Please enable JavaScript.
Coggle requires JavaScript to display documents.
CompTIA Security+ Chapter 3 (Implementing a Secure Network (Zones and…
CompTIA Security+ Chapter 3
Networking Protocols
Basic
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
Internet Protocol (IP)
Internet Control Message Protocol (ICMP)
Address Resolution Protocol (ARP)
Use Cases
Voice and Video
Real-time Transport Protocol (RTP)
Secure Real-time Transport Protocol (SRTP)
File Transfer
File Transfer Protocol (FTP)
Port 21
Trivial File Transfer Protocol (TFTP)
Encryption:
Secure Shell (SSH)
Port 22
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
IPSec
Encrypted Protocols:
Secure File Transfer Protocol (SFTP)
Port 22
SSH
File Transfer Protocol Secure (FTPS)
Port 989/990
TLS
Email
(SEND)
Simple Mail Transfer Protocol (SMTP)
Port 25
SSL
(RECEIVE)
Postal Office Protocol v3 (POP3)
Port 110
SSL/TLS
(RETRIEVE)
Internet Messaging Access Protocol (IMAP)
Port 143
Web
HyperText Transport Protocol (HTTP)
Port 80
(HTTPS)
Port 443
SSL/TLS
Directory Services
Remote Access
Remote Desktop Protocol (RDP) TCP Port 3389
Time syncronization
Network Time Protocol (NTP)
Network Address Allocation
IPv4
IPv6
Subscription Services
Domain Name Resolution
DNS uses UDP
port 53
Zones
:
A - host name to IPv4
AAAA - Host name to IPv6
PTR - IP to host name
MX - Mail exchange. Identifies mail server
CNAME - Canonical Name
SOA - Start of Authority. Info about DNS zone
Commonly used DNS software:
Berkeley Internet Name Domain (BIND)
Tools
nslookup and dig
Identifying Ports
Internet Assigned Numbers Authority (IANA)
Well Known Ports: 0-1023
Registered Ports: 1024-49151
Dynamic and private Ports: 49152-65535
Server Ports
Apache Port 80
Internet Information Services (IIS) Port 80
Client Ports - use dynamic/private ports
Basic Network Devices
Switch
Security benefits - unicast
Loop Protection: Spanning Tree Protocol (STP) or Rapid STP (RSTP)
Flood attacks - filter MAC
Router
Access Control Lists (ACLs) - rules on router
ACL based on networks, subnet, IP, ports, protocols
Implicit Deny
Antispoofing (block private IP coming from internet)
Bridge
Firewalls
Host-based firewall
Application-Based (
software
) Versus Network-Based Firewalls (
Hardware
)
Stateless Firewall Rules - ACLs
Stateful firewall - dynamically monitor and change
Implementing a Secure Network
Zones and Topologies
Intranet and Extranet
Demilitarized Zone (DMZ)
Network Address Translation (NAT) (public IP <-> private IP)
Port Access Translation (PAT)
Network Separation
Segregation, segmentation, and isolation
Routers
segment
traffic between networks using rules within ACLs.
Firewalls
separate
network traffic using basic packet-filtering rules
Layer 2 (MAC) vs Layer 3 (IP) - Open Systems Interconnection (OSI)
Virtual Local Area Network (VLAN) - separate based on logical needs rather than physical location of computers
Media Gateway
Convert telephone to VOIP
Proxy Servers
Caching to improve performance
Transparent vs non Transparent
Reverse Proxy
Application Proxy
Unified Threat Management (UTM)
Mail Gateways
Simple Network Management Protocol version 3 (SNMPv3)