Security+ Certification/Network Infrastructure

< Security+ Certification

This page may need to be reviewed for quality.

2.1 Differentiate between the different port & protocols, their respective threats and mitigation techniques

Antiquated protocols
TCP/IP hijacking
Null sessions
Spoofing
Man-in-the-middle
Replay

DoS (Denial of Service)
DDoS (Distributed DoS)
Domain Name Kiting
DNS poisioning
ARP poisioning

2.2 Distinguish between network design elements and components

DMZ
VLAN
NAT
Network interconnections

NAC
Subnetting
Telephony

2.3 Determine the appropriate use of network security tools to facilitate network security

NIDS (Network Based Intrusion Detection System)
NIPS (Network Based Intrusion Prevention System)
Firewalls
Proxy servers

Honeypot
Internet content filters
Protocol analyzers

2.4 Apply the appropriate network tools to facilitate network security

NIDS
Firewals
Proxy servers
Internet content filters
Protocol analyzers

2.5 Explain the vulnerabilities and mitigations associated with network devices

Privelege escalation
Weak passwords
Back doors
Default accounts
DOS

2.6 Explain the vulnerabilities and mitigations associated with various transmission media

Vampire taps

2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking

Data emanation
War driving
SSID broadcast
Blue jacking

Bluesnarfing
Rogue access points
Weak encryption

Retrieved from "https://en.wikibooks.org/wiki/Security%2B_Certification/Network_Infrastructure"