Network Defense (2020)
The intent of the Network Defense Knowledge Unit is to provide students with knowledge of the concepts used in defending a network, and the basic tools and techniques that can be taken to protect a network and communication assets from cyber threats.
To complete this KU, students should be able to do the following:
- Describe the key concepts in network defense (defense in depth, minimizing exposure, etc.).
- Explain how network defense tools (firewalls, IDS, etc.) are used to defend against attacks and mitigate vulnerabilities.
- Analyze how security policies are implemented on systems to protect a network.
- Evaluate how network operational procedures relate to network security.
Because of the nature of the material - All topics and subtopics are required in this KU
- Outline concepts of network defense, such as:
- Defense in Depth
- Network attacks
- Network Hardening
- Minimizing Exposure (Attack Surface and Vectors)
- Network defense/monitoring tools:
- Implementation of Firewalls
- DMZs / Proxy Servers
- Honeypots and Honeynets
- Implementation of IDS/IPS
- Network Operations
- Network Security Monitoring
- Network Traffic Analysis
- Network security policies as they relate to network defense/security:
- Network Access Control (internal and external)
- Network Policy Development and Enforcement
- Implement a basic firewall.
- Create and use a VPN.
- Create and apply an Access Control List (ACL)
NICE Framework Categories
- Health Care Security
- Industrial Control Systems-SCADA Security
- Network Security Administration, Specialization Area
Related Knowledge Units
- Basic Networking
- Network Technology and Protocols
- Advanced Network Technology and Protocols
- Network Security Administration
- Intrusion Detection/Prevention Systems
- Wireless Sensor Networks
Original Knowledge Unit
Suggested academic readings
Sample knowledge test
Sample skills test
Sample abilities test
Additional notes or materials