CISM

Course
Time
8 hours 39 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Transcription

00:01
Okay, The third part of our network protection, we've gotta look. ATT Service is on the network
00:07
now. The first service that we have to look at is Dean s domain naming system.
00:13
I firmly believe the root of all good and evil on the network is D N s.
00:21
Now that seems perhaps a bit dramatic, but I cannot tell you the number of times D. N s has been at the root of record register properly. Deena's cash was poisoned, something was modified. The service to start properly
00:37
and D and s controls the functionality of so many other service is on the network.
00:43
You know, that's how your system locates. A domain controller or key distribution center or the global catalog server. D. N s just, you know, has a lot of knowledge. And
00:56
that information is so critical to the functionality of a network
01:00
not even to speak about name resolution being so essential, right? I don't know that i p address of Amazon, but I can get there just like that because of d N S course. The problem is, I trust Ian s. So I type out amazon dot com or whatever that website might be.
01:18
And I'm directed to a server that
01:19
seems legitimate, but I don't know that it is because if Deena's is compromised Belson me. You know that that attacker will send me wherever they want. So D N s from an attacker standpoint is extremely desirable.
01:34
Everybody needs name resolution.
01:38
Not to mention the fact that, you know, if I don't modify d N s, you know, that's one big threat is modified D n s change the records misdirect you. But if I take d. N s off the network, you know a denial of service aimed at D. N S will bring your network to a screeching halt.
01:57
So D N s is very desirable.
02:00
Farming is all about modification of records and hired. A ton of people use that term farming, but D N s uses records for location. So there's a specific record called the a record of the host record. And that's what says kelly dot com is at 10 111
02:17
Hey, so when you type in kelly dot walk to calm, your host asks D, and as Indiana says, Hey, that's 10 111
02:23
Well, that's because of the A record. So if you were to modify those A records through any one of numerous means, you know, but the least of which compromising the Venus system,
02:34
um, then we would call it for me.
02:37
Now, Cash poisoning also applies to D. N s. And the idea is cash, whether it's Dean s cash, our cash, a Webcast or whatever
02:46
cash is always where I put something I think I'll need again because I want to be ableto access it quickly.
02:53
So once I learned that kelly dot com is 10 111 while I store that in my local D. N s cash.
03:00
So the idea is, I trust that I don't wanna have to go out and ask the d n a server again. So if you could modify my cash, that's Justus. Good. Is you having modified the D. N s server so anytime caches modified, that's cold.
03:15
Let's call poison.
03:19
Excuse me.
03:20
All right. Another vulnerable service de HCP dynamic host configuration protocol.
03:27
That's the protocol on an I P network that will automatically assign ip addresses toe hosts Very, very helpful 2000 host. I don't wanna walk around manually typing out i p addresses. But DCP first of all, any time you allow something to happen on your network auto magically
03:46
right, You know you don't have your hands on it. There's always a little bit of a concern of having an impostor or rogue device. And that's certainly concerned with the HCP.
03:58
The client will accept an I p address from any DHD piece over.
04:02
So whichever server is the quickest to respond is going to give your client and I p address
04:10
probably default gateway and also probably your client learns who it's d N s server is three d h e allocation we just talked about
04:20
I'm fighting you on. I'm sorry, the on one Please forgive me. And it is not that I don't find d. N s thrilling because I do. It's just the bone sneak up on you sometimes. So what I'm saying is that D H C P will often give clients a lot more information than just an I p address.
04:40
With Dean s being so critical
04:43
getting who your d n a server is from an untrusted entity. That's a big problem too.
04:47
All right, Elda. Lightweight directory access protocol. That is the database protocol or structure that active directory uses. When you see held up in Windows, that means it's a domain controller
05:02
if you see it. Another operating systems think authentication Sophie
05:09
Web service is mail service. Is any surfaces or vulnerable just by default, right? I mean, just making a service available toe outside users or even the internal users. There's a degree of vulnerability. So we harden our systems, we
05:29
penetration test,
05:30
and we make sure that for our applications, we do application testing. We look at input validation in all of those different elements so hard in your network Service is be very careful and very cautious. What you automate. Make sure that, um,
05:49
when you do your network scans, you're scanning for rogue devices or devices that
05:55
are not part of your existing network infrastructure, because that's gonna be an indication that you may have a road service

Up Next

CISM

Cybrary's Certified Information Security Manager (CISM) course is a great fit for IT professionals looking to move up in their organization and advance their careers and/or current CISMs looking to learn about the latest trends in the IT industry.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor