Categories
Network+

Free Study Guide for Network Plus 4.6 – Dumps4shared

Free Study Guide for Network Plus 4.6

4.6 Explain common mitigation techniques and their purposes.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This Free Study Guide for Network Plus 4.6 addresses the topics covered in CompTIA’s Network+ Exam Objective 4.6 “Explain common mitigation techniques and their purposes.”

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Signature management

An IDS (Intrusion Detection System) is a software program or device that detects network anomalies and sends an alert. The IDS detects statistical anomalies by comparing a network sample to a stored baseline. The IDS can also use identifiable code signatures in order to detect patterns from known malicious code and send an alert. The code signatures must be checked regularly. The effectiveness of the device depends on having its signatures up-to-date. This update is known as signature management.

Generally, a network will also have an IPS (Intrusion Prevention System) which follows the same principles of detection as the IDS. The IPS also has the added capability of blocking suspicious traffic.

The HIDS (Host-based intrusion detection system) is also available which checks all the traffic to a specific host. The HIDS may have the ability to use FIM (file integrity monitoring). In this case, an alert is triggered when unexpected changes are made to a file. Lastly, the NIDS (network-based intrusion detection system) can be used to protect the entire network. Often, a SIEM (Security Information and Event Management) console can help manage possible intrusions or attempts.

Restricting access via ACLs

ACLs (Access Control Lists) are used to permit or deny inbound and outbound traffic. The data is examined and if it passes all the parameters from the list, the data will pass through. An ACL can have many rules and the packet must pass them all or otherwise be denied.

Device hardening

All network devices come configured with default settings. Be sure that none of the network devices are using the default settings. The items covered in the test objectives are presented here.

Change native VLAN

Each switch has a default interface configured to accept traffic not assigned to a specific VLAN. This is the default VLAN. Each trunk will have its own native (not default) VLAN, typically VLAN 1. Some management protocols are also configured to use VLAN 1, creating a mix of management data and other traffic on the link. In this case, move this native VLAN to another unused number. Now, the management protocols will use VLAN 1 while other untagged traffic will use the new native VLAN number.

Switch port protection

The STP (Spanning Tree Protocol) prevents traffic loops on switched networks by discovering the best path for the traffic and briefly blocking any redundant paths. The switches communicate STP data using BPDUs (Bridge Port Protocol Data Units). The integrity of the STP data requires some additional safeguards. BPDU guards prevent servers and host devices from being considered as valid paths by the switch.

Root guards prevent any switches, beyond the port perimeter, from becoming the root bridge.

DHCP snooping is operating system security technology, built into switches, that allows the switch to drop unacceptable traffic. This can occur when a rogue DHCP server offers addresses on the network. The switch will only accept packets from trusted DHCP servers.

Screenshot of a dhcp Configuration Panel
dhcp Configuration Panel

Network segmentation

Network segmentation is used to improve network performance and enhance security. One common implementation of network segmentation is the DMZ, a place where an externally available host on the network between the Internet and the firewall is placed. This host will be available to external users and the firewall will block unwanted traffic onto the network, allowing the internal network to operate normally. The DMZ can also contain an intentionally vulnerable honeypot or honeynet intended to attract hackers and capture their intrusion methods.

Privileged user account

By default, privileged user accounts have the highest level of permission. These accounts have specific guidelines for use. The privileged user account should only be used when necessary and should be protected by complex passwords.

A lower-level user account should be used for regular tasks. These lower-level accounts can be created and modified to suit the user’s tasks. It is possible to configure the privileged user account to only be available from a certain location or for a specific duration. Since these privileged user accounts are so powerful, they receive a high level of monitoring and scrutiny.

screenshot of Control Panel User Account window
Control Panel User Account window

Role separation

When an account is created, it should only give the user the minimum privileges and permissions necessary to perform their duties. RBAC (role-based access control) can be used to create user groups with specific capabilities. A user can be assigned to one or more groups as needed unless role separation is enforced. Role separation restricts users to only one group. If a user belongs to more than one group, they will not be able to perform the tasks of any of their groups.

Penetration testing

Since network security is the primary concern, it is important to know the network’s weaknesses. Hacker tools are available to anyone and it’s a good idea to examine the network regularly. First, simulate an attack on yourself. A port scanner is a good start. Next, a vulnerability assessment will look for weaknesses and report them. The vulnerability assessment does not exploit any weaknesses found.

Penetration testing works the same as a vulnerability assessment, however, the test then attempts to exploit the discovered weaknesses. Penetration testing can be performed in-house or by an outside consultant.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective 4.6 and with that, we are concluding the whole Main Domain 4.0! Congratulations! See you in Main Domain 5.0! You will be glad to learn (if you didn’t already know) that 5.0 is the last of the Network+ domains.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

We hope you enjoyed our free study guide for Network Plus 4.6. If you did, please let us know (you can use “contacts”)

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

free study guide for Network plus 4.5 – Dumps4shared

free study guide for Network plus 4.5

4.5 Given a scenario, implement network device hardening.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network plus 4.5. In this installment, we cover the topics covered in Network+ Objective 4.5 “Given a scenario, implement network device hardening.”

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Changing default credentials

After installing a new network device such as a router or a switch, the new device will be set to the manufacturer’s default credentials. It is important to change the default credentials as quickly as possible in order to guard against unauthorized access.

Avoiding common passwords

As we noted, Network devices are usually configured with default credentials during their initial use. Search for “Common router default passwords” online and you will find several webpages that list the default username and password for your specific network device’s brand and model. Immediately change any default login credentials.

Upgrading firmware

Most network devices have a link to update the firmware. Update your firmware as soon as possible and follow the instructions for your device and model.

Patching and updates

Patching and updates are usually handled by the software or hardware running on the device. For example, a recent webserver attack was recognized and the administrator was notified of the required patch. The patch was either not installed or it was not configured properly. The end result was the exposure of user credentials. This attack was against Equifax where the user credentials of over 150 million users were exposed.

pop-up for Information for update
Information for update

File hashing

The terms hashing and encryption are often misused. Hashing a file transforms the data into a different type. The hashed data cannot be recovered. Hashing is used to protect password files. The more complex the hashing algorithm, the more difficult it is to crack the file.

The most common file hashing method uses a variant of the SHA (Secure Hashing Algorithm). File encryption is coupled with hashing in order to further harden the files and the data.

Using secure protocols

Secure protocols protect data transfers on protected systems. Earlier, we mentioned the SHA protocol. Now, we will address some of the data transfer protocol combinations. SSH (Secure Sockets Handling) keys can be generated in order to protect data or devices. SSH keys can be generated and combined with an insecure protocol such as HTTP, creating a strong HTTPS connection. Similarly, SSH and FTP are used together for SFTP.

Disabling unnecessary services is an essential method in order to prevent random attacks. By default, an OS installs all of the services it predicts the PC will run. An average user will probably not use many of them. However, these services will remain open and accessible until they are disabled.

screenshot of Guest account Disabled
Guest account Disabled

Disabling unused ports

In much the same way services are activated by default, IP ports are also opened by default. When discussing unwanted ports, virtualization must also be considered. Check the PC for unwanted active ports. Remember that all the virtual devices should be checked individually.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective 4.5. See you in 4.6!

We hope you liked our free study guide for Network plus 4.5 “Given a scenario, implement network device hardening.” If you did, please let us know!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

The below video is a short presentation of the Network+ N10-007 exam objectives.

 

 

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Free Study Guide for Network Plus 4.4 – Dumps4shared

Free Study Guide for Network Plus 4.4

4.4 Summarize common networking attacks.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network Plus 4.4. In this edition, we will cover the topics outlined in Network+ Objective 4.4 – “Summarize common networking attacks.”

DoS

A DoS (Denial-of-Service) attack prevents legitimate users from accessing normal content such as from a web server. This attack sends a flood of illegitimate SYN requests to a server, exhausting its resources. This attack comes from sources owned by the attacker. Please review the following types of DoS attacks.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

A DDoS (Distributed DoS) attack is much more sophisticated than a simple DoS attack. This attack infects hosts with malware and turns them into an army of bots or zombies. The infected machines are controlled by the attacker, unknowing to the user. The users unwittingly become a part of this coordinated attack.

A DRDoS (Distributed Reflective DoS) attack is a DDoS attack that uses uninfected computers to bounce the attack to the target. The packets in this attack are spoofed echo requests that appear to be sent from the target. When the echo requests are sent to the target, the target becomes flooded.

Amplified DRDoS attacks optimize the attack by sending simple requests that require larger responses from the target. This floods the targets with requests that require more resources to respond, amplifying the effectiveness of the DRDoS attack.

Social engineering

Employees present a security risk since human nature can cause employees to divulge information to the attacker. This is referred to as social engineering and uses a perceived sense of trust in order to trick users into revealing confidential information. The attacker may be posing as an authorized employee asking to gain information about the network. For example, a “help desk” intruder may be able to get a password from a user with little to no effort. There are many types of social engineering and we will cover those described in the objectives.

Phishing is a highly effective attack type. During this attack, the attacker sends a seemingly legitimate email to the victim asking them to log on to a retailer’s URL and submit their username and password for verification.

Insider threat

A user may become dissatisfied with their job and may decide to act maliciously. This is an extremely serious threat. They have extensive knowledge about the organization’s infrastructure. A user with high-level rights and permissions can do serious damage.

Logic bomb

There are many types of malware constantly attempting attacks by viruses, worms, and trojan horses. We will cover those types listed in the objectives.

A logic bomb is malware that has infected a PC but will not execute until a specific date or under certain conditions. Logic bombs are harmless and lie dormant until it has been triggered.

Ransomware

Ransomware is malware that locks the user’s computer and encrypts the data on all connected drives, including online storage. The user receives a locked screen with instructions detailing the ransom demand and payment information. There may be a deadline for payment or a threat to delete data if the ransom is not paid. Computers infected with ransomware are not generally recoverable until the ransom is paid. Even then, you may not regain access. Ransomware is a multimillion-dollar operation.

Rogue access point

Rogue access points are set up using the same SSID as valid access points. A rogue access point is also known as an evil twin. Once a user accesses the rogue access point, their data in transit can be hijacked or even access to the user data is possible.

War-driving

An amazingly effective security threat is called war driving. In this case, the hacker simply drives around looking for unprotected wireless networks. There is an astonishing number of access points broadcasting their SSID that is setup using the default password. Once an open access point is discovered, the hacker can attempt to penetrate the network or just scan the traffic to attempt an exploit.

DNS poisoning

DNS poisoning, or DNS spoofing, attacks DNS servers by changing a webserver’s DNS record, redirecting legitimate traffic to a spoofed or compromised server. This enables the hacker to gather all the data intended for the legitimate server. The DNS system constantly updates other servers with its records so the poisoned address can spread quickly. ARP poisoning works in much the same way, however the ARP tables are attacked, changing the IP address and MAC address information stored on them.

Man-in-the-middle

This attack type redirects secure transmissions and captures them in order to obtain information such as passwords. Users may also be redirected to a fraudulent website that looks legitimate but contains links to other malicious sites.

Deauthentication

Wireless clients must authenticate with a wireless access point. There are times when this authentication can be revoked. For example, if the AP is overloaded, some users may be deauthenticated (knocked off). This requires them to log back onto the network. The deauthorization process can be broadcasted, prompting the user to resend their login credentials and other information in order to log back in. This data can be collected and used to cause damage.

Brute force

Passwords are the bane of computing today. Users and hackers prefer short and simple passwords. Administrators prefer long and complex passwords in order to avoid security issues. Please follow the advice of administrators. Use a mix of numbers, upper and lower case letters, and symbols. Ensure the password is at least eight characters long. Having said that, a complex password is not immune to brute force hacking. A complex password is just harder to crack.

VLAN hopping

VLAN hopping is an attack that exploits the way VLANs are tagged. In this attack, the hacker sends transmissions to the switch that appear to be a part of the protected VLAN. Hackers are then free to travel across VLANs in order to gain sensitive information. Attackers can modify the VLAN tag by double tagging it or by spoofing the switch into thinking this is a trunk.

Exploits vs. vulnerabilities

The terminology we use is important to understand. Here any weakness in a system that could be compromised is called a vulnerability. Not all vulnerabilities are attacked. When vulnerabilities are used to gain access or information, this is called an exploit.

Click here to go back to the Network+ 4.0 Table of Content

That’s it for objective 4.4. See you in 4.5!

We hope you liked our free study guide for Network Plus 4.4. If you did, please let us know (you can use “contacts”. If you found any typos or the like, then please let us know about that too! This is a communal effort to bring studying costs down and we need all the help we can get to keep improving it.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

 

Screenshot of the CompTIA Exam Objectives for Network+ N10-007
CompTIA Objectives for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Free Study Guide for Network Plus 4.3 – Dumps4shared

Free Study Guide for Network Plus 4.3

4.3 Given a scenario, secure a basic wireless network.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our Free Study Guide for Network Plus 4.3. In this installment, we will explore the Network+ Objective 4.3 – “Given a scenario, secure a basic wireless network.”

Click here for more info about our Exam Simulator for Network+ Exam N10-007

WPA/WPA2

Wireless network traffic can be seen and captured. WEP (Wired Equivalent Privacy) was the original encrypted WiFi protocol. WEP has some shortcomings, for example, the same static network key is used on all clients. This key can only be changed manually.

WPA (Wireless Protected Access) was developed in order to increase security and dynamically create new keys for every transmission. WPA uses TKIP (Temporal Key Integrity Protocol) which utilizes the RC4 (Rivest Cipher 4) stream cipher. Each packet gets a unique 128-bit key.

The WPA2 certification was introduced in 2004 and replaced the RC4 encryption algorithm with AES (Advanced Encryption Standard) for faster and more secure transmissions. CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is used to replace the now deprecated TKIP. CCMP supports data confidentiality, authentication, and access control. A Pre-Shared Key (PSK) can be created with WPA2-personal in a home or small office.

Circling back to WEP (Don’t use it!), WEP supports two testable authentication methods. OSA (Open System Authentication) requires no key and the client needs only the SSID to begin. SKA (Shared Key Authentication) uses the same key across all wireless nodes and communications can be encrypted.

Authentication and authorization

Authentication on WPA2-Enterprise networks very often use RADIUS servers and the EAP (Extensible Authentication Protocol). EAP is supported by modern operating systems and can be used with physical authentication methods. EAP-TLS uses the public key infrastructure with TLS encryption. EAP-TLS is Certificate based.

PEAP (Protected PEAP) and EAP-FAST (EAP-Flexible Authentication via Secure Tunneling) both create secure tunnels between the endpoints. PEAP creates an outer tunnel before beginning the normal EAP process. This creates an inner tunnel to be used for data.

Geofencing

Many enterprises using WWAN to serve their mobile users use MDM (Mobile Device Management) software in order to secure their mobile assets. The MDM uses the device’s GPS in order to determine whether a device is in an approved area. Access is restricted to clear geographic areas.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective we hope you enjoyed our Free Study Guide for Network Plus 4.3.  – “Given a scenario, secure a basic wireless network.” See you in 4.4!

 

Click here for more info about our Exam Simulator for Network+ Exam N10-007

In this short video, you will get a quick overview of the Network+ Exam Objectives:

 

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

free study guide for Network plus 4.2 – Dumps4shared

free study guide for Network plus 4.2

4.2 Explain authentication and access controls.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network plus 4.2. In this edition, we will cover objective 4.2 “Explain authentication and access controls.”

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Authentication, Authorization, and Accounting

The three major elements of network access are known as AAA. This stands for Authentication, Authorization, and Accounting. AAA answers the following questions anytime a user is validated for network access.

  • Authentication: Who are you? Can you provide the correct credentials for access to the network?
  • Authorization: What are you allowed to do? Here, the user’s authorization to access resources, perform tasks, or execute commands is verified.
  • Accounting: When did you attempt to access and what did you do? Accounting logs the users’ activity and retains the log for auditing.

The answers to these questions can be provided through several access control technologies. These will be discussed next.

RADIUS (Remote Authentication Dial-In User Service) is the most popular service that centralizes resource management and conforms to AAA functions. RADIUS is an open source standard that can run on a dedicated device, called a RADIUS server, or it can run as software on a server which provides other network services. With regards to security, RADIUS only encrypts passwords making it less secure than TACACS+.

TACACS+ (Terminal Access Controller Access Control System Plus)  is a proprietary AAA protocol designed by Cisco in order to run on routers or switches. TACACS+ encrypts all transmissions and provides separation in the protocols used for AAA. Its design allows protocols such as Kerberos to be used for authentication while TACACS+ provides the authorization and accounting service.

Kerberos is the default authentication protocol for Active Directory. Key encryption is used for client verification and communication. Kerberos uses SSO (Single sign-on) authentication which allows a user to sign on once and conveniently access multiple resources, eliminating the need to sign into each resource individually. In AD, Kerberos is the default authentication protocol but is not the only one supported. LDAP (Lightweight Directory Access Protocol) serves as a common model for accessing the existing directory structure. AD and LDAP can run concurrently.

Local authentication describes an AAA model where all processes are performed on the local device.

Certificates are used to authenticate users. In Certificate-Based Authentication, an authentication request is sent that contains the user’s public key that is then used to validate its authenticity.

Multifactor authentication

Multifactor authentication provides greater security by requiring multiple authorization components from two of the five factors presented below. Here is how CompTIA defines them:

Something you know – This is a password or PIN.

Something you have – This can be a smart card, smartphone, or a digital key fob.

Something you are – Stored physical data is used for authentication. The geometry of your face, your fingerprint, and your iris all represent something you are.

Somewhere you are – This method requires your location to match the stored data.

Something you do – This represents the individual aspects of the way you enter data. Speech recognition allows your speech pattern to be compared with the sample. Even the speed at which you type can be used.

Access control

The 802.1x standard was developed in order to allow wired and wireless users to access the LAN. EAPoL  (EAP over LAN) is used for this process.

NAC (Network access control) uses network policies in order to control and set the appropriate type and level of access for each device. Access control lists are an example of access control policy.

Port security is the practice of securing ports against unauthorized access using software or hardware. MAC address filtering is used to block unauthorized traffic based on the source MAC address and an updateable address table. The switch-port can be easily disabled.

Captive portal is generally configured in order to provide the Wi-Fi Guest account settings for a network. The user is brought to a log on page that will usually require consent to the terms of use and connection related information such as privacy and security.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective 4.2. See you in 4.3!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Here is a short video showing a performance-based question in our Network+ Exam Simulator:

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Free Study Guide for Network Plus 4.1 – Dumps4shared

Free Study Guide for Network Plus 4.1

4.1 Summarize the purposes of physical security devices.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared. Free Study Guide for Network Plus 4.1. This edition will cover physical security types and their purposes as outlined in objective 4.1 -“Summarize the purposes of physical security devices.” Enjoy!

Detection

When discussing physical security, let’s start with the methods used to detect unauthorized intrusion into protected areas and the devices they contain.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Motion detection is used to monitor for physical activity, often triggering an alarm or alerting security personnel. The sensitivity of the detector is calibrated in order to prevent false alarms. These detectors can trigger event monitoring, recording the date and time of the activity along with turning on the lights and enabling video recording.

Video surveillance, in the form of closed-circuit TV (CCTV), has greatly reduced the manpower needed to visually monitor protected areas. Strategically placed video cameras can cover areas that once required physical surveillance. The video cameras send their imaging to a central monitoring station, enabling security personnel to view and record activity throughout the entire coverage area(s). The video camera can connect to the central monitoring station using a coaxial cable or through the existing network.

Regardless of the connection method used, remember that these cameras can be motion activated or can remain on at all times. As a rule, all video should be recorded and saved.

Asset tracking tags are placed on all valuable assets owned by the company. This serves several purposes. The tag is linked to a database of assets and uses the object’s type, make, model, acquisition date, and current location. The tag is usually a barcode but can also be an RFID tag. These tags are used to identify the object for depreciation, routine maintenance, or security.

A common form of Tamper detection is a sticker which when broken, indicates the opening of a device enclosure. This is not the only tamper detection that may be encountered. More sophisticated tamper detectors are mounted inside the device and can trigger alarms, lights, and cameras.

Prevention

ID Badges are used to identify employees. Depending on the access model, the ID badge can also provide electronic information to allow access to restricted areas. Badge readers are also placed strategically around locked areas in order to permit access to authorized parties.

Biometrics uses a person’s unique physical characteristics to authenticate them. This could be as simple as a fingerprint or hand scan and as complex as a retinal scan. The scanned results are compared to the stored biometric data for authentication. While this method is more expensive to implement and maintain, it possesses a very high accuracy level.

Smart cards are electronic access badges that are used to unlock doors to authorized areas. These badges often contain a photograph of the user.

A Key fob is easily recognizable to anyone with remote locks on their vehicle. This device is used to allow access to secure areas. However, it is not as easy as pushing a button. The key fob and door are time-synchronized and use a random sequence in order to permit access.

All of the prevention methods listed above control locks. Access to a locked area can be as simple as a physical key or as complicated as a biometric lock. It is important to realize that multiple prevention methods can be combined, creating multi-factor authentication which will be described in the following posts.

Click here to go back to the Network+ 4.0 Table of Content

we hope you liked our free study guide for Network Plus 4.1. See you in 4.2!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

screenshot of a Performance Based Question (PBQ) in the Dumps4shared Network+ simulator
Example of Performance Based Question (PBQ) in the Dumps4shared Network+ simulator

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Free Study Guide for Network plus 3.5 – Dumps4shared

Free Study Guide for Network plus 3.5

Free Study Guide for Network plus 3.5

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network plus 3.5 “Identify policies and best practices.” Enjoy!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

A successful company will have a group of organizational policies to ensure strategic objectives and also regulatory compliance, adherence to corporate policy and the satisfaction of vendor agreements. These are high-level policies that affect the whole organization. We will here look at some of these policies and procedures as defined by the CompTIA exam objectives.

Privileged user agreement

This agreement is applied to employees that have access to Personal health records. This including Doctors and staff. The employee agrees not to disclose any information relative to these records.

Password policy

Weak, and compromised passwords are a primary threat to our system security.  Your company will have a clear password policy the covers the length of the password, and the specifications for the character types that must be used. There will be a list of dos and don’ts. Do not divulge your password to anyone, be they a co-worker or your superior. Don’t leave the password written down and stored in your office. The length and complexity of your password are important, and it is equally important to safeguard your password.

Screenshot of Strong password generator
Strong password generator

On-boarding/off-boarding procedures

Permitting wireless network access for a device is called on-boarding and the removal of a device is called off-boarding. Today’s office environments contain a mix of company assets and personal devices to perform work. Care must be exercised when permitting devices to access the network. Here mobile device management (MDM) software will allow greater control over this process.

Licensing restrictions

All software is covered by a licensing agreement that you must accept before installation. This agreement contains information on your right to use the software and what information the software collects.

International export controls  

The Windows operating system is one of the largest examples of the international export of software. In Windows 10, versions were created for use in Europe (N) and Korea (KN). These versions contain all of the basic features of the operating system without the Windows Media Player, Music, and Skype.

Data loss prevention

DLP (data loss prevention) is a risk mitigation technique that prevents network data classified as sensitive from being downloaded, transmitted or copied.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Remote access policies

A remote access policy outlines and clearly defines your company’s acceptable remote access methods for hosts. Adherence to this policy is crucial for workers connecting over insecure public networks and even home networks.

Incident response policies

When an incident occurs the actions to be taken are laid out clearly in the Incident Response Policy. The document will contain the preparatory information the response team will need to act. The detection methods and threat authentication process is defined. The impact of an incident is quickly contained and further problems are prevented.

BYOD

Bring your own device (BYOD) is the method of allowing employees to bring their own personal devices into the workplace. The permissions for these devices will be determined by the On-boarding / off-boarding section described above.

AUP

An Acceptable Use Policy (AUP) is where the company defines what and what is not acceptable use of company resources. You will sign and consent to this policy which is legally binding.

NDA

The Non-Disclosure Agreement (NDA) is a critical document to protect the company as a whole. It describes how data classifications like private and confidential are to be treated. As you advance in your career you will be exposed to more important information. A casual cup of coffee with a stranger is an opportunity for them to gain strategic information. Your NDA will address any breach and the penalties associated.

System life cycle

The system development lifecycle is a continuous process that consists of several distinct and clearly defined phases. The process is a plan that enables engineers and developers to manage a system from its inception through its useful life until its ultimate disposal.

– Initiation The process begins when a need is identified. Even better to capitalize on an opportunity.  Here you will create a proposal.

– System concept development Now the fun begins. Your documentation should address the scope of concept., a cost-benefit analysis, feasibility study and a good risk management plan.

– Requirement analysis This phase covers user requirements and a functional requirements document.

– Design Here the detailed requirements are used to create a detailed design document that delivers the desired functionality.

– Development Here is where you use the information gathered to create a complete system. You will test the new system arduously creating databases, compiling programs and testing all aspects of functionality.

– Integration and test In this phase you demonstrate the system performance and adherence to requirements.

– Implementation Here you prepare the system for introduction to the production environment and resolve any issues.

– Operation and maintenance Here you describe the tasks necessary to keep the system running optimally.

– Disposition This phase describes the actions to be taken when a system is retired. Primarily data preservation is a key aspect here.

– Asset disposal All company assets should be tagged and logged for tracking. When a system is retired it is vital to remove and safely destroy any objects that can store data. Your local municipality can advise you in this area.

Safety procedures and policies

In all properly run corporations, safety is a top priority in the workplace. We’re not discussing paper cuts here but will look at some major factors you need to be aware of. The Occupational Safety and Health Administration (OSHA) oversees workplace safety from the federal level. They have established procedures for the use and disposal of hazardous material and other workplace guidelines. If your job includes a potential hazard you will be issued personal protective equipment (PPE). This can be a hard-hat, gloves and most importantly eye protection. There are other hazards in your space like cleaners, solvents and other potentially hazardous material. OSHA requires manufacturers to label products that are physically or environmentally hazardous. Like old faithful below.

Graphic of an OSHA Class 6 placard denoting is material, other than a gas, which is known to be so toxic to humans as to afford a hazard to health during transportation.
OSHA Class 6 placard with DOT approved graphic

Be aware of your surroundings at all times. Look out for things like wires that could trip someone. Assess the situations you find yourself in. For example, if you are asked to move something heavy try to determine its weight and center of gravity. Keep the object close to your body and lift with your legs. When lifting, do not strain, get help.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Well with Domain 3.5 you just concluded Main Domain 3.0, congratulations! We hope you enjoyed our free study guide for Network plus 3.5. See you in Main Domain 4.0!

Click here to go back to the Network+ 4.0 Table of Content

 

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Network Plus N10-007 Objective 3.4 – Dumps4shared

Network Plus N10-007 Objective 3.4

3.4 Given a scenario, use remote access methods.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to Exam Notes by Dumps4shared! In this edition, we will address topics covered in Network Plus N10-007 Objective 3.4 “Given a scenario, use remote access methods.” All remote access technology brings with it a certain amount of risk. Be aware of any risks before deploying any remote access software.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

VPN

Virtual Private Networks (VPN) provide a secure, private, encrypted, host-to-host connection called a tunnel. The tunnel is established between a host and a network server in a client to site configuration or as a site to client tunnel.

Screenshot of VPN connection properties
VPN connection properties

SSH

Secure Sockets Handling (SSH) can be used to initiate console screens on routers, switches and other network devices for analysis or configuration. Consider the SSH key as a substitute for your username and password for authentication. The SSH protocol provides a secure cryptographic connection at both ends.

IPSec

IPsec is a Layer 3 network protocol that can provide encryption, authentication and key management for every packet transmitted.

SSL/TLS/DTLS

Many browser-based communications are protected using the SSL (Secure Socket Layer) TLS (Transport Layer Security (TLS). Your browser address bar will display. Look for this padlock in the address bar before entering any information.

Secure browser padlock

Remote file access

Basically FTP (File Transport Protocol) is used to transfer files between devices.

FTP/FTPS FTP uses either open unauthenticated connections or those that require credentials.

SFTP Is an extension of the SSH protocol that uses SSH to Secure FTP connections. Remember that FTPS and FTP Secure and not compatible with each other.

TFTP is the least secure of the FTP options. It provides fast file transfers on the local network but it is not suited to transfers across the public internet.

RDP

Microsoft’s implementation of the Remote Desktop Protocol (RDP) dates back to some of the OS’s earlier releases that provided a Terminal interface that required extensive knowledge of commands. Features were added to create more effective control with each release. It is now possible to view and control the host you are connected to. VNC (Virtual Network Computing) is the open-source version of this technology allowing vendors and manufacturers to modify the app as needed.

Telnet

Remote users can still “remote in” to computers using the Telnet command. While this is fast and efficient it is not secure. It has largely been replaced by more secure transfer methods.

HTTPS/management URL

Our network devices once required individual command line configuration. Today’s devices often provide access to all settings through an SSL secured management URL.

Out-of-band management

In-band management requires that the program be installed on each device being configured. The device (s) being configured must be powered on limiting some of your options.

Out-of-band management provides the capability of managing your network from an external connection. Your connection can be initiated with a dial-up connection or a cable modem. A console router on the server side can centralize the management of these devices. Here is a look at the management console from a SOHO router.

Click here to go back to the table of content for Network+ Main Domain 3.0

Well, that’s all for objective 3.4 and main domain 3! See you in domain 4!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Network Plus N10-007 Objective 3.3 – Dumps4shared

Network Plus N10-007 Objective 3.3

3.3 Explain common scanning, monitoring and patching processes and summarize their expected outputs.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to Exam Notes by Dumps4shared. In this edition, we will examine the topics in Network Plus N10-007 Objective 3.3 “Explain common scanning, monitoring, and patching processes and summarize their expected outputs.” Enjoy!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

 

Processes

Log reviewing

Each time a device like a switch, router, firewall or the Webserver OS performs an action it records the activity in a log file. A good example is a honeypot log that reveals attacks and exploit attempts. That log file is viewable and stored in a central location using the syslog format. These files contain an enormous amount of information and require a lot of effort and concentration if they are being reviewed line by line. Fortunately, there is software available that allows you to view the information graphically. More on that later in SIEM. The important point here is that the logs be monitored and reviewed regularly.

Vulnerability scanning 

Our networks are continuously under attack. Vulnerability scans are used to detect potential network weaknesses without taking any action. Your network can be tested for vulnerabilities by your internal IT staff. You can also use an outside party to perform vulnerability tests. To attempt to exploit any vulnerabilities discovered, the penetration testing process uses the available tools and utilities to simulate an attack, attempt an exploit. and determine the scope of the vulnerability. Consider vulnerability scans as a non-invasive action versus the invasive nature of a penetration test scan. Remember that there are constant exploit attempts and more importantly the hackers are using the same tools against you. The topics that follow describe some of the methods of detection and defense.

Port scanning

Open network ports on a system are examined by port scanning. You can scan for devices and open ports from the command line using the Nmap utility. Nmap can provide the information about the operating systems and services running on hosts. Third-party utilities provide more features and use a GUI.

Screenshot of zenmap
zenmap is a free and open source GUI for nmap.

Metasploit

Penetration testing tools like Metasploit are highly effective penetration testing tools. Metasploit can perform external network analysis, build and remotely control exploits. It also maintains a database of compromised devices. Pen tests performed by authorized parties is known as Ethical hacking. Another popular pen test program is Nessus. Nessus performs tests to seek unauthorized access to sensitive information. This is an effective tool for full analysis using real-time vulnerability updates enabling your team to identify and mitigate threats as they occur.

The software and operating systems are continuously being probed for weaknesses. When one is found Patch management software can be used to provide additional protection. After applying a software patch, you should run a security baseline to check your current results against the latest stored baseline.

Reviewing baselines helps you track the impact of your changes and review them for problems.

If you apply a patch that degrades your performance or security that patch can be uninstalled (Rollback) to neutralize any negative effects caused by the patch.

Event management

All actions on your network are logged. The log files can be analyzed individually, or they can be displayed graphically in a SIEM (System Information and Event Management) program.

Notifications can be issued by the SIEM as an alert and sent to the IT staff for investigation. Our example demonstrates a vulnerability scan on an unpatched OS.

SIEM Monitor

Metrics

When testing our performance metrics. The GUI output of SIEM and event management software provide real-time running graphical feedback on your operation. Your network can be tested for:

Error rate

The error rate is a metric that counts the packets that require retransmission. It is expressed as a percentage.

Utilization

This metric displays the actual throughput versus the bandwidth available.

Packet drops

When a packet is dropped it must be retransmitted. This takes a toll on network performance that increases as long as the condition exists.

Click here to go back to the table of content for Network+ Main Domain 3.0

That’s all for objective 3.3! See you in 3.4!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps

Categories
Network+

Network Plus N10-007 Objective 3.2 – Dumps4shared

Network Plus N10-007 Objective 3.2

3.2 Compare and contrast business continuity and disaster recovery concepts.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to Exam Notes by Dumps4shared. This edition covers Network Plus N10-007 Objective 3.2 “Compare and contrast business continuity and disaster recovery concepts.” You could be tested on any of the bolded terms. If you are unsure about any terms do further research.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Availability concepts

Fault tolerance plays a critical role in maintaining network availability. Simply put faults lead to failures and failures are not acceptable. Your goal is to have the highest network uptime. So here we will look at some of the practices that reduce faults and thereby minimize or circumvent failures.

Redundancy enables your network to remain up in the event of a failure. Redundancy takes several forms in this area. It could be a Battery backup/UPS on critical devices or even a power generator onsite to provide reliable power during an outage. Your UPS will protect your equipment against power anomalies like blackouts, brownouts, and surges. It also will provide clean power that is free from electrical noise or EMI.

Photo of UPS-Battery Backup
UPS-Battery Backup

Your server itself can have dual power supplies installed. The second power supply will take over if the primary one fails.

Within the server(s) you can use a Redundant Array of Independent disks (RAID) configuration. RAID can tolerate a disk failure and continue to operate normally. The failed disk can be replaced and automatically be restored without service interruption.

Everything fails or needs to be replaced, that’s a fact. Your inventory management software should include the date equipment was put in use. You should be aware of two factors that will help in planning preventative maintenance. You will define the time expectancies in the SLA (Service Level Agreement).

MTTF (Mean Time Between Failure) Is the predicted operational life of a device before it fails. This is based on manufacturer testing. This metric is quite useful as equipment nears the end of its life expectancy, you can plan replacements or upgrades.

MTTR (Mean Time To Repair) As the name implies this is the average time it will take to repair an outage condition. Your ISP will define these times in your SLA.

High availability (HA) is a term used to identify the uptime of a network. Availability is measured as an average percentage. Downtime is calculated and then rated. For example, a system that functions reliably nearly all the time may be rated as 99.999% which equates to about 5 minutes a year downtime or less than 30 seconds a month. Compare that to a network rated at 99% which will be down roughly 8 hours a month.

The availability is you require relative to your business needs and budget. Your SLA with customers is an important consideration here. The more 9’s your network supports the higher the equipment cost and technical support you will need. A four 9’s network will be down 8 seconds a day or less than an hour per year on average. A five 9’s network will average out to around .4 seconds a day.

An essential element of availability is to eliminate a single point of failure. Redundant circuits prevent a switch or firewall failure from bringing the network down.

On the devices NIC teaming allows you to configure two or more NICs in a Windows device and have it appear as a single logical interface. On Cisco devices, this method is called port aggregation. Whatever you call it performance is increased as this practice provides higher throughput, failover protection, and practical load balancing.

Screenshot of a NIC settings page.
NIC settings page.

In a case where you have a Webserver, you will need at least one identical server. Both servers can be configured as a cluster. The cluster will appear as a single device If it is online using a dedicated load balancer will intelligently distribute the traffic intelligently maximizing your performance in peak periods.

Recovery

A good disaster recovery plan is essential to business continuity. The recovery option you use will depend on several factors like planning, cost, hardware, software and the level of employee involvement required. You will always deploy your recovery site in another location. This could be a different building or another geographic location. There are three types of recovery sites:

Cold Site – This site will contain all of the hardware and software necessary to restore operations. The devices are not configured or connected. You have the task of installing the OS(s) on the server(s) and configuring it. This is true for all routers and switches necessary, representing a considerable amount of time and effort. It is the least expensive option and takes the longest time to recover.

Warm site – A warm site can be brought online more quickly than a cold site. The warm site will contain all of the hardware and software. It will be updated regularly, but not necessarily often. The updates to the site may be monthly and any interim restoration will require recent data to be retrieved from backups. This is still quicker than a cold site restoration.

Hot site – The fastest recovery method is the hot site. This site has all of the hardware and connectivity is up to date and ready to be deployed. There is minimal downtime. Your servers can be configured to mirror data to these sites. This is the most expensive option.

Backups – When planning backups, you need to know what needs to be backed up and how often it should be backed up. We cover four backup types here:

Full backups back up everything each time it is performed.

Differential backups back up everything that has changed since the last full backup.

Incremental backups back up everything that has changed since the last backup.

Snapshots can’t replace the backup types outlined above. They are very useful for frequently used files. The snapshots are taken frequently, even while the files are being modified. Consider it as a frequent incremental backup.

Click here to go back to the table of content for Network+ Main Domain 3.0

That’s all for objective 3.2! You’re half-way through Main Domain 3.0. Good luck on the test!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps