Networks and Communications Security from Coursera

What's inside

Syllabus

Networks and Communications Security

Course 5: Network and Communications Security Welcome to course five: network and communication security. As we know, the explosive growth in networks, connectivity, and communications has paved the way for unprecedented transformation of business, personal, and government services into electronic, web enabled forms. This growth in e-business and e-commerce greatly expanded the threat surface. Fraudsters, criminals, unscrupulous business competitors, nation states, and non-nation state actors can take harmful actions against others worldwide. For decades, the world has operated on what is basically a network monoculture. One set of protocols and standards are used to power most of the internet, the worldwide, web e-commerce, and e-business. These standards include the open systems interconnection seven layer model from international organization for standardization and transmission. And the control protocol over internet protocol model from internet engineering taskforce. Almost every laptop, many smart devices, and other such end points use these standards to communicate with servers, and applications, and businesses, and governments. Therefore these models, or protocol stacks become our map of the threat surface. Security professionals need to have a solid understanding of modern networks and internet work concepts, techniques, technologies, and security issues. Their work is like police patrols, because they need to be familiar with the neighborhood's environment. Security professionals need to know the best ways to keep the neighborhood secure and to defend against attacks. The need for such a policing mentality is particularly urgent if the company has limited or no remote visibility into its operational technology systems. For this course, in module one, we start with a brief orientation to the network neighborhood, through the open systems interconnection seven layer, and transmission control protocol over internet protocol models. Then, we dive into all eight layers of this combined protocol stack. Introducing the key technologies at each layer and their regular use. In module two, we look at the various protocols that run on top of this architecture. In module three, we focus on attack and defensive strategies and tactics and build on the industry leading approach to put threat surface analysis into both the attackers and defenders operational context. In the last module, we bring these ideas together into a network security management and monitoring perspective. Now, let's discuss these four modules in detail. Course 5 Learning Objectives After completing this course, the participant will be able to:  L5.1 - Recognize layers of the OSI model, their functions and attacks present at each layer. L5.2 - Identify commonly used ports and protocols. L5.3 - Select appropriate countermeasures for various network attacks. L5.4 - Summarize best practices for establishing a secure networked environment. Course Agenda Module 1: Apply the Fundamental Concepts of Networking (Domain 6 - Network and Communications Security) Module 2: Securing Ports and Protocols (Domain 6 - Network and Communications Security) Module 3: Network Attacks and Countermeasures (Domain 6 - Network and Communications Security) Module 4: Manage Network Security (Domain 6 - Network and Communications Security) Who Should Take This Course: Beginners Experience Required: No prior experience required

Module 2: Securing Ports and Protocols

Let’s build on the 7-layer foundation that module 1 provided us by taking a deeper look at how some of the larger-scale processes work on the internet. Higher-level protocols provide the services that organizations tend to think about when they design workflows and business processes to be email-enabled, cloud-hosted or distributed across a dynamic computing environment.  Messaging, email, file transfer and of course the World Wide Web itself all depend upon these protocols being reliable.  Let’s take a closer look at some of these protocols, the ports they use and a few of the architectural and security considerations for their use and protection. 

Module 3: Network Attacks and Countermeasures

Modules 1 and 2 showed us how the simple tool of abstraction, done layer by layer, helps designers and architects start with simple foundational ideas and build powerful, elaborate and incredibly functional systems as a result. We also saw how abstraction provides you (the defensive analyst) with a powerful tool to look at the threats facing the entire organization from almost any level within the protocol stacks, the overall IT architecture and the OT architectures as well.   That process isn’t done yet. Module 3 will start with a walkthrough of MITRE’s ATT&CK framework. As you’ll see, it’s a way of thinking about attacks and about the defenses you want to put in place to stop them or slow them down. It’s also a knowledge base, and a gateway to the growing world-wide community of users, contributors, researchers and security professionals that collaborate through and around its resources. In MITRE’s words, it is “open and available to any person or organization for use at no charge.” Clearly, attackers know of ATT&CK, and the majority of them, no doubt, make excellent use of it!  But remember what Kerckhoffs and Shannon said about encryption systems and the need to protect one’s keys at all costs — this holds true for everything else in cyber defense. Your enemies will know far, far more about how to attack systems like yours than you currently know about how to defend against them. So, it’s probably time to borrow a page from the attackers’ playbook and start digging deeper into resources like ATT&CK.  That will be the start of module 3’s journey. We’ll take a closer look at mitigations to many of those common exploit situations as they pertain to networks. 

Module 4: Manage Network Security

Network security comprises the set of devices, protocols and procedures used to protect the network infrastructure itself, the services and data that ride on top of the network, their users and the organization as a whole from various forms of security compromise.  As you might expect, physical and administrative security measures play just as much a role as do the technical or logical controls. Building on the previous three modules, it’s time to take a closer look at some of the common devices, protocols and services used to secure networks, services and data.  These include firewalls, proxies, virtual LANs (VLANs) and strategies for segmenting a network into security domains. To be most effective, these security features should be part of the overall network from its earliest design phases; when added into existing networks, it’s worth letting an up-to-date security assessment of the network identify the most urgent problems to solve. Virtualization technologies allow for networks and their security to be modeled and directed by software, offering the security and network engineering team not only improved visibility of network security issues, but also more powerful ways to manage the security configuration of each device or system on the network. Using software defined security thus becomes a powerful way to take advantage of a software-defined network, as we’ll see later in this section. 

Module 5: Review

Before the days of networks, it was much, much easier to keep information systems safe and secure. As soon as we started interconnecting them, you might say, the threat surface went global. That’s what this chapter has taken a deep and broad look at.   We started with the architectural concepts on which the internet is built and how these concepts across the seven layers of ISO’s Open Systems Interconnection model work together to provide systems builders with standards and practices to meet. This model is also useful when identifying threat surfaces, performing threat modeling and analysis and in implementing a defensive strategy. The IETF’s network model, known as TCP/IP, complements the OSI 7-Layer model; together both are powerful intellectual forces in the systems and security marketplaces. Their layers of abstraction and their use of encapsulating functions into protocols has meant that for over 40 years the internet has continued to provide services as it has scaled out to support billions of end users around the world.  Security in a networking environment must recognize that attacks can start at any level, from the physical layer of cables and wireless connections to the applications layer and beyond. More importantly, a growing number of very damaging attacks are being conducted by advanced persistent threat (APT) actors, who demonstrate a degree of technical skill and operational sophistication rivaling that of many nations’ security and intelligence services. Even the smallest of organizations, such as a SOHO startup, can find itself swept up in an APT’s campaign of attack. These attacks often use fraud as a major ingredient, which they achieve by injecting falsified data such as invoices, transactions or even database updates directly into target systems, and, in most cases, all by way of remote access over the internet. The MITRE ATT&CK framework, as we saw, provides a continually updated set of current threat intelligence, attack modeling and mitigation strategies to help deal with network attack across enterprise, mobile and industrial control or operational technology systems.  From software-defined networks and collaboration platforms to traditional remote access capabilities, dealing with COVID-19 has demonstrated how much our modern world depends upon reliable, safe and resilient internetworking to get business and governance securely conducted. It has demonstrated the reliance of many business continuity plans on cloud-hosted, internet-powered virtualization of organizations, processes, resources and management functions. These demands for security and safety online will only continue to grow; this chapter has provided insights that can help security professionals make sure that their organization can meet those demands. 

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Examines how networks operate at all layers, which is standard in industry

Teaches core concepts for securing networks, which are in high demand

Develops foundational skills and knowledge, which are core for network security

Taught by (ISC)² Education & Training, who are recognized for their work in network security

Examines the MITRE ATT&CK framework, which is highly relevant in network security

Prerequisites not specified

Reviews summary

Well-received course in network security

Learners say Networks and Communications Security is a well-received course that offers a complete foundation in network and security fundamentals. Students appreciate the great, well-explained, and engaging lectures and learning materials. The course is especially suited for beginners and intermediate learners, providing informative and helpful content. The course has also been positively reviewed for its great instructor and excellent trainer.

Course is complete.

"Curso completo, mas aparece não concluído fica em 99%."

Suitable for beginners.

"Good course for learning the Networks and Communications Security Fundamentals.Recommended for the Beginners. "

Instructor is excellent.

"great instructor"

" Excellent Trainer "

Large amount of positive feedback

"GOOD"

"Best!"

"Great"

"EXCELLENT"

"wonderful "

"Never stop!"

"So helpful "

"great instructor"

"Excellent Trainer"

"This module is awesome"

"well explained and easy"

"Just the right difficulty"

"It was very clear. Thanks."

"Networks and Communications Security"

"very helpful for me and for my future "

"Good learning course for networks related"

"very good cover all fundamentals of network and security"

"Great resources and explanation, informative and helpful"

"Complete foundation of Network and Communciation Security"

"I like the lectures, well informed and great explanations."

"Very informative. Good for beginners and intermediate learners"

"A vast description of Network and security knowledge understood well ."

"This course is a very beneficial course that I greatly benefited from."

"Great taught of subject and has provided vast learning. Thank you Coursera and team"

"AM REALLY HUMBLED FOR THE OPPORTUNITY THAT YOU GAVE ME.MAY THE ALMIGHTY GOD BLESS YOU"

"I have learned a lot from this course and am ready to practice everything i have a learned"

"Covers everything the young IT security professional should know - Masterfully compiled and presented."

"This was an excellent course. The materials and topics used enabled me to gain a much better understanding of securing company networks. I can immediately apply the newly acquired knowledge in my date to date job activities.I definitely recommend you take this course."

Peer review process is lengthy.

"Course content is understandable and good, but the peer review procedure is the bad way to grade the submissions, as one have to wait way long to get their certificates..."

Instructor changed halfway through course.

"In the middle of the course , the teacher changed, the videos changedm the view changed and everything started to be in a different way. It shouldn't happen."

Insufficient visual material.

"not enough diagrams and presentable material. most of the time there is a video of the presenter talking. and when there is a presentation slides for example, it is 1 or 2 slides and the presenter reads a long text that goes beyond the slides. it is hard to keep track without the slides or other forms of visual material "

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Networks and Communications Security with these activities:

Review Network Security Standards and Regulations

Show steps

Stay up-to-date with industry standards and regulations related to network security to ensure compliance and best practices.

Show steps

Identify relevant standards and regulations.
Review the requirements and best practices outlined in these standards.
Assess your network's compliance with these standards.

Review Networking Fundamentals

Show steps

Start by reviewing the foundations of networking to enhance course comprehension.

Browse courses on OSI Model

Show steps

Define key networking concepts, such as OSI layers, TCP/IP stack, and network protocols.
Review network architectures and topologies.
Understand the role of network security in protecting networks and data.

Configure Firewalls and IDS/IPS

Show steps

Gain hands-on experience in configuring firewalls and intrusion detection/prevention systems to strengthen your defense skills.

Browse courses on Firewall Configuration

Show steps

Identify different types of firewalls and their configurations.
Configure firewall rules to control network traffic.
Deploy IDS/IPS systems to detect and prevent network intrusions.

Four other activities

Expand to see all activities and additional details

Show all seven activities

Join a Network Security Community

Show steps

Engage with peers and experts in online forums or communities to expand your knowledge and network.

Show steps

Identify relevant network security communities or forums.
Participate in discussions, ask questions, and share your perspectives.
Connect with other professionals in the field.

Create a Course Summary

Show steps

Review and organize your notes, assignments, and materials to reinforce your understanding of course concepts.

Show steps

Gather all relevant course materials.
Review and summarize key concepts, theories, and examples.
Organize the summary into sections or topics.
Consider using mind maps, diagrams, or other visual aids for better retention.

Develop a Network Security Plan

Show steps

Put your knowledge into practice by creating a comprehensive network security plan to mitigate risks and protect your organization.

Show steps

Identify network assets and potential vulnerabilities.
Analyze risks and threats to the network.
Develop security policies and procedures.
Implement and monitor security controls.
Continuously review and update the security plan.

Attend a Network Security Workshop

Show steps

Sharpen your skills and gain insights by attending a workshop focused on network security best practices and emerging threats.

Browse courses on Security Training

Show steps

Identify and register for a relevant workshop.
Attend the workshop and actively participate in discussions.
Network with other professionals in the field.

Career center

Learners who complete Networks and Communications Security will develop knowledge and skills that may be useful to these careers:

Security Architect

In the role of a Security Architect, you are responsible for designing an organization's IT security architecture and implementing security measures to protect against cyber threats. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Security Architect

Network Security Engineer

Network Security Engineers design, implement, and manage network security solutions to protect organizations' networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Network Security Engineer

Security Analyst

Security Analysts monitor and analyze security systems for vulnerabilities and threats, and they develop and implement security measures to protect against these threats. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Security Analyst

Information Security Manager

Information Security Managers plan and direct the implementation of security measures to protect an organization's information systems and data. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Information Security Manager

Ethical Hacker

Ethical Hackers use their skills to identify and exploit vulnerabilities in computer systems and networks, with the goal of improving security. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Ethical Hacker

Security Consultant

Security Consultants provide advice and guidance to organizations on how to improve their security posture. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Security Consultant

Network Administrator

Network Administrators manage and maintain computer networks, including the installation, configuration, and maintenance of network hardware and software. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Network Administrator

Systems Administrator

Systems Administrators manage and maintain computer systems, including the installation, configuration, and maintenance of operating systems, applications, and hardware. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Systems Administrator

IT Auditor

IT Auditors evaluate the security of computer systems and networks, and they make recommendations for improvements. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for IT Auditor

Computer Forensics Analyst

Computer Forensics Analysts investigate computer crimes and gather evidence from computers and other electronic devices. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Computer Forensics Analyst

Incident Responder

Incident Responders respond to computer security incidents, and they take steps to contain the damage and restore normal operations. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Incident Responder

Penetration Tester

Penetration Testers use their skills to identify and exploit vulnerabilities in computer systems and networks, with the goal of improving security. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Penetration Tester

Security Operations Center Analyst

Security Operations Center Analysts monitor security systems for vulnerabilities and threats, and they take steps to respond to security incidents. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Security Operations Center Analyst

Vulnerability Manager

Vulnerability Managers identify and manage vulnerabilities in computer systems and networks. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Vulnerability Manager

Security Engineer

Security Engineers design, implement, and manage security solutions to protect organizations' networks and systems. This course can help you understand the network infrastructure and security measures used to maintain the integrity, availability, and confidentiality of information being transmitted. This course will be particularly helpful for understanding the security issues associated with networks and communications, as well as the measures that can be taken to protect against these threats.

See salaries and explore the career path for Security Engineer