Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Study Guide (SY0-401)

Published byLouise Clarke Modified over 6 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Study Guide (SY0-401)"— Presentation transcript:

1 CompTIA Security+ Study Guide (SY0-401)
Chapter 3: Understanding Devices and Infrastructure

2 Chapter 3: Understanding Devices and Infrastructure
Implement security configuration parameters on network devices and other technologies Explain network design elements and components Given a scenario, implement common protocols and services Analyze a scenario and select the appropriate type of mitigation and deterrent techniques

3 Mastering TCP/IP Working with the TCP/IP Suite:
The TCP/IP suite is broken into four architectural layers: Application Layer Host-to-Host or Transport Layer Internet Layer Network Assess layer (also known as the Network Interface layer or the Link layer)

4 Chapter 3: Understanding Devices and Infrastructure
Host Any device connected to the network that runs a TCP/IP protocol suite, or stack

5 The Application Layer Application Layer
Highest layer of suite. It allows applications to access services or protocols to exchange data. Commonly Used Application Protocol Layers: Hypertext Transfer Protocol (HTTP) HTTP Secure File Transfer Protocol (FTP) Simple Mail Transfer Protocol (SMTP) Telnet Domain Name System Routing Information Protocol Simple Network Management Protocol Post Office Protocol

6 Host-to-Host or Transport Layer
Host-to-Host Layer Also called the Transport layer, provides the Application layer with session and datagram communications services The Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) operate at this layer TCP is responsible for providing a reliable, one-on-one, connection-oriented session UDP provides an unreliable connectionless communication method between hosts

7 Internet Layer and Four Standard Protocols
Responsible for routing, IP addresses, and packaging There are four standard protocols for the Internet layer: Internet Protocol (IP) Address Resolution Protocol (ARP) Internet Control Message Protocol (ICMP) Internet Group Management Protocol (IGMP)

8 Network Access Layer Lowest level of TCP/IP suite
Responsible for placing and removing packets on the physical network through communications with the network adapters in the host.

9 Encapsulation Encapsulation Ports
Allows a transport protocol to be sent across the network and utilized by the equivalent service or protocol at the receiving host. Ports Special addresses that allow that allow communication between hosts TCP ports UDP ports

10 Chapter 3: Understanding Devices and Infrastructure
TCP Three-Way Handshake A connection-oriented protocol and establishes a connection using a three-way handshake. Initial Sequence Number (ISN) Application Programming Interface (API) APIs allow programmers to create interfaces to the protocol.

11 Designing a Secure Network
The Security Topology of your network defines the network design and implementation from a security perspective Security Topology covers four primary areas: Design Goals Security Zones Technologies Business Requirements

12 Creating Security Zones
Describes design methods that isolate systems from other systems or networks Four common security zones: Internet Intranet Extranet Demilitarized zone (DMZ)

13 Chapter 3: Understanding Devices and Infrastructure
Beyond DMZs, the technologies this section will focus on are: Subnetting Virtual Local Area Networks (VLANs) Remote access Network Address Translation (NAT) Telephony Network Access Control (NACs)

14 Understanding the Various Infrastructure Devices
is the basis for all the work occurring in your organization. Infrastructure security deals with the most basic aspect of how information flows and how work occurs in your network and systems.

15 Chapter 3: Understanding Devices and Infrastructure
Hardware Components Software Components Firewalls Packet filter Proxy firewall Stateful inspection firewall

16 Chapter 3: Understanding Devices and Infrastructure
Routers Switches Load Balancers Proxies Web Security Gateway VPNS and VPN Concentrators Intrusion Detection Systems Network-based and Host-based

17 Intrusion Detection Systems
An intrusion detection system (IDS) is software that runs on either individual workstations or network devices to monitor and track network activity. Intrusion detection systems (IDSs) are becoming integral parts of network monitoring. Intrusion detection (ID) is the process of monitoring events in a system or network to determine if an intrusion is occurring An intrusion is defined as any activity or action that attempts to undermine or compromise the confidentiality, integrity, or availability of resources.

18 Key Terms Activity Administrator Alert Analyzer Data Source Event
Manager Notification Operator Sensor A sensor is the IDS component that collects data from the data source and passes it to the analyzer for analysis.

19 Chapter 3: Protecting Networks
IDSs use four primary approaches: Behavior-Based-Detection IDS Signature-Based-Detection IDS (also commonly known as misuse-detection IDS (MD-IDS) Anomaly-Detection IDS Heuristic IDS

20 Implementing a Passive Response
Passive response : is the most common type of response to many intrusions. In general, passive responses are the easiest to develop and implement. Some Passive Response Strategies: Logging Notification Shunning

21 Implementing an Active Response
involves taking an action based on an attack or threat. An active response will include one of these reactions: Terminating Processes or Sessions Network Configuration Changes Deception

22 Host-Based IDs A host-based IDS (HIDS) is designed to run as software on a host computer system. HIDSs are popular on servers that use encrypted channels or channels to other servers.

23 Chapter 3: Protecting Networks
Network Intrusion Prevention Systems (NIPSs) focus on prevention. These systems focus on signature matches and then take a course of action.

24 Unified Threat Management
URL Filters Content Inspection Malware Inspection Web Application Firewall vs. Network Firewall Application-Aware Devices

Download ppt "CompTIA Security+ Study Guide (SY0-401)"

Similar presentations

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
CCNA 1 v3.1 Module 11 Review.

CCNA 1 v3.1 Module 11 Review.
Networking Theory (part 2). Internet Architecture The Internet is a worldwide collection of smaller networks that share a common suite of communication.

Networking Theory (part 2). Internet Architecture The Internet is a worldwide collection of smaller networks that share a common suite of communication.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
OIS Model TCP/IP Model.

OIS Model TCP/IP Model.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
Network Fundamentals Chapter 9.

Network Fundamentals Chapter 9.
Process-to-Process Delivery:

Process-to-Process Delivery:
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.

Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.
Lesson 24. Protocols and the OSI Model. Objectives At the end of this Presentation, you will be able to:

Lesson 24. Protocols and the OSI Model. Objectives At the end of this Presentation, you will be able to:
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
Chapter 9.

Chapter 9.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering

Similar presentations

Ads by Google