• DISCOVER
  • CREATE
IN-FOCUS
CONCEPTS
PROCESS
ROLES
CONTEXT
RATIONALE
HANDS-ON LAB
CHALLENGE
CONTRIBUTING FACTORS
COURSE OF ACTION
Key Concepts:
  • Confidentiality, integrity, and availability (C-I-A) mandates for network resource security
  • Network security and its value to the enterprise
  • Roles and responsibilities in network security
  • Impact of network infrastructure design on security
  • Features, uses, and benefits of network security countermeasures

Network Security,
Firewalls, and VPNs

Network Security Basics

Network Security Basics

In this section you will examine the concepts, processes, roles, and context related to information system security issues faced by IT professionals on a daily basis, and learn why certain decisions are made in the real workplace.

Concepts:Before you can perform any task, you need to understand critical concepts being used in the IT security world. These concepts provide the relevant and cumulative framework necessary for effective learning.

Process:Processes are a part of any workplace. Business processes cut across existing organizational divisions. In this section, you will learn about the standard processes that exist in work environments today.

Roles:Most organizations are structured into divisions and departments (e.g. sales, finance, customer service, IT) that are dedicated to performing specific functions and staffed with personnel who have expertise in those functions.

Where different activities in a process require different skills, the process is likely to involve a number of people and departments. It is critical for you to learn who is involved in, or impacted by, IT security-related decisions, and how individuals in those roles communicate and collaborate with IT security professionals.

Concepts:Processes and roles vary according to industry. Contextual differences are most apparent in areas such as government, military, health care, and corporations. In this section, you will learn how IT security processes and methods are implemented in those professional contexts, and how the differences between these industries impact IT security problem resolution.

Rationale:This section of the lesson will help you with "Why?" questions. Ability to formulate a rationale, or reasoning, behind every business decision supported by data analysis is a critical competency required from today's IT security professionals. In this section, you will learn how professional decision making takes place in a real workplace environment.

Network Security Fundamentals
Think about answers to the following questions and then click each question to reveal its answer. After looking at the answers, click the ACTIVITY button to attempt a simple activity related to network security fundamentals.
  • What are the fundamental concepts of network security?
  • What are the primary goals of information security?
  • What are the secondary goals of information security?
  • What are the primary mandates of a network security policy?
X
Here are the fundamental concepts of network security that you need to apply when designing your security measures:
  • Establish C-I-A mandates for network resource security.
  • Analyze network security and its value to your enterprise.
  • Determine roles and responsibilities in network security.
  • Evaluate the impact of the network infrastructure design on security.
  • Evaluate the features, uses, and benefits of network security countermeasures.
Click the thumbnail to view the enlarged version of the graphic.
When designing security measures, you need to achieve the following primary goals:
  • Confidentiality is protection against unauthorized access while providing authorized users access to resources without obstruction. Confidentiality ensures that data is not intentionally or unintentionally disclosed to anyone without a valid need to know.
  • Integrity is protection against unauthorized changes while allowing for authorized changes performed by authorized users. Integrity ensures that data remains consistent both internally and externally.
  • Availability is protection against downtime, loss of data, and blocked access while providing consistent uptime, protecting data, and supporting authorized access to resources.
Click the thumbnail to view the enlarged version of the graphic.
The following secondary goals help you realize your primary goals:
  • Authentication is the proof or verification of a user's identity before granting access to a secured resource or area.
  • Authorization is controlling what users are allowed and not allowed to do.
  • Nonrepudiation is the security service that prevents a user from being able to deny having performed an action.
  • Privacy protects the C-I-A of personally identifiable or sensitive data.
Click the thumbnail to view the enlarged version of the graphic.
When you create a network security policy for an organization, you need to follow these primary mandates:
  • Ensure the confidentiality of resources.
  • Protect the integrity of data.
  • Maintain the availability of the IT infrastructure.
  • Ensure the privacy of personally identifiable data.
  • Enforce access control.
  • Monitor the IT environment for the violation of the policy.
  • Support business tasks and the overall mission of the organization.
Click the thumbnail to view the enlarged version of the graphic.
Security Countermeasures
Imagine how defining a policy, promoting awareness, and conducting training will establish appropriate security countermeasures.

Think about the uses, benefits, and limitations of the following common countermeasures. Then, position the mouse pointer over each countermeasure to read about it. After going through the countermeasures, click the ACTIVITY button to attempt a simple activity related to countermeasures.

Security Countermeasures
  • Firewalls
  • Virtual private network (VPN)
  • Intrusion detection system (IDS)
  • Intrusion prevention system (IPS)
  • Data loss prevention
  • Security incident and event management (SIEM)
  • Continuous control monitoring
  • Vulnerability assessment
Uses
  • Filter traffic
  • Perform segmentation
Benefits
  • Work as the first line of defense
  • Prevent unnecessary traffic from entering the internal network
Limitations
  • Are restricted to perimeter defense
  • Are not content-oriented
  • Are limited to yes or no
Uses
  • Permits remote access
  • Uses an encrypted tunnel
Benefits
  • Works as a private tunnel
  • Extends perimeter of the network
Limitations
  • Does not prevent a man-in-the-middle attack
  • Is not traffic-oriented
Uses
  • Monitors traffic
  • Watches over hosts or networks
  • Detects intrusion attempts
Benefits
  • Alerts administrators about suspicious behavior
Limitations
  • Relies on signatures
  • Brings out false positives
Uses
  • Monitors traffic
  • Blocks attacks
  • Watches over hosts or networks
Benefits
  • Alerts administrators about suspicious behavior
  • Helps in prevention of attacks
Limitations
  • Relies on signatures
  • Brings out false positives
Uses
  • Helps to monitor data loss
  • Helps to block data loss
Benefits
  • Detects various types of sensitive data
  • Notifies of confidentiality breaches
Limitations
  • Is signature reliant
  • Brings out false positives
  • May not work with encrypted data
Uses
  • Aggregate security logs
  • Correlate security logs
Benefits
  • Monitor and review security logs
  • Generate alerts
Limitations
  • Bring out false positives
  • Make data heavy
  • Are limited to log information
Uses
  • Checks for configuration
  • Is standard compliant
  • Monitors real-time data
Benefits
  • Automates continuous monitoring
  • Performs self-correction
Limitations
  • Includes emerging technologies
  • Is policy dependent
Uses
  • Tests systems
Benefits
  • Proactively addresses vulnerabilities
  • Centralizes tracking
Limitations
  • Is limited to known vulnerabilities
  • Creates noise
Roles and Responsibilities in Network Security
Why every person in an organization is responsible for understanding his or her role in supporting and maintaining network security? Well, the answer is simple; if only one person fails to fulfil his or her responsibility, security for all will suffer.

Click each role to read about it. Next, click the ACTIVITY button to attempt a simple activity related to roles and responsibilities.
  • Senior management
  • IT management
  • IT security staff
  • Managers (nontechnical)
  • Network administrators
  • Users
  • Auditors?
Senior management
  • Senior management
  • Is responsible for security
  • Sets strategic direction and expectations for the security policy
  • Assigns responsibility to the necessary resources to ensure the creation of the security policy
  • Understands the risks the organization is facing

IT management
  • Supports all IT assets
  • Is responsible for designing, writing, and executing the security policy
  • Ensures that security is a priority
  • Makes decisions to balance the concerns of both security and usability in conjunction with the business
  • Is responsible for the CIA of the systems

IT security staff
  • Includes IT security program managers and computer security managers
  • Is responsible for the design, execution, and maintenance of security
  • Manages assets that are pertinent to defense
  • Manages vulnerabilities and threats
  • Implements countermeasures to ensure CIA

Managers (nontechnical)
  • Ensure that employees have tools necessary to accomplish their work
  • Are responsible for getting their employees trained on and to adhere to the security policy
  • Are required to adhere to and support the security policy

Network administrators
  • Manage computer resources
  • Are responsible for changes to resources
  • Ensure that resources adhere to the principles of CIA
  • Implement technical controls as mandated by the security policy

Users
  • Include consumers of IT resources
  • Perform duties mentioned in their job descriptions
  • Understand and comply with the security policy
  • Are aware of security issues

Auditors
  • Monitor for compliance
  • Conduct tests to ensure that controls are in place and effective
  • Partner with IT staff to create more effective security policy and controls
  • Understand risks and threats the organization is facing

Guide to Network Requirements
You need to consider various factors to identify your network requirements and their security implications. Review the following factors and think how they can guide you to understand your network security requirements. Then, click each factor to read about it.
  • Business requirements considerations
  • Wired networking considerations
  • Wireless networking considerations
  • Mobile networking considerations
Network availability is one of the primary objectives of network security because availability requirements change the design of a system. A single path connection is useful in reducing threats. However, try to avoid network designs that have a single point of failure. Always try to have redundant options to ensure that your mission-critical functions can take place.

A bottleneck might at first be a slight hindrance to high performance and productivity, but it can later become a form of denial of service (DoS). Another consideration is traffic control and filtering.

Lack of external connectivity creates physical isolation. However, you can rely on physical controls to protect a wired network. This is because external threats must breach a physical barrier. If external connectivity is required, the controls should provide nearly the same level of protection as physical isolation while enabling the business to function normally. In such cases, you can consider segmentation and rigorous front-door screening.

Wireless networking is inexpensive to deploy because you do not need to run wires, and yet it provides multiple users quick connectivity. A wireless network is convenient and provides mobility and ubiquity. All laptops now come equipped with wireless.

However, a wireless network has some concerns that you need to consider. It introduces a new attack surface. Therefore, it requires additional design considerations to mitigate attacks.

Mobile networking allows users to be completely mobile. It requires considerations for central management. In addition, the potential of mobile devices to be lost needs to be considered.

Seven Domains of a Typical IT Infrastructure
When it comes to finding out potential vulnerabilities and weaknesses of a computer network, you need to analyze each of the seven domains of a typical IT infrastructure.

Position the mouse pointer over each domain to learn more.
Seven Domains of a Typical IT Infrastructure
User Domain

This domain refers to actual users whether they are employees, consultants, contractors, or other third-party users. Any user who accesses and uses the organization’s IT infrastructure need to review and sign an acceptable use policy (AUP) prior to being granted access to the organization’s IT resources and infrastructure.

Workstation Domain

This domain refers to the end user's desktop devices, such as a desktop computer, a laptop, and a Voice over Internet Protocol (VoIP) telephone. Workstation devices typically require security countermeasures, such as antivirus, antispyware, and vulnerability software patch management to maintain the integrity of a device.

LAN Domain

This domain refers to the physical and logical local area network (LAN) technologies, such as 100 Mbps/1000 Mbps switched Ethernet and the 802.11 family of wireless LAN technologies, used to support workstation connectivity to the organization's network infrastructure.

LAN-to-WAN Domain

This domain refers to an organization's internetworking and interconnectivity point between the LAN and wireless access network (WAN) infrastructures. Routers, firewalls, demilitarized zones (DMZs), IDS, and IPS are commonly used as security-monitoring devices in this domain.

Remote Access Domain

This domain refers to the authorized and authenticated remote access procedures for users to remotely access the organization's IT infrastructure, systems, and data. Remote access solutions typically involve secure sockets layer (SSL) 128-bit encrypted remote browser access or encrypted VPN tunnels for secure remote communications.

System/Application Domain

This domain refers to the hardware, operating system software, database software, client/server applications, and data that are typically housed in an organization's data center and computer rooms.

WAN Domain

An organization with remote locations requires a WAN to interconnect them. Organizations typically outsource WAN connectivity from service providers for end-to-end connectivity and bandwidth. This domain typically includes routers, circuits, switches, firewalls, and equivalent gear at remote locations sometimes under a managed service offering by a service provider.

In this section, you will have an opportunity to practice the concepts and processes that you have explored in this lesson.

The Hands-On Lab provides you with an engaging learning experience that is diagnostic and flexible. Following the instructions provided in the Lab Manual, you will be able to practice the steps IT Security Specialists perform on a daily basis and develop the skills required for effective execution and management of IT Security operations.

Download the lab worksheet for this lesson from the course dashboard. Complete the worksheet and submit to your instructor for grading.

In this section, you will have an opportunity to apply what you’ve learned in this lesson in the context of analyzing a business situation. Although simplified, a problem scenario provided here depicts the challenges often faced by professionals in the workplace.

In this interactive case study, you will explore a business situation, review critical information related to the problem discussed in the case, decide on the course of action, and receive a decision analysis summary that discusses the implications of your decision. Once you analyze the impact of your decision, explore alternative solutions to learn about other potential ways to address the issue in the case. Complete your work on the case by submitting the graded assignment that will reflect on your process of analyzing the business situation and defining an appropriate course of action.

Lately, you had suggested network security countermeasures to Corporation Techs. Do you think all your suggestions will be incorporated in the system, or will you need to provide a rationale for implementing each remedy? Let's find out.

Click the image of the chief security officer to know what he wants to share with you. After you have gone through the challenge, navigate to Contributing Factors from the panel at the top of your screen.

Corporation Techs' current network consists of 30 workstations, 1 print server, 2 database servers, and 1 application server. The network is connected through a series of switches and is physically isolated from other networks.

Corporation Techs plans to add a Web server and an Internet connection to the network. The Internet connection will provide Internet access to the workstations and allow customers to externally access the Web server. Additionally, Corporation Tech plans to add 10 laptops and would like to connect them to the network in wireless mode.

Corporation Techs' network team comes to you with a suggested network design and asks you to review and identify possible security threats, if any. You need to research and identify the appropriate network security countermeasures for the identified threats.

We have planned another meeting next week where Corporation Techs' board will finalize network security countermeasures that will reduce or eliminate the security threats in the suggested network design. Therefore, the board wants you to create a summary that supports your list of suggested network security countermeasures. I will send you an e-mail that will detail out what all is required in your summary.

Contributing Factors
From where do you think you can gather information on this case? Let's find out by clicking the contributing factors. After you have gone through the contributing factors, navigate to Course of Action from the panel at the top of your screen.

Review Documents
Read E-Mail

Select the icon from the top to receive additional
information related to the situation

Click here to access the suggested network design for Corporation Techs.

Course of Action
Use the following checklist as a guide to complete this assignment. Note that the tasks that you have completed are already checked in the list.

Tasks

  • Have a discussion with the chief security officer.
  • Consider all the factors that contribute to the challenge.
  • Review the case of Corporation Techs.
  • Analyze the possible security threats in the suggested network design.
  • Create a summary in the form of a list of all the suggested network security countermeasures.
  • Write your rationale for each suggested countermeasure.
  • Prioritize your suggested countermeasures for the given challenge.
  • Write your final recommendations.
  • Conduct a self-review of the executive summary with respect to the evaluation criteria mentioned in the assignment requirements.
  • Submit the assignment to your instructor.
At the end of this lesson, you should be able to:
  • Relate confidentiality, integrity, and availability (CIA) to the seven domains of a typical information technology (IT) infrastructure.
  • Describe the key concepts and terms associated with network security.
  • Describe the roles, responsibilities, and accountabilities of people responsible for network security in an IT organization.
  • Relate how a network design impacts security.
In this lesson, you will cover the fundamental concepts of network security. You will understand the primary mandates of a network security policy. You will learn about the roles and responsibilities of people involved in network security in an IT organization. In addition, you will explore the types of network security countermeasures.