Network Security and Intrusion Detection

  1. Network Security Controls and Technologies
    1. Firewalls
      1. Firewall Fundamentals
        1. Firewall Purpose and Function
          1. Firewall Placement Strategies
            1. Firewall Policies
            2. Packet-Filtering Firewalls
              1. Stateless Filtering
                1. Rule Sets
                  1. Allow Rules
                    1. Deny Rules
                      1. Default Policies
                      2. Access Control Lists
                        1. Performance Characteristics
                        2. Stateful Inspection Firewalls
                          1. Connection State Tables
                            1. Connection Tracking
                              1. TCP State Tracking
                                1. UDP Pseudo-State Tracking
                                2. Dynamic Rule Management
                                  1. Session Timeout Handling
                                  2. Proxy Firewalls
                                    1. Application Layer Filtering
                                      1. Content Inspection
                                        1. Protocol Validation
                                          1. Content Filtering
                                            1. Malware Detection
                                            2. Circuit-Level Gateways
                                              1. Application-Level Gateways
                                              2. Next-Generation Firewalls
                                                1. Deep Packet Inspection
                                                  1. Protocol Decoding
                                                    1. Pattern Matching
                                                      1. Behavioral Analysis
                                                      2. Intrusion Prevention Integration
                                                        1. Application Awareness
                                                          1. Application Identification
                                                            1. Application Control
                                                              1. User Identity Integration
                                                              2. Threat Intelligence Integration
                                                              3. Web Application Firewalls
                                                                1. HTTP/HTTPS Filtering
                                                                  1. Protection Against Web Attacks
                                                                    1. SQL Injection Prevention
                                                                      1. Cross-Site Scripting Prevention
                                                                        1. CSRF Protection
                                                                        2. Virtual Patching
                                                                          1. API Security
                                                                          2. Firewall Management
                                                                            1. Rule Optimization
                                                                              1. Policy Compliance
                                                                                1. Change Management
                                                                                  1. Monitoring and Logging
                                                                                2. Virtual Private Networks
                                                                                  1. VPN Fundamentals
                                                                                    1. VPN Purpose and Benefits
                                                                                      1. VPN Security Requirements
                                                                                        1. VPN Performance Considerations
                                                                                        2. VPN Protocols
                                                                                          1. IPsec
                                                                                            1. Authentication Header
                                                                                              1. Encapsulating Security Payload
                                                                                                1. Tunnel Mode
                                                                                                  1. Transport Mode
                                                                                                    1. Security Associations
                                                                                                      1. Internet Key Exchange
                                                                                                      2. SSL/TLS VPNs
                                                                                                        1. SSL VPN Architecture
                                                                                                          1. TLS Handshake Process
                                                                                                            1. Certificate Management
                                                                                                            2. PPTP
                                                                                                              1. L2TP
                                                                                                                1. OpenVPN
                                                                                                                  1. WireGuard
                                                                                                                  2. VPN Topologies
                                                                                                                    1. Site-to-Site VPNs
                                                                                                                      1. Branch Office Connectivity
                                                                                                                        1. Extranet VPNs
                                                                                                                          1. Hub-and-Spoke Topology
                                                                                                                            1. Mesh Topology
                                                                                                                            2. Remote Access VPNs
                                                                                                                              1. Client-to-Site VPNs
                                                                                                                                1. Clientless VPNs
                                                                                                                                  1. Mobile VPN Solutions
                                                                                                                                2. VPN Implementation
                                                                                                                                  1. VPN Gateway Configuration
                                                                                                                                    1. Client Configuration
                                                                                                                                      1. Authentication Integration
                                                                                                                                        1. Quality of Service
                                                                                                                                      2. Network Segmentation and Segregation
                                                                                                                                        1. Network Segmentation Principles
                                                                                                                                          1. Security Benefits
                                                                                                                                            1. Performance Benefits
                                                                                                                                              1. Compliance Requirements
                                                                                                                                              2. Demilitarized Zone
                                                                                                                                                1. DMZ Architecture
                                                                                                                                                  1. Public-Facing Services
                                                                                                                                                    1. Web Servers
                                                                                                                                                      1. Email Servers
                                                                                                                                                        1. DNS Servers
                                                                                                                                                        2. Segregation from Internal Network
                                                                                                                                                          1. Multi-Tier DMZ Design
                                                                                                                                                          2. Virtual LANs
                                                                                                                                                            1. VLAN Fundamentals
                                                                                                                                                              1. VLAN Tagging
                                                                                                                                                                1. 802.1Q Standard
                                                                                                                                                                  1. Native VLANs
                                                                                                                                                                    1. VLAN Trunking
                                                                                                                                                                    2. Inter-VLAN Routing
                                                                                                                                                                      1. Router-on-a-Stick
                                                                                                                                                                        1. Layer 3 Switches
                                                                                                                                                                          1. VLAN Routing Security
                                                                                                                                                                          2. VLAN Security Best Practices
                                                                                                                                                                          3. Microsegmentation
                                                                                                                                                                            1. Zero Trust Architecture
                                                                                                                                                                              1. Software-Defined Networking
                                                                                                                                                                                1. SDN Controllers
                                                                                                                                                                                  1. OpenFlow Protocol
                                                                                                                                                                                    1. Network Virtualization
                                                                                                                                                                                    2. Policy Enforcement at Host Level
                                                                                                                                                                                      1. Container and VM Segmentation
                                                                                                                                                                                      2. Network Access Control
                                                                                                                                                                                        1. 802.1X Authentication
                                                                                                                                                                                          1. Port-Based Access Control
                                                                                                                                                                                            1. MAC Address Filtering
                                                                                                                                                                                          2. Secure Network Protocols
                                                                                                                                                                                            1. Secure Shell
                                                                                                                                                                                              1. SSH Protocol Versions
                                                                                                                                                                                                1. SSH Authentication Methods
                                                                                                                                                                                                  1. Password Authentication
                                                                                                                                                                                                    1. Public Key Authentication
                                                                                                                                                                                                      1. Host-Based Authentication
                                                                                                                                                                                                      2. SSH Key Management
                                                                                                                                                                                                        1. Key Generation
                                                                                                                                                                                                          1. Key Distribution
                                                                                                                                                                                                            1. Key Rotation
                                                                                                                                                                                                            2. SSH Tunneling
                                                                                                                                                                                                              1. SSH Hardening
                                                                                                                                                                                                              2. SSL and TLS
                                                                                                                                                                                                                1. Protocol Evolution
                                                                                                                                                                                                                  1. SSL 2.0/3.0
                                                                                                                                                                                                                    1. TLS 1.0/1.1/1.2/1.3
                                                                                                                                                                                                                    2. TLS Handshake Process
                                                                                                                                                                                                                      1. Certificate Management
                                                                                                                                                                                                                        1. Certificate Authorities
                                                                                                                                                                                                                          1. Certificate Validation
                                                                                                                                                                                                                            1. Certificate Revocation
                                                                                                                                                                                                                            2. Cipher Suites
                                                                                                                                                                                                                              1. Perfect Forward Secrecy
                                                                                                                                                                                                                              2. HTTPS Implementation
                                                                                                                                                                                                                                1. Web Server Configuration
                                                                                                                                                                                                                                  1. Certificate Installation
                                                                                                                                                                                                                                    1. HSTS Implementation
                                                                                                                                                                                                                                      1. Certificate Transparency
                                                                                                                                                                                                                                      2. Secure File Transfer
                                                                                                                                                                                                                                        1. SFTP Protocol
                                                                                                                                                                                                                                          1. FTPS Protocol
                                                                                                                                                                                                                                            1. SCP Protocol
                                                                                                                                                                                                                                              1. Secure File Transfer Best Practices
                                                                                                                                                                                                                                              2. Secure Email Protocols
                                                                                                                                                                                                                                                1. SMTPS
                                                                                                                                                                                                                                                  1. IMAPS
                                                                                                                                                                                                                                                    1. POP3S
                                                                                                                                                                                                                                                      1. S/MIME
                                                                                                                                                                                                                                                        1. PGP/GPG
                                                                                                                                                                                                                                                      2. Wireless Network Security
                                                                                                                                                                                                                                                        1. Wireless Security Fundamentals
                                                                                                                                                                                                                                                          1. Wireless Threat Landscape
                                                                                                                                                                                                                                                            1. RF Security Considerations
                                                                                                                                                                                                                                                              1. Wireless Network Architecture
                                                                                                                                                                                                                                                              2. Wireless Security Protocols
                                                                                                                                                                                                                                                                1. WEP
                                                                                                                                                                                                                                                                  1. WEP Encryption Process
                                                                                                                                                                                                                                                                    1. WEP Vulnerabilities
                                                                                                                                                                                                                                                                      1. WEP Attacks
                                                                                                                                                                                                                                                                      2. WPA
                                                                                                                                                                                                                                                                        1. TKIP Encryption
                                                                                                                                                                                                                                                                          1. WPA Vulnerabilities
                                                                                                                                                                                                                                                                            1. WPA Attacks
                                                                                                                                                                                                                                                                            2. WPA2
                                                                                                                                                                                                                                                                              1. AES-CCMP Encryption
                                                                                                                                                                                                                                                                                1. Pre-Shared Key Mode
                                                                                                                                                                                                                                                                                  1. Enterprise Mode
                                                                                                                                                                                                                                                                                    1. WPA2 Vulnerabilities
                                                                                                                                                                                                                                                                                    2. WPA3
                                                                                                                                                                                                                                                                                      1. Enhanced Encryption
                                                                                                                                                                                                                                                                                        1. Simultaneous Authentication of Equals
                                                                                                                                                                                                                                                                                          1. Enhanced Open
                                                                                                                                                                                                                                                                                            1. Easy Connect
                                                                                                                                                                                                                                                                                          2. Enterprise Wireless Security
                                                                                                                                                                                                                                                                                            1. 802.1X Authentication
                                                                                                                                                                                                                                                                                              1. RADIUS Integration
                                                                                                                                                                                                                                                                                                1. Extensible Authentication Protocol
                                                                                                                                                                                                                                                                                                  1. EAP-TLS
                                                                                                                                                                                                                                                                                                    1. EAP-TTLS
                                                                                                                                                                                                                                                                                                      1. PEAP
                                                                                                                                                                                                                                                                                                        1. EAP-FAST
                                                                                                                                                                                                                                                                                                        2. Certificate-Based Authentication
                                                                                                                                                                                                                                                                                                        3. Wireless Threat Mitigation
                                                                                                                                                                                                                                                                                                          1. Rogue Access Point Detection
                                                                                                                                                                                                                                                                                                            1. Wireless Intrusion Detection
                                                                                                                                                                                                                                                                                                              1. RF Monitoring
                                                                                                                                                                                                                                                                                                                1. Wireless Security Policies

                                                                                                                                                                                                                                                                                                            Previous

                                                                                                                                                                                                                                                                                                            1. Fundamentals of Network Security

                                                                                                                                                                                                                                                                                                            Go to top

                                                                                                                                                                                                                                                                                                            Next

                                                                                                                                                                                                                                                                                                            3. Network Access and Authentication