Skip to main content

Search Shelves Books Log in

Details

Revision #2

Created 1 year ago by naruzkurai

Updated 1 year ago by naruzkurai

Actions

Revisions

Export

Contained Web File.html
PDF File.pdf
Plain Text File.txt
Markdown File.md

Book Navigation

[Completed] Professional Google Cybersecurity Specialization C3/8; Connect and Protect: Networks and Network Security
getting started & introduction to networks
Network Communication
Introduction to network protocols
Firewalls and network security measures
Introduction to intrusion tactics
Security hardning
how to read a tcpdump
network hardening
Course wrap-up; Glossary Cybersecurity Course 3

Books

[Completed] Profession...

Security hardning

Network hardening prac...

Network hardening practices

Earlier, you learned that OS hardening focuses on device safety and uses patch updates, secure configuration, and account access policies.

Now we'll focus on network hardening.

Network hardening focuses on network-related security hardening, like port filtering, network access privileges, and encryption over networks.

Certain network hardening tasks are performed regularly, while others are performed once and then updated as needed.

Some tasks that are regularly performed are firewall rules maintenance, network log analysis, patch updates, and server backups.

Earlier, you learned that a log is a record of events that occurs within an organization's systems.

Network log analysis is the process of examining network logs to identify events of interest.

Security teams use a log analyzer tool or a security information and event management tool, also known as a SIEM, to conduct network log analysis.

A SIEM tool is an application that collects and analyzes log data to monitor critical activities in an organization.

It gathers security data from a network and presents that data on a single dashboard.

The dashboard interface is sometimes called a single pane of glass.

A SIEM helps analysts to inspect, analyze, and react to security events across the network based on their priority.

Reports from the SIEM provide a list of new or ongoing network vulnerabilities and list them on a scale of priority from high to low, where high priority vulnerabilities have a much shorter deadline for mitigation.

Now that we've covered tasks that are performed regularly, let's examine tasks that are performed once.

These tasks include port filtering on firewalls, network access privileges, and encryption for communication, among many things.

Let's start with port filtering.

Port filtering can be formed over the network.

Port filtering is a firewall function that blocks or allows certain port numbers to limit unwanted communication.

A basic principle is that the only ports that are needed are the ones that are allowed.

Any port that isn't being used by the normal network operations should be disallowed.

This protects against port vulnerabilities.

Networks should be set up with the most up-to-date wireless protocols available and older wireless protocols should be disabled.

Security analysts also use network segmentation to create isolated subnets for different departments in an organization.

For example, they might make one for the marketing department and one for the finance department.

This is done so the issues in each subnet don't spread across the whole company and only specified users are given access to the part of the network that they require for their role.

Network segmentation may also be used to separate different security zones.

Any restricted zone on a network containing highly classified or confidential data should be separate from the rest of the network.

Lastly, all network communication should be

encrypted using the latest encryption standards.

Encryption standards are rules or methods used to conceal outgoing data and uncover or decrypt incoming data.

Data in restricted zones should have much higher encryption standards, which makes them more difficult to access.

You've learned about the most common hardening practices.

This knowledge will be useful as you complete the certificate program and it's essential to your career as a security analyst.

No Comments

Back to top

Introduction to Course 3 + course 3 overview

Glossary Cybersecurity

Welcome to week 1

Chris: My path to cybersecurity

What are networks?

Tina: Working in network security

Emmanuel: Useful skills for network security

tech enthusiest reminder

Network tools

Network components, devices, and diagrams

Cloud networks

Cloud networks

Introduction to network communication

The TCP/IP model

The four layers of the TCP/IP model

Learn more about the TCP/IP model

The OSI model

Local and wide network communication

Components of network layer communication

Wrap-up

Glossary terms from Course 3, Week 1

Welcome to week 2, Network potocols

Common network protocols

Additional network protocols

Antara: Working in network security

Wireless protocols, The evolution of wireless security protocols

Firewalls and network security measures

Virtual private networks (VPNs)

Security zones

Subnetting and CIDR

Proxy servers

Virtual networks and privacy

Glossary terms from week 2

Course 3 resources and citations

The case for securing networks

Matt: A professional on dealing with attacks

Denial of Service (DoS) attacks

Read tcpdump logs

Real-life DDoS attack

Malicious packet sniffing

IP Spoofing

Overview of interception tactics

Glossary terms from week 3 & wrap-up

temp

Introduction to security hardening

OS hardening practices

Brute force attacks and OS hardening

Network hardening practices

Network security applications

Kelsey: Cloud security explained

Security hardening Wrap-up & Glossary terms from week 4

Cloud Hardening

Network hardening practices

No Comments