Network Software Hardening - Securing Your Networks | Coursera

企业版面向学生

浏览
顶级课程
登录
免费加入

Network Software Hardening

Loading...

IT Security: Defense against the digital dark arts

4.8（8,071 个评分） | 100K 名学生已注册

课程 5（共 5 门，Google IT 支持专项课程）

This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand: ● how various encryption algorithms and techniques work as well as their benefits and limitations. ● various authentication systems and types. ● the difference between authentication and authorization. ● how to evaluate potential risks and recommend ways to reduce risk. ● best practices for securing a network. ● how to help others to grasp security concepts and protect themselves.

查看授课大纲

您将学习的技能

Cybersecurity, Wireless Security, Cryptography, Network Security

审阅

4.8（8,071 个评分）

5 stars
82.95%
4 stars
14%
3 stars
2.15%
2 stars
0.52%
1 star
0.37%

DS

Aug 17, 2018

This course was insane, all the possibilities, the potential for growth, and the different ways to help protect against cyber attacks. It was truly an eye-opening lesson in security. Thank you.

GD

Sep 05, 2020

Great course a lot to learn and a lot to know along with great and cool teaching staff I enjoyed much and learned a lot. Thanks to all the teaching staff and google for such a wonderful course.

从本节课中

Securing Your Networks

In the fourth week of this course, we'll learn about secure network architecture. It's important to know how to implement security measures on a network environment, so we'll show you some of the best practices to protect an organization's network. We'll learn about some of the risks of wireless networks and how to mitigate them. We'll also cover ways to monitor network traffic and read packet captures. By the end of this module, you'll understand how VPNs, proxies and reverse proxies work; why 802.1X is a super important for network protection; understand why WPA/WPA2 is better than WEP; and know how to use tcpdump to capture and analyze packets on a network. That's a lot of information, but well worth it for an IT Support Specialist to understand!

Network Hardening Best Practices8:49

Network Hardware Hardening9:01

Network Software Hardening5:00

Joe Personal Obstacle0:44

教学方

Google

以免费的价格试听课程

脚本

Hey, welcome back. In the last lesson, we covered network hardware hardening security measures. Which you should be aware of as an IT support specialist. Now, we're going to shift to network software hardening techniques. Just like with network hardware hardening, it is important for you to know how to implement network software hardening, which includes things like firewalls, proxies, and VPNs. These security software solutions will play an important role in securing networks and their traffic for your organization. Like we mentioned before, firewalls are critical to securing a network. They can be deployed as dedicated network infrastructure devices, which regulate the flow of traffic for a whole network. They can also be host-based as software that runs on a client system providing protection for that one host only. It's generally recommended to deploy both solutions. A host-based firewall provides protection for mobile devices such as a laptop that could be used in an untrusted, potentially malicious environment like an airport Wi-Fi hotspot. Host-based firewalls are also useful for protecting other hosts from being compromised, by corrupt device on the internal network. That's something a network-based firewall may not be able to help defend against. You will almost definitely encounter host-based firewalls since all major operating systems have built in ones today. It's also very likely that your company will have some kind of network-based firewall. Your router at home even has a network-based firewall built in. VPNs are also recommended to provide secure access to internal resources for mobile or roaming users. We went over the details of VPNs and how they work in securing network traffic. If you need a refresher, feel free to revisit that again. We won't go back over all the details, but here's a quick rundown. VPNs are commonly used to provide secure remote access, and link two networks securely. Let's say we have two offices located in buildings that are on opposite sides of town. We want to create one unified network that would let users in each location, seamlessly connect to devices and services in either location. We could use a site to site VPN to link these two offices. To the people in the offices, everything would just work. They'd be able to connect to a service hosted in the other office without any specific configuration. Using a VPN tunnel, all traffic between the two offices can be secured using encryption. This lets the two remote networks join each other seamlessly. This way, clients on one network can access devices on the other without requiring them to individually connect to a VPN service. Usually, the same infrastructure can be used to allow remote access VPN services for individual clients that require access to internal resources while out of the office. Proxies can be really useful to protect client devices and their traffic. They also provide secure remote access without using a VPN. A standard web proxy can be configured for client devices. This allows web traffic to be proxied through a proxy server that we control for lots of purposes. This configuration can be used for logging web requests of client devices. The devices can be used for logs, and traffic analysis, and forensic investigation. The proxy server can be configured to block content that might be malicious, dangerous, or just against company policy. A reverse proxy can be configured to allow secure remote access to web based services without requiring a VPN. Now, as an IT. support specialist, you may need to configure or maintain a reverse proxy service as an alternative to VPN. By configuring a reverse proxy at the edge of your network, connection requests to services inside the network coming from outside, are intercepted by the reverse proxy. They are then forwarded on to the internal service with the reverse proxy acting as a relay. This bridges communications between the remote client outside the network and the internal service. This proxy setup can be secured even more by requiring the use of client TLS certificates, along with username and password authentication. Specific ACLs can also be configured on the reverse proxy to restrict access even more. Lots of popular proxy solutions support a reverse proxy configuration like HAProxy, Nginx, and even the Apache Web Server. You can read more about these popular proxy solutions in the supplemental readings. Next up, let's take a practice quiz to secure the network architecture terms we've just discussed.

探索我们的目录

免费加入并获得个性化推荐、更新和优惠。

热门在线课程

Finding Purpose & Meaning in Life
Understanding Medical Research
Japanese for Beginners
Introduction to Cloud Computing
Foundations of Mindfulness
Fundamentals of Finance
机器学习
使用 SAS Viya 进行机器学习
幸福科学
Covid-19 Contact Tracing
适用于所有人的人工智能课程
金融市场
心理学导论
Getting Started with AWS
International Marketing
C++
Predictive Analytics & Data Mining
UCSD Learning How to Learn
Michigan Programming for Everybody
JHU R Programming
Google CBRS CPI Training

热门在线专项课程

Natural Language Processing (NLP)
AI for Medicine
Good with Words: Writing & Editing
Infections Disease Modeling
The Pronounciation of American English
Software Testing Automation
深度学习
零基础 Python 入门
数据科学
商务基础
Excel 办公技能
Data Science with Python
Finance for Everyone
Communication Skills for Engineers
Sales Training
职业品牌管理职业生涯品牌管理
Wharton Business Analytics
Penn Positive Psychology
Washington Machine Learning
CalArts Graphic Design

在线证书

专业证书
MasterTrack 证书
Google IT 支持
IBM 数据科学
Google Cloud Data Engineering
IBM Applied AI
Google Cloud Architecture
IBM Cybersecurity Analyst
Google IT Automation with Python
IBM z/OS Mainframe Practitioner
UCI Applied Project Management
Instructional Design Certificate
Construction Engineering and Management Certificate
Big Data Certificate
Machine Learning for Analytics Certificate
Innovation Management & Entrepreneurship Certificate
Sustainabaility and Development Certificate
Social Work Certificate
AI and Machine Learning Certificate
Spatial Data Analysis and Visualization Certificate

在线学位课程

Computer Science Degrees
Business Degrees
公共卫生学位
Data Science Degrees
学士学位
计算机科学学士
MS Electrical Engineering
Bachelor Completion Degree
MS Management
MS Computer Science
MPH
Accounting Master's Degree
MCIT
MBA Online
数据科学应用硕士
Global MBA
Master's of Innovation & Entrepreneurship
MCS Data Science
Master's in Computer Science
公共健康硕士

Coursera

关于
管理团队
工作机会
目录
证书
MasterTrack™ 证书
学位
企业版
政府版
面向校园
新冠疫情响应

社区

学生
合作伙伴
开发者
Beta 测试人员
专业译员
博客
技术博客

更多

条款
隐私
帮助
内容访问
媒体
联系我们
目录
附属公司

通过 Google Play 获取

© 2020 Coursera Inc.保留所有权利。