Ch1 - 1.03 - Network Security Best Practices Flashcards
Network Security Best Practices - Device Usage
- Physical Security
Ensure that all servers and networking devices such as routers and switches are stored in a secure location such as a locked server room. - Do Not Use Hubs
- Configure Passwords
Most networking devices such as routers and switches allow you to configure passwords on the device, which lets you control who is authorized to administer the device. - Use Port Security
- Use VLANs
Network Security Best Practices - Port Security
You should also ensure that any ports on the switch that are not being used are disabled to help prevent unauthorized individuals from connecting to an
available port. In highly secure environments, you should configure port security on the ports, which is a method to specify which MAC addresses are allowed to connect to a particular port. Port security is also a great countermeasure against MAC flooding, which involves the hacker sending frames to the switch that contains different source MAC addresses. This could cause two things to occur:
1. The switch sees all of the bogus entries in the MAC address table and no longer trusts the table, which results in the switch flooding all frames to all ports (known as a fail-open state). (remember that MAC flooding is when the hacker confuses the switch into flooding all frames to all ports. This allows the hacker to connect to any port on the switch and be able to receive all traffic on the network.)
2. Entries in the MAC address table are overwritten so that the switch does not know at what port valid MAC addresses are located. When a switch does not know the location of a particular MAC address, it then floods the frame to all ports on the switch, which gives the hacker the opportunity to capture the traffic because the switch is no longer filtering traffic.
Network Security Best Practices - Cable and Protocol Usage
- The most secure cable type to use is fiber-optic cabling.
- Use different-colored cables for a protected system
versus an unprotected system.
A protected network is a controlled network that is
not connected to the Internet, while an unprotected network is one that is connected to the Internet. In high-security environments, it is critical that a protected system is never connected to an unprotected network because it could be exposed to malicious software from the Internet. - As far as protocols are concerned, ensure that you are using the most secure protocols at all times in environments that require the security.
