Network Defense (2020)

From CyberEdWiki
Jump to: navigation, search
NetworkDefense.jpeg

The intent of the Network Defense Knowledge Unit is to provide students with knowledge of the concepts used in defending a network, and the basic tools and techniques that can be taken to protect a network and communication assets from cyber threats.

Outcomes[edit]

To complete this KU, students should be able to do the following:

  1. Describe the key concepts in network defense (defense in depth, minimizing exposure, etc.).
  2. Explain how network defense tools (firewalls, IDS, etc.) are used to defend against attacks and mitigate vulnerabilities.
  3. Analyze how security policies are implemented on systems to protect a network.
  4. Evaluate how network operational procedures relate to network security.

Topics[edit]

Because of the nature of the material - All topics and subtopics are required in this KU

  1. Outline concepts of network defense, such as:
    • Defense in Depth
    • Network attacks
    • Network Hardening
    • Minimizing Exposure (Attack Surface and Vectors)
  2. Network defense/monitoring tools:
    • Implementation of Firewalls
    • DMZs / Proxy Servers
    • VPNs
    • Honeypots and Honeynets
    • Implementation of IDS/IPS
  3. Network Operations
    • Network Security Monitoring
    • Network Traffic Analysis
  4. Network security policies as they relate to network defense/security:
    • Network Access Control (internal and external)
    • Network Policy Development and Enforcement

Skills[edit]

  1. Implement a basic firewall.
  2. Create and use a VPN.
  3. Create and apply an Access Control List (ACL)

NICE Framework Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units


Original Knowledge Unit

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Contacts[edit]

Reference ID[edit]

NDF