Skip to main content

Search Shelves Books Log in

Details

Revision #1

Created 1 year ago by naruzkurai

Updated 1 year ago by naruzkurai

Actions

Revisions

Export

Contained Web File.html
PDF File.pdf
Plain Text File.txt
Markdown File.md

Book Navigation

[Completed] Professional Google Cybersecurity Specialization C3/8; Connect and Protect: Networks and Network Security
getting started & introduction to networks
Network Communication
Introduction to network protocols
Firewalls and network security measures
Introduction to intrusion tactics
Security hardning
how to read a tcpdump
network hardening
Course wrap-up; Glossary Cybersecurity Course 3

Books

[Completed] Profession...

Firewalls and network ...

Security zones

In this section, we'll discuss a type of

network security feature called a security zone.

Security zones are a segment of a network

that protects the internal network from the internet.

They are a part of a security technique

called network segmentation

that divides the network into segments.

Each network segment has

its own access permissions and security rules.

Security zones control who can

access different segments of a network.

Security zones act as a barrier to internal networks,

maintain privacy within corporate groups,

and prevent issues from spreading to the whole network.

One example of network segmentation is

a hotel that offers free public Wi-Fi.

The unsecured guest network is kept separate from

another encrypted network used by the hotel staff.

Additionally, an organization's

network can be divided into

subnetworks, or subnets, to

maintain privacy for each department in a organization.

For instance, at a university,

there may be a faculty subnet

and a separate students subnet.

If there is contamination on the student's subnet,

network administrators can isolate it and

keep the rest of the network free from contamination.

An organization's network is classified into

two types of security zones. First,

there's the uncontrolled zone,

which is any network outside of

the organization's control, like the internet.

Then, there's the controlled zone,

which is a subnet that protects

the internal network from the uncontrolled zone.

There are several types of

networks within the controlled zone.

On the outer layer is the demilitarized zone,

or DMZ, which contains

public-facing services that can access the internet.

This includes web servers,

proxy servers that host websites for the public,

and DNS servers that provide

IP addresses for internet users.

It also includes email and file

servers that handle external communications.

The DMZ acts as

a network perimeter to the internal network.

The internal network contains private servers and

data that the organization needs to protect.

Inside the internal network is

another zone called the restricted zone.

The restricted zone protects

highly confidential information that is only

accessible to employees with certain privileges.

Now, let's try to picture these security zones.

Ideally, the DMZ is situated between

two firewalls. One of them

filters traffic outside the DMZ,

and one of them filters traffic

entering the internal network.

This protects the internal network

with several lines of defense.

If there's a restricted zone,

that too would be protected with

another firewall. This way,

attacks that penetrate into

the DMZ network cannot spread to the internal network,

and attacks that penetrate

the internal network cannot access the restricted zone.

As a security analyst,

you may be responsible for regulating

access control policies on these firewalls.

Security teams can control traffic reaching

the DMZ and the internal network

by restricting IPs and ports.

For example, an analyst may ensure that

only HTTPS traffic is

allowed to access web servers in the DMZ.

Security zones are

an important part of securing networks,

especially in large organizations.

Understanding how they are used is

essential for all security analysts.

Coming up, we'll learn about securing internal networks.

No Comments

Back to top

Introduction to Course 3 + course 3 overview

Glossary Cybersecurity

Welcome to week 1

Chris: My path to cybersecurity

What are networks?

Tina: Working in network security

Emmanuel: Useful skills for network security

tech enthusiest reminder

Network tools

Network components, devices, and diagrams

Cloud networks

Cloud networks

Introduction to network communication

The TCP/IP model

The four layers of the TCP/IP model

Learn more about the TCP/IP model

The OSI model

Local and wide network communication

Components of network layer communication

Wrap-up

Glossary terms from Course 3, Week 1

Welcome to week 2, Network potocols

Common network protocols

Additional network protocols

Antara: Working in network security

Wireless protocols, The evolution of wireless security protocols

Firewalls and network security measures

Virtual private networks (VPNs)

Security zones

Subnetting and CIDR

Proxy servers

Virtual networks and privacy

Glossary terms from week 2

Course 3 resources and citations

The case for securing networks

Matt: A professional on dealing with attacks

Denial of Service (DoS) attacks

Read tcpdump logs

Real-life DDoS attack

Malicious packet sniffing

IP Spoofing

Overview of interception tactics

Glossary terms from week 3 & wrap-up

temp

Introduction to security hardening

OS hardening practices

Brute force attacks and OS hardening

Network hardening practices

Network security applications

Kelsey: Cloud security explained

Security hardening Wrap-up & Glossary terms from week 4

Cloud Hardening

Security zones

No Comments