Network Defense (2020)
The intent of the Network Defense Knowledge Unit is to provide students with knowledge of the concepts used in defending a network, and the basic tools and techniques that can be taken to protect a network and communication assets from cyber threats.
- 1 Outcomes
- 2 Topics
- 3 Skills
- 4 NICE Framework Categories
- 5 CSEC 2017 Categories
- 6 Specialization Areas
- 7 See also
- 8 Further reading
- 9 Sample knowledge test
- 10 Sample skills test
- 11 Sample abilities test
- 12 Additional notes or materials
- 13 Contacts
- 14 Reference ID
After completing the KU, students will be able to:
- Evaluate the key concepts in network defense (defense in depth, minimizing exposure, etc.).
- Analyze how network defense tools are used to defend against attacks and mitigate vulnerabilities.
- Assess how security policies are implemented on systems to protect a network.
- Compare how network operational procedures relate to network security.
- Create and apply network defense mechanisms such as firewalls, VPNs, etc.
Because of the nature of the material - All topics and subtopics are required in this KU
- Outline concepts of network defense, such as:
- Defense in Depth
- Network attacks
- Network Hardening
- Minimizing Exposure (Attack Surface and Vectors)
- Network defense/monitoring tools:
- Implementation of Firewalls
- DMZs / Proxy Servers
- Honeypots and Honeynets
- Implementation of IDS/IPS
- Network Operations
- Network Security Monitoring
- Network Traffic Analysis
- Network security policies as they relate to network defense/security:
- Network Access Control (internal and external)
- Network Policy Development and Enforcement
- Implement a basic firewall.
- Create and use a VPN.
- Create and apply an Access Control List (ACL)
NICE Framework Categories
CSEC 2017 Categories
- Health Care Security
- Industrial Control Systems-SCADA Security
- Network Security Administration, Specialization Area
Related Knowledge Units
- Basic Networking
- Network Technology and Protocols
- Advanced Network Technology and Protocols
- Network Security Administration
- Intrusion Detection/Prevention Systems
- Wireless Sensor Networks
Original Knowledge Unit
Suggested academic readings
Sample knowledge test
Sample skills test
Sample abilities test
Additional notes or materials