Network Security and Intrusion Detection

  1. Network Access and Authentication
    1. Network Access Control
      1. NAC Architecture
        1. Policy Decision Points
          1. Policy Enforcement Points
            1. Policy Information Points
            2. Pre-admission Control
              1. Device Discovery
                1. Device Profiling
                  1. Compliance Assessment
                  2. Post-admission Control
                    1. Continuous Monitoring
                      1. Behavioral Analysis
                        1. Remediation Actions
                        2. NAC Deployment Models
                          1. Agent-based NAC
                            1. Persistent Agents
                              1. Dissolvable Agents
                                1. Agent Capabilities
                                2. Agentless NAC
                                  1. Network-based Assessment
                                    1. Active vs Passive Scanning
                                      1. Limitations and Considerations
                                    2. NAC Integration
                                      1. Directory Services Integration
                                        1. SIEM Integration
                                          1. Vulnerability Management Integration
                                        2. Authentication Mechanisms
                                          1. Authentication Factors
                                            1. Knowledge Factors
                                              1. Possession Factors
                                                1. Inherence Factors
                                                  1. Location Factors
                                                    1. Time Factors
                                                    2. Single-Factor Authentication
                                                      1. Password-Based Systems
                                                        1. Password Policies
                                                          1. Complexity Requirements
                                                            1. Length Requirements
                                                              1. Expiration Policies
                                                              2. Password Security Risks
                                                                1. Brute Force Attacks
                                                                  1. Dictionary Attacks
                                                                    1. Rainbow Table Attacks
                                                                  2. Multi-Factor Authentication
                                                                    1. Two-Factor Authentication
                                                                      1. Three-Factor Authentication
                                                                        1. MFA Implementation Strategies
                                                                          1. MFA Bypass Techniques
                                                                            1. Risk-Based Authentication
                                                                            2. Biometric Authentication
                                                                              1. Biometric Modalities
                                                                                1. Fingerprint Recognition
                                                                                  1. Minutiae-Based Matching
                                                                                    1. Pattern-Based Matching
                                                                                      1. Ridge-Based Matching
                                                                                      2. Facial Recognition
                                                                                        1. 2D Facial Recognition
                                                                                          1. 3D Facial Recognition
                                                                                            1. Liveness Detection
                                                                                            2. Iris Scanning
                                                                                              1. Iris Pattern Analysis
                                                                                                1. Near-Infrared Imaging
                                                                                                2. Voice Recognition
                                                                                                  1. Behavioral Biometrics
                                                                                                    1. Biometric Security Considerations
                                                                                                    2. Token-Based Authentication
                                                                                                      1. Hardware Security Modules
                                                                                                        1. Smart Cards
                                                                                                          1. USB Tokens
                                                                                                            1. Mobile Device Tokens
                                                                                                              1. Time-Based One-Time Passwords
                                                                                                                1. HMAC-Based One-Time Passwords
                                                                                                              2. Centralized Authentication Protocols
                                                                                                                1. RADIUS
                                                                                                                  1. RADIUS Architecture
                                                                                                                    1. Authentication and Authorization Process
                                                                                                                      1. Access-Request Messages
                                                                                                                        1. Access-Accept Messages
                                                                                                                          1. Access-Reject Messages
                                                                                                                          2. RADIUS Attributes
                                                                                                                            1. Accounting Features
                                                                                                                              1. Accounting-Request Messages
                                                                                                                                1. Usage Tracking
                                                                                                                                  1. Billing Integration
                                                                                                                                  2. RADIUS Security
                                                                                                                                    1. Shared Secrets
                                                                                                                                      1. Message Authentication
                                                                                                                                        1. RADIUS over TLS
                                                                                                                                      2. TACACS+
                                                                                                                                        1. TACACS+ vs RADIUS
                                                                                                                                          1. Authentication Process
                                                                                                                                            1. Authorization Process
                                                                                                                                              1. Command Authorization
                                                                                                                                                1. Privilege Levels
                                                                                                                                                  1. Command Sets
                                                                                                                                                  2. Accounting Process
                                                                                                                                                    1. Encryption Features
                                                                                                                                                      1. TACACS+ Configuration
                                                                                                                                                      2. Kerberos
                                                                                                                                                        1. Kerberos Architecture
                                                                                                                                                          1. Key Distribution Center
                                                                                                                                                            1. Authentication Server
                                                                                                                                                              1. Ticket Granting Server
                                                                                                                                                              2. Kerberos Authentication Process
                                                                                                                                                                1. Ticket Granting Ticket
                                                                                                                                                                  1. Service Tickets
                                                                                                                                                                    1. Mutual Authentication
                                                                                                                                                                      1. Kerberos Security Features
                                                                                                                                                                        1. Kerberos Vulnerabilities
                                                                                                                                                                        2. LDAP and Active Directory
                                                                                                                                                                          1. Directory Services
                                                                                                                                                                            1. LDAP Authentication
                                                                                                                                                                              1. Active Directory Integration
                                                                                                                                                                                1. Group Policy Management
                                                                                                                                                                                2. SAML and Single Sign-On
                                                                                                                                                                                  1. SAML Architecture
                                                                                                                                                                                    1. Identity Providers
                                                                                                                                                                                      1. Service Providers
                                                                                                                                                                                        1. SAML Assertions
                                                                                                                                                                                          1. SSO Implementation

                                                                                                                                                                                      Previous

                                                                                                                                                                                      2. Network Security Controls and Technologies

                                                                                                                                                                                      Go to top

                                                                                                                                                                                      Next

                                                                                                                                                                                      4. Introduction to Intrusion Detection and Prevention