U2.4 LANs, MANs, WANs

jjanesko
Mind Map by , created over 5 years ago

Nework Security Mind Map on U2.4 LANs, MANs, WANs, created by jjanesko on 04/08/2014.

38
0
0
Tags
jjanesko
Created by jjanesko over 5 years ago
U2.5 SNMPv1 - SNMPv1 protocol stack
jjanesko
U2.1 Cables, Hubs, Sniffers - Hub Diagram
jjanesko
U2.2 Switches, ARP - ARP spoofing steps
jjanesko
Master French
jedimaster3721
PHR Sample Questions
Elizabeth Rogers8284
U2.6 SNMPv3
jjanesko
U2.5 SNMPv1
jjanesko
U2.1 Cables, Hubs, Sniffers
jjanesko
U2.1 Cables,Hubs,Sniffers- Thin Ethernet
jjanesko
U2.3 TCP, Routers, VLAN
jjanesko
U2.4 LANs, MANs, WANs
1 LAN
1.1 security issues
1.1.1 failures on backbone
1.1.2 failures where backbone connects with each workgroup
1.1.2.1 provides a point of access from a workgroup to the backbone
1.1.2.2 provides a point of access to all data associated with a workgroup
1.1.3 information flow control
1.1.4 network management
1.1.4.1 failure to manage leads to
1.1.4.1.1 network operation disruption
1.1.4.1.2 increased effort to identify problems
1.1.4.1.3 longer time to problem resolution
1.2 threats to CIA
1.2.1 eavesdropping
1.2.2 data corruption
1.2.3 backbone loss
1.3 protection measures
1.3.1 used dedicated switchers per workgroup
1.3.2 each switch should restrict the flow of data to the backbone
1.3.3 use firewalls where additional separation needed
1.3.4 use encryption
2 MAN
2.1 metropolitan area network
2.1.1 a separate backbone connects the backbones of multiple networks in different buildings
2.2 campus network
2.3 additional security issues
2.3.1 data travels outside the building
2.3.2 non-physical links may need to be considered
2.3.2.1 laser
2.3.2.2 infrared
2.3.2.3 microwave
2.3.3 complexity
2.4 protection measure
2.4.1 network information center needed to manage and monitor health
3 WAN
3.1 threats
3.1.1 general
3.1.1.1 sensitive items more widely transmitted
3.1.1.2 network likely to be switched with multiple routes
3.1.1.3 more unmanned equipment rooms managed remotely
3.1.1.4 possibility for unauthorized access to network links higher
3.1.2 impact of errors from configuration much larger
3.1.3 variation per medium
3.1.3.1 fibre
3.1.3.1.1 minimal external radiation
3.1.3.1.2 special tapping equipment needed
3.1.3.1.3 taps tend to cause service disruption
3.1.3.2 satellite, radio, microwave
3.1.3.2.1 extensive external radiation
3.1.3.2.2 easily available (but special) tapping equipment needed
3.1.3.2.3 tapping does not disrupt service
3.1.3.2.4 carrier MIGHT provide some encryption
3.2 possible security measures
3.2.1 partition networks, physical separation
3.2.2 partition networks, logical separation
3.2.2.1 achieved with permanent virtual circuits or crypto
3.2.3 data confidentiality
3.2.3.1 network partitioning
3.2.3.2 link encryption (layer 2)
3.2.3.3 end-to-end encryption (layer 4)
3.2.4 link encryption
3.2.4.1 for individual links betwee two points
3.2.5 Conditions of Connection (COC)
3.2.5.1 user must agree before getting access to network
4 Internet
4.1 security issues
4.1.1 route of sensitive data not guaranteed
4.1.2 availability of internet not guaranteed
4.1.3 denail of service real
4.1.4 any host can probe any other host

Media attachments