tailieunhanh - CompTIA Network+ Certification Study Guide part 49
CompTIA’s Network+ certification Study Guide part 49 is a globally-recognized, vendor neutral exam that has helped over 235,000 IT professionals reach further and higher in their careers. The 2009 Network+ exam (N10-004) is a major update with more focus on security and wireless aspects of networking. Our new study guide has been updated accordingly with focus on network, systems, and WAN security and complete coverage of today’s wireless networking standards. | 466 CHAPTER 9 Security Standards and Services Authentication schemes for which there are no standards or publicly available specifications will not receive rigorous peer security review. PEAP is an open standard supported under the security framework of the IEEE specification. PEAP offers security and efficiency when used with roaming wireless devices. Authentication latency is frequently a concern with wireless networks because users may need to reconnect to a network through a number of AP devices as they roam. As a result it is valuable to be able to quickly perform reauthentication. PEAP supports this capability through the TLS session resumption facility and any EAP method running under PEAP can take advantage of it. PEAP provides support for EAP authentication methods such as EAP-TLS and EAP-MS-CHAPV2 that can perform computer authentication. The PEAP protocol specifies an option of hiding a user s name known as identity privacy. SUMMARY In today s networking world networks no longer have to be designed the same way. There are many options available as to how to physically and logically design a network. All these options can be used to increase the security of the internal network by keeping untrusted and unauthorized users out. The usage of DMZs to segment traffic into a protected zone between external and internal firewalls helps prevent attacks against your Internet facing servers. VPNs are used to allow remote network users to securely connect back to the corporate network. To additionally reduce the risk in your environment application and service hardening should be considered. Be familiar with the required ports for various services so that you can uninstall or disable unused services which will reduce unnecessary exposure. Include evaluation of network services such as DNS and DHCP and specific types of application services such as e-mail databases NNTP servers and others. IDSs are used to identify and respond to attacks on the network. .
đang nạp các trang xem trước