigning different priorities to different types of network traffic
_______________
why important?
it guarantees that voice packets receive the necessary bandwidth to deliver a reliable communication experience
_______________
Traffic policing> helps the service provider predict how much capacity it must purchase from its network provider.
Traffic shaping> involves manipulating packets, data stream, or connections to manage the type and amount of traffic traversing network or interface
(mod.12) Incident Response Steps (6)
• Step 1: Preparation
• Step 2: Detection and identification
• Step 3: Containment
• Step 4: Remediation
• Step 5: Recovery
• Step 6: Review
(mod.12) Baseline
is a report of the network’s normal state of operation and might include a range of acceptable measurements
(mod.12) SNMP Versions
Simple Network Management Protocol
SNMPv1 is the original version and is rarely used today
SNMPv2 improved on SNMPv1 with increased performance and slightly better security
SNMPv3 is similar to SNMPv2 and adds authentication, validation, and encryption for
messages exchanged between managed devices and the network management console