7 hours 35 minutes
Hey, guys, Welcome to another episode of the S S C P Exam Prep Siri's I'm your host, Peter Simple in this is going to be the sixth lesson in the sixth domain.
So far in this domain, we've taken a look at the L S I and TCP ikey models which show how information is sent from one user to another over the network. We've taken a look at I p networking and how information is truly sent over. A network
we've taken will get networked apologies and how they can help or her and organization, depending on its needs.
We've taken a look at D. N s and elder, which is acquiring information from a website and acquire information an organization. For the first time, we looked a commonly used ports and protocols. We've taken a look at telecommunications technologies and how they apply to a network. And now finally,
in this lesson, we're gonna take a look at controlled network access.
Very important for the SST PT practitioner to be familiar with all of the traffic and information that are coming in and out of the network, lets get started
The best way to control access to anything is to monitor any and all routes that could be used to access the item in question.
None of this applies to networks.
When all paths are watched, a malicious traffic can be identified and you can successfully restrict access to your network. Now there's a bunch of different ways to restrict access to your network, and the 1st 1 is Boundary Writer said. This is Roger's on the edge that advertised Rudes
that external host can use to reach internal hosts.
Now Boundary Rather's. These were the first rounders that a packet comes to when it's entering a new network for the first time, so there's a couple different jobs of the bounder out of one. It's good for filtering traffic
s, so it's not going to send any traffic further into the network that's malicious or it doesn't like, and also it prevents Spoofing
a security perimeter is the first line of defense between networks. Usually includes things that just far walls I. D. S systems, boundary routers.
Um, these are it's a surge, the collection of the voices that help provide protection to the network. Now this is only the first lot of fence defense. It should never be the only line of defense. Simply because ah, Miss configuration can leave your entire network wide open
some more network access controls. There is network partitioning. That's where neck networks are segmented into different areas. So if you have maybe some critical servers or some sensitive data servers might wanna isolate them on their own network from
the rest of the network. So if something happens to the regular network,
it won't impact the data sensors and then with the only isolated network. Obviously, there's less traffic. There's less chance of anything happening to them.
You can have a dual homed host, which has to, AH, network interfaces cards each them on a separate network, which is very effective, provided that the two necks don't exchange information with each other,
and you have a bashed in whose, which is the highly exposed device that will most likely be targeted for attacks.
Fashion hosts are usually placed on the public side of a firewall or somewhere in the D M Z area. If there is two firewalls,
usually bashing hosts are usually exist to be like the first line of defense for any incoming traffic,
or it's a way for, um,
people on the outside network to access certain service is within the network.
Bastian hosts are usually things such as like mail servers, Deanna servers or an FTP server. Things like that, and they usually only have one application because they need to be good at what they dio. They need to have strong security and have limited functionality.
DMC Demilitarized Zone This is the area between firewalls servers like patched in hosts. Our place here to give external access to some resource is
a little bit of hardware, um, moviedom's
oh, which allow users to a network be a analog phone line. So the job of a modem is to convert digital signals to analog signals and vice versa. So if your computer is sending information and this information needs to trains for gets sent over a telephone line than the
information needs to be transferred from
digital to analog, so could be sent over the telephone line, and then at the end, if it's going to another computer or a server, it needs to be converted from analog back to digital
multiplexes. Thes combined multiple signals into one signal to be transmitted on a network that this is a very efficient way of sending signals on a network simply because they're so much a Web traffic. It sze good. It's very efficient to overlay them, so
it's some less
less chance of something Getting congested
Hubs Repeaters is a device in which all other devices connect. This is the central piece in a stark apology, and really, you don't want to let this have become inoperable, especially if it's in a stark apology simply because then the whole topology will be inoperable.
Hobbs work really, really simply. You'll just plug things into the hub.
And then from there you get Internet access
and network access
switches. These devices, which connect to bring different networks segments together
there are bridges, which process packets based on the Mac address, and they can also connect lands with different media clips. So if you wanted to connect unshielded twisted pair Ethernet with something that uses a coll axel cable, you would have to use a
bridge for that.
Routers. Robbie's are they send and receive packets throughout the network. They get information and then they send it on its way.
Wire transmission media easier. Things such as Ethernet network cables and up optic fibers. When deciding well, kind off wired you want to use in your network organization on this couple things you want to consider you want You want to think about
how much data is going to be sent through this wire. You want to see the distance between the two wires
and you want to know how sensitive is this data, right? Is it Is it okay if this data possibly gets listen to or do you Are you okay with some of this data
losing its clarity? And you also want to take a look at the environment as well.
Twisted pair these air simply copper wires twisted together to reduce electromagnetic interference. 1st 2 different kinds of twisted pair wires.
There is the unshielded, which is really just two wires to get that some braided together and they have a covering of one of these are really susceptible to interference.
But they are really, really good. Um, in normal, normal network is the most common cable type.
It's also very inexpensive and can easily be bent if need be.
Then you have shielded twisted pair. This uses an electrically grounded shield to protect signal. This is there for protecting any type of electronic signals from the outside in which could potentially disrupt the information that's being sent over the wire.
The only problem with this extra protection
is that it's more expensive, and it's
a little bit bulkier and harder to bend.
You also have a co axial cable, which uses a thick conductor that is surrounded by a grounding wire. A non conducting layer is placed between the two layers to insulate them, and then the entire cables place within a protective sheath, and this makes the cord very protected from electronic
The only problem is, it's very thick, and it's very expensive to produce, so it's only used in certain applications, mainly in cable TV
Fiberoptic. This is a new kind of wire that uses light pulses to transmit information instead of Elektronik pulses. So instead of the electronic vibrations that are going through the wire it uses on, like
in today's lecture, we discussed network access, controls,
and wired media transmission
This hardware converts analog signals to digital ones, and vice versa.
Is it a mood? Um,
e multi plex
or D Bridge
if you said a modem than you are correct. Remember, modems are used to send digital signals to analog ones, mainly when the information needs to be sent across the telephone lines, and then it needs to be converted back into digital at the end.
Thanks for watching guys. I hope you learned a lot in this lesson, and I'll see you next time.
ISC2 Systems Security Certified Practitioner (SSCP) Practice Assessment
The SSCP exam preparation package helps students prepare for the ISC2 SSCP certification exam. ...
(ISC)2 Certified Information Systems Security Professional 2015
(ISC)2 Certified Information Systems Security Professional 2015 is a practice exam preparing for the CISSP ...