Enterprise network security

Objectives

• Understand network threats and their implications for security.
• Implement effective prevention and detection measures.
• Develop and apply security policies tailored to your organization.
• Know how to respond to incidents and ensure continuous monitoring.

Introduction to network security

Understand the fundamental concepts of network security:

• Introduction
• Internal pentest tools
• Using Wireshark

Network threats and vulnerabilities

Understanding the fundamental concepts of network security:

• Malware (ransomware, viruses, worms, etc.), antivirus software, and EDR
• Denial of service
• Man-in-the-middle attacks (ARP spoofing, DHCP spoofing, DNS spoofing)
• Vulnerable components (lack of updates), update monitoring plan
• Poor security configurations
• Social engineering (phishing, vishing, etc.)
• Wi-Fi attacks and best practices
• Lack of segmentation, firewall, etc.
• Device-related threats (BYOD, visitors, etc.)
• Detection and implementation of IDS/IPS (Snort, Suricata)
• Active Directory attacks (mapping, tools, exploitation)
• Use of Wireshark
• VPN
• Password management (MDA, manager)
• Attacks on authentication protocols: NTLM relay, pass-the-hash, Kerberoasting
• VLAN security
• Lack of logging and alerts
• Vulnerable network protocols (LLMNR, NetBIOS, SMBv1, etc.)

Implementing a network security policy

• Identifying needs and risks
• Defining security rules
• Implementing protective measures
• Establishing monitoring and incident response
• Training and raising user awareness
• Documenting and auditing regularly
• Managing third parties and governance