-
Windows: Group Policies (GPO)
Continuing the education (for me) of the Windows world, being that my background has been working on a Mac workstation, configuring Linux instances, and while working on a Windows platform, I never looked behind the curtain, as it were. So here we go! Group Policy Management is the umbrella approach for creating Group Policy Objects…
-
Entering the Windows world (AD)
Much of my background has been working with Linux OS and such in terms of creating a network and allocating resources, configuration, and such. So, when the networking class carved out an entire section on Active Directories, Domains, and configuration, I decided to write down some of my thoughts and experiences here. Definitely gives me…
-
Security Tools: IAM
Some of the foundational security concepts include the CIA Triad (confidential, integrity, availability) of data, identification/authentication/authorization, and AAA (authentication, authorization, accounting). A user provides an identity, confirms and authenticates that identity through a variety of means, and subsequently, after providing the identity, is allows appropriate access to resources. Discretionary Access Control (DAC) is what I’ve…
-
Hardening a Router (ACL)
I’ve been talking a lot about switches and how those need to be locked down in a network to mitigate vulnerabilities. Switches are such an important piece of the network, offering the connections between the different endpoints and clients. Previously, I talked a little about creating VLANs to help create sub-networks which will help with…
-
Network Adress Translation (NAT)
In the continuing deep-dive of Switching and Routing, as part of my networking class, I have been getting some hands-on experience with both learning about NAT and configuring those within a network. Every device on a network, including the internet, needs to have an unique IP address, and these are in short demand (and growing…
-
Routing: QoS
As part of the networking class that I am studying, we did a deep dive into routing. The class allows for hands-on practice using a virtual machine sandbox (which I’ll be sharing screenshots here), but I have also been supporting that with studying pages 395-420, and 231-277 in the All-In-One Network+ study book by Mike…
-
Switch Hardening: pt 2 (ACE)
Today I’ve been spending quite a bit of time learning about how to make a network more secure through hardening a switch. One additional way to do so is through MAC-based access control entries.
-
Switch Hardening pt 2
Other options to harden a switch include the creation of an access profile. In the following, I have created such a profile that has an implicit deny: Next, I added a profile rule that would allow HTTP access from a particular IP address:
-
Hardening Switches
In my networking class studies, I have been learning a range of topics, from firewall design and implementation, designing a screened subnet (DMZ), configuring intrusion detection devices (such as Snort), and more. Today I have diving deep into the world of switching and routing, such as configuration of switches, including that of switch ports –…
-
Networks: Implementation & Troubleshooting
I’m currently taking a Networking class to help meet my goal of successfully passing the CompTIA Network+ exam. The class offers virtual machine labs where I can put into practice the theoretical learning- really helpful! So, for example, Networking Addressing and Services in the subject matter, which included a number of important topics: IP Addressing,…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
davethemaker 