WEBVTT 00:00.170 --> 00:02.270 Understanding network maps. 00:02.300 --> 00:05.000 Network maps in cybersecurity are. 00:05.030 --> 00:11.810 Network topology graphs that describe the physical and or logical relationship and configuration between 00:11.810 --> 00:17.630 links, which is communication connections and nodes, which is devices in the network. 00:17.750 --> 00:23.330 To better understand the concept, consider road maps or maps in Atlas. 00:23.720 --> 00:31.740 These describe physical locations, geographic features, political borders and the natural landscape. 00:31.760 --> 00:35.150 Information about roads, which is these are the links. 00:35.150 --> 00:41.690 So these their name, orientation length and intersections between other roads. 00:42.230 --> 00:49.460 And these can be used to navigate between different locations, which is nodes. 00:49.790 --> 00:53.810 Now, let's consider the following hypothetical scenario. 00:53.840 --> 01:00.240 Imagine you live in a world where roads and buildings spontaneously appear or vanish in the blink of 01:00.240 --> 01:01.080 an eye. 01:01.140 --> 01:07.050 Gpes exists and you have the coordinates of where you are and where you want to go. 01:07.050 --> 01:13.260 But you must try to get there by following a bewildering network of constantly changing roads. 01:13.290 --> 01:21.390 Fortunately, navigational features, which is routers, are placed at every crossroads to help travelers 01:21.390 --> 01:23.700 like you find their way. 01:24.000 --> 01:33.390 These routers are constantly calling their neighboring routers to learn what routes and locations are 01:33.390 --> 01:39.510 open so they can update their routing table and kept on a clipboard. 01:39.540 --> 01:47.400 You must stop at every intersection and ask the router for directions to the next corner by showing 01:47.400 --> 01:54.690 them your travel card, which has your intended destination coded in the GPS coordinates. 01:55.140 --> 02:02.670 The router checks their clipboard for currently open routes while making some calculations. 02:02.670 --> 02:09.480 Quickly points you in a direction stamps your travel card with a router's address hole punches your 02:09.480 --> 02:16.560 travel card to track the number of routes you have checked in within your journey and sends you off 02:16.560 --> 02:17.820 to the next router. 02:18.120 --> 02:22.740 You repeat this process until you reach your destination. 02:22.830 --> 02:31.800 Now imagine this world's cartographers who would have likely given up on producing accurate maps, unable 02:31.800 --> 02:35.370 to keep up with the ever changing network. 02:35.640 --> 02:42.330 These mapmakers would have to be satisfied with a labeling key landmarks and points of interest, with 02:42.330 --> 02:48.870 generic names and routing through the lines between these points to indicate that the path of some sort 02:48.870 --> 02:50.400 of exists between them. 02:50.610 --> 02:58.440 This hypothetical situation is in fact what exists in cyberspace, and it's why network maps are not 02:58.440 --> 03:04.470 as accurate and their maintenance is not as prioritized as it should be. 03:04.680 --> 03:12.840 The lack of high quality, comprehensive network maps is a recognized challenge for cyber security organizations. 03:12.870 --> 03:20.340 If an organization has a map at all, it's typically provided to the security Operations Center As or 03:20.340 --> 03:29.430 C to illustrate where sensors or security devices are in the flow of data and to better understand packet 03:29.430 --> 03:33.540 captures, firewall rules, alerts and system logs. 03:33.540 --> 03:39.180 However, it's probably also abstract, describing only basic features such as boundaries for the internet, 03:39.180 --> 03:42.210 perimeter network and intranet. 03:42.510 --> 03:50.430 The general location of edge routers or firewalls and unspecified network boundaries and conceptual 03:50.430 --> 03:54.690 arrangements indicated by cloudly bubbles. 03:54.990 --> 04:02.030 An example of underdeveloped yet common network map available to cyber security and IT professionals. 04:02.040 --> 04:04.920 You can see here on the screen.