Sometimes attackers try to undermine network security by denying legitimate users access to the network. Learn about two techniques that you can implement to defend your network against these denial of service attacks: flood guard and loop prevention.
- [Teacher] Sometimes, attackers try to undermine…network security by denying legitimate users…access to the network.…Let's take a look at two techniques you can implement…to defend your network against availability based attacks.…Many denial of service attacks rely upon…flooding devices with traffic until they are overwhelmed.…One example of this type of attack is the SYN flood.…You may recall that in a SYN flood attack,…the attacker creates thousands of partially open…TCP connections to a device by sending SYN packets,…but never answering the SYN ACK packet…to complete the three-way handshake.…
This is one example of flooding,…and there are many similar attacks…in the attacker's toolkit.…Another example, MAC flooding,…occurs when attackers send large numbers…of different MAC addresses to a switch,…hoping to overflow the switch's MAC address table,…and cause it to forget where devices are,…and then flood traffic out to every switch port,…allowing the attacker to eavesdrop…on sensitive communications.…Network devices often offer flood guard protection…
Learn about communication and networking best practices, including TCP/IP networking, network security devices, and secure network design and management. Instructor and cybersecurity expert Mike Chapple also includes coverage of converged protocols, network encryption, and wireless networking. You can find Mike's companion study books for this series at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- IP addressing
- Switches and routers
- Content distribution networks
- Designing secure networks
- Specialized networking
- Managing secure networks
- Working with virtualized networks like SDNs
- Detecting and preventing network attaches
- Transport encryption
- Wireless networking
- Host security
Skill Level Advanced
CISSP Cert Prep: 2 Asset Security (2015)with Mike Chapple58m 11s Advanced
1. TCP/IP Networking
2. Network Security Devices
3. Designing Secure Networks
4. Specialized Networking
5. Secure Network Management
6. Virtualized Networks
Port isolation1m 47s
7. Network Attacks
8. Transport Encryption
9. Wireless Networking
10. Host Security
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.