Jump to content

Security+ Certification/Network Infrastructure

From Wikibooks, open books for an open world

< Security+ Certification

This page may need to be reviewed for quality.

2.1 Differentiate between the different port & protocols, their respective threats and mitigation techniques

[edit | edit source]

Antiquated protocols
TCP/IP hijacking
Null sessions
Spoofing
Man-in-the-middle
Replay

DoS (Denial of Service)
DDoS (Distributed DoS)
Domain Name Kiting
DNS poisioning
ARP poisioning

2.2 Distinguish between network design elements and components

[edit | edit source]

DMZ
VLAN
NAT
Network interconnections

NAC
Subnetting
Telephony

2.3 Determine the appropriate use of network security tools to facilitate network security

[edit | edit source]

NIDS (Network Based Intrusion Detection System)
NIPS (Network Based Intrusion Prevention System)
Firewalls
Proxy servers

Honeypot
Internet content filters
Protocol analyzers

2.4 Apply the appropriate network tools to facilitate network security

[edit | edit source]

NIDS
Firewals
Proxy servers
Internet content filters
Protocol analyzers

2.5 Explain the vulnerabilities and mitigations associated with network devices

[edit | edit source]

Privelege escalation
Weak passwords
Back doors
Default accounts
DOS

2.6 Explain the vulnerabilities and mitigations associated with various transmission media

[edit | edit source]

Vampire taps

2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking

[edit | edit source]

Data emanation
War driving
SSID broadcast
Blue jacking

Bluesnarfing
Rogue access points
Weak encryption

Retrieved from "https://en.wikibooks.org/wiki/Security%2B_Certification/Network_Infrastructure"

Book:Security+ Certification