Chapter 2. Network Infrastructure

CompTIA Security+ exam objectives covered in this chapter include the following:

• 2.1 Differentiate between the different ports & protocols, their respective threats and mitigation techniques.

  • Antiquated protocols

  • TCP/IP hijacking

  • Null sessions

  • Spoofing

  • Man-in-the-middle

  • Replay

  • DOS

  • DDOS

  • Domain Name Kiting

  • DNS poisoning

  • ARP poisoning

• 2.2 Distinguish between network design elements and components.

  • DMZ

  • VLAN

  • NAT

  • Network interconnections

  • NAC

  • Subnetting

  • Telephony

• 2.3 Determine the appropriate use of network security tools to facilitate network security.

  • NIDS

  • NIPS

  • Firewalls

  • Proxy servers

  • Honeypot

  • Internet content filters

  • Protocol analyzers

• 2.4 Apply the appropriate network tools to facilitate network security.

  • NIDS

  • Firewalls

  • Proxy servers

  • Internet content filters

  • Protocol analyzers

• 2.5 Explain the vulnerabilities and mitigations associated with network devices.

  • Privilege escalation

  • Weak passwords

  • Back doors

  • Default accounts

  • DOS

• 2.6 Explain the vulnerabilities and mitigations associated with various transmission media.

  • Vampire taps

• 2.7 Explain the vulnerabilities and implement mitigations associated with wireless networking.

  • 802.11 and 802.11x

  • Data emanation

  • War driving

  • SSID broadcast

  • Blue jacking

  • Bluesnarfing

  • Rogue access points

  • Weak encryption

The Security+ exam will test your basic IT security skills—those skills needed to effectively secure stand-alone and networked systems in a corporate environment. To pass the test and be effective in implementing security, you need to understand the basic concepts and terminology related to network infrastructure security as detailed in this chapter.