Secure Networking
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Difficulty
Intermediate
Video Transcription
00:00
>> We're going to be talking about some of
00:00
the very foundational elements of secured networking.
00:00
Thus, we want to talk about
00:00
network configuration fundamentals,
00:00
and then how network configurations
00:00
improved security in the Cloud.
00:00
When it comes to the network security controls,
00:00
as you can see,
00:00
the cloud provider is usually always responsible
00:00
for the network controls and
00:00
network security aspects of Cloud environments.
00:00
In infrastructure security,
00:00
there is a shared responsibility between
00:00
the Cloud customer and the provider,
00:00
but typically it's always going to be the Cloud provider.
00:00
Maintaining a secure network.
00:00
Many of these concepts are going to seem
00:00
fundamental and basic to many of you.
00:00
However, to those of you who are completely new
00:00
to networking or networking technology,
00:00
these are really the fundamental concepts that are
00:00
necessary to set up and maintain a secure network.
00:00
The first one, virtual local area networks, VLANs,
00:00
are a way of ensuring that there's
00:00
logical separation between virtual environments
00:00
and physical hardware or
00:00
between networks and physical hardware.
00:00
This prevents areas of the network
00:00
from talking to each other when you don't want to.
00:00
The classic example is ensuring
00:00
that finance or human resources,
00:00
if those that are in the Cloud,
00:00
are on their separate VLAN
00:00
to prevent communications from going out there.
00:00
Only the hosts within
00:00
that network can communicate with each other.
00:00
The next is Dynamic Host Configuration Protocol.
00:00
This is [inaudible], often referred to as DHCP.
00:00
What DHCP does is it assigns an IP address to a device.
00:00
This enables routing to
00:00
have different devices communicate together.
00:00
Now this devices often have a static IP address,
00:00
but what DHCP enables is that a host can
00:00
be assigned an IP address for a specific period of time,
00:00
so that the IP address can be rotated and reassigned when
00:00
necessary to facilitate the routing
00:00
of traffic on the network.
00:00
Another important thing to understand is
00:00
DNS, Domain Name Service.
00:00
This translates external IP
00:00
addresses into a specific domain names.
00:00
Now, DNS is very important
00:00
because it helps control the routing
00:00
between external traffic coming in and
00:00
reaching internal services within
00:00
your organization and vice versa,
00:00
but communications go out that the DNS translates
00:00
that requests from the IP address to
00:00
the resolve the correct domain.
00:00
It's very important to configure your DNS correctly,
00:00
and as well as maintain and monitor it.
00:00
A common behavior of attackers is DNS poisoning,
00:00
where they will change entries in
00:00
the DNS table to disguise
00:00
the origin of their attack
00:00
to make it look like it's either
00:00
within the network or not from an externally facing site.
00:00
Then the last one is virtual private networks.
00:00
We talked about VPNs before,
00:00
but VPNs are
00:00
an encryption technology where you're creating
00:00
a encrypted tunnel for
00:00
communication between two end points.
00:00
Quiz question. Which of the following is used to isolate
00:00
network segments and prevents
00:00
an attacker from moving through the network?
00:00
Is DNS, VLAN, or DHCP?
00:00
If you said VLAN, you're correct.
00:00
A virtual local area network is often set up to protect
00:00
particularly sensitive segments of
00:00
the network and prevent either
00:00
access to them or communications from
00:00
those areas of the network to other areas.
00:00
In summary, talking about
00:00
the fundamental network configurations,
00:00
we talked about potential vulnerabilities
00:00
caused by lack of network security,
00:00
and then how network security can be improved
00:00
by network configurations and monitoring.
00:00
I'll see you in the next lesson.
Up Next
Network Security
System Information and Event Management (SIEM)
Cloud Provider Responsibility for Physical Plant
Power Redundancy
Other Redundancy and Safety Considerations
Instructed By
Similar Content
