Time
3 hours 20 minutes
Difficulty
Beginner
CEU/CPE
4

Video Transcription

00:01
Hey, everyone, My name is Peter Sip alone, and this is the network Security course.
00:06
This is the conclusion. Video off module for
00:11
Perec Visits for this video are modules one, which was the introduction
00:16
module two is were recovered. The basic cybersecurity Foundational Principles Module three, where we took a look at select security applications, including data loss prevention,
00:29
incident response and risk management and module four or recovered network structure and apologies, network designs, principles, protocols and controls and also security models.
00:46
Let's take a quick recap breakdown of what we did in this module. First off, we took a look at network architecture. This is the structure and apologies of networks, so we saw how most the networks were broken down into four major components. The Internet, the intranet,
01:04
the Extra Net
01:07
and the D M Z. We also took a look at a bunch of networked apologies, including the bus, star
01:15
tree hybrid and ring to apologies,
01:19
and we took a look at network segmentation and isolation. This is things such as the extra net, where you know people who need access to some network resource and get them, but they don't have access to all of the network Resource is guest networks and WiFi
01:38
and really just air gapped networks and V lands as well. We also took a look at some network design principles, such as Lea's privilege. Where you only have access to enough resource is to do your job. We took a look at some protocols, such as I P SEC and it's two moods,
01:56
tunnel mood and transport Mood.
01:59
And we took a look at some controls things such as directives, which are policies, preventative controls, corrected controls and compensating controls.
02:07
We also looked at some security models. We took a look at the Bella Pa. Djula Confidentiality model, which enforces confidentiality through its two properties of No Read Up and No Right Down. And we also took a look at the Big Up Integrity model and the Clark Wilson Integrity model
02:28
did. A model focuses on
02:30
integrity through two properties of its own, the no right up and no every Down on the Cork Wilson model, which enforces integrity through a combination off authenticated users, authenticated programs and constrained data items where
02:46
the's specialized authenticated programs are the only things that can access the data items.
02:54
We took a look at some really common network attacks and defences. These air things such as spoofing and phishing di das man in the middle brute force. And we took a look at some mitigation techniques through Web filtering technologies such as
03:12
firewalls that D M Z and access control lists
03:19
lessons from the field time. I want to talk a little bit about the target data breach. This breach happened in 2013. During that, the holiday sees the height of the holiday season, and it impacted roughly about 60 million customers worldwide.
03:36
Price tag has been estimated to be around 250 to $300 million.
03:42
This breach happened because bad guys stole the log in credentials from 1/3 party, H Vac um service Provider four Target and then we're able to log on to Target's network from there
03:58
now, the H Vac third party had long at network access for monitoring and energy consumption and temperature and things like that, so they had access to Target's network. The problem came because of improper segmentation because once the bad guys were on Target's network,
04:17
they were able to move throughout the network
04:20
and eventually get access to the point of sale systems that target was using.
04:27
Now, this is a very bad case of network segmentation because there is no way in H Vac provider should have had access to on targets. Point of sale system H back provider Sins is 1/3 party should have been in a very well protected extra net
04:45
off the area where they had access to some resource is, but definitely not all of the resource is and definitely not the point of sale system.
04:54
Hope you guys learned a lot in this module, and I'll see you next time.

Up Next

Cyber Network Security

In the Cyber Network Security course, students will get an overview of key principles of cybersecurity and learn about different threats, regulations, and cybersecurity ethical considerations.

Instructed By

Instructor Profile Image
Pete Cipolone
Cyber Security Analyst and Programmer
Instructor