Network and Endpoint Security
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> Hi there, and welcome to our next lesson,
00:00
Network and Endpoint Security.
00:00
What we'll cover in this lesson,
00:00
will be obviously Network and
00:00
>> Endpoint Security in a bit
00:00
>> of depth exactly what it is and a few definitions.
00:00
Introduction to IS Network Architecture.
00:00
Some Enterprise Network Architectures,
00:00
different types of network.
00:00
Some network services,
00:00
Network Architecture Goals and
00:00
an introduction to the OSI Architecture.
00:00
Let's begin, so Network and Endpoint Security.
00:00
Basically we're looking at perimeter security controls.
00:00
Traditionally these used to be firewalls,
00:00
and IDSs, and they existed at
00:00
the very edge of the network.
00:00
But today because networks
00:00
or the definition of what a network is,
00:00
is a lot more variable and we
00:00
have different things such as cloud and mobile,
00:00
the perimeter and security
00:00
controls are a little bit different.
00:00
They can be basically at the edge
00:00
of the network or they could even be
00:00
at the very edge of
00:00
the device that you're using at the time.
00:00
The key thing here is
00:00
basically implementation and maintenance to
00:00
fit the requirements of your organization's objectives.
00:00
If that's a traditional network with
00:00
the edge at the router, that's fine.
00:00
But it also needs to take into account
00:00
new technologies such as Cloud.
00:00
Let's talk a little bit about IS Network Infrastructure.
00:00
There's a couple of different methodologies
00:00
and architectures that you're likely to come across.
00:00
You could find a dedicated circuit which basically
00:00
connects one location directly to another location.
00:00
You could have a switch circuit,
00:00
which doesn't permanently connect to the two locations,
00:00
but it's more of connection on-demand.
00:00
Now, use within this can also be packet switching.
00:00
Packet switching is common
00:00
within Internet services today,
00:00
and it basically enables multiple users to send out
00:00
their data in the form of packets onto a common carrier.
00:00
Think of it as a number of
00:00
different cars on a freeway, for example.
00:00
Now, baseband or broadband are
00:00
basically two methods for transmitting
00:00
signals over analog communication,
00:00
telecommunications links, so with baseband
00:00
the signals are directly injected
00:00
into the communication links.
00:00
No modulation or shift,
00:00
in any of the range frequencies of the signal.
00:00
In broadband, different carrier frequencies
00:00
defined within the available band
00:00
can carry the analog signals.
00:00
You get a little bit of different capabilities
00:00
between those two systems.
00:00
Now, Enterprise Network Architectures,
00:00
you can have a variety here as well.
00:00
Large and centrally managed.
00:00
This could be basically a
00:00
very significant, and large organization.
00:00
They have full control and ownership of all of
00:00
their enterprise network from
00:00
the cabling right through to the carrier services.
00:00
Now this can also be incorporating a LAN,
00:00
or a WAN type system.
00:00
With WAN it's uncommon for it
00:00
to be large and centrally managed,
00:00
there's usually outsource components.
00:00
This can be basically however public,
00:00
and or private infrastructure.
00:00
Depending upon the size of the organization,
00:00
they may fully control all the infrastructure.
00:00
All the cable and you'll often find this in
00:00
governmental military organizations, for example.
00:00
Or it could be going up
00:00
the public infrastructure which is shared cabling.
00:00
Now, you've got service oriented architecture,
00:00
which you'll often see in software,
00:00
but it's also present
00:00
within enterprise network architectures.
00:00
That is basically a very much a granular approach
00:00
to development of services that can be accessed on a,
00:00
ad hoc or an as-needed basis.
00:00
Now, an auditor will need
00:00
to understand these technologies.
00:00
Now, as I've stressed before,
00:00
this isn't a technical qualification as such,
00:00
but it does require some technical knowledge.
00:00
Now, I've touched very lightly on some of these details.
00:00
If you have a technical background,
00:00
and that's where you come from,
00:00
then this should be quiet simple for you.
00:00
If you come from an auditing background
00:00
primarily or one that's not so technical,
00:00
this might be an area that you may want to
00:00
focus on with your studies.
00:00
Now there's a couple of different types of network.
00:00
We have Personal Area Networks.
00:00
Now these are essentially networks
00:00
that are basically carried on an individual.
00:00
They could be the network connection from your telephone,
00:00
from your mobile phones through
00:00
to your Bluetooth headset,
00:00
for example, or other data device.
00:00
You have a local area network,
00:00
which is essentially networks made over a small space.
00:00
Usually a local area network could be within
00:00
a building or within multiple buildings, for example.
00:00
A storage area network is network attached storage,
00:00
which enables data storage
00:00
to be transmitted over the network areas.
00:00
We have a wide area network,
00:00
which could connect multiple lands
00:00
together and usually has some form
00:00
of carrier that might
00:00
not necessarily be owned by the company.
00:00
We also have metropolitan area networks.
00:00
Now that could be basically a network
00:00
between two buildings in a city for example,
00:00
where there might be a microwave connection on the top
00:00
of one building going straight over to the next.
00:00
It's a little bit more uncommon these days with ubiquity
00:00
of other networking services,
00:00
but it still might be something that you encounter.
00:00
There's quite a few different network
00:00
services that you could come across,
00:00
so network file system,
00:00
so file-sharing on the networks,
00:00
e-mail services, print services,
00:00
remote access services such as
00:00
VPN connections into your local area network.
00:00
Directory services, which is usually
00:00
Active Directory for Microsoft Windows
00:00
, Network Management Services.
00:00
Services that assist network administrators
00:00
in managing the network.
00:00
Dynamic Host Configuration Protocol,
00:00
which is a service which allocates
00:00
IP addresses on a dynamic basis out
00:00
to workstations and Domain Name Services.
00:00
The DNS systems, which will
00:00
help provide web address resolution.
00:00
In designing network, there's a couple
00:00
of goals basically, interoperability,
00:00
that's quite critical now with services being offered to
00:00
organizations and interactions between
00:00
organizations being so common.
00:00
When networks were first designed,
00:00
there was quite a few disparate protocols which
00:00
could work from one organization but not from another.
00:00
Now with TCPIP,
00:00
and LAN and WAN networks being so common,
00:00
your interoperability is key.
00:00
Also availability,
00:00
the network is quite critical to the business,
00:00
and particularly if there's
00:00
an external facing system such as Amazon for example,
00:00
the network availability for
00:00
their customers is quite critical, and flexibility.
00:00
Network Architecture needs to
00:00
be able to grow with the organization.
00:00
What may be suitable for an organization of one size,
00:00
might not be suitable in full IP is time if
00:00
the network has necessarily grown.
00:00
In terms of strategic planning for
00:00
>> Network Architecture,
00:00
>> this is something that needs to be taken into account
00:00
, and also maintainability.
00:00
The network is quite critical.
00:00
It requires high availability and interoperability,
00:00
but it also needs to be maintained to ensure that it is
00:00
working efficiently and meeting the business goals.
00:00
The open systems architecture.
00:00
OSI architecture,
00:00
It's basically a Network Architecture standard.
00:00
It provides a model for
00:00
organizations to build against
00:00
when the developing networks services.
00:00
It's quite old by today's standards,
00:00
It was developed in 1984,
00:00
and still actually is
00:00
working relatively accurately and true today.
00:00
It contains seven different layers.
00:00
Each layer is self-contained and independent,
00:00
and messages get passed
00:00
from one layer through to the next,
00:00
and then back it up the
00:00
opposite way when it reaches its destination.
00:00
This has been able to be implemented
00:00
across different technologies.
00:00
The seven layers of the OSI model,
00:00
application which is basically
00:00
the standard interface for
00:00
applications to communicate with.
00:00
These would be the user-facing aspect of it,
00:00
presentation which controls the transformation of
00:00
data to provide a standard interface
00:00
for the application layer,
00:00
session which controls
00:00
the conversations between different computers.
00:00
Transport, which provides the transparent transfer
00:00
of data between the endpoint,
00:00
network which will create
00:00
the virtual circuits between the transport layers,
00:00
the data link which is starting to move
00:00
into the physical layers and the physical.
00:00
That will basically be the hardware that
00:00
transmits and receives the bitstream across the system.
00:00
The layers will basically
00:00
transmit from one side to the other.
00:00
Data will move from the application to the physic,
00:00
down to the physical on one side of the communication.
00:00
Then when it reaches its destination,
00:00
it will move from the physical to the application.
00:00
Each layer is encapsulated and totally independent of
00:00
each other. That's our lesson.
00:00
Basically we've looked a little bit
00:00
about Network and Endpoint Security.
00:00
We've looked at information systems,
00:00
network infrastructure,
00:00
enterprise network architectures,
00:00
different types of networks that
00:00
you're likely to come across,
00:00
a little bit about the common network services.
00:00
The key goals for network architecture.
00:00
We've looked at the OSI Architecture as well.
00:00
Again, this is probably one of
00:00
the more technical lessons.
00:00
But again, I can stress that
00:00
the Certified Information Systems Auditor
00:00
requires a high level understanding of the technology,
00:00
but not necessarily down into the nuts and bolts of it.
00:00
Thanks for listening, and
00:00
I will see you at the next lesson.
Up Next
