Menu
Welcome to Exam Notes by CertBlaster! This is our free study guide for Network plus 4.5. In this installment, we cover the topics covered in Network+ Objective 4.5 “Given a scenario, implement network device hardening.”
After installing a new network device such as a router or a switch, the new device will be set to the manufacturer’s default credentials. It is important to change the default credentials as quickly as possible in order to guard against unauthorized access.
As we noted, Network devices are usually configured with default credentials during their initial use. Search for “Common router default passwords” online and you will find several webpages that list the default username and password for your specific network device’s brand and model. Immediately change any default login credentials.
Most network devices have a link to update the firmware. Update your firmware as soon as possible and follow the instructions for your device and model.
Patching and updates are usually handled by the software or hardware running on the device. For example, a recent webserver attack was recognized and the administrator was notified of the required patch. The patch was either not installed or it was not configured properly. The end result was the exposure of user credentials. This attack was against Equifax where the user credentials of over 150 million users were exposed.
The terms hashing and encryption are often misused. Hashing a file transforms the data into a different type. The hashed data cannot be recovered. Hashing is used to protect password files. The more complex the hashing algorithm, the more difficult it is to crack the file.
The most common file hashing method uses a variant of the SHA (Secure Hashing Algorithm). File encryption is coupled with hashing in order to further harden the files and the data.
Secure protocols protect data transfers on protected systems. Earlier, we mentioned the SHA protocol. Now, we will address some of the data transfer protocol combinations. SSH (Secure Sockets Handling) keys can be generated in order to protect data or devices. SSH keys can be generated and combined with an insecure protocol such as HTTP, creating a strong HTTPS connection. Similarly, SSH and FTP are used together for SFTP.
Disabling unnecessary services is an essential method in order to prevent random attacks. By default, an OS installs all of the services it predicts the PC will run. An average user will probably not use many of them. However, these services will remain open and accessible until they are disabled.
In much the same way services are activated by default, IP ports are also opened by default. When discussing unwanted ports, virtualization must also be considered. Check the PC for unwanted active ports. Remember that all the virtual devices should be checked individually.
That’s all for objective 4.5. See you in 4.6!
We hope you liked our free study guide for Network plus 4.5 “Given a scenario, implement network device hardening.” If you did, please let us know!
The below video is a short presentation of the Network+ N10-007 exam objectives.
By continuing to browse this site, you accept the use of cookies and similar technologies that will allow the use of your data by CertBlaster in order to produce audience statistics- see our privacy policy.