U2.4 LANs, MANs, WANs

Mind Map by , created over 5 years ago

Nework Security Mind Map on U2.4 LANs, MANs, WANs, created by jjanesko on 04/08/2014.

Created by jjanesko over 5 years ago
U2.5 SNMPv1 - SNMPv1 protocol stack
U2.1 Cables, Hubs, Sniffers - Hub Diagram
U2.2 Switches, ARP - ARP spoofing steps
Master French
PHR Sample Questions
Elizabeth Rogers8284
U2.6 SNMPv3
U2.5 SNMPv1
U2.1 Cables, Hubs, Sniffers
U2.1 Cables,Hubs,Sniffers- Thin Ethernet
U2.3 TCP, Routers, VLAN
U2.4 LANs, MANs, WANs
1.1 security issues
1.1.1 failures on backbone
1.1.2 failures where backbone connects with each workgroup provides a point of access from a workgroup to the backbone provides a point of access to all data associated with a workgroup
1.1.3 information flow control
1.1.4 network management failure to manage leads to network operation disruption increased effort to identify problems longer time to problem resolution
1.2 threats to CIA
1.2.1 eavesdropping
1.2.2 data corruption
1.2.3 backbone loss
1.3 protection measures
1.3.1 used dedicated switchers per workgroup
1.3.2 each switch should restrict the flow of data to the backbone
1.3.3 use firewalls where additional separation needed
1.3.4 use encryption
2.1 metropolitan area network
2.1.1 a separate backbone connects the backbones of multiple networks in different buildings
2.2 campus network
2.3 additional security issues
2.3.1 data travels outside the building
2.3.2 non-physical links may need to be considered laser infrared microwave
2.3.3 complexity
2.4 protection measure
2.4.1 network information center needed to manage and monitor health
3.1 threats
3.1.1 general sensitive items more widely transmitted network likely to be switched with multiple routes more unmanned equipment rooms managed remotely possibility for unauthorized access to network links higher
3.1.2 impact of errors from configuration much larger
3.1.3 variation per medium fibre minimal external radiation special tapping equipment needed taps tend to cause service disruption satellite, radio, microwave extensive external radiation easily available (but special) tapping equipment needed tapping does not disrupt service carrier MIGHT provide some encryption
3.2 possible security measures
3.2.1 partition networks, physical separation
3.2.2 partition networks, logical separation achieved with permanent virtual circuits or crypto
3.2.3 data confidentiality network partitioning link encryption (layer 2) end-to-end encryption (layer 4)
3.2.4 link encryption for individual links betwee two points
3.2.5 Conditions of Connection (COC) user must agree before getting access to network
4 Internet
4.1 security issues
4.1.1 route of sensitive data not guaranteed
4.1.2 availability of internet not guaranteed
4.1.3 denail of service real
4.1.4 any host can probe any other host

Media attachments