Applying Network Security Features

---

Goals

• Explain identity and access management concepts
• Distinguish protocols and standards used for authentication and directory management
• Use defense in depth techniques to ensure that only policy-compliant devices can connect to the network
• Apply security rules, such as ACLs and content filtering, to manage network traffic

Authentication

• Access Control
• Authentication Methods
• Local Authentication
• Single Sign-On (SSO)
• Kerberos
• Digital Certificates and PKI
• Key Management
• Federation
• Security Assertion Markup Language (SAML)
• Remote Authentication
  • Remote Authentication Dial-In User Service (RADIUS)
  • Terminal Access Controller Access Control System (TACACS+)

Authorization and Account Management

• Authorization
• Access Control Models
  • Discretionary Access Control (DAC)
  • Role-Based Access Control (RBAC)
• Privileged Access Management (PAM)
• Directory Services
• Lightweight Directory Access Protocol (LDAP)
• LDAP Secure (LDAPS)

Network Hardening

• Defense in Depth
• Device and Service Hardening

Switch Security

• Network Access Control (NAC)
• Port Security
• Extensible Authentication Protocol (EAP)
• IEEE 802.1X
• Port Guards
• Port Mirroring

Network Security Rules

• Security Rules and ACL Configuration
• Proxy Server
• Content Filtering
• Misconfigured Firewall and ACL Issues