11 Security concepts

This chapter covers

  • Key security concepts and common attacks
  • User authentication via passwords and alternatives
  • Controlling and tracking user access with AAA
  • Securing a network with firewalls and IPS

The most secure network would be a closed system, like a house with no doors or windows. But just like a house with no doors or windows would be uninhabitable, a completely isolated network would be counterproductive. The entire purpose of a network is connectivity—the ability to share, communicate, and access resources both within and outside of its confines.

In the real world, networks need to interact with other networks, applications, and users. But this interconnectivity introduces vulnerabilities from a variety of angles, so security concerns must always be at the forefront of any network design. The CCNA isn’t a cybersecurity certification per se. However, just as networking is an essential skill for nearly any IT professional, the same can be said of security. A system is only as secure as its weakest link, and security is everyone’s responsibility—including those in non-IT roles. In this chapter, we’ll cover a variety of fundamental security concepts. Specifically, we will cover the following CCNA exam topics:

11.1 Key security concepts

11.1.1 The CIA triad

11.1.2 Vulnerabilities, exploits, and threats

11.2 Common threats

11.2.1 Technical threats

11.2.2 Social engineering

11.3 Passwords and alternatives

11.3.1 Password-related best practices

11.3.2 Multifactor authentication

11.3.3 Digital certificates

11.4 User access control with AAA

11.4.1 AAA components

11.4.2 AAA protocols

11.4.3 IEEE 802.1X

11.5 Firewalls and IPS