Hey, everyone, My name is Peter Sip alone, and this is the network Security course.
This is the conclusion. Video off module for
Perec Visits for this video are modules one, which was the introduction
module two is were recovered. The basic cybersecurity Foundational Principles Module three, where we took a look at select security applications, including data loss prevention,
incident response and risk management and module four or recovered network structure and apologies, network designs, principles, protocols and controls and also security models.
Let's take a quick recap breakdown of what we did in this module. First off, we took a look at network architecture. This is the structure and apologies of networks, so we saw how most the networks were broken down into four major components. The Internet, the intranet,
and the D M Z. We also took a look at a bunch of networked apologies, including the bus, star
tree hybrid and ring to apologies,
and we took a look at network segmentation and isolation. This is things such as the extra net, where you know people who need access to some network resource and get them, but they don't have access to all of the network Resource is guest networks and WiFi
and really just air gapped networks and V lands as well. We also took a look at some network design principles, such as Lea's privilege. Where you only have access to enough resource is to do your job. We took a look at some protocols, such as I P SEC and it's two moods,
tunnel mood and transport Mood.
And we took a look at some controls things such as directives, which are policies, preventative controls, corrected controls and compensating controls.
We also looked at some security models. We took a look at the Bella Pa. Djula Confidentiality model, which enforces confidentiality through its two properties of No Read Up and No Right Down. And we also took a look at the Big Up Integrity model and the Clark Wilson Integrity model
did. A model focuses on
integrity through two properties of its own, the no right up and no every Down on the Cork Wilson model, which enforces integrity through a combination off authenticated users, authenticated programs and constrained data items where
the's specialized authenticated programs are the only things that can access the data items.
We took a look at some really common network attacks and defences. These air things such as spoofing and phishing di das man in the middle brute force. And we took a look at some mitigation techniques through Web filtering technologies such as
firewalls that D M Z and access control lists
lessons from the field time. I want to talk a little bit about the target data breach. This breach happened in 2013. During that, the holiday sees the height of the holiday season, and it impacted roughly about 60 million customers worldwide.
Price tag has been estimated to be around 250 to $300 million.
This breach happened because bad guys stole the log in credentials from 1/3 party, H Vac um service Provider four Target and then we're able to log on to Target's network from there
now, the H Vac third party had long at network access for monitoring and energy consumption and temperature and things like that, so they had access to Target's network. The problem came because of improper segmentation because once the bad guys were on Target's network,
they were able to move throughout the network
and eventually get access to the point of sale systems that target was using.
Now, this is a very bad case of network segmentation because there is no way in H Vac provider should have had access to on targets. Point of sale system H back provider Sins is 1/3 party should have been in a very well protected extra net
off the area where they had access to some resource is, but definitely not all of the resource is and definitely not the point of sale system.
Hope you guys learned a lot in this module, and I'll see you next time.