search

Live virtual machine lab 9.2: module 09 enterprise network security configuration concepts

1 Jahrs vor
Kommentare: 0
Ansichten: 158

The Domain Name System, commonly known as DNS, is often referred to as the "phone book" of the Internet. Every time we access the Internet to visit our favorite websites, shop and pay bills online, or access online portals for healthcare or banking, we depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly powerful and useful, it also presents a rich attack surface for threat actors: allowing them to shut down websites and online services, replace legitimate website content with threats and extortion attempts, or even route traffic to a carbon copy of a legitimate website to steal any information entered by users intending to conduct business as usual. "Understanding DNS Attacks" provides key information you need to know to protect yourself and your organization from DNS infrastructure tampering including common vulnerabilities, how to identify a potential attack, and guidance and best practices to mitigate the likelihood and impact of a successful DNS attack.

Show

Table of Contents Show

  • Domain 1.0 Threats, Attacks and Vulnerabilities
  • Domain 2.0 Technologies and Tools
  • Domain 3.0 Architecture and Design
  • Domain 4.0 Identity and Access Management
  • Domain 5.0 Risk Management
  • Domain 6.0 Cryptography and PKI

This webinar is accessible to non-technical learners including managers and business leaders, and offers an organizational perspective useful to technical specialists.

Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from DNS infrastructure attacks through awareness of common attack schemes, best practices, CISA guidance, and resources.

  • Define DNS Tampering and explain common attack methods
  • Identify signs of a DNS attack
  • Learn mitigation steps for DNS attacks
  • Understand the process to recover from a DNS attack
  • Explore impacts of DNS attacks through case studies

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork RolesAnalyzeAll-Source AnalysisMission Assessment SpecialistCollect and OperateCollection OperationsAll-Source Collection Manager, All-Source Collection Requirements ManagerOperate and MaintainCustomer Service and Technical SupportTechnical Support SpecialistOperate and MaintainData AdministrationData analyst, database administratorOperate and MaintainKnowledge ManagementKnowledge ManagerOperate and MaintainNetwork ServicesNetwork Operation SpecialistOperate and MaintainSystems AdministrationSystem AdministratorOversee and GovernCybersecurity ManagementCommunications security manager; information systems security managerOversee and GovernProgram Management and AcquisitionIT investment manager, IT program auditor, IT project manager, product support manager, program managerOversee and GovernStrategic Planning and PolicyCyber policy and strategy planner; cyber workforce developer and managerOversee and GovernTraining, Education, and AwarenessCyber Instructional Curriculum DeveloperProtect and DefendCyber Defense Infrastructure SupportCyber Defense Infrastructure Support SpecialistProtect and DefendIncident ResponseCyber Defense Incident ResponderProtect and DefendVulnerability Assessment and ManagementVulnerability Assessment AnalystSecurely ProvisionRisk ManagementAuthorizing official; security control assessorSecurely ProvisionSystems ArchitectureEnterprise Architect, Security ArchitectSecurely ProvisionSystems Requirements PlanningSystems Requirements PlannerSecurely ProvisionTest and EvaluationSystem Testing and Evaluation Specialist

Lesson 1: Explaining the OSI and TCP/IP Models

Lesson 2: Explaining Properties of Network Traffic

Lesson 3: Installing and Configuring Switched Networks

Lesson 4: Configuring IP Networks

Lesson 4: Configuring IP Networks

Lesson 5: Installing and Configuring Routed Networks

Lesson 6: Configuring and Monitoring Ports and Protocols

Lesson 7: Explaining Network Application and Storage Services

Lesson 8: Monitoring and Troubleshooting Networks

Lesson 9: Explaining Networking Attacks and Mitigations

Lesson 10: Installing and Configuring Security Devices

Lesson 11: Explaining Authentication and Access Controls

Lesson 12: Deploying and Troubleshooting Cabling Solutions

Lesson 13: Implementing and Troubleshooting Wireless Technologies

Lesson 14: Comparing and Contrasting WAN Technologies

Lesson 15: Using Remote Access Methods

Remedial Review of lessons covered.

Remedial Review of lessons

Remedial Review of lessons covered.

Remedial Review of lessons covered.

The Security+ course is five (5) weeks long with 45 hours of Live Instructor led course and hands-on Instructor led Labs plus and Q and A sessions. The course is led by knowledgeable Instructors and include the online course of instruction, eBook and Hard cover book, Instructor led Labs as well as Instructor/SME led question and answer sessions.

Domain 1.0 Threats, Attacks and Vulnerabilities

1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.
1.2 Compare and contrast types of attacks1.2.1 Social Engineering1.2.2 Application / Service attacks1.2.3 Cryptographic attacks1.2.4 Hijacking1.2.5 Network / Wireless attacks

1.3 Explain threat actor types and attributes

1.3.1 Types of actors1.3.2 Attributes of actors

1.4 Explain penetration testing concepts

1.4.1 Penetration testing process1.4.1.1 Reconnaissance1.4.1.2 Initial exploitation1.4.1.3 Persistence1.4.1.4 Pivot1.4.1.5 Escalation of privilege1.4.2 Penetration testing vs. Vulnerability scanning1.4.3 Black box vs. Gray box vs. White box

1.5 Explain vulnerability scanning concepts

1.5.1 Identifying1.5.1.1 Vulnerability / Unpatched system or application1.5.1.2 Lack of security controls1.5.1.3 common misconfigurations1.5.2 Intrusive vs. non-intrusive1.5.3 Credentialed vs. non-credentialed

1.6 Explain the impact associated with types of vulnerabilities

1.6.1 Configuration issues1.6.2 Access control1.6.3 Cryptography, certificate and key management1.6.4 Application vulnerabilities

1.6.5 Application input handling

Domain 2.0 Technologies and Tools

2.1 Install and configure network components, both hardware and software-based, to support
organizational security2.1.1 Network equipment: Router, Switch, Bridge, Load Balancer, Proxy2.1.2 Gateways: Email, Media2.1.3 Access Points2.1.4 Firewall2.1.5 NAC2.1.6 VPN / SSL/TLS accelerators & decryptors2.1.7 NIPS/ NIDS2.1.8 DLP2.1.9 SIEM

2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization

2.2.1 Network scanners2.2.2 Protocol analyzer2.2.3 Wireless scanners / crackers2.2.4 Exploitation frameworks2.2.5 Passive vs Active2.2.6 Scanners: Vulnerability, Configuration compliance and inventory2.2.7 Password crackers2.2.8 Backup Utilities2.2.9 Honeypot / Honeynet2.2.10 Steganography2.2.11 Command line tools: Unix/Linux and Windows

2.3 Given a scenario, troubleshoot common security issues

2.3.1 Personnel2.3.2 Asset Management / Misconfigured devices2.3.3 Identity, Access, Authentication, Authorization and Audit (IAAAA)2.3.4 Encryption

2.4 Given a scenario, analyze and interpret output from security technologies

2.4.1 Network security technologies2.4.2 Host security technologies2.4.3 Data security technologies

2.5 Given a scenario, deploy mobile devices securely

2.5.1 Connection methods2.5.2 Mobile device management concepts2.5.3 Enforcement and monitoring2.5.4 Deployment models

2.6 Given a scenario, implement secure protocols

2.6.1 Protocols

2.6.2 Use cases

Domain 3.0 Architecture and Design

3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides3.1.1 Industry-standard frameworks and reference architectures3.1.2 Benchmarks/secure configuration guides3.1.3 Defense-in-depth/layered security

3.2 Given a scenario, implement secure network architecture concepts.

3.2.1 Zones/topologies3.2.2 Segregation/segmentation/isolation3.2.3 VPN / Tunneling3.2.4 Security device/technology placement3.2.5 Software Defined Networks (SDN)

3.3 Given a scenario, implement secure systems design

3.3.1 Hardware/firmware security3.3.2 Operating System Security3.3.3 Peripherals

3.4 Explain the importance of secure staging deployment concepts

3.4.1 Secure baseline3.4.2 Sandboxing3.4.3 Environment3.4.4 Integrity measurement

3.5 Explain the security implications of embedded systems.

3.5.1 ICS / SCADA3.5.2 IoT / Smart Devices3.5.3 Printers / MFDs3.5.4 Camera systems3.5.5 Special purpose

3.6 Summarize secure application development and deployment concepts

3.6.1 Development life-cycle models3.6.2 Secure DevOps / SecDevOps3.6.3 Version control and change management3.6.4 Provisioning and deprovisioning3.6.5 Secure coding techniques3.6.6 Code quality and testing

3.7 Summarize cloud and virtualization concepts

3.7.1 Hypervisor3.7.2 Virtual Machine (VM)3.7.3 Cloud computing3.7.3.1 Deployment models3.7.3.2 Storage3.7.3.3 Access

3.8 Explain how resiliency and automation strategies reduce risk

3.8.1 Automation/scripting3.8.2 Master image3.8.3 Non-persistence3.8.4 Forms and functions

3.9 Explain the importance of physical security controls

Domain 4.0 Identity and Access Management

4.1 Compare and contrast identity and access management concepts.4.1.1 Identification, authentication, authorization and accounting (AAA)4.1.2 Multifactor authentication4.1.3 Single Sign-On (SSO) / Federation

4.2 Given a scenario, install and configure identity and access services


4.3 Given a scenario, implement identity and access management controls4.3.1 Access Control Models4.3.2 Physical Access Control4.3.3 Biometrics4.3.4 Tokens4.3.5 Certificate-based authentication4.3.6 Authorization: file-system and database4.4 Given a scenario, differentiate common account management practices.4.4.1 General concepts4.4.2 Account types

4.4.3 Account policy enforcement

Domain 5.0 Risk Management

5.1 Explain the importance of policies, plans and procedures related to organizational security5.1.1 Standard operating procedures5.1.2 Agreement types5.1.3 Personnel management5.1.4 General security policies

5.2 Summarize business impact analysis concepts


5.3 Explain risk management processes and concepts5.3.1 Threat assessment5.3.2 Risk assessment5.3.3 Change management

5.4 Given a scenario, follow incident response procedures

5.4.1 Incident response plan5.4.2 Incident response process

5.5 Summarize basic concepts of forensics

5.5.1 Data acquisition5.5.2 Preservation / Order of volatility5.5.3 Chain of custody5.5.4 Legal hold5.5.5 Recovery

5.6 Explain disaster recovery and continuity of operations concepts

5.6.1 Backup concepts5.6.2 Geographic considerations5.6.3 Continuity of operations planning5.6.4 Recovery sites5.6.5 Order of restoration

5.7 Compare and contrast various types of controls

5.7.1 Administrative5.7.2 Technical5.7.3 Physical5.7.4 Corrective5.7.5 Preventive5.7.6 Detective5.7.7 Deterrent5.7.8 Compensating

5.8 Given a scenario, carry out data security and privacy practices

5.8.1 Data sensitivity labeling and handling5.8.2 Data roles5.8.3 Data destruction and media sanitization

5.8.4 Legal and compliance

Domain 6.0 Cryptography and PKI

6.1 Compare and contrast basic concepts of cryptography6.1.1 Symmetric algorithms6.1.2 Asymmetric algorithms6.1.3 Hashing6.1.4 Keys and key exchange6.1.5 Digital signatures6.1.6 Common use cases

6.2 Explain cryptography algorithms and their basic characteristics

6.2.1 Symmetric algorithms6.2.2 Cipher modes6.2.3 Asymmetric algorithms6.2.4 Hashing algorithms

6.3 Given a scenario, install and configure wireless security settings

6.3.1 Cryptographic protocols6.3.2 Authentication protocols6.3.3 Methods

6.4 Given a scenario, implement public key infrastructure

6.4.1 Components6.4.2 Concepts6.4.3 Types of certificates

6.4.4 Certificate formats

The Certified Ethical Hacker (CEH) credential is the most trusted ethical hacking certification and accomplishment recommended by employers globally. It is the most desired information security certification and represents one of the fastest-growing cyber credentials required by critical infrastructure and essential service providers. Since the introduction of CEH in 2003, it is recognized as a standard within the information security community. CEH v11 continues to introduce the latest hacking techniques and the most advanced hacking tools and exploits used by hackers and information security professionals today. The Five Phases of Ethical Hacking and the original core mission of CEH remain valid and relevant today: “To beat a hacker, you need to think like a hacker.”

live virtual machine lab module enterprise network security configuration concepts

zusammenhängende Posts

Which of the following is used to separate macros that are in the same module?
Which of the following is used to separate macros that are in the same module?

Handball Deutsche Meisterschaft B-Jugend 2022 live
Handball Deutsche Meisterschaft B-Jugend 2022 live

When two organizations of about equal size unite to form one enterprise, which of these occurs?
When two organizations of about equal size unite to form one enterprise, which of these occurs?

Which of the following would most likely improve the security of employee data
Which of the following would most likely improve the security of employee data

Wo wird das Spiel von FC Bayern übertragen?
Wo wird das Spiel von FC Bayern übertragen?

How to create a new Azure virtual machine from a tablet that runs the Android operating system?
How to create a new Azure virtual machine from a tablet that runs the Android operating system?

Which OSI layer is responsible for determining the best path to route packets?
Which OSI layer is responsible for determining the best path to route packets?

Which of the following standards provide guidelines for hardening a webserver?
Which of the following standards provide guidelines for hardening a webserver?

Which of the following is a security best practice for protecting PII cyber awareness?
Which of the following is a security best practice for protecting PII cyber awareness?

Wie heißt der Captain der Enterprise?
Wie heißt der Captain der Enterprise?

Werbung

NEUESTEN NACHRICHTEN

What delivers applications over the cloud using a pay-per-use revenue model?
1 Jahrs vor . durch AsceticTranslation
What processes convert data into information and information into knowledge?
1 Jahrs vor . durch CorruptSolicitation
Fuß umgeknickt keine Schwellung aber Schmerzen was tun
1 Jahrs vor . durch TraceableMeasurement
What can decrease the effectiveness of an mbo (management by objectives) system?
1 Jahrs vor . durch HomesickDumps
Wie viel kostet ein normales Ohrloch stechen?
1 Jahrs vor . durch PitchedContents
Ein Colt für alle Fälle Klingelton Android
1 Jahrs vor . durch MonumentalShaving
Gemeinschaft entwässerung wer ist für zuständig
1 Jahrs vor . durch BarbaricCorrelation
Was ist der unterschied zwischen einem boot und einem schiff
1 Jahrs vor . durch HelluvaNuisance
Wann geht es weiter mit Outpost?
1 Jahrs vor . durch TumblingVariation
Wer ist bei lets danz faisal
1 Jahrs vor . durch SkilledStoryteller

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial

homeendefrkoptzhitthjphi
Urheberrechte © © 2024 nguoilontuoi Inc.