Network Devices and Technologies 1.1 SY0-401

Network Devices and Technologies The Security+ Certification exam requires knowledge of networking and a thorough understanding of security concepts that apply to network technologies. A Network+ certification and/or a solid background and experience in networking is recommended. Security+ Objective 1.1 covers security configurations of network devices and other technologies. Network Devices Firewall: A Firewall is a network device that… Read More »

Greg Palmer

Domain Name System (DNS) Security Threats

DNS Security Threats The Domain Name System (DNS) is a service used on both the Internet and private networks to translate Internet Protocol (IP) addresses to Fully Qualified Domain Names. Example, this service allows someone to type a FQDN like www.zymitry.com to reach the Zymitry web site instead of having to type in the domains IP address. Regarding… Read More »

Greg Palmer

Zigbee IEEE 802.15.4 Internet of Things (IoT) Protocol

Zigbee IEEE 802.15.4 The improvement of wireless protocols is a major factor driving the development of newer Internet of Things (IoT) devices and systems. The Zigbee suite of communication protocols is used to create personal area networks with small, low-power digital radios, such as home automation, medical device data collection, and other low-power low-bandwidth needs. The Zigbee physical layer… Read More »

Greg Palmer

Fast Ethernet Specification – IEEE 802.3u

Fast Ethernet Specification – IEEE 802.3u 802.3, commonly known as Ethernet for Local Arena Network (LAN) operation, is a specification for speeds ranging from 1Mb/s to 100 Gb’s / sec using common Media Access Control specifications. IEEE 802.3u Fast Ethernet in the form of 100Base-T is one of the most widely used forms of Ethernet. It is often… Read More »

Greg Palmer

Compression of Network Data and Performance Issues

Network-Compression. Today’s networks will always have data limitations. Data sets continue to grow on pace with increasing bandwidth availability making network-compression an important service in improving network performance. The network-compression used is actually a combination of compression and caching. It has been found that TCP rate control combined with network-compression provides the best value in terms of optimizing… Read More »

Greg Palmer

Transmission Control Protocol (TCP) Hybla

  Transmission Control Protocol (TCP) Hybla. A key component of TCP is a congestion-control mechanism. TCP does this by having each sender limit the rate based on perceived network congestion. If a TCP sender perceives that there is little congestion on the path between itself and the destination, it increases its send rate. If the sender perceives that… Read More »

Greg Palmer

Domain Name System (DNS) – Application Layer Protocol

Domain Name System (DNS) and Domain Name Service Protocol An application-layer protocol defines how applications on different systems pass messages to each other. An application-layer protocol defines; the types of messages exchanged, the syntax of the various message types, the meaning of the information, and rules for determining when and how a process sends and responds to messages.… Read More »

Greg Palmer

Security Policy Example – IRT Access & Authorization Policy

Policy Example   SunSpot Credit Union Computer Incident Response Team—Access & Authorization Policy   1.0       Policy Statement This policy applies to SunSpot Credit Union employees, temporary workers, contractors, and consultants who use or access SunSpot Credit Union information systems and computers.   2.0       Purpose/Objectives Definitions for this policy are as follows: SunSpot Credit Union: (SCU). Incident Response Team:… Read More »

Greg Palmer

Security Policy Example – Remote Access

  SunSpot Health Care Provider Remote Access Policy for Remote Workers & Medical Clinics   1.0       Policy Statement It is SunSpot Health Care Provider (SHCP) policy to protect Information Resources based on risk against accidental or unauthorized disclosure, modification, or destruction, and assure the Confidentiality, Integrity, and Availability (CIA) of clinic and patient data. Apply appropriate physical and… Read More »

Greg Palmer

Security Policy Template for Hand-Held Devices

Hand-Held Device use has become common place in today’s business environment to include company owned assets, and personal “Bring Your Own Device” (BYOD)’s. Security of Hand Held Devices normally spans over many of the other standard domains making it practical to treat them as a separate domain.. The SANS Reading Room article; Security Policy for the use of… Read More »

Greg Palmer