This course covered five areas in network security. The first is understanding security layers. This section introduced confidentiality, integrity, and availability of information. It went over defining risk threats, and understanding the principle of least privilege. It taught about the attack surface for users, computers, and networks. This section talked about how to understand social engineering and how to combat it. Finally it linked cost with security and how higher security measures come with a higher cost most of the time.
The second area covered was understanding Authentication, Authorization, and Accounting. It went over the different ways a person or machine is authenticated so they can have access to a resource. After a person is authenticated they must be authorized to use a resource and given rights and privileges to the resource. It went over groups, organizational units, and domains. NTFS permissions were taught and share permissions were reviewed. It covered encryption of data and drives, and taught about IPSec. Auditing was taught as a way to enact non-repudiation and round out your security environment. Lastly it went over RADIUS, TACACS+ servers and how they fit into the authentication, authorization, and accounting policies. Runas was explored and shown how to run a program with elevated privileges when needed.
The third area was understanding security policies. It started out with account lockout policies and password policies to enable strong passwords and how attack methods try to defeat passwords. We discussed password technology and how to make them secure and strong through password policies.
The forth was understanding network security. It started out with firewalls and the different types of firewalls that are used. Each type was discussed and its pros and cons examined. It talked about physical firewalls as compared to software firewalls. Stateful versus stateless inspection. Controlling access with network access protection and understanding the purpose of NAP, how it works and its requirements. DMZs, VLANS NAT, VPNs, IPSec, Honeypots and Honeynets were taught and how each of these technologies can protect your network in a different and how a combination of them can enhance your network security in a variety of ways. I learned about protocol security through DNSSEC, looking at protocol spoofing, network sniffing, and understanding common network attack methods. Lastly in this chapter we covered how to secure a wireless network.
The fifth was on protecting the server and client. It went over malware and how to protect your server and client from it. It covered windows updates, User Account, Control and how it provides security by notifying you if something is going to try to make a change to your computer. Administrative privileges might be needed to make those changes. We went over windows firewall and Windows Defender, offline files, and how to lock down a client computer. It taught about protecting your email, dealing with spam and how to secure your email and other servers by hardening them, their placement and using secure dynamic DNS. Lastly it talked about securing your internet browser by looking at cookies and privacy settings, examining content zones, and phishing and pharming.
This course has taught me a lot about how security is a multi-pronged approach. There are many different tools that make network security work for every organization. It doesn’t matter if you are a small business or a large corporation security matters. There are many layers to security that make it successful in any organization. Using physical security along with data security makes the best policy to provide a well-rounded security policy. Everything that I learned in this course can be applied to any computer or networking situation. Every computer or computing device will in some way be connected to a network and will therefore need some type of protection. This course has given me knowledge to be able to do that.