Book Review; Network+ Guide
The contents of this 410 paged guide shall prepare you for what the exam may pertain, the guide is by no means outdated as it was written in 2018 meaning it will still be relevant to current (2021) and future exams.
Written by the renowned cyber-security instructor Glen D. Singh and co-authored by Rishi Latchmepersad, a data centre engineer.
The guide, having been written with networking concepts in mind, covers a wide and diverse range of concepts, ranging from TCP and UDP protocols to wireless technologies like Z-Wave, RFC, RFID, satellite. To the nitty-gritty of individual IPv4 packets and frequency ranges.
My personal thoughts on the guide
This book was seemingly written for aspiring network engineers or enthusiast but even whilst aiming at an already well versed and technical audience, the book is riddled with beautifully laid out analogies permitting for those who are neither within the IT industry nor are a computer enthusiast to easily understand the advanced concepts that they cover.
The book covers a huge range of concepts which is often brought up later on, so it is of great importance to read the chapters in order as quite a significant amount of concepts are of later relevance. Whilst being an extremely informative book which aims to educate a reader on networking and anything and everything it may pertain, it was surprisingly a pretty good read.
I rarely felt myself being bombarded with unnecessary information, but it also simultaneously gets into the nitty-gritty intrinsic details. This is something I was both surprised and thankful for, being both an easy read but technically detailed.
The following chapters of the book are as follows:
Chapter 1 The OSI Reference Model and TCP/IP Stack
Chapter 2 Network Ports, Protocols, and Topologies
Chapter 3 Ethernet
Chapter 4 Understanding IPv4 and IPv6
Chapter 5 Routing and Switching Concepts
Chapter 6 Wireless and Cloud Technologies
Chapter 7 Network Components
Chapter 8 Network Virtualisation and WAN technologies
Chapter 9 Business Continuity and Disaster Recovery Concepts
Chapter 10 Network Identity Management and Policies
Chapter 11 Network Security Concepts
Chapter 12 TCP/IP Security
Chapter 13 Organisational Security
Chapter 14 Troubleshooting a Network
I'll briefly go over the few chapters that I found were of significant importance and concepts that are required later on throughout the guide. Most concepts within this guide are revisited, some less so than others. A few are required to help conceptualise future concepts.
Chapter One
The OSI Reference Model and TCP/IP Stack
Chapter One, which depicts the Open Systems Interconnection model (OSI model) and goes into great detail as to what it pertains, it also compares it to the TCP/IP Protocol stack. I found that these two concepts are recurringly referred to and used frequently as the rest of the entire networking guide operates on these two concepts and each of its respective layer. I would argue that it is one of the most important concepts to familiarise yourself with if you're planning to become either a network engineer, work on enterprise network infrastructure, get into IPsec or anything that requires network troubleshooting or hardware related maintenance.
This chapter discusses the International Organisation for Standardisation's (ISO) universally adopted creation, the OSI model. Which was brought into conception in 1984. Chapter one discusses each and every layer of the OSI model, there are seven respective layers,
Chapter One includes the seven respective layers of the OSI model, the layers are as follows, starting from the top layer, (7) Application, (6) Presentation, (5) Session, (4) Transport, (3) Network, (2) Data Link, and the bottom layer (1) Physical. The chapter proceeds to go into detail and discusses each and every one of these layers, which technologies might exist on it, what each layer is responsible for and what role it has. Make sure to fully understand and familiarise yourself with each layer, as the following chapters of the book will assume that you fully understand the role of each and every layer.
Another important and recurringly brought up concept is the TCP/IP Protocol Suite, a close sibling to the OSI model. Was commercially introduced in 1985. The TCP/IP suite is defined as consisting of four layers: (4) Application, (3) Transport, (2) Internet, (1) Data Link. The TCP/IP concept combines several of the OSI layers into fewer layers.
Chapter Two
Network Ports, Protocols, and Topologies
Chapter Two is where this book begins to dive into networking concepts, this chapter delves into Network Ports, Protocols, and Topologies Technical requirements. For those of which who seeking to get into penetration testing, red-teaming or even blue teaming, chapter two would be of greater interest than further on chapters. It covers commonly used protocols such as SSH, FTP, SMTP and what ports they run on. It also briefly covers Network Topologies which isn't brought up too often.
What this chapter does cover is types of networks, and where they are likely to be implemented. These concepts are important as they are frequently brought up throughout the book. Concepts such as Local Area Network (LAN), Wide Area Network (WAN), Wireless Local Area Network (WLAN). And less commonly used concepts such as Metropolitan Area Network (MAN), Storage Area Network (SAN), Personal Area Network (PAN). The first three concepts will be frequently brought up and used to help conceptualise other concepts, make sure you remember these network types and their differences.
Chapter Four
Understanding IPv4 and IPv6
Chapter Four is where I found myself having to re-read concepts and the provided analogies several times over to really develop an understanding of it, this is where concepts begin to become quite advanced and difficult to quickly understand. It discusses the format of an IPv4 packet. Then it discusses the difference between public IPv4 addresses and private ones. These were easy to understand but then later on in the chapter, it will get complex.
For myself, the concepts that took a bit for me to understand within this chapter were Subnet mask, Subnetting and creating subnets. This became a bit of a headache but is extremely important to familiarise yourself if you're ever wanting to become a network engineer or manage enterprise infrastructure. Variable Length Subnet Masking (VLSM) and subnetting a subnet, calculating the ranges. This chapter also delves into IPv6, the format of an IPv6 packet, the coexistence of IPv4 and IPv6 on a network.
This chapter greatly enriched my prior knowledge and understanding, although an immense headache, it proved to be extremely beneficial and I had to 'unlearn' a lot of what I thought I already knew. This did leave me confused before going back over it several times. This chapter is extremely important and needs to be fully understood in order to apply it in areas such as Network Segmentation and concepts such as Virtual Local Area Network (VLAN) require one to be familiar with subnetting, what a subnet mask is and so forth. Pay close attention to this even if it gives you a migraine.
Chapter Six
Wireless and Cloud Technologies
Chapter 6 focuses on wireless technology, how Wi-Fi functions and how it's been improved over the years. This chapter helped bridge between what I already knew from using tools such as the Aircrack-ng suite and other information that really enhanced my prior knowledge of wireless networks and how they function.
Chapter 6 briefly discusses every day less commonly used wireless technologies such as Z-Wave which is used for IoT devices, ANT+ which is the technology that fitness devices such as a Fitbit or Apple watch have adopted, to more commonly used technologies such as Bluetooth (IEEE 802.15), Near Field Communication (NFC) which is the technology used in debit and credit card chips, to Radio Frequency Identification. (RFID) which is the technology used on passes used to open doors.
What chapter 6 mainly focuses on is 802.11 Wireless Standards, discussing and detailing the differences between modern routers and older models, the newer technologies developed, how routers operate and how they communicate with each device on a Wireless Local Access Network (WLAN). It also discusses frequencies such as 2.4GHz and 5GHz and how a router would run on different channels to prevent and reduce noise between residences. As well as how an antenna functions, the differences between them, such as an omnidirectional antenna and Yagi or Parabolic antenna, and power requirements, data attenuation and how data is lost over greater distances or can be impacted by electric magnetic interference (EMI)
This chapter did a wonderful job of giving the pros and cons of the respective technologies, what advantages they may possess and why some technologies are preferred over others, it also discussed the vulnerabilities and weaknesses they have, how some technologies such as RFID can easily be exploited.
Then it branched all the way to Cellular technologies such as GSM, TDMA, CDMA and the famed 4G technology and LTE. Although the chapter didn't go as nearly in-depth with cellular technologies as it did with wifi, it did lend valuable insight as to how these everyday technologies function and operate both within an individual country and globally.
A lot of really cool concepts that blew me away and helped reinforce what I already knew as well as introducing new cool technologies and concepts. I benefited significantly from this chapter and will be closely looking into the concepts I had discovered from this.
Chapter Eight
Network Virtualisation and WAN technologies
This chapter was quite a fun one, as this is where all the previously learnt concepts from all the prior chapters begin to bare its fruit as quite a considerable amount of the proceeding concepts will require one to be familiar with all the previously covered concepts as it'll combine many different technologies, protocols and so forth.
This chapter pertains to WAN technologies and concepts such as Peer to Peer (P2P), hub and spoke, Full mesh. Storage technologies such as NAS and SAN. This chapter seemingly focuses on Virtualisation though, going over hypervisor which seems to be a godsend to the world of IT, hypervisor allows for the world of hardware and software to collide, this is where server equipment begins to be fully utilised, the bare-metal creation of virtual machines (VM). This chapter also includes Virtual networking components such as a Virtual Switch or vSwitch, virtual firewalls, and virtual routers.
Chapter Ten
Network Identity Management, Remote Access methods
This chapter focuses on remote access and policies that surround and impact it as well as identity management. Having previously dabbled quite a fair bit with most of these technologies, this chapter didn't have too many new concepts for me, but it does have a lot of important concepts that should be understood. The concepts and technologies within this chapter will be of interest to those who plan to get into blue teaming or IPsec (IP security).
Focusing mainly on IPsec it covers; encryption, data integrity, authentication, anti-replay (a concept that was new to me), Diffie-Helman (another), and IPsec protocols such as Authentication Header (AH) and Encapsulation Security Payload (ESP) both of which were completely new concepts to me.
It also discusses Secure Socket Layer (SSL) and Transport Layer Security (TLS), VPN topologies such as Site-to-Site VPN and Remote Access VPN. And lastly protocols such as Microsoft Remote Desktop Protocol (RDP), Secure Shell (SSH) and Telnet.
Chapter Eleven
Network Security Concepts
Building off what was discussed in the previous chapter, chapter six. Chapter 11 concerns itself with Network Security, this chapter contains a significant amount of different technologies, software, hardware and preventative measures. This chapter would greatly benefit those who’re planning to become a blue teamer or a SOC team. Ranging from wireless security to types of network attacks and threats, to authentication and encryption.Wireless security, a concept that I believe all would already be familiar with. Wireless security is the preventive measure that ensures that a private network stays exactly like that, private. In order to do this, many countermeasures have been set in place to ensure a network is secure, chapter 11 covers some of the technologies developed to do this, such as; Wire Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) which was superseded by Wi-Fi Protected Access 2 (WPA2) which was developed as numerous vulnerabilities were discovered on its predecessor.
Other technologies were created and are adopted by both enterprises and homes, Extensible Authentication Protocol or EAP, EAP Transport Layer Security (EAP-TLS), EAP Tunneled Transport Layer Security (EAP-TTLS), Protected Extensible Authentication Protocol (PEAP), MAC filtering and geofencing.
This chapter goes into detail about numerous different types of network attacks and the threats a network may face. The most commonly known type of attack Denial of Service (DoS), an attack frequently utilised by both Skiddies and state-funded groups. As Well as the three different variations of such an attack, Reflective, amplified and Distributed (DDoS). It also looks into; War-driving, Evil Twin, ransomware, DNS Poisoning, ARP Poisoning, Deauthentication, Brute force and VLAN hopping. As well as detailing other types of attack vectors; social engineering and insider threat.
This chapter then leads into Securing Networking devices, device hardening and so forth. Then mitigation techniques, which leads into network segmentation, Demilitarised zone (DMZ), honeypots and honeynets and penetration testing.
Chapter Twelve
TCP/IP Security
This chapter built off of the previous chapter, leaning more towards attack vectors, types of vulnerabilities and where and how they may arise. But unlike what the previous chapter did, chapter twelve discusses what types of attacks and vulnerabilities may lay within each layer, giving a great overview of what attack vectors a malicious actor may have within their arsenal.Vulnerabilities at the Transport Layer; Fingerprinting, SYN Flooding, TCP reassembly and sequencing. And then Enumeration which pertains to DNS enumeration, DNS zone transfer, RPC Endpoint mapper, SMPT.
Vulnerabilities at the Internet Layer; Route spoofing, IP address spoofing, and then Smurf attack, teardrop attack and Ping of Death (POD) which all rely on the ICMP protocol. Vulnerabilities at the Network Access/Link Layer; ARP poisoning, sniffing, broadcasting storms and VLAN hopping.
Then wrapping up the chapter it leads into Securing TCP/IP using a DiD approach, mitigating security threats by; implementing a next-generation firewall, implementing an IPS, implementing Web Security Appliance (WSA) and implementing VPNs.
Comments
Post a Comment