Last modified on 28 December 2010, at 09:38

Security+ Certification/Network Infrastructure

2.1 Differentiate between the different port & protocols, their respective threats and mitigation techniquesEdit

  • Antiquated protocols
  • TCP/IP hijacking
  • Null sessions
  • Spoofing
  • Man-in-the-middle
  • Replay
  • DoS (Denial of Service)
  • DDoS (Distributed DoS)
  • Domain Name Kiting
  • DNS poisioning
  • ARP poisioning

2.2 Distinguish between network design elements and componentsEdit

  • DMZ
  • VLAN
  • NAT
  • Network interconnections
  • NAC
  • Subnetting
  • Telephony

2.3 Determine the appropriate use of network security tools to facilitate network securityEdit

  • NIDS (Network Based Intrusion Detection System)
  • NIPS (Network Based Intrusion Prevention System)
  • Firewalls
  • Proxy servers
  • Honeypot
  • Internet content filters
  • Protocol analyzers

2.4 Apply the appropriate network tools to facilitate network securityEdit

  • NIDS
  • Firewals
  • Proxy servers
  • Internet content filters
  • Protocol analyzers

2.5 Explain the vulnerabilities and mitigations associated with network devicesEdit

  • Privelege escalation
  • Weak passwords
  • Back doors
  • Default accounts
  • DOS

2.6 Explain the vulnerabilities and mitigations associated with various transmission mediaEdit

  • Vampire taps

2.7 Explain the vulnerabilities and implement mitigations associated with wireless networkingEdit

  • Data emanation
  • War driving
  • SSID broadcast
  • Blue jacking
  • Bluesnarfing
  • Rogue access points
  • Weak encryption