Secure Networking

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We're going to be talking about some of
00:00
the very foundational elements of secured networking.
00:00
Thus, we want to talk about
00:00
network configuration fundamentals,
00:00
and then how network configurations
00:00
improved security in the Cloud.
00:00
When it comes to the network security controls,
00:00
as you can see,
00:00
the cloud provider is usually always responsible
00:00
for the network controls and
00:00
network security aspects of Cloud environments.
00:00
In infrastructure security,
00:00
there is a shared responsibility between
00:00
the Cloud customer and the provider,
00:00
but typically it's always going to be the Cloud provider.
00:00
Maintaining a secure network.
00:00
Many of these concepts are going to seem
00:00
fundamental and basic to many of you.
00:00
However, to those of you who are completely new
00:00
to networking or networking technology,
00:00
these are really the fundamental concepts that are
00:00
necessary to set up and maintain a secure network.
00:00
The first one, virtual local area networks, VLANs,
00:00
are a way of ensuring that there's
00:00
logical separation between virtual environments
00:00
and physical hardware or
00:00
between networks and physical hardware.
00:00
This prevents areas of the network
00:00
from talking to each other when you don't want to.
00:00
The classic example is ensuring
00:00
that finance or human resources,
00:00
if those that are in the Cloud,
00:00
are on their separate VLAN
00:00
to prevent communications from going out there.
00:00
Only the hosts within
00:00
that network can communicate with each other.
00:00
The next is Dynamic Host Configuration Protocol.
00:00
This is [inaudible], often referred to as DHCP.
00:00
What DHCP does is it assigns an IP address to a device.
00:00
This enables routing to
00:00
have different devices communicate together.
00:00
Now this devices often have a static IP address,
00:00
but what DHCP enables is that a host can
00:00
be assigned an IP address for a specific period of time,
00:00
so that the IP address can be rotated and reassigned when
00:00
necessary to facilitate the routing
00:00
of traffic on the network.
00:00
Another important thing to understand is
00:00
DNS, Domain Name Service.
00:00
This translates external IP
00:00
addresses into a specific domain names.
00:00
Now, DNS is very important
00:00
because it helps control the routing
00:00
between external traffic coming in and
00:00
reaching internal services within
00:00
your organization and vice versa,
00:00
but communications go out that the DNS translates
00:00
that requests from the IP address to
00:00
the resolve the correct domain.
00:00
It's very important to configure your DNS correctly,
00:00
and as well as maintain and monitor it.
00:00
A common behavior of attackers is DNS poisoning,
00:00
where they will change entries in
00:00
the DNS table to disguise
00:00
the origin of their attack
00:00
to make it look like it's either
00:00
within the network or not from an externally facing site.
00:00
Then the last one is virtual private networks.
00:00
We talked about VPNs before,
00:00
but VPNs are
00:00
an encryption technology where you're creating
00:00
a encrypted tunnel for
00:00
communication between two end points.
00:00
Quiz question. Which of the following is used to isolate
00:00
network segments and prevents
00:00
an attacker from moving through the network?
00:00
Is DNS, VLAN, or DHCP?
00:00
If you said VLAN, you're correct.
00:00
A virtual local area network is often set up to protect
00:00
particularly sensitive segments of
00:00
the network and prevent either
00:00
access to them or communications from
00:00
those areas of the network to other areas.
00:00
In summary, talking about
00:00
the fundamental network configurations,
00:00
we talked about potential vulnerabilities
00:00
caused by lack of network security,
00:00
and then how network security can be improved
00:00
by network configurations and monitoring.
00:00
I'll see you in the next lesson.
Up Next