back

GIAC Security Essentials

GSEC

23 hours 40 minutes

This course has a practice test
Episodes
Episodes
  • Networking
    • Networking Fundamentals
    • Networking Fundamentals Part 2
    • Networking Fundamentals Part 3
    • Networking Fundamentals Part 4
    • Networking Fundamentals Part 5
    • Networking Fundamentals Part 6
    • Understanding DNS
    • Protocols and Packets
    • Protocols and Packets Part 2
  • Network Security
    • Network Security
    • Network Security Part 2
    • Vulnerability Scanning
    • IDS and IPS
    • IDS and IPS Part 2
  • Authentication and Access Control
    • Access Control
    • Access Control Part 2
    • Access Control Part 3
  • Risk Management
    • Risk Management
    • Risk Management Part 2
  • Attacks and Malware
    • Attacks and Malware
    • Attacks and Malware Part 2
  • Incident Response
    • Incident Response
  • Encryption
    • Cryptography Fundamentals
    • Cryptography Fundamentals Part 2
    • PKI and Steganography
    • PKI and Steganography Part 2
    • PKI and Steganography Part 3
  • Windows
    • Workgroups and Domains
    • Windows Permissions
    • Windows Permissions Part 2
    • Windows Updates
    • Windows Backup and Restore
    • Windows Backup and Restore Part 2
    • Templates and Group Policy
    • Templates and Group Policy Part 2
    • Windows Network Security
    • Windows Network Security Part 2
    • Windows Network Security Part 3
  • Linux
    • Linux Overview
    • Linux Overview Part 2
    • Linux Overview Part 3
    • Linux Overview Part 4
    • Linux Configuration Fundamentals
    • Linux Configuration Fundamentals Part 2
    • Linux Configuration Fundamentals Part 3
  • Virtualization
    • Virtualization

Networking Fundamentals 27 minutes

In this episode, Wes and Mike explore the fundamentals of networking. They discuss the various network types such as local area networks, wide area networks, metropolitan area networks and personal area networks. They will also look at the different types of network topologies such as bus, ring, star, mesh and hybrid networks.

  • Transcript

Welcome to ITProTV, I'm your host, Don Pezet. [CROSSTALK] >> You're watching ITProTV. >> Welcome to another exciting episode here at ITProTV. I'm your host, Wes Bryan. And today, we are continuing through our episode on GIA Security Fundamentals. Yeah, GIA, and I don't even know if I'm gonna get this right ever through the whole entire thing. It's GSAC, and that's the GIAC Security Fundamentals. And before I ruin that acronym anymore, let's go ahead and bring Mike Roderick up here. Mike, how you doing, sir? >> Doing great, it is a mouthful. It's a lot to say. But this is the GIAC, the Global Information Assurance Certification, GIAC. And then one of the certifications, that's basically the overall governing body, if you will, the GIAC. And then they've created their certifications, one of them being GSEC, or Security Essentials, GIAC Security Essentials, or GSEC. That's what we're doing today. And in this particular one, where we're basically starting with our network fundamentals. So we're gonna start at the beginning and kinda work our way through. This is cuz of a different class and the fact that we do a broad range of stuff. When we're studying for GSEC, we have to be familiar with everything from the fundamentals up to some of the more advanced topics. And so as we go through this, you might think, wow, that's really simple, what class is this? Or that's really advanced. Keep in mind that this kind of covers a lot, it's got a broad base of knowledge for this exam, if you will. So, we're gonna start in the beginning, and we're gonna do our network fundamentals. Some terminology that we need to be familiar with and just some basic network and concepts that without, you can't secure a network, you cannot secure your nodes. You can't secure your enterprise if you don't understand the basic fundamentals of it. You can't communicate efficiently with other people when you're talking about problems or issues or ideas if you don't have that terminology. So always important to start with that foundational knowledge, and we're gonna start with basically network types, right? We need to be familiar when we’re talking about our network, and somebody says, well, are you talking about your LAN? Or are you talking about your WAN? What the heck are they talking about? So those are some acronyms that I just threw out at you, and let’s define them. We’re gonna start with LAN, L-A-N, or local area network. And if we take a look at my screen here, I’ve got a little drawing that kinda represents, or supposed to represent, a local area network. And Wes, I know when I define a local area network, it's basically everything that's in my little geographical region, like my building here. And you can see in this drawing I've got a router, some switches. I got a client subnet over here. I've got maybe a server backbone, a wireless access point, wireless clients. But those are all here in this building. This building might be a single-floor, it might be multiple floors. Right, but it's one geographic location. Right, and that's typically how I define a local area network, right? >> Yeah, absolutely. I think about that geographic location in a privately owned, self-contained network. And what I mean by that is both Mike and I, well, we have our own local area networks. He's got one at his house, and I've been on it before, whether he knows it or not. >> [LAUGH] >> And I've got one at my house, but they're self contained, and they are private entities. Which means he's gonna manage his local area network, just like I'm gonna manage mine. It doesn't have to be a home network either, right? This could also, where we're going with this, is that this could also be in a business environment as well. >> Absolutely, so we've got our local area network, everything that's kinda, like you said, under one management, all tied together. And the big key here is using LAN protocols, which we haven't come to yet. We're gonna talk about those in just a minute. But there's a set of protocols that we'll use on our local area network. All right, now your local area network can take some different forms, right? I've got this part back here labeled intranet, you can see it's kinda behind a firewall. This is a very typical small business environment, we've got a firewall protecting yourself from the outside. Helping me control that traffic that's coming into my local area network. Cuz we're attached to the outside world, right? Very few networks are not attached to the world wide web, to the Internet. So I can get out there and gain access to other resources. But behind that firewall, that's my local area network. Everything back there is under one set of administrative control. Now your local area network might include some other parts. You might have a second firewall in between you and the Internet. And between those firewalls, there's a little space, I've got two, right? I've got one back here, I've got one here, the Internet would be out here to the right. So as traffic comes in, it goes through this first firewall, and it kind of gets to this intermediate area. And then if allowed, it might go through that second firewall back to my corporate network. And same thing for traffic that's leaving my network. They're gonna go through that first firewall, through this little area here, and out through that second firewall to the Internet. >> And Mike, help me out here because you already helped us with the one acronym there. I see LAN, and it is defined as local area network. I also see three sets of letters up there as well called a DMZ. You wanna help me out with that one? >> I have no idea, I just type those out. No, a DMZ is the name I'm gonna give that area between those two firewalls. It's known as a demilitarized zone. It has other names, depending on who you're talking to or what book you're reading. You might see it referenced as a screened subnet, right, so a subnet between those two firewalls. You also might see it referenced as a perimeter network, because it is on the perimeter of your network. And just like a demilitarized zone in the physical world, right, it's like a buffer space there. This is an area of my network that I'm gonna allow certain things to happen that I would not allow on my Internet, back here behind this second firewall. For example, I've got a website. People come to my website to buy my product, so I can make money. So I need to allow public, anonymous access to that website. Well, I can't allow public anonymous access to my internal network on my corporate LAN, right? So there, you start to see some of the differences. On this front firewall, it's not gonna be configured quite as strict. It's gonna allow certain things through, like that public anonymous access to that web front-end. This back firewall is gonna be configured a lot more stringent. It's not gonna allow that kind of thing through. Only certain machines or certain traffic is gonna be allowed to actually penetrate into the corporate network back here, that private part, my intranet. So whatever you call it, DMZ, screened subnet, perimeter network, it acts as a little bit of buffer between you and the outside world. It's also where we put our resources that need public access. Or another one you might see is what's called an extranet, right? Very similar to what I've got drawn here with the DMZ. I might have a partner organization. And maybe I'm a supplier of raw materials, and they're a manufacturer and they need to purchase this stuff. And so I set up an area of my network where their employees can come in and see how much raw materials we have, place orders, and look at ship dates and things like that. I wanna provide that to them, but I don't want that company's employees coming into my local area network back into my intranet, don't need that. So I make it part of my network, not quite publicly available. It's like the screen subnet or a DMZ might be available to anonymous access. My extranet is only available to Company XYZ from the outside. Or I probably have several people that I sell to. So my entire list of companies that I provide raw materials to, they might have access to my extranet. The public's not allowed into the extranet, right? So it's a part of my network that I can make available to the outside basically. >> Mike, now that local area network that you've got in your diagram there, or the intranet as you've been talking about, I notice you got a few devices in there. And does it matter whether I'm a A small home environment. We're not talking business here or a corporate environment. LAN generally is not restricted, or is it, to the amount of devices you have on that network. >> It's not. It can be just a single node back there with no firewall. Maybe you've got a router that you picked up from your cable provider or your Internet service provider and then you plug straight into that. Hopefully not. Hopefully you know better than that. But then you've got at least some kind of router and or switch sitting back there. But absolutely, a single node would still be an intranet. It would still be using LAN-based protocols to communicate with, well, nobody else. But let's say you added a second node, right? And now your LAN is a little more functional. But even with a single node you would still be considered a LAN. So it's really all about the fact that it's under my administrative control and that it's geographically in one spot, I guess. >> So if I'm watching this for the very first time, I don't have to worry about being confused if this is a LAN because it has XYZ devices versus this is a LAN because it's got three floors and it's a corporate owned entity. It's just like you said, geographical location and just being under the administrative control of or whoever runs the network. >> Exactly right. All right so now let's take a step up from LAN and we're gonna go to WAN. So LAN was local area network. We talk about a WAN, we're talking about a wide area network. And the names, if you start to pick up on the names kind of gives you a hint, right, wide area. That tells me it's probably gonna be a little more geographically dispersed. And so what I've got on my screen now is our business has grown. We've got an office in New York. We've got another office in London. And we've got another office in Sydney. Now what you'll notice, or should notice here I can get my mouse to play along. Is, let's take just this New York for a second. Notice it looks very similar, right, to what we were just looking at for a LAN? Because I've basically copied and paste my drawing. Because it is, New York is a LAN, that is a local area network there. But my organization has three of those. Has one over here in London and another one in Sydney. And I apologize. I hope I'm not making you sick there. We'll stop with the zooming around. So I've got basically three local area networks. One in London, one in New York, And one in Sydney. Now I need to tie these guys together, because people in London need to access resources in New York and Sydney and vise versa. So when we start bringing these office together, start connecting them, now we're talking about our wide area network, all right? Wide area networks or WANs travel across or designed to connect geographically dispersed locations, all right. They do use a different set of protocols which will come too here in just a minute. I wanna make sure we get the concept down first. So wide area network is really nothing more than an collection of local area networks kinda connected together cuz we have enterprise admins. So New York is under my control. London is also under my control. Sydney is also under my control. And by our definition of LAN, we said if it was a network under a single administrative control, it should be a LAN. It was the second part of that LAN definition that's getting us, right? It's not in a geographic or single geographic location. Now we're talking about three different locations. So still under one administrative control but now I'm geographically dispersed. Now were talking about the wide area network. And we do have to be a little bit careful with this because really when we talk about the wide area network, we're talking about this part, the stuff that's in front of this firewall, its all of the things that are connecting these three local area networks together. This is still my LAN back here, this is another LAN, this is another LAN. It's a separate set of technologies that's connecting those LANs and creating my WAN, or my wide area network. We have separate administrators and in a larger environment, I know a lot of us are in the smaller shops and we wear all the hats. But in some organizations, you have LAN administrators that deal with LAN protocols and LAN troubleshooting. You also have WAN administrators that deal with the WAN side of things. And when they're troubleshooting, they look at this demarcation point here, this firewall, and that's how they decide. If it's on one side of the firewall, hey LAN admins, it's your problem, you deal with it. If it's on the other side of the firewall, hey WAN admins, it's your problem, you deal with it, right? So the WAN is that wide area network that's tieing those local area networks together. >> And you mentioned the connections. So, Mike, when you say that, hey, it's on your side, you take care of it, hey, it's on your side, you take care of it, you're not really necessarily talking about just the point of responsibility. But you've already mentioned that these communication types are completely different, so one set of communication protocols is gonna be handled by one set of administrators versus somebody else. I did have another question, because you and I both have LANs, right? >> Right. Why is, would that be considered a WAN? Or would that not be considered a WAN? You have your home network, I have my home network. >> Well we won't tell him, but when his network's under my control, which is after midnight typically, then it's a WAN. [LAUGH] Very good question. And no, it's not a WAN because it's not under the same administrative control, right. You could consider Wes and I, separate organizations. We both have LANs and we're both tied to the same Internet but we're not sharing resources. We're not under the same administrative control so we would not be considered a WAN. We are going across a WAN because really the Internet is a WAN, right? But that wouldn't in itself would be considered a WAN. Great question. Now there's some others that I didn't draw up that we should probably be familiar with just in case they ask us. And so we can sound intelligent if somebody else uses these crazy terms. I think people just sit up at night and dream of ways to expand these acronym bases. But there's something called a MAN a metropolitan area network a WAN covers a wide geographical space. What if I took this offices, let's say this was in New York, but this was actually East New York and this was West New York and this was South New York, all right? And said of being New York, Sydney, and London. All right? If they're all three local area networks, three different buildings, three different geographical locations tied together with WAN technologies, but in the same metropolitan area, it would be considered a MAN, a metropolitan area network. Now If we get that specific or not, I don't think it's all that big of a deal. But it's still using WAN technologies. It's just that we can define the geographic distribution a little better. We can say it's all contained within this one metropolitan area. But it's still WAN technology. So really a MAN is just a subset of a WAN. It's a different classification of a WAN or wide area network. Same thing we're talking about a CAN or a campus area network. If I own a lot of property like a university. I might have separate LANs at each one of my buildings, right? Food Science building has its own LAN. I'm trying to think of some of the others. I didn't go to college, no. Some of the others, you got Financing over in one building. Each one of those can be different LANs. Tie those together using WAN technologies, and now I've got a campus area network. And really that's why we differentiate. Well, because in a metropolitan area network, if I'm connecting LANs. Different buildings in a metropolitan area, I most likely don't own the links between the two buildings in that downtown area. Or between downtown east and downtown downtown west. I can't just go and get a ditch digger and cut a cable or cut a trench and run a line between my two buildings, right, I've got to go and rent lines or lease lines from somebody with that metropolitan area network. If it's a university campus or a large industrial park and I own all the land I can now dig a tunnel and not a tunnel but trench and lay down cable. And even though I'm using WAN technologies to connect those two buildings It's under my control. So that's where we would say it's a campus area network not a metropolitan area network, all right. Even though technically I guess your campus could be a little more dispersed than a metropolitan. So it's really about who owns the lines that are linking those lands at that point. And then there's another one. I know, Wes, you're familiar with this one. The whole PAN, you know what that one stands for? >> Absolutely. That is a little young kid that flies around with pixie dust. >> [LAUGH] >> Just kidding, guys. PAN, personal area network. And I believe we do see this in the realm of things like Bluetooth communications, that's one that comes to mind? >> Yeah, absolutely, right? A lot of us have these now, even though we've probably never heard that term. But a personal area network would be your phone, talking to your headset, talking to your watch, that also talks to your sneakers to keep track of how far you've walked. All of that is networked together using a radio frequency, Bluetooth, short wave radio, to network those devices together. And they don't communicate. Well hopefully if we keep things secure, they're not communicating with Wes's phone or Wes's sneakers. Right, that's my own personal area network. >> I've gotta love it when you say my sneakers have a network connection. That's interesting. Now I see where you've gone here with the land technology, single geographical location. The WAN technology multiple geographical locations. MAN, maybe a whole entire city campus owned by a single academic entity, if you will. Let me guess, pan. Its gonna be your personal geographical location. >> That's right, wherever you are, Its the network that you take with you. [LAUGH] >> Some of our pan's are larger than others, I say, you just have to look at my gut and you can tell. [LAUGH] >> Well I was gonna say, being six something there six, two, he's got a different frequency that he uses to get from his tennis shoes up to his earbud. >> [LAUGH] >> That's a little bit longer, so. [LAUGH] All right, so those are some of the network types that we need to be familiar with. Again, make yourself flash cards, do what you gotta do. For LAN, WAN, CAN, MAN, and PAN are the five acronyms that I want you to be familiar with as you're preparing for this exam. And just in general. All right, next thing we want to talk about Wes is gonna be network topologies. So within that network, we're going to define how these devices, let's get back over to LAN here. How are these devices connected? How they're laid out that's what we call our network topology. And those are some important decisions that we've gotta make if we're setting up a network. It's also important to understand what we're currently using when it's time to troubleshoot. When we're trying to figure out what is wrong. Or when we're trying to protect that network. We need to know that topology. How those packets are being transmitted back and forth between these devices. What interconnectivity devices are there. What they're allowing, what they're not allowing, and things like that. So let's take a look. I have another handy dandy drawing. And we don't wanna save any of those. For our topologies. And this first one, Wes, what do you call that one? >> That one looks like, with the linear format, I'm gonna say that's probably what's known as a bus. >> That is correct, sir, you get a gold star for the day. That's gonna be what we call a bus network. And this is one of the oldest forms, or one of the oldest topologies we have when it comes to networking. Was it ThickNet, I guess, was using, was a big one with this way back in the day? Back when I first started getting into computers and networks. We use something called Thicknet that ran behind the desk. Something we're probably don't need to worry about nowadays. >> [LAUGH] No, unless you're in a museum, I highly doubt you're gonna see anything on the old Thinnet and Thicknet, for sure. And Mike, now, I'm pretty familiar with the fact that these had some problems. In the terms of scalability, were these type of networks scalable to, say if I had a massively large organization? >> Well, it kinda depends on what we're talking about I guess. Let's talk about some of the good things about this bus, and we'll see how it scales up, right? One nice thing about a bus network like this is you have less cables, right? I take this one long cable here, and I can run it around through each one of the offices, behind a row cubicles, or whatever. And then when I add a node, I simply take a short cable, run it from the node to that cable that's already laying, probably right behind my cubicle there. I just tap it down, maybe old vampire tabs or a T connector of some kind, to connect those together so. In one respect it was kinda nice because I had fewer cables to deal with, but the downside of the bus technology or the bus topology I should say, is a couple of things. One, they're all connected. So, if we ever have a break in the cable, now let's see if I can draw a break, let's say I break it right here. That's not very good. Let's make it a little bit bigger so we can see this guy. Let's say we grab a, kinda like that, and we get a break in the cable there right? Wes, what's gonna happen to all the communication between these devices? >> I want to say one cable, one break, means the whole entire network disappears, communication wise. >> Exactly right. If that cable breaks, everybody loses communication. Now, think about this. Wes was saying, does this scale up to a large network? Sure, I can take that cable and I can run it around behind everybody's desk in the building. And there are some limitations to the distance we can go. But let's say theoretically, that we run this cable behind every little office in our entire building and everybody's patched down to that. One little cable break, somebody rolls over that with a heavy cart or cable gets kinked. Now, everybody in the entire building has lost communication. The entire network is down, right? That was a big problem with these bus networks, as I get rid of our little stripe. The other issue that we had run into, or we had to deal with, was these guys needed terminators. When we dealt with buses we had to terminate the ends now this would actually plug in to something in my server closet. But we had to make sure we terminated the ends because we would give what was called, what is the technical term? >> Signal reflection. >> Signal reflection, all right? When if I speak, let's say this computer sends out some data, that travels both directions. Down this line, everybody hears it. If it gets to here and there's no terminator, well it gets to the end of this raw line, the signal actually starts coming back, and imagine you ever drop something you take a bucket of water and you drop something in there. You got these nice neat ripples going out but as soon as those ripples hit the wall of the bucket, they start reflecting back in. Now I've got some ripples still making their way out. I've got some ripples coming back in, and the ripples start crossing and it gets kinda this weird pattern on there. It's the exact same thing that's gonna happen here. The problem with our communications, with electronic communications is, those crossing of the ripples like that It's basically scrambling the data and I'm not going to be able to make sense out of what's going on. I'll lose that, what's a good word for it, you just can't interpret it. So you can't read the data. So basically nobody can communicate again. >> You know I make the joke here that you're probably only going to see them in a museum, but I was watching some of the earlier days when this was the network technology on some kind of show. And one of the earlier inventors, inventors of this product said, you can always tell when somebody wanted a break cuz all they have to do is reach down and pull one of those terminators off the line. And then everybody's faces would slowly come up from their cubes wondering why's the network down. So I can see this would be a fun time at the office when this network didn't work. >> And the scary thing was Wes, what if I broke this cable here does that bother my network too? >> It brings the whole network to still a single cable. >> That's right cuz this whole thing you can imagine, is the signal going out across all of these cables. So It's not just a break in the main line. If Wes wanted that break, [LAUGH] literally, and breaks the cable there, yeah, everybody is down. So buses had their place in history. You don't see them that often anymore. Let's move onto a little more modern layout, a little modern topology. And that's gonna be our star. And you can see, it gets the name from the pattern that it makes when we kinda draw it out like this. But the big difference between a bus and a star is I now have a central connectivity device. I have something tying all of these things together. So instead of there being that backbone and everybody T-ing into this backbone down here. We've got this one device in the middle, and everything plugs into that one device. And this is what we would call a star topology. Now that device in the middle could be a hub, could be a switch, could be a bridge, right? We'll talk about these devices as we go along. Advantages to this layout, well, is going to be the fact that, what happens, Wes, if this cable breaks here? >> Well, with a connectivity device, I think it isolates just that one node that's connected to the device from the rest of the network. >> That's exactly right. So that one node would be down. Nobody could communicate with this node. This node could communicate with nobody else, but that's it. The other three nodes on this network are still communicating just fine. So it ends up creating this point-to-point connection between the node and that central connectivity device. Which eliminates my need for one, for terminators. And two, the single cable break brings down the entire network. Flexibility. When I need to plug in a new node, as long as there's an extra port on this guy, I can just pop a new node out here. And connect it up, and we're good to go, all right? Downside is to connect that node, I had to make a home run. And I'm not talking about hitting it out of the park, right? I've gotta run a wire from that person's office, that new computer he just got, up the wall, over the attic, down in. Wherever that central connectivity device is, I've gotta connect that machine to it somehow, right? So a lot more cable involved when we deal with setting up star topologies. >> Now it's interesting, and I think you did this on purpose here. >> [LAUGH] >> Now you showed us the first one which was probably one that we will never really see anymore. Because it's just not utilize anymore. Now this almost is the polar reverse. How common is this type of network in today's day and age? >> This is just about everywhere. Just about every network you run into is gonna be switched, what they call switched Ethernet. Meaning that we're running star topologies with a central connectivity device. Almost always a switch. Hubs, which we're gonna talk about later, you rarely see those anymore. Bridges you really don't see those much anymore except for in special needs situations. But to Wes's point, yeah, just about every single network is gonna be laid out in a star using a central connectivity device. Well, Mike, I know we got a lot more to go. You guys out there that are sharp probably seen that we've got a lot more of those diagrams there. You can see all the little tabs. But I'll tell you what we don't have time for right now. And that's the time on that clock. So Mike, were you gonna go ahead and wrap this up? And come back in a part two, and we'll continue along in our network fundamentals? >> Sounds like a plan. >> All right, very good, well, that's a perfect place to stop. Thank you, Mike, for being here. We'll see you guys, hopefully, see you in the next episode. Signing out for ITProTV, I have been your host, Wes Bryan. >> And I'm Mike Rodrick. >> And we'll see you next time. [MUSIC] >> Thank you for watching ITProTV.

Just you? Training a whole team? There's an ITProTV plan that fits.

With more than 4,000 hours of engaging video training for IT professionals, you'll find the courses you and your team need to stay current and get the latest certifications.