CompTIA Network+ Cert: Wireless Network Security & Risks

This lecture covers the following CompTIA Network+ Exam Objectives:

• 1.3 Explain the concepts and characteristics of routing and switching

• 1.5 Compare and contrast the characteristics of network topologies, types, and technologies

• 1.6 Given a scenario, implement the appropriate wireless technologies and configurations

• 2.2 Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them

• 2.3 Explain the purposes and use cases for advanced networking devices

• 4.3 Given a scenario, secure a basic wireless network

• 4.4 Summarize common networking attacks

• 5.4 Given a scenario, troubleshoot common wireless connectivity and performance issues

After completing this lecture, students will be able to:

• List the variant agencies that develop and enforce wireless standards

• Describe the different frequency bands and how they relate to one another

After completing this lecture, students will be able to:

• Memorize the IEEE 802.11 standards

• Recall the purposes for the variant 802.11 standards

After completing this lecture, students will be able to:

• Describe what a WAP is

• Recall how a Wireless NIC provides network connectivity to roaming hosts/guests

• Review the different types of wireless antennas and the capability that they provide

After completing this lecture, students will be able to:

• Define ad hoc mode and how it does not rely on a WAP

• Review the different types of wireless networks and the capability they provide

• Describe infrastructure mode

• Distinguish between ad hoc and infrastructure mode and list their pros and cons

• Recall mobile hot spots and how they extend services to users

• Describe signal degradation

• Illustrate WLAN modulation techniques

• List the different signal degradation factors and how they impact performance

After completing this lecture, students will be able to:

• Define what a site survey is

• Describe what equipment should be needed when determining wireless support in an area

• Describe how capacity supports site survey analysis

After completing this lecture, students will be able to:

• Explain what a rogue access point is and what can be obtained using it

• Recall how you can reduce the threats of rogue AP

• Describe why ad hoc networks are not suited for best business practices

• Explain wardriving and how it is marked

• Define open access

• Illustrate how SSIDs are generated

• Examine how RADIUS server supports AAA

• Recall how you can reduce the threats of rogue AP

• Relate how WPA/WPA2 encryption methods work and how one is superior to the other

• Define TKIP and discuss its purpose

This lecture covers the following CompTIA Network+ Exam Objectives:

• 1.1 Explain the purposes and uses of ports and protocols

• 1.3 Explain the concepts and characteristics of routing and switching

• 2.3 Explain the purposes and use cases for advanced networking devices

• 3.4 Given a scenario, use remote access methods

• 3.5 Identify policies and best practices

• 4.1 Summarize the purposes of physical security devices.

• 4.2 Explain authentication and access controls

After completing this lecture, students will be able to:

• Define what an access control list is

• Illustrate how an ACL is applied

• Describe port and MAC filtering

• Recall how tunneling can secure network traffic and preserve integrity and confidentiality

• Memorize the various tunneling protocols such as SSL and L2TP

• Name the two different encryption methods

• Describe what a VPN is and what protocols are used to support it

• List the symmetric encryption key methods

• List the asymmetric encryption key methods

• Recall what RDP is and how it is employed

• Describe out-of-band management

After completing this lecture, students will be able to:

• Apply access rights and least privilege

• Describe deleting versus disabling a stale account

• Describe why using an anonymous account is suitable given a certain scenario

• Apply best practice when establishing password management

• Recall what single sign-on (SSO) is and how it supports a large enterprise

• Compare and contrast local authentication, LDAP, and using digital certificates for authentication

• Illustrate the various multifactor authentication methods

After completing this lecture, students will be able to:

• Describe PKI and how it supports a large organization

• Recall Kerberos and the process that it follows

• List and compare the differences between RADIUS and TACACS

• Illustrate CHAP authentication procedure

• Describe hash and what it is used for

• Compare and Contrast SHA and MD5

• Illustrate the difference between an edge network and an internal network

• Examine why an administrator would use a quarantine network

This lecture covers the following CompTIA Network+ Exam Objectives:

• 3.3 Explain common scanning, monitoring, and patching processes and summarize their expected outputs

• 3.5 Identify policies and best practices

• 4.1 Summarize the purposes of physical security devices

• 4.3 Given a scenario, secure a basic wireless network

• 4.4 Summarize common networking attacks

• 4.5 Given a scenario, implement network device hardening

• 4.6 Explain common mitigation techniques and their purposes

After completing this lecture, students will be able to:

• Describe what a denial of service (DoS) is and how it impacts services

• Illustrate Ping of Death

• Recall DoS and apply that to what a distributed denial of service (DDoS) is

• List the types of SYN flood attacks

• Formulate how an ARP poison attack occurs

• Examine the differences between spoofing, brute force, and session hijacking and how they prevent and disrupt user operations

• Describe how an attacker could circumvent security measures that an AAA utilizes

• Describe what viruses are and how to mitigate them

• Describe how a ransomware denies a user its resources

• Recall the various types of viruses

• Illustrate why it is difficult to combat zero day attacks

• Describe how to defend against insider threats

After completing this lecture, students will be able to:

• Demonstrate the difference between exploits and vulnerability

• Apply the skills an administrator would have to lower the surface threat against a system

• Assess how unnecessary open ports and legacy or outdated systems can allow for exploits to materialize

• Recall TEMPEST and how an adversary may leverage RF to exploit an organizational asset

• Describe how packet sniffing can allow an adversary to gain significant information about a network

• List the different tools an adversary can use against a network in order to gain information and possible credentials

• Compare the different types of war-driving techniques

• Compare and contrast the different types of wireless attacks

After completing this lecture, students will be able to:

• Distinguish between active detection and passive detection and describe how a security manager would best utilize both

• Define incident response and memorize the six incident handling steps

• Recall chain of custody and its significance if it comes to bearing witness in a legal forum

• Memorize the order of volatility and the importance of preserving evidence as best as possible

After completing this lecture, students will be able to:

• Describe what a security policy is and how it supports and protects the organization

• Discuss how a security audit supports legal and company policies

• Describe the exit interview and what should be done after an employee vacates the organization

• Compare and contrast a policy versus a procedure

• Describe the difference between administrative training and end-user training

• Classify hotfixes and how they are different from patches and upgrades

• Memorize the various physical sensors and detectors and how organizations use them within their environment

After completing this lecture, students will be able to:

• Differentiate between host-based and cloud/server-based anti-malware solution

• Discuss the two components of an antivirus program, and describe how each of them support against detection and signature matching

This lecture covers the following CompTIA Network+ Exam Objectives:

• 1.3 Explain the concepts and characteristics of routing and switching

• 2.2 Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them

• 2.3 Explain the purposes and use cases for advanced networking devices

• 3.2 Compare and contrast business continuity and disaster recovery concepts

• 4.1 Summarize the purposes of physical security devices

• 4.2 Explain authentication and access controls

• 4.6 Explain common mitigation techniques and their purposes

After completing this lecture students will be able to:

• Describe the purpose of the DMZ and how an administrator would set services inside the DMZ

• Illustrate how an administrator would create a private and public LAN and analyze the security risks that are associated with both

• Recall why a firewall is configured by default to deny all and why it is important that it is designed this way

• Compare and contrast network-based versus host-based firewalls and list key advantages of each

After completing this lecture, students will be able to:

• Recall firewall ACL and discuss how inbound and outbound statements that are configured incorrectly can still allow unauthorized traffic to pass-through

• Memorize best practices for filtering ICMP and Traceroute techniques

• Define Extended ACLs and how they can increase the depth of protection for a network

• Define inbound and outbound ACLs

• Evaluate how a DMZ can still allow a potential adversary within the private network

• Demonstrate how dynamic packet filtering keeps track of all communication inside and outside the network

• Describe how proxy services protect the internal network from the public Internet

After completing this lecture, students will be able to:

• Describe how stateful versus stateless firewalls protect the internal network and which one is preferred over the other

• Classify a Layer 7 firewall and compare the performance against a Layer 3 firewall

After completing this lecture, students will be able to:

• Assess how content versus signature versus contextual awareness provides better performance

• Describe zones within a firewall and how an administrator would employ them

After completing this lecture, students will be able to:

• Describe the difference between an IPS and an IDS and categorize the purpose of why an administrator might choose one over the other

• Illustrate the benefits of notification and logging that an IPS/IDS provides to administrators

• Categorize between host-based and network-based IPS/IDS

• Indicate why using vulnerability scanners is essential for network-based and host-based security methods

• Analyze why unified threat management may not be as good as previously thought

After completing this lecture, students will be able to:

• Define what a VPN concentrator is and how it is designed to support a large organization with networks

• Illustrate what protocols and services a VPN concentrator provides to an organization

After completing this lecture, students will be able to:

• Define physical security and how such devices protect an organization from external and internal threats

• Memorize the various types of locks such as keypads, ciphers, and biometrics that grant authorized access

• Assess how logical security configurations secure an organization's network

• Define risk management, disaster recovery, and business continuity

• In a given scenario, choose the type of recovery site that is best suited for certain organizations

• Memorize the various types of data backup methods and how an administrator may choose one over another given a certain scenario

• Describe MTTR, MTBF, and how an organization should plan and prepare to support recovery

• List the different types of RAID configurations and how a system administrator may employ the configuration that is the best method