Security+ Certification/Network Infrastructure

From Wikibooks, open books for an open world
< Security+ Certification
Jump to navigation Jump to search

2.1 Differentiate between the different port & protocols, their respective threats and mitigation techniques[edit | edit source]

  • Antiquated protocols
  • TCP/IP hijacking
  • Null sessions
  • Spoofing
  • Man-in-the-middle
  • Replay
  • DoS (Denial of Service)
  • DDoS (Distributed DoS)
  • Domain Name Kiting
  • DNS poisioning
  • ARP poisioning

2.2 Distinguish between network design elements and components[edit | edit source]

  • DMZ
  • VLAN
  • NAT
  • Network interconnections
  • NAC
  • Subnetting
  • Telephony

2.3 Determine the appropriate use of network security tools to facilitate network security[edit | edit source]

  • NIDS (Network Based Intrusion Detection System)
  • NIPS (Network Based Intrusion Prevention System)
  • Firewalls
  • Proxy servers
  • Honeypot
  • Internet content filters
  • Protocol analyzers

2.4 Apply the appropriate network tools to facilitate network security[edit | edit source]

  • NIDS
  • Firewals
  • Proxy servers
  • Internet content filters
  • Protocol analyzers

2.5 Explain the vulnerabilities and mitigations associated with network devices[edit | edit source]

  • Privelege escalation
  • Weak passwords
  • Back doors
  • Default accounts
  • DOS

2.6 Explain the vulnerabilities and mitigations associated with various transmission media[edit | edit source]

  • Vampire taps

2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking[edit | edit source]

  • Data emanation
  • War driving
  • SSID broadcast
  • Blue jacking
  • Bluesnarfing
  • Rogue access points
  • Weak encryption
Retrieved from "https://en.wikibooks.org/w/index.php?title=Security%2B_Certification/Network_Infrastructure&oldid=2009261"