Settings
Log out
An image of a purple circle with a blue center.
go back
My courses
/
CASI
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
20%
5/47
01. Module 1
3 lectures
25 min
02. Module 2
3 lectures
25 min
03. Module 3
3 lectures
25 min
04. Module 4
3 lectures
25 min
05. Module 5
3 lectures
25 min
06. Module 6
3 lectures
25 min
07. Module 7
3 lectures
25 min
08. Module 8
3 lectures
25 min
09. Module 9
3 lectures
25 min
10. Module 10
3 lectures
25 min
11. Module 11
3 lectures
25 min
12. Module 12
3 lectures
25 min
13. Module 13
3 lectures
25 min
14. Module 14
3 lectures
25 min
15. Module 15
3 lectures
25 min
16. Video Collection
3 lectures
25 min
00. Network Security Fundamentals
01. Bash Scripting microlesson
4:14 min
01. Blockchain technology
01. Business Continuity and Disaster Recovery Planning
01. Communication Strategy
2:23 min
01. Computer Peripherals
10:33 min
01. DEFI and Core concepts
2:12 min
01. Data Backup Part 1
0:28 min
01. Edited Create a Blockchain 01 Made with Clipchamp
45:09 min
01. Edited Create a Blockchain 01 Made with Clipchamp
45:09 min
01. History and evolution of blockchain technology
01. ISO 27001
01. Keylogger
20:46 min
01. Knowledge Article Updates
2:10 min
01. Network Security Fundamentals
01. Overview of Active Directory (Azure and Windows)
01. Practical Cryptography
01. Security and wallet drains
1:11 min
01. Security in blockchain explained
1:12 min
01. Smart Contracts Explained
1:21
01. Smart Contracts Explained
1:21 min
01. TCP/IP model layers
1:38 min
01. Understanding the DoD Risk Management Framework (RMF)
01. What is Cloud Computing
4:49 min
02. Best Practices in Identity and Access Management (IAM)
02. Data Backup Part 2
0:30 min
02. Designing Secure Architectures
1:39 min
02. Essential Tools, Safety Measures, and Online Resources for Building a Computer
02. History of Cloud Computing
5:27 min
02. Incident Response Planning and Execution
02. Key concepts of blockchain
2:17 min
02. OSI model
2:18 min
02. Remote Desktop
2:54 min
02. Researching Blockchain Projects and Tokenomics
1:12 min
02. Rust and Solidity
1:40 min
02. Sandboxing
02. Securing JavaScript Applications
02. Service Strategy
2:30
02. Service Strategy
2:30 min
02. Understanding and Analyzing Threat Actors
02. Understanding the DoD Risk Management Framework (RMF)
03. Best Practices for Remoting into Someone's Workstation
03. Blockchain Security
03. Blockchain Security Tools
03. Blockchain Technology
4:12 min
03. Building Resilient Systems
03. Cloud Networking
3:04 min
03. Data Backup Part 3
0:16 min
03. Implementing Risk
03. Network Topologies
1:23 min
03. Overview of IT teams leads
03. Security in blockchain explained
1:11
04. Brief Overview of Operating Systems
04. Comparison with the OSI Model
0:40 min
04. Data Backup Part 4
0:30 min
04. Major Cloud Service Providers
2:40 min
04. Proof of Work (POW) vs Proof of Stake (POS)
0:57 min
04. Rust and Solidity
1:40
05. Cloud Watch video
8:34 min
05. Different Cloud Environments
05. POS VS POW
0:57
05. Storage
3:08 min
05. Understanding Print Queues, Printer Configurations, and Adding/Removing Printers
06. Data animated video
4:14 min
06. Knowledge Article Updates
2:10
06. Network Audio and Video
1:21 min
06. The Importance of Data Backups: Safeguarding Information and Ensuring Continuity
07. Bash scripting microlesson
4:14 min
07. Core Cloud Services Computer
4:59 min
07. Designing Secure Architectures
1:39
07. Key Processes and Practices
08. Alternatives to microsoft office
08. DEFI and Core Concepts
2:12
08. Overview of Active Directory
09. COMMAND / ADMIN TOOLS
09. Communication Strategy
2:23
1. Security Audits
10. Blockchain
2:17
10. Innovation
11. Blockchain Technology
4:12
12. TCP IP Model and its layers
1:38
13. Security and wallet drains
1:11
14. OSI MODEL
2:18
15. Network topologies
1:23
16. Comparison with the OSI Model
0:40
2. Defense in Depth
2. Security Audits part 2
Audio: Dealing with Bad leads
5:47 min
Audio: Interviewing
23:51
Audio: Interviewing
19:30
Audio: Leading projects
3:15 min
Audio: Learning opportunities
3:44 min
Audio: Networking Cables
0:07 min
Audio: Operating Systems
26:52 min
Audio: Security Policies
24:37
End of Module
Donate

00. Network Security Fundamentals

Chapter 1: How the Internet Works

The Internet, as we know it today, is a global network of interconnected devices and systems, enabling the exchange of information across vast distances almost instantaneously. It operates on two primary protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP).

1.1 Transmission Control Protocol (TCP)

TCP is responsible for ensuring the reliable transmission of data across the network. It breaks down data into smaller units called packets, which are then transmitted to the receiving device. TCP ensures that these packets are delivered in order, without errors, and reassembled correctly, even if they take different paths to reach their destination.

1.2 Internet Protocol (IP)

IP assigns unique numerical addresses to each device on the network, known as IP addresses. These addresses are crucial for routing data packets to their intended destinations. Together, TCP and IP form the backbone of the Internet, allowing devices to communicate seamlessly.

1.3 Routing and Network Access Points

Routers play a vital role in directing data packets across networks. They use the IP addresses to determine the most efficient path for the data to travel, ensuring that it reaches its endpoint as quickly as possible. Network access points (NAPs) serve as major intersections in the Internet's infrastructure, where different networks exchange data, further optimizing the flow of information.

Chapter 2: Domain Name Service (DNS)

DNS is the system that translates human-friendly domain names, like www.example.com, into numerical IP addresses that computers use to identify each other on the network. This process is essential for navigating the Internet, as it allows users to access websites using easily remembered names rather than complex numerical addresses.

DNS is maintained by a decentralized network of servers around the world. Organizations like the Internet Corporation for Assigned Names and Numbers (ICANN) are responsible for overseeing the allocation of IP addresses and managing domain name registrations, ensuring that the system operates smoothly and efficiently.

Chapter 3: Understanding Network Types

Networks are categorized based on their size, geographic scope, and purpose. Understanding these types is fundamental to grasping how data moves through different environments.

3.1 Local Area Network (LAN)

A LAN is a network confined to a small geographical area, such as a single building or office. It is used to connect devices like computers, printers, and servers within that space, facilitating easy sharing of resources and information.

3.2 Metropolitan Area Network (MAN)

A MAN spans a larger area than a LAN, typically covering a city or campus. It connects multiple LANs, allowing for the efficient transfer of data across a broader region. MANs are often used by organizations with multiple buildings in close proximity.

3.3 Wide Area Network (WAN)

WANs cover extensive geographical areas, often spanning entire countries or continents. They connect multiple LANs and MANs, enabling communication between distant locations. The Internet itself is a vast WAN, linking countless networks around the globe.

Chapter 4: The OSI and TCP/IP Models

The OSI (Open Systems Interconnection) and TCP/IP models are frameworks that describe how data is transmitted over a network. Understanding these models is crucial for anyone studying network security, as they provide a structured way to analyze and troubleshoot network communications.

4.1 The OSI Model

The OSI model consists of seven layers, each responsible for a specific aspect of data transmission:

  1. Physical Layer (Layer 1): Deals with the physical connection between devices and the transmission of raw bits over mediums like cables or radio waves.
  2. Data Link Layer (Layer 2): Manages error-free data transfer between two connected devices. It handles MAC addressing and data framing.
  3. Network Layer (Layer 3): Responsible for routing data between devices on different networks using IP addresses. Routers operate at this layer.
  4. Transport Layer (Layer 4): Ensures reliable data transfer between systems. TCP operates at this layer to ensure that data is sent and received correctly.
  5. Session Layer (Layer 5): Establishes and manages communication sessions between devices, maintaining connections for the duration of the communication.
  6. Presentation Layer (Layer 6): Translates data formats between applications, ensuring that data is presented in a usable format. It also handles encryption and decryption.
  7. Application Layer (Layer 7): Closest to the end-user, this layer allows applications like web browsers and email clients to communicate over the network using protocols such as HTTP, FTP, and DNS.

4.2 The TCP/IP Model

The TCP/IP model is more streamlined and directly reflects how modern networks, particularly the Internet, operate. It consists of four layers:

  1. Network Access Layer: Combines the physical and data link aspects of data transmission.
  2. Internet Layer: Handles logical addressing and routing, primarily through IP addressing.
  3. Transport Layer: Ensures end-to-end data integrity, using protocols like TCP.
  4. Application Layer: Encompasses all protocols that provide user-facing services, including HTTP, FTP, and SMTP.

Chapter 5: Common Network Vulnerabilities

5.1 Client-Side Vulnerabilities

Client-side attacks exploit weaknesses in the user's applications, such as web browsers, email clients, or media players. These vulnerabilities often result from coding errors or unpatched software. Attackers may use techniques like remote code execution or malicious websites to target these flaws.

5.1.1 Coding Errors and Patching

Poor programming practices can lead to security flaws, making applications vulnerable to exploitation. It is crucial to keep applications updated, but managing patches for numerous applications can be challenging. Zero-day attacks, where vulnerabilities are exploited before patches are available, pose a significant risk.

5.2 Server-Side Vulnerabilities

Server-side vulnerabilities target weaknesses in web servers, DNS servers, or mail servers. These systems are critical to network operations, making them attractive targets for attackers.

5.2.1 Common Server-Side Attacks

  • Server-Side Worms: Malware that exploits vulnerabilities to spread across systems, such as the Blaster or Nachi worms.
  • Cross-Site Scripting (XSS): Attackers inject malicious scripts into trusted websites, compromising user information.
  • SQL Injection: Exploits weaknesses in database queries to insert or manipulate data, gaining unauthorized access to sensitive information.

Chapter 6: Defending Against Attacks

Effective cybersecurity involves implementing various defense mechanisms to protect both client-side and server-side vulnerabilities.

6.1 Cybersecurity Measures

  • System and Application Updates: Regularly updating software to patch vulnerabilities is crucial.
  • Firewalls and Intrusion Detection Systems (IDS): These tools help prevent unauthorized access and detect suspicious activity.
  • Security Policies: Establishing and enforcing strong security policies can mitigate risks and reduce the likelihood of successful attacks.

6.2 Common Cybersecurity Threats

  • Social Engineering: Manipulating individuals to gain confidential information, often through phishing emails.
  • Denial of Service (DoS): Overwhelming systems with malicious traffic to disrupt service.
  • Spoofing: Disguising as a legitimate source to gain unauthorized access.

Chapter 7: Cyber Risk Management

Managing cyber risks involves recognizing that breaches cannot always be prevented. Organizations must adopt a proactive approach, including:

  • Defense-in-Depth: Implementing multiple layers of security controls to protect assets.
  • Segmentation: Dividing networks into segments to contain breaches and reduce damage.
  • Rapid Detection and Containment: Quickly identifying and responding to breaches to minimize impact.

Chapter 8: Firewalls and Their Types

Firewalls are critical for network security, acting as barriers between trusted and untrusted networks. They can be implemented as hardware, software, or a combination of both.

8.1 Types of Firewalls

  1. Packet Filtering Firewalls: Examine each packet individually, making them fast but less secure as they lack contextual awareness.
  2. Stateful Inspection Firewalls: Track active connections, offering greater security but requiring more resources.
  3. Application Layer Firewalls: Analyze the actual content of data packets, ideal for detecting malicious activities like SQL injections.

Chapter 9: Understanding Cybersecurity Tools

9.1 Bots and Botnets

A botnet is a network of infected devices, controlled by a “bot herder,” used to perform automated tasks like launching Distributed Denial of Service (DDoS) attacks. These networks are often created using malware that infects multiple systems, turning them into "zombies" that execute the bot herder’s commands.

9.2 Phishing and Social Engineering

Phishing is a common tactic used in social engineering attacks, where attackers trick users into providing sensitive information by mimicking legitimate websites or organizations. Users must be vigilant and verify the authenticity of any requests for personal information.

Chapter 10: Cybersecurity Risk Management Framework (RMF)

The Risk Management Framework (RMF) provides a structured process for assessing and mitigating cybersecurity risks, aligning with federal policies like NIST’s RMF. It promotes a continuous cycle of monitoring and feedback, ensuring that IT systems are resilient against emerging threats.

10.1 Implementing RMF

Organizations must evaluate risks based on their likelihood and potential impact on the confidentiality, integrity, and availability of systems. By implementing compensating controls and ongoing risk assessments, organizations can maintain a strong cybersecurity posture

Download Course Files
file
.zip
Give Feedback
John Smith
Thank you! Your feedback has been received!
Oops! Something went wrong while submitting the form.
© 2024  Orbital. All rights reserved.
Privacy PolicyTerms of ServiceCookies Settings
A black and white logo with the words orbital.
HomeCoursesAbout UsBlogContacts
© 2024  Orbital. All rights reserved.
Privacy PolicyTerms of ServiceCookies Settings
star decorstar decor
An image of a purple circle with a blue center.An image of a purple circle with a blue center.decorstar decorstar decorstar decorstar decorA purple ball with a white ring around it.