Scribd
Upload
56 views

Chapter 4 - ISC2

The document discusses physical and logical access controls, networking concepts including models, protocols and addressing, network security threats and mitigation techniques, and network monitoring tools.

Uploaded by

Jamaal Jackson
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
56 views

Chapter 4 - ISC2

The document discusses physical and logical access controls, networking concepts including models, protocols and addressing, network security threats and mitigation techniques, and network monitoring tools.

Uploaded by

Jamaal Jackson
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

❖ Physical Access Controls

➢ Badge System and Gate Entry


➢ Crime Prevention through Environmental Design (CPTED)
➢ Biometrics
❖ Monitoring
➢ Cameras
➢ Logs
➢ Alarm Systems
➢ Security Guards
❖ Logical Access Controls
➢ Virtual Safeguards
❖ Discretionary Access Control (DAC)
➢ access control policy that is enforced over all subjects and objects
in an information system
❖ Mandatory Access Control (MAC)
➢ uniformly enforced across all subjects and objects within the
boundary of an information system
❖ Role-Based Access Control (RBAC)

Official Notes:

https://learn.isc2.org/content/enforced/9541-CC-SPT-GLOBAL-1ED-1M/build/chapter
_03/assets/EDU-CC-70255-ch03_Takeaway.pdf?ou=9541

Chapter 4:

Network Security:

❖ Networking:
➢ Hardware, Software, protocols and encryption
➢ Types:
■ Local Area Network (LAN)
■ Wide Area Network (WAN)
➢ Network Devices
■ Hub: Connect multiple devices
■ Switch: Intelligent hub to route to specific devices
■ Router: Control traffic on networks and between them
■ Firewall: Device used to filter traffic
■ Server: Computer hub for network
■ Endpoint: Ends of network communication link
➢ Device Address
■ Media Access Control (MAC) Address
■ Internet Protocol (IP) Address
❖ Networking Models
➢ Upper Layer: Application or Use
➢ Lower Layer: Transport
❖ Open System Interconnection Model (OSI)
➢ Model for how information is used and moved functionally
■ Encapsulation: Movement down the OSI scale
■ Decapsulation: Movement up the OSI scale
❖ Transmission Control Protocol/Internet Protocol TCP/IP)
➢ Application Layer
■ Telnet
■ File Transfer Protocol (FTP)
■ Simple Mail Transport Protocol (SMTP)
■ Domain Name Service (DNS)
➢ Internet Layer
■ Internet Control Message Protocol (ICMP)
❖ Internet Protocol (IPv4 and IPv6)
➢ IPv4: 32-bit address, unique to device
➢ IPv6: 128-bit, hexadecimal system, colons
❖ Security of a Network
➢ DoS/DDoS attacks
➢ Fragment attacks
➢ Oversized packet attacks
➢ Spoofing attacks
➢ Man-in-the-middle attacks
❖ Ports and Protocols
➢ Physical Ports
➢ Logical Ports
■ Single IP multiple connections
■ Ports numbers are unique destinations
❖ Secure Ports
➢ FTP (21)
■ SFTP (22)
➢ Telnet (23)
■ SSH (22)
➢ SMTP (25)
■ SMTP (587)
➢ Time (37)
■ NTP (123)
➢ DNS (53)
■ DoT (853)
➢ HTTP (80)
■ HTTPS (443)
➢ IMAP (143)
■ IMAP (993)
➢ SNMP (161/162)
➢ SMB
■ NFS (2049)
➢ LDAP
■ LDAPS (636)
❖ Communication Handshake
➢ SYN: synchronization
➢ SYN-ACK: sync acknowledgement
➢ ACK: acknowledgement
❖ Network Threats and Attacks
➢ Types:
■ Spoofing
■ Phishing
■ DOS/DDOS
■ Virus
■ Worm
■ Trojan
■ On-path Attack
■ Side Channel
■ Advanced Persistent Threat (APT)
■ Insider Threat
■ Malware
■ Ransomware
❖ Intrusion Detection System (IDS)
➢ Host based IDS (HIDS)
➢ Network based IDS (NIDS)
➢ Security Information and Event Management (SIEM)
❖ Preventing Threats
➢ Antivirus
■ Payment Card Industry Data Security Standard (PCI DSS)

You might also like