Chapter 4 Study Guide

Securing Your Network

CompTIA Security+ objectives covered in this chapter:

1.4 ​Given a scenario, analyze potential indicators associated with network attacks. •       Wireless (Evil twin, Rogue access point, Bluesnarfing, Bluejacking, Disassociation, Jamming, Radio frequency identifier (RFID), Near field communication (NFC), Initialization vector (IV))

1.5 ​Explain different threat actors, vectors, and intelligence sources. • Vectors (Direct access, Wireless)

1.8 ​Explain the techniques used in penetration testing. • Passive and active reconnaissance (Drones, War flying, War driving, Footprinting) 2.1 ​Explain the importance of security concepts in an enterprise environment. • Deception and disruption (Honeypots, Honeyfiles, Honeynets, Fake telemetry)

3.1 ​Given a scenario, implement secure protocols. • Protocols (IPSec, Authentication header (AH)/Encapsulated security payload (ESP), Tunnel/transport)

3.2 ​Given a scenario, implement host or application security solutions. • Host intrusion prevention system (HIPS), Host intrusion detection system (HIDS)

3.3 ​Given a scenario, implement secure network designs. •       Virtual private network (VPN) (Always on, Split tunnel vs. full tunnel, Remote access vs. site-to-site, IPSec, SSL/TLS, HTML5, Layer 2 tunneling protocol (L2TP), Network access control (NAC) (Agent and agentless)) • Out-of-band management, Port Security (Media access control (MAC) filtering) •       Network Appliances (Network-based intrusion detection system (NIDS)/network-based intrusion prevention system (NIPS), (Signature based, Heuristic/behavior, Anomaly, Inline vs. passive), Sensors, Collectors, Aggregators), Port spanning/port mirroring (Port taps)

3.4 ​Given a scenario, install and configure wireless security settings. •       Cryptographic protocols (WiFi protected access 2 (WPA2), WiFi protected access 3 (WPA3), Counter-mode/CBC-MAC Protocol (CCMP), Simultaneous Authentication of Equals (SAE)) •       Authentication protocols (Extensible Authentication Protocol (EAP), Protected Extensible Application Protocol (PEAP), EAP-FAST, EAP-TLS, EAP-TTLS, IEEE 802.1X, Remote Authentication Dial-in User Server (RADIUS) Federation) •       Methods (Pre-shared key (PSK) vs. Enterprise vs. Open, WiFi Protected Setup (WPS), Captive portals) •       Installation considerations (Site surveys, Heat maps, WiFi analyzers, Channel overlaps, Wireless access point (WAP) placement, Controller and access point security)

3.8 ​Given a scenario, implement authentication and authorization solutions. •       Authentication/Authorization (EAP, Challenge Handshake Authentication Protocol (CHAP), Password Authentication Protocol (PAP), 802.1X, RADIUS, Terminal Access Controller Access Control System Plus (TACACS+))

In this chapter, you’ll learn about some of the more advanced network security concepts. Topics include intrusion detection systems (IDSs) and intrusion prevention systems (IPSs), methods used to secure wireless networks, common wireless attacks, and virtual private network (VPN) technologies.