Course Content
Networking Today
0/7
Network Components
Network Representations and Topologies
Common Types of Networks
Internet Connections
Reliable Networks
Network Security Basic
Network Trends
Basic Switch and End Device Configuration
0/7
Cisco IOS Access
Cisco IOS Navigation
Cisco IOS Command Structure
Basic Cisco Device Configuration
Save Cisco IOS Configurations
Ports and Addresses
Configure IP Addressing
Protocols and Models
0/7
The Rules in Network Communications
Protocols
Protocol Suites
Standards Organizations
Reference Models
Data Encapsulation
Data Access
Physical Layer
0/6
Purpose of the Physical Layer
Physical Layer Characteristics
Copper Cabling
UTP Cabling
Fiber-Optic Cabling
Wireless Media
Data Link Layer
0/3
Purpose of the Data Link Layer
WAN and LAN topologies
Data Link Frame
Ethernet Switching
0/4
Ethernet Frames
Ethernet MAC Address
The MAC Address Table
Switch Speeds and Forwarding Methods
Network Layer
0/5
Network Layer Characteristics
IPv4 Packet
IPv6 Packet
How a Host Routes
Router Routing Tables
Number Systems
0/2
Binary Number System
Hexadecimal Number System
Address Resolution
Explain how ARP and ND enable communication on a network
0/3
MAC and IP
ARP
Neighbor Discovery
Basic Router Configuration
0/3
Configure Initial Router Settings
Configure Interfaces
Configure the Default Gateway
IPv4 Addressing
0/7
IPv4 Address Structure
IPv4 Unicast, Broadcast, and Multicast
Types of IPv4 Addresses
Network Segmentation
Subnet an IPv4 Network
VLSM
Structured Design
IPv6 Addressing
0/8
IPv4 Issues
IPv6 Address Representation
IPv6 Address Types
GUA and LLA Static Configuration
Dynamic Addressing for IPv6 GUAs
Dynamic Addressing for IPv6 LLAs
IPv6 Multicast Addresses
Subnet an IPv6 Network
ICMP
0/2
ICMP Messages
Ping and Traceroute Testing
Transport Layer
0/7
Transportation of Data
TCP Overview
UDP Overview
Port Numbers
TCP Communication Process
Reliability and Flow Control
UDP Communication
Application Layer
0/7
Application, Presentation, and Session
Peer-to-Peer
Web Protocols
Email Protocols
Dynamic Host Configuration Protocol (DHCP)
Domain Name Service
File Sharing Services
Network Security Fundamentals
0/4
Security Threats and Vulnerabilities
Network Attacks
Network Attack Mitigation
Device Security
Build a Small Network
0/7
Devices in a Small Network
Small Network Applications and Protocols
Scale to Larger Networks
Verify Connectivity
Host and IOS Commands
Troubleshooting Methodologies
Troubleshooting Scenarios
Basic Device Configuration
0/5
Configure a Switch with Initial Settings
Configure Switch Ports
Secure Remote Access
Basic Router Configuration
Verify Directly Connected Networks
CCNA: Switching, Routing, and Wireless Essentials
The second course in the CCNA curriculum focuses on switching technologies and router operations that support small-to-medium business networks and includes wireless local area networks (WLAN) and security concepts.
0/15
Switching Concepts
VLANs
Inter-VLAN Routing
STP
Etherchannel
DHCPv4
SLAAC and DHCPv6 Concepts
FHRP Concepts
LAN Security Concepts
Switch Security Configuration
WLAN Concepts
WLAN Configuration
Routing Concepts
IP Static Routing
Troubleshoot Static and Default Routes
CCNA: Enterprise Networking, Security, and Automation
The third CCNA course describes the architectures and considerations related to designing, securing, operating, and troubleshooting enterprise networks – including wide area network (WAN) technologies & quality of service (QoS) mechanisms for secure remote access, along with software-defined networking, virtualization, & automation concepts supporting network digitization.
0/14
Single-Area OSPFv2 Concepts
Single-Area OSPFv2 Configuration
Network Security Concepts
ACLs Concepts
ACLS for IPv4 Configuration
NAT for IPv4
WAN Concepts
VPN and IPsec Concepts
QoS Concepts
Network Management
Network Design
Network Troubleshooting
Network Virtualization
Network Automation
CCNA Course
About Lesson

 

Security Threats and Vulnerabilities

Explain why basic security measures are necessary on network devices.

Types of Threats

  • Attacks on a network can be devastating and can result in a loss of time and money due to damage, or theft of important information or assets. Intruders can gain access to a network through software vulnerabilities, hardware attacks, or through guessing someone’s username and password. Intruders who gain access by modifying software or exploiting software vulnerabilities are called threat actors.
  • After the threat actor gains access to the network, four types of threats may arise:
    • Information Theft
    • Data Loss and manipulation
    • Identity Theft
    • Disruption of Service

Types of Vulnerabilities

  • Vulnerability is the degree of weakness in a network or a device.
  • Some degree of vulnerability is inherent in routers, switches, desktops, servers, and even security devices.
  • Typically, the network devices under attack are the endpoints, such as servers and desktop computers.
  • There are three primary vulnerabilities or weaknesses:
    • Technological Vulnerabilities might include TCP/IP Protocol weaknesses, Operating System Weaknesses, and Network Equipment weaknesses.
    • Configuration Vulnerabilities might include unsecured user accounts, system accounts with easily guessed passwords, misconfigured internet services, unsecure default settings, and misconfigured network equipment.
    • Security Policy Vulnerabilities might include lack of a written security policy, politics, lack of authentication continuity, logical access controls not applied, software and hardware installation and changes not following policy, and a nonexistent disaster recovery plan.
  • All three of these sources of vulnerabilities can leave a network or device open to various attacks, including malicious code attacks and network attacks.

Physical Security

  • If network resources can be physically compromised, a threat actor can deny the use of network resources.
  • The four classes of physical threats are as follows:
    • Hardware threats – This includes physical damage to servers, routers, switches, cabling plant, and workstations.
    • Environmental threats – This includes temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry).
    • Electrical threats – This includes voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss.
    • Maintenance threats – This includes poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling.
  • A good plan for physical security must be created and implemented to address these issues.

 

 

Other related topics

 

Topic Title Topic Objective
Security Threats and Vulnerabilities Explain why basic security measures are necessary on network devices.
Network Attacks Identify security vulnerabilities.
Network Attack Mitigation Identify general mitigation techniques.
Device Security Configure network devices with device hardening features to mitigate security threats.

Other useful information

Join the conversation
Previous
Next