The basic LAN

Is there a standard model for describing and mapping network hardware and software? Yes, the 7-layer conceptual OSI model! Understanding network security and selecting the appropriate security solutions requires a solid understanding of the OSI model.

ARP is used to resolve an IP address to a 48-bit hexadecimal hardware MAC address. Attackers with network access can fraudulently send ARP updates to hosts in order to force network traffic through the attacker station.

Layer 2 of the OSI model (Data Link layer) accessing network media and addressing using MAC addresses. MAC address flooding attacks and broadcast storms can be mitigated with network switches configuring with BPDU and STP.

Which security considerations are important when planning your network design? IP addressing and network segmentation using screened subnets can be used for hosting public servers. VLANs can improve network performance and provide network isolation for se

Active/active and active/passive load balancing can efficiently route client application requests to backend servers. Load balancing improves application performance and resiliency to a single application server failure.

Securing networks restricts access to the network while securing services on the network. 802.1x network edge devices can limit network access. Rogue DHCP servers can be mitigated with DHCP snooping configurations. Secure remote server management is possi

How can malicious attacker and malware activity be monitored without allowing the compromise of production systems? Honeypots are fake decoy systems designed to attract malicious activity for the purpose of logging and tracing activity.

Packet filtering firewalls apply to layer 4 (Transport layer) of the OSI model and examine only packet headers to allow or deny network traffic. Content filtering firewalls apply to OSI layer 7 (Application layer) and can examine packet headers as well as

Forward proxies sit between internal user devices and the Internet and fetch Internet content on behalf of internal users. Reverse proxies map public network service IPs to private IPs; they route client requests for a network service to the backend serve

Network address translation (NAT) maps external public IPs to internal private IPs to protect the true identity of servers. Port address translation (PAT) allows multiple internal network clients with private IPs to access the Internet using a single publ

The IPsec network security protocol suite can be used to secure any type of network traffic through integrity, authentication and encryption. Many VPNs use IPsec to establish an encrypted network tunnel.

VPNs provide an encrypted network tunnel over the Internet to provide secure access to a remote network. Client-to-site VPNs allow individual device access where site-to-site VPNs can securely link branch offices over the Internet or securely link an on-p

Intrusion detection can detect, log, report, and send alerts when suspicious activity is detected on a host or on the network, whereas intrusion prevention can be configured to stop the suspicious activity. Anomaly detection can be signature-based or heur

Address Resolution Protocol (ARP) is used by the TCP/IP protocol suite. This episode discussed ARP poisoning attacks and potential mitigations.

An Intrusion Detection System (IDS) is designed to detect suspicious network or host activity and then log or notify the incident. In this episode, the Snort IDS is configured and tested in Linux.

Secure Sockets Layer (SSL) has long been used to secure network communication on LANs and WANs. This episode discusses how Transport Layer Security (TLS) supersedes SSL in addition to continued backwards-compatibility support that remains for SSL.