MODULE ONE UNDERSTANDING SECURITY THREAT

 Cybersecurity
 CIA Triad
 Essential Security Terms
 Risk
 Vulnerability
 Exploit
 Threat
 Hacker
 Cybersecurity attacks
 Malware attack
 Network attack
 Social engineering
 Injection attack
 Prevention
MODULE TWO CRYPTOLOGY
 Cryptography
 Symmetric encryption
 DES
 AES
 RC4
 Asymmetric encryption
 Digital Signature
 MAC
 Hashing
 MD5
 SHA1, SHA2, SHA3
 Public key infrastructure
MODULE THREE AAA SECURITY
 Authentication
 Multi-factor Authentication
 RSA OTP
 Universal Factor
 Certificate
 RADIUS
Kerberos
 TACACs
 Single Sign-on
 Authorization
 OAuth
 Access Control List
 Accounting
 TACACs
 RADIUS
 Cisco AAA
MODULE FOUR SECURING YOUR NETWORK
 Secure network Architecture
 Network Hardening
 Implicit deny
 Analyzing log
 Flood Guard
 Network Segmentation
 Network Hardware Hardening
 DHCP
 Dynamic ARP Inspection
 802.1x
 Network Software Hardening
  Firewalls
 Proxies
 VPNs
 Wireless Security
 WEP
 WPA
 WPA2
 Wireless hardening
 Network Monitoring
 Sniffing network
 Wireshark and tcpdump
 Intrusion detection/ prevention systems
 Unified threat management (UTM)
MODULE FIVE DEFENSE IN DEPTH
 System Hardening
 Disabling unnecessary components
 Logging and auditing
 Windows Defenders Guide
 Anti-malware protection
 Disk Encryption
 Application Hardening
 Software Patch Management
 Browser Hardening
 Application Policies
MODULE SIX CREATING A COMPANY CULTURE FOR SECURITY
 Risk in the Workplace
 Users
 Incident Handling

INTERVIEW
1. Walk me through some best practices for network security.
a) You want to list out all the services that you’ll need on a network, and then you also want
to disable all the services that you won’t use. This principle can be applied to all aspects of
your infrastructure.

For example, we have a firewall, we can configure it to allow all the services that you want
and then disable all the services that you don’t want, so it will block all that traffic.

b) So the reason why we want to disable unnecessary services is because it will allow you to
know what’s coming in because you know what you have to allowed instead of having
some services block because it will allow more vulnerabilities to come through.

2. What are some other things that I might need?

a) Another thing you might need is a network monitoring solution. This will be helpful because
they’ll allow you to identify traffics that’s coming through your network.
3. Concerned about guest connecting to my network w/ their own machine?
a) Yes, You want to restrict those machines just bcoz you don’t control them and you don’t
know what’s on them. I would say we could set up a diff segment on the network or we
can have a diff wireless network.
4. How to secure my wireless network?
a) We can use strong encryption like WPA2.
b) WPA2 is improves the security of a network because it has stronger encryption method
called AES.

WPA2 (Wi-Fi Protected Access II) is a security protocol used to secure wireless networks. It is an
improvement over the original WPA protocol, which was introduced as a replacement for the
outdated and insecure WEP (Wired Equivalent Privacy) protocol.
 WPA2 uses stronger encryption algorithms, such as Advanced Encryption Standard (AES), and
more secure key management systems, such as 802.1X and EAP (Extensible Authentication
Protocol), to protect the wireless network. These improvements make it more difficult for
attackers to intercept and decode wireless network traffic, and make it more challenging for
them to launch successful attacks against the network.

Some of the key features and benefits of WPA2 are:

1. Stronger encryption: WPA2 uses the AES encryption algorithm, which is much more secure
than the RC4 encryption used in WEP and the TKIP encryption used in WPA.

2. Authentication: WPA2 provides a robust authentication mechanism that verifies the identity
of the user or device connecting to the network, and ensures that only authorized devices are
allowed to access the network.

3. Key management: WPA2 uses more advanced key management techniques, such as the
802.1X and EAP protocols, which provide better protection against key attacks.

4. Interoperability: WPA2 is widely supported by most modern wireless devices, making it a

practical and widely-used solution for securing wireless networks.

Overall, WPA2 is considered the best option for securing wireless networks due to its strong
encryption, robust authentication mechanisms, and key management techniques. However, it is
still important to follow best practices, such as using strong passwords and keeping your
network up-to-date with security patches, to ensure maximum security.

5. How to prevent phishing attack?

a) You want to have your employees to use strong passwords. You can set the password
requirements to have symbols, numbers, uppercase and lowercase letters. You want to
have your employees change their passwords a few times throughout the year, also have
them use two-factor authentication, and you can just educate them to know not to open up
suspicious emails or emails from senders that they don’t know.
b) Two-factor Authentication is a two variations of authentication methods, and the
authentication methods can be either a password, fingerprint, something that’s related to
biometrics, or it can also be a security chip.