Computer Networking: Beginners Guide to Network Security & Network Troubleshooting Fundamentals

By Richie Miller

If you want to PASS the CompTIA Network+ Certification, this book is for you!

 

BUY THIS BOOK NOW AND GET STARTED TODAY!

 

In this book you will discover:

• Language: English
• Publisher: Pastor Publishing Ltd
• Release date: Dec 6, 2022
• ISBN: 9781839381607

Book preview

Introduction

The Network+ credential is the first certification that many IT professionals ever receive. It has been around for over 25 years at this point and has been awarded to over a million applicants during that time and this matter, because the certification has become well known by IT employers. When you're looking for a job and you have the Network+ after your name, most companies know that that's a real credential. It's also a vendor-neutral credential, in the sense that it doesn't promote any particular hardware or software vendor and although the exams do recognize and reflect the prominence of Microsoft Windows in the corporate world, they also include limited content on Apple operating systems, Linux, Android, and Chrome OS. Because Apple's operating systems only run on Apple hardware, the exams do cover Macs, iPhones, and iPads. It's fair to say that the CompTIA Network+ exams try to reflect the hardware and software that a technical support professional is likely to see in real life, and that's part of its relevance and appeal. In a nutshell, the Network+ certification is the preferred performance-based qualifying credential for technical support and IT operational roles, according to the organization that manages it, CompTIA. The Network+ certification focuses on the day-to-day work of an IT technician in a business environment. One reason the Network+ certification receives respect by IT employers is that it is accredited by international organizations. The ISO, or International Standards Organization, is a worldwide standard-setting group headquartered in Geneva, and ANSI, the American National Standards Institute, is the USA's representative to ISO. CompTIA has been accredited by ANSI for compliance with the ISO standard that applies to operating a certification body or organization, and CompTIA must maintain certain quality levels in order to maintain that accreditation. That's a bit of background on CompTIA and the Network+ certification. But who might benefit from this credential? Well, anyone wanting to be hired on by a company that requires it, certainly, but more broadly, anybody pursuing a career in tech support, for example, as a help desk analyst, service desk analyst or a desktop support technician. Field service techs will also find the credential helpful, as will those who aspire to being a network engineer or a documentation specialist in IT. This book will help you prepare for the latest CompTIA Network+ Certification, exam code: N10-008. First you will discover what are the basic Network Security Fundamentals such as Threats, Vulnerabilities & Exploits. Next you will discover how to reduce Threat Exposure and how to use Defense in Depth. After that you will learn about Authentication, Authorization and Accounting as well as Multifactor Authentication and Network Access Controls. Next you will discover how to Assess Risk and hat are the most common Human & Technical Exploits as well as WiFi Attacks and Password Attacks. After that, you will discover how to secure Layer 2, Layer 3, Layer 4 and Layer 7 of the OSI model. Next you will learn about Rogue DHCP Servers, Dynamic ARP Inspection, Password security and Wireless Security.  After that, you will learn about Geofencing, Remote Access Control, Virtual Private Networks, Remote Desktops and Virtual Desktops Connections. Moving on we will cover Network Management Options, Video Surveillance and Asset Tracking. You will also learn about  Network Topologies and different Network Types such as Blank Area Networks, WAN Technologies, Virtualized Networks, Data Center Networks and Software Defined Networking. Lastly, you will learn about SAN and Cloud Computing as well as Cloud Services. As you can see, this book is a comprehensive guide on the CompTIA Network+ Certification and will reveal the must-have skills that every IT pro has. By finishing this book, you will become an IT professional, nevertheless, it is recommended to read the book or listen the audiobook several times to follow the provided guide. The audiobook listeners will receive a complementary PDF document, hence it’s also advantageous to highlight critical subjects to review them later using a paperback or hardcover book, or the accompanied PDF once printed out for your reference. If you are a complete beginner, having limited knowledge or no experience and want to speed up your IT skills, this book will provide a tremendous amount of value to you! If you already working in IT but you want to learn the latest standards, this book will be extremely useful to you. If you want to pass the CompTIA Network+ Certification Exam fast, let’s first cover some basic network concepts and network protocols!

Chapter 1 Network Security Fundamentals

This book is about Network Security Basics, and we're going to start with IT security concepts. In IT, there are all kinds of risks involved with collecting, storing, using, managing data, services, employees, and whatnot. This book is intended to introduce you to the high-level concepts and some minor technical details in order to better understand why we need IT security and some of the terms, concepts, and tools we use to help prevent network attacks from happening and alert us when they do. We're going to start with IT security concepts. First, we are going to look at the need for IT security; we're going to look at confidentiality, availability, and integrity; we're then going to look at threats, vulnerabilities, and exploits; and I'll show you where we can look up known vulnerabilities and we can even download in a database of these vulnerabilities to check to see if our systems might be vulnerable to certain types of attacks. Next, we're going to look at what we can do to reduce our exposure to threats, and we're going to look at a lot of concepts in IT that we use in order to prevent attacks from happening, or at least, reduce our exposure to them. The things that we are going to discuss throughout this book may or may not be used in the organization you currently work for or an organization you work for in the future. Each organization is on their own journey of security, so just know that even though I'm going to cover what we believe to be best practices in IT security, not all organizations are in the same spot to implement all of these technologies. Let's first talk about our need for IT security. Simply because we exist in society and we use the internet is enough that our information is stored someplace on a computer for some reason. Likely, someplace has information that includes your name, address, age, profession. This might be your bank, it might be your doctor's office, and then there's lots more information. We might have your location and travel behavior stored, your gender identity and marital status, information from your home security cameras, photos that you upload to the cloud, personal interests, medical records, purchase history, your bank account information, among many other things. All this information, just simply by existing in society using information technology is stored on a computer somewhere. It's likely stored on a server in a data center. That information is likely available somehow via the internet. Why do we store all this information? Well, it comes down to a pretty simple concept here, and that's money. All this information is valuable. When we think about our doctor's office and our electronic medical record, is our doctor's office selling our medical record information? No, not directly; and, yes, kind of. Our doctor's office will collect all the information from lots of different patients. They will anonymize the people involved, meaning they will take away our names, addresses, phone numbers, any specific identifying conditions that are unique to us as a human being, and they'll group them together and they may sell that information to researchers, and those researchers can use that anonymized data to help make the medical world better. If we use social media, anytime we post pictures on social media or report our status or share information on social media, those organizations use that information so that they can identify you as a specific person that has specific interests, and then they can use that to target advertising to you that is specific to your interests and not others. As a matter of fact, this is generally how social media makes their money. They figure out what you like and then they sell you advertising to match that. Hopefully you buy the thing that you've been advertised, or the company hopes that you buy the thing that you've been advertised to, and that just keeps the cycle going. It works, obviously these social media companies are worth billions and trillions of dollars sometimes. That data that we're collecting is valuable, and it's not just valuable in the sense that it's our personal information that's stored on somebody else's computer, the value is that the organization that's storing it, it's valuable to them too. It's not just your information that's valuable to you and you don't want it to get compromised for your own personal sake, but social media sites, your bank, medical records, and so on, all those organizations use that data to both benefit you and the organization that's hosting it, and this introduces the concept of CIA. The first one, the C, is confidentiality. We want to make sure that your information is confidential. If we have a medical record software and there's lots of information on there, we don't want our medical record information to be made public. Maybe there's some specific condition that I have or maybe I'm a celebrity and I don't want a tabloid newspaper to publish information about me, we need to keep that information secret. The second thing is integrity. We want to make sure it's accurate. If we have a medical record or we have bank information, we don't want somebody going in and tampering with and changing that information. For example, maybe I have an allergy to antibiotics and that's in my medical record. I wouldn't want an attacker to go into my medical record and change that and remove that I have an allergy to antibiotics, because then the next time I have to go to the ER with some type of cut or infection, they might give me antibiotics and it could kill me. We want to make sure that the data we have stored has integrity, that it's not tampered with. Then the last piece here is availability. If we use the medical record example again, if I go into the ER, I want to make sure that those ER physicians and nurses know about all the details of my medical record in my history so that they can treat me best. This is the case of if my medical record is not available to the ER tech, they can't find out that I'm allergic to antibiotics. So confidentiality, integrity, availability, these all work together. It doesn't necessarily all pertain to medical records or banking, but this applies to social media as well. Having access to these resources on social media, a lot of organizations and people run businesses through social media websites and social media apps, and having access to the data to their users that are are viewing it and interacting with it is really important for the business of everybody. We need to make sure that it's confidential, that it has integrity, and that it's available. These are some of the goals we have in IT security, to make sure that the data we have stored meets these criteria so that we can use it to the best of our abilities.

Chapter 2 Threats, Vulnerabilities & Exploits

Now let's take a look at what some of the threats, vulnerabilities, and exploits might be. We're going to first start by just defining these and going into a very light amount of detail. We're going to go into more detail about how some network attacks can happen later on so for now, let's introduce the concept of a threat. This is from the National Institute of Standards and Technology, NIST, and it's a US organization, and they define a threat as this; Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or a nation through a system via unauthorized access or destruction, or disclosure, or modification of information, and/or denial of service. This is a lot to take in, but really what we're talking about is it's a circumstance or event that can adversely impact an organization or a country through some type of unauthorized access destruction, disclosure, modification, or denial of the information needed. That is a threat. Threats can come in all kinds of shapes and sizes. A threat can be an insider threat, maybe it's a disgruntled employee that wants to take advantage of the organization that he felt or she felt treated them poorly, so the threat could be inside. The threat could also be inside of somebody that's completely ignorant and just doesn't know any better and doesn't know the rules and policies and procedures that are required to protect data. Threats can come in any shape and form, it doesn't necessarily have to be malicious, but the threat could be inside of our network itself. As a matter of fact, it's a very likely place where threats exist. Additionally threats can exist outside of our network as well. We could have attackers coming in from outside of our network. We could have threats of a construction company could be doing work in front of our data center and they could accidentally cut the fiber optics to that facility. That's not malicious, but it is a threat to confidentiality, integrity, and availability. Threats can come in all kinds of shapes and sizes. It's just oftentimes when we think of IT security, we're thinking of this guy in the black hat with a trench coat on who's hiding and trying to get into our network maliciously, but threats when we talk about CIA, they can happen by accident as well. When we're planning for IT security, we want to make sure that we really understand what a threat is and the depth of what that might mean. It could be a person, it could be an event, could be malicious, it could be accidental or based out of ignorance. A vulnerability is some kind of weakness. It's inside of an IT organization, it's literally going to be any kind of weakness that we have, it could be policies and procedures, it could be technical in nature, it could be people in nature, and the best example I have to a vulnerability is if we think about our house. Our house has all kinds of vulnerabilities when it comes to security, but windows are a pretty fragile component of our home. In fact, they're so fragile that I can throw a rock at a window to expose the vulnerability, break the window pretty easily, and now I have access to the inside of your home. There are lots of ways to get inside your home, but this is just one example and my example here is simply that windows in your home, the glass windows in your home are a vulnerability, they're vulnerable to rocks being thrown at them, and the same thing exists in IT organizations. Our workstations are full of software and they're used by human beings. We have human beings using software and the software usually runs on some type of operating system and all of that is written by human beings as well, all of that is really just lots and lots of lines of code running on hardware that was also designed by human beings, all of these things when you put them together, human beings writing software to run on machines, when you put all of this together you have the opportunity to have vulnerabilities, we may know about these vulnerabilities or we may not know about these vulnerabilities. As a matter of fact, when it comes to IT, we actually have a pretty comprehensive list of known vulnerabilities. There is an organization called Mitre that publishes a list of CVE, common vulnerabilities and exposures. Let's go look at this list. I'll take you to the website and we'll take a look at this list. The website is cve.org and this organization keeps an extensive list of known vulnerabilities.

We can do a search for vulnerabilities, keyword search here, it'll bring us to another page, if I put in HTTP, we'll just take a quick look and see what HTTP vulnerabilities exist. There are 8,132 CVE records that match my search.

These are going to be pretty technical in nature and they're going to talk about extensible service proxy, AKA, ESP is a proxy which enables API management capabilities for JSON, REST, or gRPC. This list is very important because we can download this list and we can use it as a mechanism to scan our systems and find out if and where we have vulnerabilities in our internal systems. We can also search this to see if our systems, that way we have them implemented based on the version number, are vulnerable to certain types of issues. This list covers lots of things and it is very extensive, however, one thing that it does not cover is something called 0-day vulnerabilities and 0-day vulnerabilities are vulnerabilities that an attacker learns about and figures out how to make use of that vulnerability and exploit it, and there is no previous attempt or known issue or documentation that indicates that that vulnerability actually exists. A 0-day vulnerability means that no one yet knows about it, except maybe a couple hackers that are trying to take advantage of a system and those vulnerabilities are called 0 days and you often hear about that in the media, they'll say, this system was attacked with a 0-day exploit and they got this information and the company that is hosting the information was unable to protect themselves against the attack because they didn't know it was possible to happen. CVE is a great list of all the potential vulnerabilities that are currently known about in information technology. Let's talk about exploits now. Exploits is a way of taking advantage of the vulnerability. Because we have a vulnerability in our system doesn't necessarily mean we're at risk because maybe it's a system that's just not that important or no one cares about or there is not a vested interest in exploiting that system. However, the exploit itself is taking advantage of that vulnerability. In the case of our home with the windows, the windows have a vulnerability, the exploit would be throwing the rock at it, so there we go. We've exploited the vulnerability of our window by breaking it with a rock. Exploits for our IT systems, though, oftentimes there may be services or systems running on our workstations, we may have a virus or malware, or maybe even some attacker has our username and password, and what they can do is they can send information then into our IT infrastructure to try to take advantage of that exploit.

Chapter 3 How to Reduce Threat Exposure

How do we reduce our threat exposure?