SlideShare a Scribd company logo

CISSP Week 6

J
jemtallon

This document summarizes network components and security techniques. It discusses network segmentation, demilitarized zones, firewalls, routers, switches, wireless networking, encryption, and VPNs. It also covers securing communication channels, voice over IP, multimedia collaboration, and instant messaging protocols. The key topics covered are network design principles, routing, wireless standards, encryption methods, and virtual private networks.

EducationTechnologyBusiness
1 of 68
Download to read offline
CISSP p316-380
Securing Network Components Deterministic Routing -traffic only travels on pre-determined routes Boundary Routers -advertise routes that external hosts can use to reach internal destinations -filters external traffic Design and Set up a perimeter! (IDS,FW,filtering)
Network Partitioning -segment networks into domains of trust -control what is forwarded between segments Dual-Homed Host -has two NICS, each on a separate network Bastion Host -gateway between trusted & untrusted that gives limited, authorized access to untrusted hosts -data diode = simplex communication
Demilitarized Zone (DMZ) -aka Screened Subnet -allows an org to give external host limited access to public resources, like a web server that contains the org's site, without giving access to the org's internal network
Hardware Modems - analog Concentrators - multiplex connected devices into a signal signal Front-End Processors - purpose is to off-load from the host computer the work of managing the peripheral devices Multiplexers-elects one of several analog or digital input signals and forwards the selected input into a single line Concentrators vs. Multiplexers
Hubs & Repeaters -Hubs used for star topology -All devices receive each other's broadcasts -All devices can read & modify others traffic -Repeaters repeat to help stop signal degradation
Bridges -layer 2 device (Data link) -filters traffic between segments based on MAC addys -also amplifies signals for large networks -filters frames not destined for another segment
Switches -only forwards frames to devices specified in the frame -forwards broadcasts to all
Routers -forwards packets to other networks -the read the destination from layer 3 (IP addy) -based on it's view of the network it will determine the next device on the network to send the packet
Transmission Media
Wired Throughput:rate that the data will be transmitted Distance:how far in between devices, degrading signal Data Sensitivity:will someone try to tap this cable? Environment:bent cables, EMI, RMI, temp
Twisted Pair -copper wires twisted together to reduce EMI -each wire is coated then surrounded by jacket -twists/in, type of insulation, conductive material Cat 1-6
Unshielded Twisted Pair (UTP) -no shielding, duh -EMI and RMI will kill signal -easy to tap with radiation monitoring -cheap and common
Shielded Twisted Pair (STP) -UTP except it has an electronically grounded shield inside the cable -expensive and bulky
Coaxial Cable (Coax) -one thick conductor surrounded by a grounding braid of wire -great bandwidth and longer runs than TP -very well insulated -expensive and bulky
Patch Panels -alternative to directly connecting devices -use patch cables to change connections easily -need to be neat
Wireless
Direct-Sequence Spread Spectrum (DSSS) -spreads a transmission over a large frequency band with small amplitude -wider band = less interference -sender & receiver communicate which frequencies are too cluttered to send data over
Frequency-Hopping Spread Spectrum (FHSS) -spreads signal over rapidly changing frequencies -signals rapidly change among sub-frequencies in an order that is agreed upon between s&r -can interfere with DSSS -this rapid changing keeps interference minimized
Orthogonal Frequency Division Multiplexing (OFDM) -signal is divided into sub-frequency bands, each band is manipulated so they broadcast together so they don't interfere with each other
Frequency Division Multiple Access (FDMA) -analog -old cellular technology -divides band into sub-bands and assigns an analog conversation to each sub-band -replaced by GSM & CDMA
Time Division Multiple Access (TDMA) -multiplexes several digital calls (voice or data) at each sub-band by devoting a small time slice in a round-robin to each call in the band -2 sub-bands are required for each call 1 for each sender
Mobile Cellular Telephony
Code Division Multiple Access (CDMA) -spread spectrum cellular tech -runs like DSSS CDMA 2000 improves capability by 10 (153 Mbps) Wideband CDMA: this is 3G
Global Service for Mobile Communications (GSM) -most popular cell tech -divides frequency bands into simplex channels -users ID: Subscriber Identity Module, SIM card -phone talks to network, but network doesn't talk to phone, makes it easy to masquerade as another user
Wireless LANs Authentication is the 1st line of defense Open System Authentication -client is permitted to join if it's SSID matches the wireless network's Shared-Key Authentication -WEP, will talk about later
MAC Address Tables -Authenticates based on a MAC address -Easy to spoof, so its not very effective Service Set Identifier (SSID) Broadcasting -name of wireless LAN -wireless clients send probe asking for SSID response -router will beacon out the name at all times -Don't make your SSID "TOP SECRET SECRETS of Wells Fargo"
Placement -keep your wireless routers in central locations to keep the network radiation from getting outside the walls -don't keep it in a microwave
Encryption
Wired Equivalent Privacy (WEP) -uses a shared secret -before each packet is sent a CRC-32 checksum is appended to it, then both are encrypted using RC4 with the shared secret & initialization vector -its weak
WiFi Protected Access (WPA) -improved use of RC4 -uses Temporal Key Integrity Protocol (TKIP) so there is a new key for each packet -CRC-32 checksum was replaced with a message integrity check called Michael, it protects heady & data from tamper, also has a frame counter
WPA2 - IEEE 802.11i -RC4 is replaced with Advanced Encryption Standard (AES) -TKIP & Michael replaced with Counter Mode/CBC-Mac Protocol (CCMP) -Supports Extensible Authentication Protocol (EAP)
WiFi Variants 802.11b -1st version of WiFi -uses DSSS -2.4 GHz band 802.11a -won't work with 'b' -uses OPDM -5 GHz band
802.11g -works with 'b' 2.4 GHz Bluetooth 802.15.1 -uses FHSS on 2.4 GHz band -Blue Jacking: allows anonymous message to show on device -Buffer Overflow: remotely exploit bugs in software -Blue Bug Attack: uses AT commands on victims' phone to initiate calls and send messages
Address Resolution Protocol (ARP) -given a layer 3 address (IP), ARP determines the layer 2 address (MAC) -ARP tracks IP addresses and their MACs in a dynamic table called ARP cache
Point-to-Point Protocol (PPP) -used to connect a device to a network over a serial line -dial up -Password Authentication Protocol (PAP) - cleartext -Challenge Handshake Authentication Protocol (CHAP) - 3 way handshake -Uses EAP
Broadband Wireless IEEE 802.16 -WiMAX -doesn't work like cell towers -Metro Area Network (MAN) -channel sizes are flexable
Fiber -uses glass/plastic to transmit light Needs -light source -optics cable -light detector LEDS: cheap, less bandwidth, only good over short distances, use in LANS Diode Laser:expensive, great distances Wavelength Division Multiplexing (WDM) 32x capacity
Multimode Fiber:transmitted in different modes, cable is 50-100 microns thick light disperses too much when using medium/long cable runs Single Mode Fiber: 10 microns thick, light goes down the middle, long runs, great bandwidth, internet backbone
Network Access Control Devices Firewalls: -filters traffic based on set of rules -should always be on internet gateways, and in between trust domains Filtering: blocks or forwards packets -by source/destination address -by service, port number
Network Address Translation (NAT): firewalls can change the source addy of a packet on its way out Port Address Translation (PAT): translates all addresses to one routable IP addy & translate the source port number in the pack to a unique value Static Packet Filtering: hard line that cannot be temporarily changed to accept legit
Stateful Inspection/Dynamic Packet Filtering: stateful inspection examines each packet in the context of the session, FTP provides a good example Proxies: User talks to a proxy server, the proxy communicates with the untrusted host and gives that host's response back to the user Circuit Level Proxy: does not inspect any traffic it forwards
Application Level Proxy: -relays traffic from trusted endpoint running a specific application to an untrusted host -analyzes the traffic for manipulation/attacks -Example: Web Proxy - everyone's browser goes through it Personal Firewalls: for security in depth, workstation firewalls should be used in tandem with network firewalls
End-Point Security -update antivirus/antimalware -configured firewall -hardened configuration/no unneeded services -patched/updated OS -encrypt the entire disk -Remote Management -wipe -geolocate -update operation
Secure Communication Channels Virtual Private Network (VPN) -encrypted tunnel between 2 hosts/gateways IPSec Authentication & VPN Confidentiality IPSec:suite of protocols for communicating securely through IP
Authentication Header (AH): -used to prove id of sender and prove its not been tampered with -Hash value of packets contents, based on the shared secret, is inserted into the last field of the AH -each pack has a sequence number during the security association -ensures integraty no confidentiality
Encapsulating Security Payload (ESP): -encrypts IP and ensures integrity ESP Header: contains info showing which security association to use and the sequence number ESP Payload:contains the encrypted part of the packet, endpoints negotiate which encryption to use ESP Trailer:padding to align fields Authentication:if used it contains the hash of the ESP packet
Security Associations (SA) -defines the mechanisms that an endpoint will use to communicate with its partner -second SA is needed for 2-way communication
Transport Mode & Tunnel Mode IPSec will use one of these Transport Mode: IP payload is protected, client to server, end to end Tunnel Mode:IP payload & header are protected, the entire protected packet becomes a payload of new IP packet & heady -used between networks
Internet Key Exchange (IKE) -authentication component of IPSec -Two Phases
Phase 1: Partners authenticate with each other using one of the following: 1.Shared Secret:Key is exchanged by man 2.Public Key Encryption:Digital certs 3.Revised mode of Public Key Encryption: uses a nonce is encrypted with the partners public key
Phase 2: -Establishes a temporary security association, using the secure tunnel created at the end of Phase 1
High Assurance Internet Protocol Encryptor (HAIPE) -based on IPSec -possesses additional restrictions & enhancements -encrypts multicast data -requires manual loading of keys -military grade security
Tunneling
Point-to-Point Tunneling Protocol (PPTP) -VPN protocol that runs over other protocols -relies on Generic Routing Encapsulation (GRE) to build the tunnel -user authenticates with MSCHAPv2, then a Point-to-Point Ptcl (PPP) session creates a tunnel -vulnerable to password guessing -derives its encryption key from the users password
Layer 2 Tunnel Protocol (L2TP) -Hybrid of PPTP and Layer 2 Forwarding (L2F) -allows callers over a serial line using PPP to connect over the Internet to a remote network -no encryption of its own
TLS/SSL Secure Shell (SSH): -allows user to securely access resources on remote computers over an encrypted tunnel -remote log on, file transfer, command execution, port forwarding -strong authenticaiton
SOCKS: -popular circuit proxy server -client connects to SOCKS, then can act as a VPN SSL/TLS VPNs -remote users use a web browser to access applications -easy to deploy and set up access -no network-to-network tunnels
VLAN -not necessarily on the same physical media, but are part of the same logical routing subnet
Voice Modems & Public Switched Telephone Networks (PSTN) -PSTN is a circuit-switched network that was originally used for analog voice -uses hierarchical tree to route transmissions
War Dialing: dial a range of numbers to id modems, best defense is to shut off modems Plain Old Telephone Service (POTS): bi- directional analog voice, high reliability, low bandwidth Private Branch Exchange (PBX): enterprise class phone system used in business/large orgs -internal switching network -analog
VoIP: -replacing telephony networks -more configurable/more breakable -no geo-spatial coordinates with IPs so 911 will leave you to die Session Initiation Protocol (SIP) -manages multimedia connections
Multimedia Collaboration Peer to Peer Applications & Protocols -monitor p2p apps in your org -bandwidth consumption/security risks/legality -it opens uncontrolled channels through your network boundaries Remote Meeting Technology: -web based -usually browser extensions -desktop sharing/remote control -vendor backdoors
Instant Messaging (IM) 3 classes 1.Peer to peer networks 2.Brokered Communication 3.Server-oriented networks -All support 1 to 1 and many to many
Open Protocols, Applications, and Services Extensible Messaging and Presence Protocol (XMPP) & Jabber -Jabber is an open IM protocol -XMPP is the formalized name of Jabber -server based, so a server operator can eavesdrop
Internet Relay Chat (IRC) -good anonymity -no security -client/server based -IDs can be easily falsed -most have no confidentiality -IRC clients can execute scripts

Recommended

CISSP Week 5
CISSP Week 5CISSP Week 5
CISSP Week 5jemtallon
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
Virendra Thakur
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Ciscoguestd05b31
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
primeteacher32
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewall
vinayh.vaghamshi _
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
Chetan Kumar S
 

Recommended

CISSP Week 5
CISSP Week 5CISSP Week 5
CISSP Week 5jemtallon
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
Virendra Thakur
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Ciscoguestd05b31
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
primeteacher32
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewall
vinayh.vaghamshi _
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
Chetan Kumar S
 
Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilities
G Prachi
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
System ID Warehouse
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2githe26200
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About Firewall
Vishal Kumar
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
Nzava Luwawa
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repotKunal Thakur
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud Computing
Sripati Mahapatra
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
Mhmud Khraibene
 
Sniffing via dsniff
Sniffing via dsniffSniffing via dsniff
Sniffing via dsniffKshitij Tayal
 
Presentation on ccna
Presentation on ccnaPresentation on ccna
Presentation on ccna
HoneyKumar34
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kali
n|u - The Open Security Community
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers
Ravi Teja Reddy
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Cyber security tutorial1
Cyber security tutorial1Cyber security tutorial1
Cyber security tutorial1sweta dargad
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
sweta dargad
 
Firewall Essentials
Firewall EssentialsFirewall Essentials
Firewall Essentials
Sylvain Maret
 
Wireless router
Wireless routerWireless router
Wireless routerroza921
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
Tanmay 'Unsinkable'
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
Shivam Singh
 
CISSP Week 7
CISSP Week 7CISSP Week 7
CISSP Week 7
jemtallon
 
Cissp Week 24
Cissp Week 24Cissp Week 24
Cissp Week 24jemtallon
 

More Related Content

What's hot

Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilities
G Prachi
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
System ID Warehouse
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2githe26200
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About Firewall
Vishal Kumar
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
Nzava Luwawa
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repotKunal Thakur
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud Computing
Sripati Mahapatra
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
Mhmud Khraibene
 
Presentation on ccna
Presentation on ccnaPresentation on ccna
Presentation on ccna
HoneyKumar34
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kali
n|u - The Open Security Community
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers
Ravi Teja Reddy
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Cyber security tutorial1
Cyber security tutorial1Cyber security tutorial1
Cyber security tutorial1sweta dargad
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
sweta dargad
 
Firewall Essentials
Firewall EssentialsFirewall Essentials
Firewall Essentials
Sylvain Maret
 
Wireless router
Wireless routerWireless router
Wireless routerroza921
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
Tanmay 'Unsinkable'
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
Shivam Singh
 

What's hot (20)

Network protocols and vulnerabilities
Network protocols and vulnerabilitiesNetwork protocols and vulnerabilities
Network protocols and vulnerabilities
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About Firewall
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repot
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud Computing
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
 
Sniffing via dsniff
Sniffing via dsniffSniffing via dsniff
Sniffing via dsniff
 
Presentation on ccna
Presentation on ccnaPresentation on ccna
Presentation on ccna
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kali
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers
 
Wireless security
Wireless securityWireless security
Wireless security
 
Cyber security tutorial1
Cyber security tutorial1Cyber security tutorial1
Cyber security tutorial1
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
Firewall Essentials
Firewall EssentialsFirewall Essentials
Firewall Essentials
 
Wireless router
Wireless routerWireless router
Wireless router
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffers
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
 

Viewers also liked

CISSP Week 7
CISSP Week 7CISSP Week 7
CISSP Week 7
jemtallon
 
Cissp Week 24
Cissp Week 24Cissp Week 24
Cissp Week 24jemtallon
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18jemtallon
 
CISSP week 25
CISSP week 25CISSP week 25
CISSP week 25jemtallon
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2
infosecedu
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22jemtallon
 
Access Control - Week 4
Access Control - Week 4Access Control - Week 4
Access Control - Week 4jemtallon
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14jemtallon
 
Cissp Week 23
Cissp Week 23Cissp Week 23
Cissp Week 23jemtallon
 
CISSP week 26
CISSP week 26CISSP week 26
CISSP week 26jemtallon
 
access-control-week-3
access-control-week-3access-control-week-3
access-control-week-3jemtallon
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2jemtallon
 
CISSP Proposal
CISSP ProposalCISSP Proposal
CISSP Proposal
jemtallon
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20jemtallon
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16jemtallon
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13jemtallon
 
CISSP Week 9
CISSP Week 9CISSP Week 9
CISSP Week 9
jemtallon
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12jemtallon
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101
Amit Ranjan
 

Viewers also liked (19)

CISSP Week 7
CISSP Week 7CISSP Week 7
CISSP Week 7
 
Cissp Week 24
Cissp Week 24Cissp Week 24
Cissp Week 24
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18
 
CISSP week 25
CISSP week 25CISSP week 25
CISSP week 25
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2
 
CISSP Week 22
CISSP Week 22CISSP Week 22
CISSP Week 22
 
Access Control - Week 4
Access Control - Week 4Access Control - Week 4
Access Control - Week 4
 
CISSP Week 14
CISSP Week 14CISSP Week 14
CISSP Week 14
 
Cissp Week 23
Cissp Week 23Cissp Week 23
Cissp Week 23
 
CISSP week 26
CISSP week 26CISSP week 26
CISSP week 26
 
access-control-week-3
access-control-week-3access-control-week-3
access-control-week-3
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2
 
CISSP Proposal
CISSP ProposalCISSP Proposal
CISSP Proposal
 
CISSP Week 20
CISSP Week 20CISSP Week 20
CISSP Week 20
 
CISSP Week 16
CISSP Week 16CISSP Week 16
CISSP Week 16
 
CISSP Week 13
CISSP Week 13CISSP Week 13
CISSP Week 13
 
CISSP Week 9
CISSP Week 9CISSP Week 9
CISSP Week 9
 
CISSP Week 12
CISSP Week 12CISSP Week 12
CISSP Week 12
 
SlideShare 101
SlideShare 101SlideShare 101
SlideShare 101
 

Similar to CISSP Week 6

It infrastructure
It infrastructureIt infrastructure
It infrastructure
raptrovic
 
Chapter 3 networking and internetworking
Chapter 3 networking and internetworkingChapter 3 networking and internetworking
Chapter 3 networking and internetworkingAbDul ThaYyal
 
Networking Fundamentals
Networking FundamentalsNetworking Fundamentals
Networking Fundamentals
DURYODHAN MAHAPATRA
 
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptxNETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
SibenConor
 
LIS3353 SP12 Week 11
LIS3353 SP12 Week 11LIS3353 SP12 Week 11
LIS3353 SP12 Week 11Amanda Case
 
Computer Networking
Computer Networking Computer Networking
Computer Networking
Víñodh Alwal
 
Networking Brief Overview
Networking Brief OverviewNetworking Brief Overview
Networking Brief Overview
Kristof De Brouwer
 
Comm. & net. concepts
Comm. & net. conceptsComm. & net. concepts
Comm. & net. concepts
Ashwin Kumar
 
Basic networking in power point by suprabha
Basic networking in power point by suprabhaBasic networking in power point by suprabha
Basic networking in power point by suprabha
Suprabha Sahoo
 
wifi-technology
wifi-technology wifi-technology
wifi-technologytardeep
 
Networking fundamentals
Networking fundamentalsNetworking fundamentals
Networking fundamentalsBesar Limani
 
Rajesh basics of networking and routing
Rajesh basics of networking and routingRajesh basics of networking and routing
Rajesh basics of networking and routingr123027
 
Welcome to Computer Networks
Welcome to Computer NetworksWelcome to Computer Networks
Welcome to Computer Networksfarhan516
 
PPT Backbone And Networks
PPT Backbone And NetworksPPT Backbone And Networks
PPT Backbone And Networks
kishorekommu kommu
 
Networks
Networks Networks
Networks
pavishkumarsingh
 
Adhoc wireless networks and its issues
Adhoc wireless networks and its issuesAdhoc wireless networks and its issues
Adhoc wireless networks and its issues
Menaga Selvaraj
 
adhoc wireless networks and its issues.pdf
adhoc wireless networks and its issues.pdfadhoc wireless networks and its issues.pdf
adhoc wireless networks and its issues.pdf
paruvathavardhinij
 

Similar to CISSP Week 6 (20)

It infrastructure
It infrastructureIt infrastructure
It infrastructure
 
Chapter 3 networking and internetworking
Chapter 3 networking and internetworkingChapter 3 networking and internetworking
Chapter 3 networking and internetworking
 
Networking Fundamentals
Networking FundamentalsNetworking Fundamentals
Networking Fundamentals
 
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptxNETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
NETWORK INFRASTRUCTURE MANAGEMENT-mod1_1.pptx
 
LIS3353 SP12 Week 11
LIS3353 SP12 Week 11LIS3353 SP12 Week 11
LIS3353 SP12 Week 11
 
Computer Networking
Computer Networking Computer Networking
Computer Networking
 
Networking Brief Overview
Networking Brief OverviewNetworking Brief Overview
Networking Brief Overview
 
Comm. & net. concepts
Comm. & net. conceptsComm. & net. concepts
Comm. & net. concepts
 
Networking
NetworkingNetworking
Networking
 
Basic networking in power point by suprabha
Basic networking in power point by suprabhaBasic networking in power point by suprabha
Basic networking in power point by suprabha
 
wifi-technology
wifi-technology wifi-technology
wifi-technology
 
Networking fundamentals
Networking fundamentalsNetworking fundamentals
Networking fundamentals
 
Rajesh basics of networking and routing
Rajesh basics of networking and routingRajesh basics of networking and routing
Rajesh basics of networking and routing
 
Mod9
Mod9Mod9
Mod9
 
Networking
NetworkingNetworking
Networking
 
Welcome to Computer Networks
Welcome to Computer NetworksWelcome to Computer Networks
Welcome to Computer Networks
 
PPT Backbone And Networks
PPT Backbone And NetworksPPT Backbone And Networks
PPT Backbone And Networks
 
Networks
Networks Networks
Networks
 
Adhoc wireless networks and its issues
Adhoc wireless networks and its issuesAdhoc wireless networks and its issues
Adhoc wireless networks and its issues
 
adhoc wireless networks and its issues.pdf
adhoc wireless networks and its issues.pdfadhoc wireless networks and its issues.pdf
adhoc wireless networks and its issues.pdf
 

Recently uploaded

Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
Wasim Ak
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
Mohammed Sikander
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
kimdan468
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Group Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana BuscigliopptxGroup Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana Buscigliopptx
ArianaBusciglio
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
timhan337
 

Recently uploaded (20)

Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Normal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of LabourNormal Labour/ Stages of Labour/ Mechanism of Labour
Normal Labour/ Stages of Labour/ Mechanism of Labour
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Group Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana BuscigliopptxGroup Presentation 2 Economics.Ariana Buscigliopptx
Group Presentation 2 Economics.Ariana Buscigliopptx
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
 

CISSP Week 6

  • 2. Securing Network Components Deterministic Routing -traffic only travels on pre-determined routes Boundary Routers -advertise routes that external hosts can use to reach internal destinations -filters external traffic Design and Set up a perimeter! (IDS,FW,filtering)
  • 3. Network Partitioning -segment networks into domains of trust -control what is forwarded between segments Dual-Homed Host -has two NICS, each on a separate network Bastion Host -gateway between trusted & untrusted that gives limited, authorized access to untrusted hosts -data diode = simplex communication
  • 4. Demilitarized Zone (DMZ) -aka Screened Subnet -allows an org to give external host limited access to public resources, like a web server that contains the org's site, without giving access to the org's internal network
  • 5. Hardware Modems - analog Concentrators - multiplex connected devices into a signal signal Front-End Processors - purpose is to off-load from the host computer the work of managing the peripheral devices Multiplexers-elects one of several analog or digital input signals and forwards the selected input into a single line Concentrators vs. Multiplexers
  • 6. Hubs & Repeaters -Hubs used for star topology -All devices receive each other's broadcasts -All devices can read & modify others traffic -Repeaters repeat to help stop signal degradation
  • 7. Bridges -layer 2 device (Data link) -filters traffic between segments based on MAC addys -also amplifies signals for large networks -filters frames not destined for another segment
  • 8. Switches -only forwards frames to devices specified in the frame -forwards broadcasts to all
  • 9. Routers -forwards packets to other networks -the read the destination from layer 3 (IP addy) -based on it's view of the network it will determine the next device on the network to send the packet
  • 11. Wired Throughput:rate that the data will be transmitted Distance:how far in between devices, degrading signal Data Sensitivity:will someone try to tap this cable? Environment:bent cables, EMI, RMI, temp
  • 12. Twisted Pair -copper wires twisted together to reduce EMI -each wire is coated then surrounded by jacket -twists/in, type of insulation, conductive material Cat 1-6
  • 13. Unshielded Twisted Pair (UTP) -no shielding, duh -EMI and RMI will kill signal -easy to tap with radiation monitoring -cheap and common
  • 14. Shielded Twisted Pair (STP) -UTP except it has an electronically grounded shield inside the cable -expensive and bulky
  • 15. Coaxial Cable (Coax) -one thick conductor surrounded by a grounding braid of wire -great bandwidth and longer runs than TP -very well insulated -expensive and bulky
  • 16. Patch Panels -alternative to directly connecting devices -use patch cables to change connections easily -need to be neat
  • 17.
  • 19. Direct-Sequence Spread Spectrum (DSSS) -spreads a transmission over a large frequency band with small amplitude -wider band = less interference -sender & receiver communicate which frequencies are too cluttered to send data over
  • 20. Frequency-Hopping Spread Spectrum (FHSS) -spreads signal over rapidly changing frequencies -signals rapidly change among sub-frequencies in an order that is agreed upon between s&r -can interfere with DSSS -this rapid changing keeps interference minimized
  • 21. Orthogonal Frequency Division Multiplexing (OFDM) -signal is divided into sub-frequency bands, each band is manipulated so they broadcast together so they don't interfere with each other
  • 22. Frequency Division Multiple Access (FDMA) -analog -old cellular technology -divides band into sub-bands and assigns an analog conversation to each sub-band -replaced by GSM & CDMA
  • 23. Time Division Multiple Access (TDMA) -multiplexes several digital calls (voice or data) at each sub-band by devoting a small time slice in a round-robin to each call in the band -2 sub-bands are required for each call 1 for each sender
  • 25. Code Division Multiple Access (CDMA) -spread spectrum cellular tech -runs like DSSS CDMA 2000 improves capability by 10 (153 Mbps) Wideband CDMA: this is 3G
  • 26. Global Service for Mobile Communications (GSM) -most popular cell tech -divides frequency bands into simplex channels -users ID: Subscriber Identity Module, SIM card -phone talks to network, but network doesn't talk to phone, makes it easy to masquerade as another user
  • 27. Wireless LANs Authentication is the 1st line of defense Open System Authentication -client is permitted to join if it's SSID matches the wireless network's Shared-Key Authentication -WEP, will talk about later
  • 28. MAC Address Tables -Authenticates based on a MAC address -Easy to spoof, so its not very effective Service Set Identifier (SSID) Broadcasting -name of wireless LAN -wireless clients send probe asking for SSID response -router will beacon out the name at all times -Don't make your SSID "TOP SECRET SECRETS of Wells Fargo"
  • 29. Placement -keep your wireless routers in central locations to keep the network radiation from getting outside the walls -don't keep it in a microwave
  • 31. Wired Equivalent Privacy (WEP) -uses a shared secret -before each packet is sent a CRC-32 checksum is appended to it, then both are encrypted using RC4 with the shared secret & initialization vector -its weak
  • 32. WiFi Protected Access (WPA) -improved use of RC4 -uses Temporal Key Integrity Protocol (TKIP) so there is a new key for each packet -CRC-32 checksum was replaced with a message integrity check called Michael, it protects heady & data from tamper, also has a frame counter
  • 33. WPA2 - IEEE 802.11i -RC4 is replaced with Advanced Encryption Standard (AES) -TKIP & Michael replaced with Counter Mode/CBC-Mac Protocol (CCMP) -Supports Extensible Authentication Protocol (EAP)
  • 34. WiFi Variants 802.11b -1st version of WiFi -uses DSSS -2.4 GHz band 802.11a -won't work with 'b' -uses OPDM -5 GHz band
  • 35. 802.11g -works with 'b' 2.4 GHz Bluetooth 802.15.1 -uses FHSS on 2.4 GHz band -Blue Jacking: allows anonymous message to show on device -Buffer Overflow: remotely exploit bugs in software -Blue Bug Attack: uses AT commands on victims' phone to initiate calls and send messages
  • 36. Address Resolution Protocol (ARP) -given a layer 3 address (IP), ARP determines the layer 2 address (MAC) -ARP tracks IP addresses and their MACs in a dynamic table called ARP cache
  • 37. Point-to-Point Protocol (PPP) -used to connect a device to a network over a serial line -dial up -Password Authentication Protocol (PAP) - cleartext -Challenge Handshake Authentication Protocol (CHAP) - 3 way handshake -Uses EAP
  • 38. Broadband Wireless IEEE 802.16 -WiMAX -doesn't work like cell towers -Metro Area Network (MAN) -channel sizes are flexable
  • 39. Fiber -uses glass/plastic to transmit light Needs -light source -optics cable -light detector LEDS: cheap, less bandwidth, only good over short distances, use in LANS Diode Laser:expensive, great distances Wavelength Division Multiplexing (WDM) 32x capacity
  • 40. Multimode Fiber:transmitted in different modes, cable is 50-100 microns thick light disperses too much when using medium/long cable runs Single Mode Fiber: 10 microns thick, light goes down the middle, long runs, great bandwidth, internet backbone
  • 41.
  • 42. Network Access Control Devices Firewalls: -filters traffic based on set of rules -should always be on internet gateways, and in between trust domains Filtering: blocks or forwards packets -by source/destination address -by service, port number
  • 43. Network Address Translation (NAT): firewalls can change the source addy of a packet on its way out Port Address Translation (PAT): translates all addresses to one routable IP addy & translate the source port number in the pack to a unique value Static Packet Filtering: hard line that cannot be temporarily changed to accept legit
  • 44. Stateful Inspection/Dynamic Packet Filtering: stateful inspection examines each packet in the context of the session, FTP provides a good example Proxies: User talks to a proxy server, the proxy communicates with the untrusted host and gives that host's response back to the user Circuit Level Proxy: does not inspect any traffic it forwards
  • 45. Application Level Proxy: -relays traffic from trusted endpoint running a specific application to an untrusted host -analyzes the traffic for manipulation/attacks -Example: Web Proxy - everyone's browser goes through it Personal Firewalls: for security in depth, workstation firewalls should be used in tandem with network firewalls
  • 46. End-Point Security -update antivirus/antimalware -configured firewall -hardened configuration/no unneeded services -patched/updated OS -encrypt the entire disk -Remote Management -wipe -geolocate -update operation
  • 47. Secure Communication Channels Virtual Private Network (VPN) -encrypted tunnel between 2 hosts/gateways IPSec Authentication & VPN Confidentiality IPSec:suite of protocols for communicating securely through IP
  • 48. Authentication Header (AH): -used to prove id of sender and prove its not been tampered with -Hash value of packets contents, based on the shared secret, is inserted into the last field of the AH -each pack has a sequence number during the security association -ensures integraty no confidentiality
  • 49. Encapsulating Security Payload (ESP): -encrypts IP and ensures integrity ESP Header: contains info showing which security association to use and the sequence number ESP Payload:contains the encrypted part of the packet, endpoints negotiate which encryption to use ESP Trailer:padding to align fields Authentication:if used it contains the hash of the ESP packet
  • 50. Security Associations (SA) -defines the mechanisms that an endpoint will use to communicate with its partner -second SA is needed for 2-way communication
  • 51. Transport Mode & Tunnel Mode IPSec will use one of these Transport Mode: IP payload is protected, client to server, end to end Tunnel Mode:IP payload & header are protected, the entire protected packet becomes a payload of new IP packet & heady -used between networks
  • 52. Internet Key Exchange (IKE) -authentication component of IPSec -Two Phases
  • 53. Phase 1: Partners authenticate with each other using one of the following: 1.Shared Secret:Key is exchanged by man 2.Public Key Encryption:Digital certs 3.Revised mode of Public Key Encryption: uses a nonce is encrypted with the partners public key
  • 54. Phase 2: -Establishes a temporary security association, using the secure tunnel created at the end of Phase 1
  • 55. High Assurance Internet Protocol Encryptor (HAIPE) -based on IPSec -possesses additional restrictions & enhancements -encrypts multicast data -requires manual loading of keys -military grade security
  • 57. Point-to-Point Tunneling Protocol (PPTP) -VPN protocol that runs over other protocols -relies on Generic Routing Encapsulation (GRE) to build the tunnel -user authenticates with MSCHAPv2, then a Point-to-Point Ptcl (PPP) session creates a tunnel -vulnerable to password guessing -derives its encryption key from the users password
  • 58. Layer 2 Tunnel Protocol (L2TP) -Hybrid of PPTP and Layer 2 Forwarding (L2F) -allows callers over a serial line using PPP to connect over the Internet to a remote network -no encryption of its own
  • 59. TLS/SSL Secure Shell (SSH): -allows user to securely access resources on remote computers over an encrypted tunnel -remote log on, file transfer, command execution, port forwarding -strong authenticaiton
  • 60. SOCKS: -popular circuit proxy server -client connects to SOCKS, then can act as a VPN SSL/TLS VPNs -remote users use a web browser to access applications -easy to deploy and set up access -no network-to-network tunnels
  • 61. VLAN -not necessarily on the same physical media, but are part of the same logical routing subnet
  • 62. Voice Modems & Public Switched Telephone Networks (PSTN) -PSTN is a circuit-switched network that was originally used for analog voice -uses hierarchical tree to route transmissions
  • 63. War Dialing: dial a range of numbers to id modems, best defense is to shut off modems Plain Old Telephone Service (POTS): bi- directional analog voice, high reliability, low bandwidth Private Branch Exchange (PBX): enterprise class phone system used in business/large orgs -internal switching network -analog
  • 64. VoIP: -replacing telephony networks -more configurable/more breakable -no geo-spatial coordinates with IPs so 911 will leave you to die Session Initiation Protocol (SIP) -manages multimedia connections
  • 65. Multimedia Collaboration Peer to Peer Applications & Protocols -monitor p2p apps in your org -bandwidth consumption/security risks/legality -it opens uncontrolled channels through your network boundaries Remote Meeting Technology: -web based -usually browser extensions -desktop sharing/remote control -vendor backdoors
  • 66. Instant Messaging (IM) 3 classes 1.Peer to peer networks 2.Brokered Communication 3.Server-oriented networks -All support 1 to 1 and many to many
  • 67. Open Protocols, Applications, and Services Extensible Messaging and Presence Protocol (XMPP) & Jabber -Jabber is an open IM protocol -XMPP is the formalized name of Jabber -server based, so a server operator can eavesdrop
  • 68. Internet Relay Chat (IRC) -good anonymity -no security -client/server based -IDs can be easily falsed -most have no confidentiality -IRC clients can execute scripts