< Back to CISSP

CISSP Introduction Module

CISSP Module 01

CISSP Module 02

CISSP Module 03

CISSP Module 04

CISSP Module 05

CISSP Module 06

CISSP Module 07

CISSP Module 08

CISSP Module 09

Part 07 – Layer 3 Protocols and Attacks

Invite Friends
Facebook Twitter Google+ LinkedIn Email
Learning should be free
Cybrary's open source learning community and hands on marketplace enables you to earn new skills and collaborate in an engaging and rewarding way. Join the other 1,144,265 IT professionals today to get free access to
  • Unlimited Free and Open Source Cyber Security Learning
  • CEU/CPE Certificates of Completion
  • Innovative Micro-Certifications
  • Over 200 Certification-based Practice Labs and Practice Tests
  • And much more!
Join Cybrary for Free
Already a member?
Login to view this lesson
Description
Virtual Practice Lab
Practice Test
Resources
Part 07 – Layer 3 Protocols and Attacks

As the title of this section implies, we look exclusively at the protocols at layer 3 and the multitude of threats targeting them. Layer 3 protocols are commonly referred to as the ‘I’ protocols, though this isn’t completely accurate, it suffices for the scope of the CISSP exam.

In addition to the IP addressing protocol at layer 3, there is the”IP Helper” protocol ICMP and its various messages that are used by networking diagnostic utilities such as ping and traceroute. We point out that this protocol and its associate messages remains a double-edged sword that is frequently exploited by attackers. We then go on to examine some of the major layer 3 protocol threats.

We’ll look at Loki attacks which create a convert channel for sneaking data through in the ICMP header. And no discussion of layer 3 threats would be complete without mentioning smurf and DDoS attacks utilizing spoofed ping requests. These may be shopworn attacks that savvy network admins thwart by blocking incoming ICMP messages and directed broadcasts, however, they are still quite prevalent and their impact is no less devastating to their hapless victims.

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Hands On Lab
Verified
Certified Information Systems Security Professional (CISSP) Virtual Lab
The CISSP Virtual Lab will provide you with the necessary platform to gain hands-on skills in security. By completing the lab tasks you will improve your practical skills in Security and Risk Management, Asset Security, Security Engineering, Communications and Netwo
25 Hours
$79.99
Practice Test
Verified
ISC2: Certified Information Systems Security Professional (CISSP)
Protect against security threats by becoming a qualified security professional who can competently design, build, and maintain a secure business environment when you obtain your CISSP certification.
22 Hours
$42.00
Recommended Study Material
Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.

JOIN CYBRARY

Upcoming Industry Events
Jul
25
Cloud Security Use Cases – A Panel Discussion
Webinar by CyberArk @ 2 : 00 PM EST
Jul
26
Join ObserveIT at Black Hat!
by ObserveIT @ 10 : 00 AM EST
Jul
26
CPE Webinar: Learn How to Identify and Defend Against Ransomware
Webinar by Varonis @ 2 : 00 PM EST
Jul
26
How Cyber Resilience is Changing Cyber Security
Webinar by Hitachi Systems Security @ 2 : 00 PM EST
Jul
27
Are You Ready for NIST SP 800-171?
Webinar by Tripwire @ 2 : 00 PM EST
Aug
01
CyberTexas Job Fair – Marriott Courtyard
Job Fair by CyberSecJobs.com @ 4 : 00 PM EST
Aug
01
Enhancing Security in Critical Infrastructure: Networking Technologies
Webinar by CyberArk @ 2 : 00 PM EST
Aug
02
[+1 CPE Credit] SD-WAN and Beyond: Critical Capabilities for a Successful WAN Transformation [NA + EMEA]
Webinar by Cato Networks @ 1 : 00 PM EST
Aug
10
You Just Got Hacked by a Colleague: How to Stop Insider Threats
Webinar by Thycotic @ 11 : 00 AM EST
Aug
17
Trends in Phishing Response Strategies
Webinar by PhishMe, Inc. @ 1 : 00 PM EST
View more events

Interested in promoting your company's event?

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

Profile image for dreamcoder
Dr3AMCoDeR
Are You Scared of Fileless Ransomware?
Views: 1280 / July 22, 2017
Profile image for jackrourke
Ahmet Mersin
Analiz: Petya Ransomware!
Views: 1612 / July 21, 2017
Profile image for rithinskaria
rithinskaria
Cookies and Sessions
Views: 1432 / July 21, 2017
Profile image for olynch
Olivia
UNM4SK3D: Ethereum, CIA, and IoT
Views: 1188 / July 21, 2017
Skip to toolbar
Cybrary works best if you switch to our Android-friendly app
Continue

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel