1
00:00:00,000 --> 00:00:01,260
In this section of the course,

2
00:00:01,260 --> 00:00:03,480
we're going to discuss network attacks.

3
00:00:03,480 --> 00:00:05,190
Now, security is a very important part

4
00:00:05,190 --> 00:00:06,090
of running our networks

5
00:00:06,090 --> 00:00:07,710
because if we don't secure our networks,

6
00:00:07,710 --> 00:00:09,840
somebody is eventually going to find their way into them

7
00:00:09,840 --> 00:00:10,860
and cause a data breach

8
00:00:10,860 --> 00:00:13,740
or other malicious action against our organization.

9
00:00:13,740 --> 00:00:15,420
Network security is critically important

10
00:00:15,420 --> 00:00:16,680
in our modern networks,

11
00:00:16,680 --> 00:00:18,900
especially since most of our networks are always on

12
00:00:18,900 --> 00:00:19,733
and always connected

13
00:00:19,733 --> 00:00:22,830
to the world's largest wide-area network, the Internet.

14
00:00:22,830 --> 00:00:24,030
Now, as you're probably aware,

15
00:00:24,030 --> 00:00:25,620
the Internet can be a scary place

16
00:00:25,620 --> 00:00:28,410
with lots of bad people doing lots of bad things.

17
00:00:28,410 --> 00:00:31,020
So in this section, we're going to focus on all the bad things

18
00:00:31,020 --> 00:00:32,970
that can happen to your organization's network

19
00:00:32,970 --> 00:00:34,800
when you don't secure it properly.

20
00:00:34,800 --> 00:00:37,680
Now, we're going to focus solely on Domain 4 Network Security,

21
00:00:37,680 --> 00:00:40,890
and we'll be covering the entirety of Objective 4.2.

22
00:00:40,890 --> 00:00:43,080
Now, Objective 4.2 states that you must be able

23
00:00:43,080 --> 00:00:44,910
to summarize various types of attacks

24
00:00:44,910 --> 00:00:46,650
and their impact to the network.

25
00:00:46,650 --> 00:00:48,540
Now, first, we're going to look at denial-of-service

26
00:00:48,540 --> 00:00:50,370
and distributed denial-of-service attacks,

27
00:00:50,370 --> 00:00:52,530
which attempt to overload or flood our networks

28
00:00:52,530 --> 00:00:54,330
and their associated services.

29
00:00:54,330 --> 00:00:56,340
Then we're going to discuss MAC flooding,

30
00:00:56,340 --> 00:00:58,290
which attempts to overload our network switches

31
00:00:58,290 --> 00:01:00,990
and to try to make them act like an insecure network device,

32
00:01:00,990 --> 00:01:03,120
like a hub, so that way, our attacker can breach

33
00:01:03,120 --> 00:01:05,129
our confidentiality of our data.

34
00:01:05,129 --> 00:01:06,900
Next, we're going to learn about ARP,

35
00:01:06,900 --> 00:01:09,840
or Address Resolution Protocol, attacks like ARP spoofing

36
00:01:09,840 --> 00:01:11,460
and ARP cache poisoning.

37
00:01:11,460 --> 00:01:13,770
After that, we're going to explore VLAN hopping

38
00:01:13,770 --> 00:01:15,060
and how an attacker can try to move

39
00:01:15,060 --> 00:01:17,160
from one secure subnet into another

40
00:01:17,160 --> 00:01:19,710
to breach our confidentiality and integrity.

41
00:01:19,710 --> 00:01:22,170
Then we're going to cover Domain Name System attacks,

42
00:01:22,170 --> 00:01:26,160
like DNS spoofing, DNS poisoning, and DNS zone transfers.

43
00:01:26,160 --> 00:01:28,440
Next, we'll take a look at on-path attacks

44
00:01:28,440 --> 00:01:30,510
where an attacker tries to trick your network clients

45
00:01:30,510 --> 00:01:31,950
into connecting to them first

46
00:01:31,950 --> 00:01:34,350
and then proxying that data from the network client

47
00:01:34,350 --> 00:01:36,060
to the network servers while remaining

48
00:01:36,060 --> 00:01:39,360
in between the communication session the entire time.

49
00:01:39,360 --> 00:01:41,460
After that, we're going to explore rogue devices

50
00:01:41,460 --> 00:01:43,590
and attacks, including unauthorized devices

51
00:01:43,590 --> 00:01:44,880
being connected to your network

52
00:01:44,880 --> 00:01:47,520
and the use of evil twins next to your wireless networks

53
00:01:47,520 --> 00:01:48,780
that will try to trick your users

54
00:01:48,780 --> 00:01:51,090
into providing their data to an attacker.

55
00:01:51,090 --> 00:01:53,280
Then we'll discuss social engineering attacks,

56
00:01:53,280 --> 00:01:55,380
like phishing, spear-phishing, wailing,

57
00:01:55,380 --> 00:01:57,150
and numerous others, as well as providing you

58
00:01:57,150 --> 00:01:59,760
with a short demonstration to show you just how easy it is

59
00:01:59,760 --> 00:02:02,070
to conduct a phishing attack these days.

60
00:02:02,070 --> 00:02:05,250
Next, we'll explore malware attacks like viruses, worms,

61
00:02:05,250 --> 00:02:07,980
and Trojans, and I'll also do a short demonstration

62
00:02:07,980 --> 00:02:10,110
to show you how a virus and a Trojan can be used

63
00:02:10,110 --> 00:02:13,530
by an attacker or a penetration tester during their attacks.

64
00:02:13,530 --> 00:02:15,720
Finally, we'll take a short quiz to see what you learned

65
00:02:15,720 --> 00:02:17,850
during this section of the course and review your answers

66
00:02:17,850 --> 00:02:19,500
to ensure you know why the right answers were right

67
00:02:19,500 --> 00:02:21,060
and the wrong answers were wrong.

68
00:02:21,060 --> 00:02:23,490
So if you're ready, let's get started with our coverage

69
00:02:23,490 --> 00:02:25,940
of network attacks in this section of the course.