Chapter 3. Infrastructure and Connectivity

THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

• 1.2 Explain the security risks pertaining to system hardware and peripherals.

  • Removable storage

  • Network attached storage

• 1.4 Carry out the appropriate procedures to establish application security.

  • ActiveX

  • Java

  • Scripting

  • Browser

  • Buffer overflows

  • Cookies

  • SMTP open relays

  • P2P

  • Input validation

  • Cross-site scripting (XXS)

• 1.5 Implement security applications.

  • Popup blockers

• 2.3 Determine the appropriate use of network security tools to facilitate network security.

  • Proxy servers

• 2.4 Apply the appropriate network tools to facilitate network security.

  • Proxy servers

• 2.5 Explain the vulnerabilities and mitigations associated with network devices.

  • Default accounts

• 2.6 Explain the vulnerabilities and mitigations associated with various transmission media.

  • Vampire taps

• 3.7 Deploy various authentication models and identify the components of each.

  • RADIUS

  • RAS

  • Remote access policies

  • Remote authentication

  • VPN

  • 802.1x

  • TACACS

The previous two chapters focused more on theoretical concepts than purchasable components. They created the foundation on which the topics in this chapter will build as the discussion moves into actual implementation. Bear in mind that even though a variety of products exist to satisfy every need of the market, none are as successful as they need to be without education and training. One of your top priorities should always be to make certain your users understand every aspect of the security policies.

This chapter introduces the hardware used within the network. Your network is composed of a variety of media and devices that both facilitate communications and provide security. Some of these devices (such as routers, modems, and PBX systems) provide external connectivity from your network to other systems and networks. Some of the devices (such as CD-Rs, disks, USB thumb drives, and tape) provide both internal archival storage and working storage for your systems.

To provide reasonable security, you must know how these devices work and how they provide, or fail to provide, security. This chapter deals with issues of infrastructure and media. They're key components of the Security+ exam, and it's necessary that you understand them to secure your network. Like many certification exams, though, the Security+ test requires you to know not only current technologies, but some legacy components as well. Although there aren't a whole lot of bus-based coaxial LANs being implemented today, you need to know the basics for this certification.