Network Security and Vulnerability Exploitation

  1. Defensive Network Security Architecture
    1. Defense in Depth Strategy
      1. Layered Security Model
        1. Security Controls Classification
          1. Preventive Controls
            1. Detective Controls
              1. Corrective Controls
              2. Network Segmentation and Isolation
                1. Network Segmentation Principles
                  1. Micro-segmentation
                    1. Zero Trust Architecture
                      1. Demilitarized Zone Design
                        1. Single-Homed DMZ
                          1. Dual-Homed DMZ
                            1. Three-Legged DMZ
                            2. Virtual LANs
                              1. VLAN Configuration
                                1. VLAN Tagging
                                  1. Inter-VLAN Routing
                                    1. VLAN Security
                                    2. Network Access Control
                                      1. 802.1X Authentication
                                        1. MAC Address Filtering
                                          1. Port Security
                                          2. Air Gap Networks
                                            1. Physical Isolation
                                              1. Logical Isolation
                                                1. Use Cases and Limitations
                                              2. Firewall Technologies
                                                1. Firewall Types
                                                  1. Packet Filtering Firewalls
                                                    1. Stateful Inspection Firewalls
                                                      1. Proxy Firewalls
                                                        1. Next-Generation Firewalls
                                                        2. Firewall Deployment Models
                                                          1. Network Firewalls
                                                            1. Host-based Firewalls
                                                              1. Cloud Firewalls
                                                              2. Firewall Rule Management
                                                                1. Rule Creation
                                                                  1. Rule Optimization
                                                                    1. Rule Testing
                                                                    2. Web Application Firewalls
                                                                      1. WAF Deployment Modes
                                                                        1. OWASP Top 10 Protection
                                                                          1. Custom Rule Development
                                                                        2. Intrusion Detection and Prevention
                                                                          1. IDS/IPS Architecture
                                                                            1. Network-based Systems
                                                                              1. Host-based Systems
                                                                                1. Hybrid Deployments
                                                                                2. Detection Methods
                                                                                  1. Signature-based Detection
                                                                                    1. Anomaly-based Detection
                                                                                      1. Behavioral Analysis
                                                                                        1. Machine Learning Approaches
                                                                                        2. IDS/IPS Deployment
                                                                                          1. Inline vs Out-of-band
                                                                                            1. Sensor Placement
                                                                                              1. High Availability
                                                                                              2. Alert Management
                                                                                                1. Alert Correlation
                                                                                                  1. False Positive Reduction
                                                                                                    1. Incident Escalation
                                                                                                  2. Virtual Private Networks
                                                                                                    1. VPN Types
                                                                                                      1. Site-to-Site VPNs
                                                                                                        1. Remote Access VPNs
                                                                                                          1. Client-to-Site VPNs
                                                                                                          2. VPN Protocols
                                                                                                            1. IPsec
                                                                                                              1. Authentication Header
                                                                                                                1. Encapsulating Security Payload
                                                                                                                  1. Internet Key Exchange
                                                                                                                  2. SSL/TLS VPNs
                                                                                                                    1. PPTP
                                                                                                                      1. L2TP
                                                                                                                      2. VPN Security Considerations
                                                                                                                        1. Encryption Algorithms
                                                                                                                          1. Key Management
                                                                                                                            1. Authentication Methods
                                                                                                                          2. Security Monitoring and Analytics
                                                                                                                            1. Security Information and Event Management
                                                                                                                              1. Log Collection
                                                                                                                                1. Event Correlation
                                                                                                                                  1. Real-time Monitoring
                                                                                                                                    1. Compliance Reporting
                                                                                                                                    2. Security Orchestration and Automated Response
                                                                                                                                      1. Playbook Development
                                                                                                                                        1. Automated Incident Response
                                                                                                                                          1. Integration Capabilities
                                                                                                                                          2. Threat Intelligence Platforms
                                                                                                                                            1. Intelligence Sources
                                                                                                                                              1. Indicator Management
                                                                                                                                                1. Threat Hunting

                                                                                                                                            Previous

                                                                                                                                            1. Foundations of Network Security

                                                                                                                                            Go to top

                                                                                                                                            Next

                                                                                                                                            3. Cryptography in Network Security