Exploring Network Technologies and Tools
CompTIA Security+ objectives covered in this chapter:
2.4 Summarize authentication and authorization design concepts. Authentication methods (Directory services)
2.7 Explain the importance of physical security controls. Screened subnet (previously known as demilitarized zone)
2.8 Summarize the basics of cryptographic concepts. Common use cases (Supporting authentication)
3.1 Given a scenario, implement secure protocols. Protocols (Domain Name System Security Extension (DNSSEC), SSH, Secure Real-time Transport Protocol (SRTP), Lightweight Directory Access Protocol Over SSL (LDAPS), File Transfer Protocol, Secure (FTPS), SSH File Transfer Protocol (SFTP), Simple Network Management Protocol, version 3 (SNMPv3), Hypertext transfer protocol over SSL/TLS (HTTPS), IPSec (Authentication header (AH) / Encapsulated security payload (ESP), Tunnel/transport), Post Office Protocol (POP) / Internet Message Access Protocol (IMAP)) Use cases (Voice and video, Time synchronization, Email and web, File transfer, Directory services, Remote access, Domain name resolution, Routing and switching, Network address allocation, Subscription services)
3.2 Given a scenario, implement host or application security solutions. Next-generation firewall (NGFW), Host-based firewall
3.3 Given a scenario, implement secure network designs. Network segmentation (Virtual local area network (VLAN), Screened subnet (previously known as demilitarized zone), East-west traffic, Extranet, Intranet, Zero trust) DNS, Port security (Broadcast storm prevention), Bridge Protocol Data Unit (BPDU) guard, Loop prevention, Dynamic Host Configuration Protocol (DHCP) snooping) Network appliances (Jump servers, Proxy servers, Forward, Reverse) Firewalls (Web application firewall (WAF), NGFW, Stateful, Stateless, Unified threat management (UTM), Network address translation (NAT) gateway, Content/URL filter, Open-source vs. proprietary, Hardware vs. software, Appliance vs. host-based vs. virtual) Access control list (ACL), Route security, Quality of service (QoS), Implications of IPv6
4.1 Given a scenario, use the appropriate tool to assess organizational security. Network reconnaissance and discovery (nslookup/dig, route)
4.3 Given an incident, utilize appropriate data sources to support an investigation. VoIP and call managers, Log files (Session Initiation Protocol (SIP) traffic)
4.4 Given an incident, apply mitigation techniques or controls to secure an environment. Isolation, Segmentation
CompTIA expects prospective CompTIA Security+ exam takers to have at least two years of networking experience. However, even with that amount of experience, there are often gaps in information technology (IT) professionals’ or security professionals’ knowledge. For example, you may have spent a lot of time troubleshooting connectivity but rarely manipulated access control lists (ACLs) on a router or modified firewall rules. This chapter reviews some basic networking concepts, devices, and network topologies used within secure networks. When appropriate, it digs into these topics a little deeper with a focus on security.