Week 2 - Administering Secure Networks

Question 1

What are the three network security strategies?

Answer 1

1. Security Through Network Devices
2. Security Through Network Technologies
3. Security Through Network Design Elements

Question 2

Add question here about security through network devices because there is a lot!

Question 3

What are the two technologies in security through network technologies?

Answer 3

1. Network Address Translation (NAT)
   - Is a technique used to map private IP addresses to public ones, allowing multiple devices within a local network to share a single public IP address for internet communication. It helps conserve IPv4 addresses and is commonly implemented in routers or firewalls to facilitate seamless data transfer between local and external networks.
2. Network Access Control (NAC)
   - Is a security measure that verifies and authorizes devices attempting to connect to a network, ensuring they comply with security policies before granting access. It helps organizations protect their networks from unauthorized access and potential threats by enforcing strict authentication and compliance checks.

Question 4

What are the advantages and disadvantages of network address translation (NAT)?

Answer 4

Advantages:

• Masks IP addresses
• Enables multiple devices to share a smaller pool of public IP addresses
• Offers flexibility

Disadvantages:

• Resource-intensive
• Communication delays
• Loss of traceability

Question 5

What are the elements of security through network design elements?

Answer 5

• Demilitarised Zone (DMZ)
• Virtual LANs (VLANs)
• Remote Access

Question 6

What is a DMZ?

Answer 6

A DMZ (Demilitarized Zone) is a network segment that sits between an organization’s internal network and the external, untrusted network, such as the internet. It’s used to host public-facing services like web servers, providing an additional layer of security by separating them from the internal network and limiting potential exposure to attacks.

Question 7

What is a virtual LAN (VLANs)

Answer 7

VLANs divide network devices into logical groups, even if they’re connected to different switches, simplifying management and boosting security. They cut down on network congestion and offer isolation for sensitive data, ensuring it’s only shared within the designated VLAN members.

Question 8

What is remote access?

Answer 8

Remote access refers to tools—hardware and software—that let users connect to their internal network from afar. It lets remote users tap into the network just like local ones, usually via VPN or dial-up, offering the same interface and functionality

Question 9

What are network administration principles?

Answer 9

Network administration follows a rule-based approach, guided by both external laws and internal policies. These rules cover:

• device security
• log monitoring
• network design
• port security

Question 10

In regards to device security, what is a flood guard?

Answer 10

Flood Guard is a device security feature that manages tolerance for unanswered service requests, preventing DoS attacks. Network administrators set a maximum number of concurrent connections. It’s commonly found on firewalls, IDSs, and IPSs.

Question 11

What are monitoring and analysing logs?

Answer 11

Monitoring and Analyzing Logs:

Logs: Records of events happening in a system.
Security logs: Reveal types of attacks, including successful ones.
Access logs: Detail file requests on a system.
Audit logs: Record user actions.
Event logs: Capture both failed and notable successful events.
Most network devices can capture log data

Question 12

Why should a centralised log analyser be used?

Answer 12

Challenges in log management: multiple devices, large data volumes, different formats. Solution: centralized log analyser. Logs record events; security logs reveal attacks, access logs detail file requests, audit logs record user actions, and event logs document both failed and significant successful events.

Question 13

What are the three network design management principles?

Answer 13

Network Design Management Principles:
1. Network Separation
2. Loop Protection
3. VLAN management

Question 14

What is network separation?

Answer 14

Network Separation is dividing secure and insecure network sections by physically connecting users to different switches and routers, preventing bridging and unauthorized connections from reconfigured devices.

Question 15

What are the general principles for managing VLANs?

Answer 15

General principles for managing VLANs:

1. Set unused switch ports to connect to an empty VLAN.
2. Rename default VLANs.
3. Ensure public devices aren’t on private VLANs, restricting user access accordingly.

Question 16

What are the ways in which a port can be secured?

Answer 16

Ports can be secured through:

1. Disabling Unused Interfaces
   Disable unused ports to prevent unauthorized access and attacks, ensuring all ports are secured before deployment by issuing shutdown commands.
2. MAC Limiting and Filtering
   restricts the number of allowed MAC addresses on a port, typically set to one, ensuring only a specific authorized host can connect through that port.
3. IEEE 802.1x – an IEEE Standardfor port-basedNetwork Access Control(PNAC)
   Standard that ensures maximum port security through port-based authentication