Securing the basic LAN Course

Syllabus

Data protection

Video - 00:09:00

Data are not all the same. Whether data are at rest, in use, or in transit will affect how you can best secure it.

Cryptographic methods

Video - 00:07:00

This episode introduces various methods used to protect the critical keys in cryptography that keep communication secure.

Symmetric cryptosystems

Video - 00:13:00

In this episode, Mike describes encrypting and decrypting data with the same key. He also covers how symmetric algorithms can either be block or streaming and use various types of ciphers depending on which one is used.

Symmetric block modes

Video - 00:08:00

Symmetric block algorithms have limitations depending on which kind of cipher is used. This episode explores the different block modes.

Asymmetric cryptosystems

Video - 00:13:00

In this episode, Mike describes encrypting and decrypting data with different keys and the magic that happens when key pairs are generated.

Understanding digital certificates

Video - 00:08:00

Digital certificates are used in many different places to verify the identity of a public key owner. They can also include verification from third parties for an added layer of security.

Trust models

Video - 00:05:00

Web of trust is a mostly outdated method of proving identities, however it is helpful to understand as the predecessor of public key infrastructure (PKI) which is widely used today.

Public key infrastructure

Video - 00:03:00

In this episode, Mike discusses public key infrastructure (PKI), used to enable commerce and other secure activities over the Internet.

Certificate types

Video - 00:14:00

Mike reviews different types of certificates including Web, e-mail, code-signing, machine/computer, and user.

Touring certificates

Video - 00:08:00

Mike tours various certificates in this episode.

Network architecture planning

Video - 00:04:00

In this episode you will learn about network architecture planning.

The OSI model

Video - 00:13:00

Is there a standard model for describing and mapping network hardware and software? Yes, the 7-layer conceptual OSI model! Understanding network security and selecting the appropriate security solutions requires a solid understanding of the OSI model. 

ARP cache poisoning

Video - 00:09:00

ARP is used to resolve an IP address to a 48-bit hexadecimal hardware MAC address. Attackers with network access can fraudulently send ARP updates to hosts in order to force network traffic through the attacker station. 

Other Layer 2 attacks

Video - 00:05:00

Layer 2 of the OSI model (Data Link layer) accessing network media and addressing using MAC addresses. MAC address flooding attacks and broadcast storms can be mitigated with network switches configuring with BPDU and STP. 

Network planning

Video - 00:07:00

Which security considerations are important when planning your network design? IP addressing and network segmentation using screened subnets can be used for hosting public servers. VLANs can improve network performance and provide network isolation for security purposes. 

Zero trust network access (ZTNA) 2.0

Video - 00:10:00

in this episode you will learn about zero trust network access (ZTNA) 2.0.

Load balancing

Video - 00:06:00

Active/active and active/passive load balancing can efficiently route client application requests to backend servers. Load balancing improves application performance and resiliency to a single application server failure. 

Securing network access

Video - 00:06:00

Securing networks restricts access to the network while securing services on the network. 802.1x network edge devices can limit network access. Rogue DHCP servers can be mitigated with DHCP snooping configurations. Secure remote server management is possible using a jump box/bastion host which has both public and private network connections. 

Honeypots

Video - 00:06:00

How can malicious attacker and malware activity be monitored without allowing the compromise of production systems? Honeypots are fake decoy systems designed to attract malicious activity for the purpose of logging and tracing activity. 

Static and dynamic code analysis

Video - 00:05:00

In this episode you will learn about static and dynamic code analysis.

Firewalls

Video - 00:11:00

Packet filtering firewalls apply to layer 4 (Transport layer) of the OSI model and examine only packet headers to allow or deny network traffic. Content filtering firewalls apply to OSI layer 7 (Application layer) and can examine packet headers as well as content to allow or deny traffic. A Web application firewall (WAF) protected Web apps from common Web application attacks. 

Proxy servers

Video - 00:06:00

Forward proxies sit between internal user devices and the Internet and fetch Internet content on behalf of internal users. Reverse proxies map public network service IPs to private IPs; they route client requests for a network service to the backend server private IP. 

Web filtering

Video - 00:05:00

In this episode you will learn about web filtering.

Network and port address translation

Video - 00:07:00

Network address translation (NAT) maps external public IPs to internal private IPs to protect the true identity of servers. Port address translation (PAT) allows multiple internal network clients with private IPs to access the Internet using a single public IP assigned the NAT device public interface. 

IP security (IPsec)

Video - 00:09:00

The IPsec network security protocol suite can be used to secure any type of network traffic through integrity, authentication and encryption. Many VPNs use IPsec to establish an encrypted network tunnel. 

SD-WAN and SASE

Video - 00:03:00

In this episode you will learn about SD-WAN and SASE.

Virtual private networks (VPNs)

Video - 00:10:00

VPNs provide an encrypted network tunnel over the Internet to provide secure access to a remote network. Client-to-site VPNs allow individual device access where site-to-site VPNs can securely link branch offices over the Internet or securely link an on-premises network to the cloud through a L2TP or TLS VPN. 

Intrusion detection and prevention systems (IDS/IPS)

Video - 00:13:00

Intrusion detection can detect, log, report, and send alerts when suspicious activity is detected on a host or on the network, whereas intrusion prevention can be configured to stop the suspicious activity. Anomaly detection can be signature-based or heuristic/behavior-based. Unified threat management (UTM) solutions combine firewall, IDS, IPS, and other security functions. 

Chapter 7 exam question review

Video - 00:04:00

Address Resolution Protocol (ARP) is used by the TCP/IP protocol suite. This episode discussed ARP poisonning attacks and potential mitigations.

Chapter 7 Ask Me Anything (AMA)

Video - 00:01:00

Secure Sockets Layer (SSL) has long been used to secure network communication on LANs and WANs. This episode discusses how Transport Layer Security (TLS) supersedes SSL in addition to continued backwards-compatibility support that remains for SSL.

Linux Snort IDS lab

Video - 00:07:00

An Intrusion Detection System, or IDS, is designed to detect suspicious network or host activity and then log or notify the incident. In this episode, the Snort IDS is configured and tested in Linux.