ISC2
Network and Communications Security

Diese kurs ist nicht verfügbar in Deutsch (Deutschland)

Wir übersetzen es in weitere Sprachen.
ISC2

Network and Communications Security

Verschaffen Sie sich einen Einblick in ein Thema und lernen Sie die Grundlagen.
Stufe Anfänger

Empfohlene Erfahrung

Es dauert 9 Stunden
3 Wochen bei 3 Stunden pro Woche
Flexibler Zeitplan
In Ihrem eigenen Lerntempo lernen
Verschaffen Sie sich einen Einblick in ein Thema und lernen Sie die Grundlagen.
Stufe Anfänger

Empfohlene Erfahrung

Es dauert 9 Stunden
3 Wochen bei 3 Stunden pro Woche
Flexibler Zeitplan
In Ihrem eigenen Lerntempo lernen

Kompetenzen, die Sie erwerben

  • Kategorie: Network Security
  • Kategorie: Communications Security (COMSEC)

Wichtige Details

Zertifikat zur Vorlage

Zu Ihrem LinkedIn-Profil hinzufügen

Kürzlich aktualisiert!

September 2024

Bewertungen

11 Aufgaben

Unterrichtet in Englisch

Erfahren Sie, wie Mitarbeiter führender Unternehmen gefragte Kompetenzen erwerben.

Platzhalter

Erweitern Sie Ihre Fachkenntnisse

Dieser Kurs ist Teil der Spezialisierung ISC2 Systems Security Certified Practitioner (SSCP)
Wenn Sie sich für diesen Kurs anmelden, werden Sie auch für diese Spezialisierung angemeldet.
  • Lernen Sie neue Konzepte von Branchenexperten
  • Gewinnen Sie ein Grundverständnis bestimmter Themen oder Tools
  • Erwerben Sie berufsrelevante Kompetenzen durch praktische Projekte
  • Erwerben Sie ein Berufszertifikat zur Vorlage
Platzhalter
Platzhalter

Erwerben Sie ein Karrierezertifikat.

Fügen Sie diese Qualifikation zur Ihrem LinkedIn-Profil oder Ihrem Lebenslauf hinzu.

Teilen Sie es in den sozialen Medien und in Ihrer Leistungsbeurteilung.

Platzhalter

In diesem Kurs gibt es 5 Module

The first rule of defense is to understand what you are defending, and since almost every information system now in use is built around some form of networking, that’s as good a place to build your defensive perspective as any other. Let’s take a closer look at the two models that have established both the theory and practice of computer networking for the last 70 years: the OSI 7-Layer and the TCP/IP. Both models are built around the notion of a protocol stack, a set of ideas and rules of operation that layer upon layer build up the required functionality. These two different but complementary models demonstrate the different perspectives and purposes of their creators:  ISO’s Open Systems Interconnection (OSI) 7-Layer model provides a unified framework that relates an application’s creation and use of data downward through layers of protocols to the underlying physical telecommunications systems that move the bits between the two systems.   By contrast, IETF’s Transmission Control Protocol over Internet Protocol (TCP/IP) concentrates on the interfaces between the physical bit stream and the control and routing of information in packets, while leaving to a universe of applications (outside of or above TCP/IP) to handle the details of making interconnections useful and secure to applications. Note that OSI published four Open Systems Interconnection models, only one of which defines the 7-Layer model. That’s why it’s important to refer to this model with the “7 Layer” part of the name included, so that you clearly identify which of the OSI models is being referred to.  Let’s start our deep dive with a side-by-side comparison of these two models to reveal some of the security concerns that security professionals need to deal with.  Both models drive and dictate features and operations that designers, programmers and builders incorporate into their systems. Each system is built differently; some may be built with very distinct layers in their hardware, firmware or software that clearly show “Layer 5” or a given sublayer at work. Other systems and products do not. Some systems clearly show simple, low-level functions in nice, neat boxes or objects, which are used by other higher level ones. Other systems do not.  Remember the role of a model in building, using, defending and attacking information systems. The designers in this case were trying to design and build a system that does a job, not one that demonstrates a theory. Designers and builders of systems (like the ones your organization depends on) must sometimes balance function, compliance needs and performance against getting the system built on time, which can introduce just the kind of vulnerabilities that attackers are looking for. As a defender, the more you know about the models, the better you’ll be able to spot those shortcuts first — before the attacker does. 

Das ist alles enthalten

13 Lektüren2 Aufgaben27 Plug-ins

Let’s build on the 7-layer foundation that module 1 provided us by taking a deeper look at how some of the larger-scale processes work on the internet. Higher-level protocols provide the services that organizations tend to think about when they design workflows and business processes to be email-enabled, cloud-hosted or distributed across a dynamic computing environment.  Messaging, email, file transfer and of course the World Wide Web itself all depend upon these protocols being reliable.  Let’s take a closer look at some of these protocols, the ports they use and a few of the architectural and security considerations for their use and protection. 

Das ist alles enthalten

3 Lektüren2 Aufgaben8 Plug-ins

Modules 1 and 2 showed us how the simple tool of abstraction, done layer by layer, helps designers and architects start with simple foundational ideas and build powerful, elaborate and incredibly functional systems as a result. We also saw how abstraction provides you (the defensive analyst) with a powerful tool to look at the threats facing the entire organization from almost any level within the protocol stacks, the overall IT architecture and the OT architectures as well.   That process isn’t done yet. Module 3 will start with a walkthrough of MITRE’s ATT&CK framework. As you’ll see, it’s a way of thinking about attacks and about the defenses you want to put in place to stop them or slow them down. It’s also a knowledge base, and a gateway to the growing world-wide community of users, contributors, researchers and security professionals that collaborate through and around its resources. In MITRE’s words, it is “open and available to any person or organization for use at no charge.” Clearly, attackers know of ATT&CK, and the majority of them, no doubt, make excellent use of it!  But remember what Kerckhoffs and Shannon said about encryption systems and the need to protect one’s keys at all costs — this holds true for everything else in cyber defense. Your enemies will know far, far more about how to attack systems like yours than you currently know about how to defend against them. So, it’s probably time to borrow a page from the attackers’ playbook and start digging deeper into resources like ATT&CK.  That will be the start of module 3’s journey. We’ll take a closer look at mitigations to many of those common exploit situations as they pertain to networks. 

Das ist alles enthalten

6 Lektüren3 Aufgaben8 Plug-ins

Network security comprises the set of devices, protocols and procedures used to protect the network infrastructure itself, the services and data that ride on top of the network, their users and the organization as a whole from various forms of security compromise.  As you might expect, physical and administrative security measures play just as much a role as do the technical or logical controls.  Building on the previous three modules, it’s time to take a closer look at some of the common devices, protocols and services used to secure networks, services and data.  These include firewalls, proxies, virtual LANs (VLANs) and strategies for segmenting a network into security domains. To be most effective, these security features should be part of the overall network from its earliest design phases; when added into existing networks, it’s worth letting an up-to-date security assessment of the network identify the most urgent problems to solve.  Virtualization technologies allow for networks and their security to be modeled and directed by software, offering the security and network engineering team not only improved visibility of network security issues, but also more powerful ways to manage the security configuration of each device or system on the network. Using software defined security thus becomes a powerful way to take advantage of a software-defined network, as we’ll see later in this section.  

Das ist alles enthalten

5 Lektüren3 Aufgaben8 Plug-ins

Before the days of networks, it was much, much easier to keep information systems safe and secure. As soon as we started interconnecting them, you might say, the threat surface went global. That’s what this chapter has taken a deep and broad look at.   We started with the architectural concepts on which the internet is built and how these concepts across the seven layers of ISO’s Open Systems Interconnection model work together to provide systems builders with standards and practices to meet. This model is also useful when identifying threat surfaces, performing threat modeling and analysis and in implementing a defensive strategy. The IETF’s network model, known as TCP/IP, complements the OSI 7-Layer model; together both are powerful intellectual forces in the systems and security marketplaces. Their layers of abstraction and their use of encapsulating functions into protocols has meant that for over 40 years the internet has continued to provide services as it has scaled out to support billions of end users around the world.  Security in a networking environment must recognize that attacks can start at any level, from the physical layer of cables and wireless connections to the applications layer and beyond. More importantly, a growing number of very damaging attacks are being conducted by advanced persistent threat (APT) actors, who demonstrate a degree of technical skill and operational sophistication rivaling that of many nations’ security and intelligence services. Even the smallest of organizations, such as a SOHO startup, can find itself swept up in an APT’s campaign of attack. These attacks often use fraud as a major ingredient, which they achieve by injecting falsified data such as invoices, transactions or even database updates directly into target systems, and, in most cases, all by way of remote access over the internet. The MITRE ATT&CK framework, as we saw, provides a continually updated set of current threat intelligence, attack modeling and mitigation strategies to help deal with network attack across enterprise, mobile and industrial control or operational technology systems.  From software-defined networks and collaboration platforms to traditional remote access capabilities, dealing with COVID-19 has demonstrated how much our modern world depends upon reliable, safe and resilient internetworking to get business and governance securely conducted. It has demonstrated the reliance of many business continuity plans on cloud-hosted, internet-powered virtualization of organizations, processes, resources and management functions. These demands for security and safety online will only continue to grow; this chapter has provided insights that can help security professionals make sure that their organization can meet those demands. 

Das ist alles enthalten

1 Lektüre1 Aufgabe1 peer review

Dozent

ISC2 Education & Training
ISC2
30 Kurse92.119 Lernende

von

ISC2

Empfohlen, wenn Sie sich für Security interessieren

Warum entscheiden sich Menschen für Coursera für ihre Karriere?

Felipe M.
Lernender seit 2018
„Es ist eine großartige Erfahrung, in meinem eigenen Tempo zu lernen. Ich kann lernen, wenn ich Zeit und Nerven dazu habe.“
Jennifer J.
Lernender seit 2020
„Bei einem spannenden neuen Projekt konnte ich die neuen Kenntnisse und Kompetenzen aus den Kursen direkt bei der Arbeit anwenden.“
Larry W.
Lernender seit 2021
„Wenn mir Kurse zu Themen fehlen, die meine Universität nicht anbietet, ist Coursera mit die beste Alternative.“
Chaitanya A.
„Man lernt nicht nur, um bei der Arbeit besser zu werden. Es geht noch um viel mehr. Bei Coursera kann ich ohne Grenzen lernen.“
Platzhalter

Neue Karrieremöglichkeiten mit Coursera Plus

Unbegrenzter Zugang zu über 7.000 erstklassigen Kursen, praktischen Projekten und Zertifikatsprogrammen, die Sie auf den Beruf vorbereiten – alles in Ihrem Abonnement enthalten

Bringen Sie Ihre Karriere mit einem Online-Abschluss voran.

Erwerben Sie einen Abschluss von erstklassigen Universitäten – 100 % online

Schließen Sie sich mehr als 3.400 Unternehmen in aller Welt an, die sich für Coursera for Business entschieden haben.

Schulen Sie Ihre Mitarbeiter*innen, um sich in der digitalen Wirtschaft zu behaupten.

Häufig gestellte Fragen