Week 3 and Week 11 Discussions
Chapter 12 Secure Communications and Network Attacks
Network and Protocol Security Mechanisms
Secure Communications Protocols
Authentication Protocols
overview
Secure Communications Protocols
IPSec
Kerberos
Secure Shell (SSH)
Signal Protocol
Secure Remote Procedure Call (S-RPC)
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Authentication Protocols
Challenge Handshake Authentication Protocol (CHAP)
Password Authentication Protocol (PAP)
Extensible Authentication Protocol (EAP)
Secure Voice Communications
Voice over Internet Protocol (VoIP)
Weaknesses and attacks
Secure Real-Time Transport Protocol (SRTP)
Social Engineering
In person, over the phone, e-mail, IM, social networks
PBX Fraud and Abuse
Direct Inward System Access (DISA)
Phreakers
Black box, Red box, Blue box, White box (DTMF)
Multimedia Collaboration
Remote Meeting
Instant Messaging
Manage Email Security
Email Security Goals
Understand Email Security Issues
Email Security Solutions
overview
Email Security Goals
SMTP, POP, IMAP
Open relay, closed relay, authenticated relay
Nonrepudiation
Restrict access
Integrity
Verify delivery
Confidentiality
Understand Email Security Issues
Lack of encryption
Delivery vehicle for malware
Lack of source verification
Flooding
Attachments
Email Security Solutions
Secure Multipurpose Internet Mail Extensions (S/MIME)
MIME Object Security Services (MOSS)
Privacy Enhanced Mail (PEM)
DomainKeys Identified Mail (DKIM)
Pretty Good Privacy (PGP)
Opportunistic TLS for SMTP Gateways
Sender Policy Framework (SPF)
Reputation filtering
Remote Access Security Management
Remote Access and Telecommuting Techniques
Plan Remote Access Security
Dial-Up Protocols
Centralized Remote Authentication Services
overview
Remote Access and Telecommuting Techniques
Service specific
Remote control
Screen scraper/scraping
Remote node operation
Plan Remote Access Security
POTS/PTSN, VoIP, VPN
Authentication, remote access justification, encrypted for confidentiality
Monitor for abuses
Remote connectivity technology
Transmission protection
Authentication protection
Remote user assistance
Dial-Up Protocols
Point-to-Point Protocol (PPP)
Serial Line Internet Protocol (SLIP)
Centralized Remote Authentication Services
Remote Authentication Dial-In User Service (RADIUS)
Terminal Access Controller Access-Control System (TACACS+)
TACACS, XTACACS
Virtual Private Network
Tunneling
How VPNs Work
Common VPN Protocols
PPTP, L2F, LT2P, IPSec
SSH, TLS
Virtual LAN
Virtualization
Hypervisors
VM escaping
Virtual Software
Virtual applications
Virtual desktop
Virtual Networking
Software Defined Network (SDN)
Network virtualization
Virtual SAN
Network Address Translation
Private IP Addresses (RFC 1918)
10.255.255.255 (a full Class A range)
172.16.0.0–172.31.255.255 (16 Class B ranges)
192.168.0.0–192.168.255.255 (256 Class C ranges)
Stateful NAT
Port Address Translation (PAT)
Static and Dynamic NAT
Automatic Private IP Addressing (APIPA)
169.254.x.y
Loopback Address
Switching Technologies
Circuit Switching Packet Switching
Constant traffic Bursty traffic
Fixed known delays Variable delays
Connection oriented Connectionless
Sensitive to Sensitive to connection loss data loss
Used primarily for voice Used for any type of traffic
Virtual Circuits
PVCs and SVCs
WAN Technologies 1/2
WAN Connection Technologies 1/2
Dedicated vs. Nondedicated
DS-0, DS-1, DS-3, T1, T3
ISDN
BRI vs. PRI
Channel Service Unit/Data Service Unit (CSU/DSU)
Data Terminal Equipment/Data Circuit-Terminating Equipment (DTE/DCE)
X.25
WAN Technologies 2/2
WAN Connection Technologies 2/2
Frame Relay
Committed Information Rate (CIR)
ATM
Switched Multimegabit Data Service (SMDS)
Synchronous Digital Hierarchy (SDH)
Synchronous Optical Network (SONET)
SDLC, HDLC
Miscellaneous Security Control Characteristics
Transparency
Verify Integrity
Transmission Mechanisms
Logging
Error correction
Security Boundaries
Areas of different security requirements
Classifications
Physical vs. logical
Should be clearly defined
Prevent or Mitigate Network Attacks
DoS and DDoS
Eavesdropping
Impersonation/masquerading
Replay attacks
Modification attacks
Address resolution protocol spoofing
DNS poisoning, spoofing, and hijacking
Hyperlink spoofing
Conclusion
Read the Exam Essentials
Review the chapter
Perform the Written Labs
Answer the Review Questions