Page 375 - StudyBook.pdf
P. 375

Infrastructure Security: Devices and Media • Chapter 6  359

                 Alternatively, many networks do not have the correct security devices in place due
                 to a simple lack of planning, and are therefore vulnerable.
                    Knowing what security problems are inherent in a device is critical to knowing
                 how to implement the device and the necessary security precautions around that
                 device. For example, knowing the insecure nature of wireless transmissions and
                 their range can help when planning where to physically locate wireless access
                 points.This section looks at a variety of hardware devices found on most networks,
                 where in the infrastructure they are located, what purposes they serve, the security
                 they add to the network, and the possible exploits that can be performed on them.
                 It also covers some “best practices” on how to configure these devices and review
                 what their overall impact is on network security.


                 EXAM WARNING

                      Firewalls have evolved a great deal over the years, and the Security+
                      exam expects you to be familiar with the various generations of fire-
                      walls as well as when each type should and should not be implemented.
                      Part of the exam is testing your knowledge on using the right tool for
                      the right job. In some cases, you may be presented with a scenario
                      where an older generation of firewall technology would be a better fit
                      than the latest and greatest. Keep this in mind when analyzing any situ-
                      ation.





                 Firewalls

                 A firewall is the most common device used to protect an internal network from
                 outside intruders.When properly configured, a firewall blocks access to an internal
                 network from the outside, and blocks users of the internal network from accessing
                 potentially dangerous external networks or ports.
                    There are three firewall technologies examined in the Security+ exam:
                      ■  Packet filtering

                      ■  Application layer gateways
                      ■  Stateful inspection

                    All of these technologies have advantages and disadvantages, but the Security+
                 exam specifically focuses on their abilities and the configuration of their rules.A



                                                                              www.syngress.com
   370   371   372   373   374   375   376   377   378   379   380