[MUSIC] Welcome to Network Defense Essentials, good to have you here in the class today. And this is a class that's going to take you in to how to defend networks. Now, we're not going to delve into some of the most in-depth subjects, we're going to take you into a level where you can do basic network defense. So, I'd like to introduce myself to you. My name is Kevin King, I've worked in infrastructure networking for decades, many, many years. I've worked in instruction for many years, from things like, for instance, large organizations, all the way to small organizations, been doing this for a long time. And I'm really excited to be able to work with you as we study network defense. And in terms of you as a student, I want you to keep a couple of things in mind. Number one, is you can do this, where it says a student introductions, and I teach classes, along the full spectrum of classes that we teach at EC council and any others. I find that there are students that have skills that are missing. And so, what I try to do in some of my courses is encourage students to go grab those skills. And so, don't think that if there's something that is really unfamiliar to you in any of this class, that it's going to be a problem, you can learn. One of the things that I'm really jazzed about is the human mind. You can adapt, you can learn, you can acquire new skills. So it's very good to have you here, let's go ahead and move on to what this is. What in the world is network defense essentials? It gives us the fundamental concepts of network security. It equips you as a student with the skills to look at how threats are increasing. I mean, have you been watching the news? If you haven't, one of the things that we'll be looking at later on in the class is sources of news, because there are attacks coming in from all over the place. Whether it be attacks on infrastructure, like for instance on power distribution pipelines, all the way to attacks on large organizations. There was attack on very large organization recently where it essentially failed. That was so good to see the attackers tried to say they had some of the files, but the organization was prepared. We might talk about that a little bit later. So, we're going to be looking at security controls, I'll talk about what security controls are. We're going to be looking at protecting the underlying network infrastructure from unauthorized access and modification destruction or disclosure. That's what we're looking at here with the ND, but we're looking at the fundamentals, fundamental concepts. So what are we going to be talking about in the ND? I'm going to go ahead and grab a laser pointer right here, all right? So the first thing we're going to be looking at is network security fundamentals. And so, what is it that we want out of network security? We're also going to be looking at one of the most important areas in securing your network, which is identification, authorization, and there's another A, because we often talk about triple A. Authentication authorization and accounting, but this is another term that we also talk about. Not triple A, but IAM, which is, identification, authorization and making sure that you have that system, the entire system of identification setup. That's under the auspices of IAM, which we'll talk about also in that section. Next one is network security controls, administrative controls. We'll talk about how you keep people out of your network, how how you manage who has access to what. We'll also look at network security controls in terms of physical controls. What's a physical control? Have you ever walked into a building and someone says, hey, how may I help you? That is a physical control. That's somebody who is a gatekeeper to who comes into the building, if you see security guards, etc, cameras, but we'll get into that in module four. Now we look at network security controls in terms of technical controls. And so, those are technical devices and methods that we use to decide who gets access to what, in our organization. Then we're going to get into a very cool and growing area about virtualization and cloud computing. So, virtualization includes everything from hypervisors like hyper V and VM, all the way to docker and containerized applications and workloads. We'll talk about all all that terminology when we get to module six. Module seven takes us to wireless security, it is very probable that you're actually taking this class on a device that's using wireless. Wireless is ubiquitous, that's one of my favorite college words. It's everywhere. The next thing we look at, and there's another secondary probability that you are actually watching, working with this class, participating in it, on a mobile device. Right here look, I have a phone. I could have brought a tablet. I have other things we're going to talk about when we get to those areas. So I've kept them here. The next thing is IOT. Do you have a ring doorbell or some type of video doorbell or maybe a baby monitor, where you can monitor your child from another room and see a video of them and hear what's going on and so on? Do you have a refrigerator that has some type of internet connectivity? Well, those are just the surface area of IOT, and OT brings us into the industrial sphere, and I can go on and on, but we'll talk more about that when we get there. The small devices of every sort, from sensors to doorbells, that connect into networks that connect into the internet. And it is, probably of all the areas that we're looking at, the fastest growing one of all of those. We'll talk about that. Next we'll get to cryptography and PKI, public key infrastructure. Cryptography is where we take plain text and we turn it into crip text. In other words, we encrypt stuff. We'll talk about that. We'll talk about data security. There are several types of data, and each of those types of data needs to be kept as secure as possible. Talk about that, we'll also talk about one of the job requirements for all of what you see here from module 1 to 12, which is monitoring the traffic. We go back up here to module 9, what kind of traffic on the network, is your IOT, is your mobile device, is your wireless device? What kind of traffic is moving from the cloud to on-premises or moving from device to device in the cloud? What type of traffic characterizes technical, physical, administrative, and authorization controls? You need to be able to monitor that traffic and discern what it is you're looking at, is what you see in your monitoring an attack or is it something else? We'll talk about all of that when we get to module 12. Now, let's talk about what you will learn. So, in this class we're going to look at key issues for network security, essentials of network security, protocols, IAM, triple A. Some of those terms we'll be talking about over and over again, Identification, authentication and authorization, and we'll define each of those terms as we get deeper into the class. Security controls, physic controls, all the stuff we're we were talking about before. We'll also get to get into to some very nice terms that we're going to define as we go in, IDS/IPS, WIPS, NIDS, those are all related acronyms. We're going to get into TLS and FLS, you know what those are? I hope so. Those are three letter acronyms, that's TLA, and FLAS, four letter acronyms. We're going to see a lot of acronyms, but they'll all be defined in this class. VPN, this is pronounced SIM or Sim, and then UBA, all of these things we'll be talking about defining for you. If you don't know what these are, you will, you will know before we finish class. Also we'll look at the fundamentals of virtualization and cloud computing. Basically everything we were talking about when I was going through those modules, I don't think there's anything new on here with IOT devices and PKI and network monitoring, absolutely. One thing that I want you to do is, there's another recording of me going through the labs. In the lab environment we have lots of really cool stuff. We have PF sense firewall, we have Windows 10 admin machine. This is very important because on the job, if you take a job as a security network person, guess what you're going to be doing, you're going to be sitting at an admin machine. And you're going to be working with other people who are administrators. So that's very important to know. Security onion, very nice little Linux machine. Windows Server 2019, which is, as of the filming of this, the latest Windows server. Right now I'm running a beta version of Windows Server 2022, very, very similar. If you know, 19, you know 22, and we go back to server 2016, because this is supposed to represent a real network. One of the most interesting things that happens periodically is, I have large classes teach thousands of students, and every once in a while someone tells me yes, yes, we have a server 2003 server on our network. So you find all kinds of old and new operating systems in the real world. And then a good old Android, and then the attacker machine, we're going to have to run some attacks so that you can see the defense on the other side, right? So run an SQLI attack, which is, structured query language injection, sequel injection attack. But how does that look on the defense side, anyway, we'll go on and on. So what I want you to do, is I want you to take time, as we go through the modules and we get to the end of a module. Or sometimes I'll just recommend going to the lab before we get out of the module, because you need, I need, as much hands on experience with the tools of the trade. And so, it's very important that you go into this lab environment and you work with these. Also, one more thing I want to say about this lab environment, guess what else it is? It's a resume builder. There are tools in this lab environment that you will use over and over and over again until you become familiar with them. So much so that you can put on your resume I am familiar with, and then the name of the tool. And I'll tell you what, in the technical environment, in resumes we look for keywords. If I'm looking for someone who knows NMAP, I'm going to scan that resume to see that you have NMAP. If I'm looking for somebody who knows some type of Wi-Fi tool, I'm going to scan and see if you have that. In fact I'll scan the whole resume and if I don't see that and I see a bunch of other stuff then I, you have to decide whether I put the resume in the, let's dig deeper or in the, not today pile, right? So knowing tools, knowing that you know how to use the tools, six months of access to the lab environment, make use of it. Don't skip a single lab, make time in your schedule after this class, you've finished it, it's over. Make time in your schedule to go through these labs in the lab environment and do every one of them. And then some of them that really appeal to you or that you know that you need to know more about, do them several times. Right on, so that's the lab environment, I want to welcome you to the NDE class, where we're going to learn about network defense. And so, that's the end of this, and we're going to module one.
