12 hours 41 minutes

Video Description

Though topics surrounding WANs (Wide Area Networks) has fallen off in terms of testability, it is still a subject area worth knowing. This section deals with the major forms of WAN connectivity types and protocols. We begin by covering the two types of WAN switching technologies: circuit switching and packet switching. Circuit switching networks send data over the exact same path for all transmitted data. It can be viewed as a direct connection between to endpoints very much like a landline phone connection, which in fact, is an example of a circuit-switched network. Other types of circuit switching networks are ISDN, DSL, and the T-Carriers such as T-1, T-3, etc. It is noted that all though dial-up networking using modems has pretty much disappeared, there are still applications that utilize this type of connection. A prime example is remote access applications. It is also pointed out that ISDN is not really testable, so don't worry too much about knowing the ins and outs. The reason for this is that ISDN has been pretty much supplanted by ADSL, which achieves a faster download speed by trading off for a slower upload speed. Threats targeting circuit-switched networks are then covered. The technique of war dialing is employed against remote access networks which use dial up connections. Several strategies for mitigating war dialing attacks are discussed such as implementing dial back, caller id, and combining strategies into a layered defense. Packet switching is covered next. In packet switching, data is "chunked" into packets and each packet finds its own best way to the destination. This results in faster data delivery. Examples of packet-switched networks are x.25, frame relay, ATM (Asynchronous Transfer Mode), VOIP, and cable networks. We then discuss some of the threats that target packet-switched networks. One of the major benefits of cable networks - an always on connection - is also a major vulnerability. VOIP is vulnerable to some of the same exploits as POTS (Plain Old Telephone System) networks such as phishing, known as "vishing" for VOIP. It is also susceptible to eavesdropping, toll fraud, and SPIT (Spam Over IP Telephony). In addition, performance issues exist with VOIP such as latency and jitter. It's important to be aware that VOIP was never designed to be secure. Protocols such as S/RTP (Secure Real Time Protocol) can be used as a mitigation tactic against some of these threats.

Video Transcription

okay. Our next topic is when Technology. So we talk about a wide area network. Where's most of our discussion? Has been about the local area network. We really you're not gonna cover metropolitan area networks? At one point in time? Maybe there was a little bit, um
we just really don't see a lot of questions on those and most of the way, and questions have kind of fallen off the exam.
You know, uh, when we do look at when communication, we look at two main strategies we look att, circuit switching, and then we look at packet switching when we talk about circuit switching anything that uses the public phone system. So when you think about it, if I call my uncle in Seattle,
Um, the voice call goes through series of switches,
but the entire amount of the continent, you know, duration of the conversation. The voice data is traveling the same path, right? That circuit switching all the data follows the same path from one destination to the next. So there we would talk about anything against that uses the public switch telephone network.
Or you could see that abbreviated as pots, plain old telephone system.
Ah, I s t in lines. D s L A T carriers. You know all of those elements you circuit switching
dial up, which at one point I was very popular. It's not obsolete today because there still certain service is that people access via dial up so still around. You know, when you do allow dial up access to your network and you have that remote access server,
you are potentially allowing traffic into the network. So you need to make sure they're good access control lists and so on.
Ah, I mentioned war dialing otherwise earlier, and war dialing is if your company's phone number is 85 to 4000 on without 1 8000 to 4003 and so on. Um,
and a lot of the defensive practices are just gonna have to be part of the layer defense. None of them are foolproof. So, you know, I could terminate the call and dial you back in a predefined number except called fording Muddy. You wait by passing that
I could use color I D. But phone numbers could be spoofed.
Um, you know, another strategy that's pretty good is if your company's phone numbers. 85 to 4000 then your remote access servers should be 373 89 42 unit should be It's something totally different. And so if you combine those
also having the motive not pick up until after four rings because a lot of these programs will try three rings and move on to the next number.
You know, you can just kind of a layer defense strategy.
I s d n one point in time was very popular because it gave the speeds faster than dial up. These pieces of information are not testable t my belief. Um, you know, if you have everything else in networking 100% and you feel like having some more trivia to put in your mind,
knock yourself out with this. But I really wouldn't worry about the details and speeds.
Ah, but it was certainly a packet of that A circuit switch Technology A s d l really kind of defeated I s t e n because it brought the prices down dramatically using, uh,
uh, you know, the idea about asymmetric is having a much faster download speed than upload.
And there are symmetric TSL lines there other variants on this. But I think if they ask you anything, which I would doubt it would be revolving around asymmetric
Now the other type of wind technologies packet switching. So when we look at packet switching, what happens is the data is chunked into packets and each packet finds its own best way to the destinations are very different than circuit switching and packet switching is faster.
So we had the X 25 network, which was the original,
not testable. I don't even think frame relay in a t M, which were certainly more recent technologies. But even those are pretty much fading out. Voight is a packet switching technology, as is NPLs, which is multi protocol labeled Switching Our cable modems. Use those,
you know. Ah, much faster. I've got the bullet point here about cable modems being always on,
and that's only because if you'll remember, when we went from the dial up to the cable modems and the D. S L modems, all of a sudden we went from having very limited access to the Internet to a connection that was always on, so that made us much more susceptible to malicious activity.
Okay, Mpls Multi protocol labeled Switching. This is layer three technology. So even though it's called switching its software that runs on the routers and it revolves around the idea of labeling, which allows prioritization of traffic So it's a very good solution
with using. You know, if you have a boyfriend, you need that quality of service
and it ultimately come sets of an end to end connection between your networks. So this would be an alternative to a VPN from your Washington D C branch to your New York office. So instead of the VPN would use an NPLs network that we release from a provider.
Ah, it kind of gives us that illusion of having exclusive operation of the equipment that we don't.
But at least we're not tunneling through the Internet.
So just a little example off on NPLs network, and we would have labeled at little edge routers on the outside. And we have certain protocols and so on, so you can take a look at this and I don't really anticipate a lot of Mpls questions. Ah, void. You know, with voy,
we've always wanted analog and digital signal on the same line. You know, we used to have analog phone lines, so we needed a modem to take digital our data from our systems and converted to go across analog phone lines and then back into digital.
Well, now that everything's digital, we need to put our analog voice over digital wines.
So what we need, Where's we used a modem in the past to take digital to analog. Now we use telephony devices, so the smartphones are our telephony devices that provide that conversion now. Like so many things, though, VoIP technology was not designed to be secure, was designed to work,
so there isn't any built in encryption. There's a built in authentication,
and so without authentication you could have issues like told fraud. Without encryption, you have eavesdropping. And that, by the way, is the greatest threat to avoid. Network is eavesdropping. Now. That doesn't mean that we can't mitigate this weekend and enable secure riel time protocol. That's what RTP stands were in this case,
but by default it was designed to use our teepee
not secure.
But the big threat is eavesdropping on mitigating strategies using secure RTP. We also have performance issues with Leighton, see and jittering, and those are all about delays late and sees a fixed delay. Jittering is a variable delay, so there's not really security issues, but certainly with performance. The two big threats
eavesdropping and told fraud
fishing is fishing using the phone. Your smartphone. Ah, spit spam over I p telephony. If you could build it, they was.

Up Next


Our free online CISSP (8 domains) training covers topics ranging from operations security, telecommunications, network and internet security, access control systems and methodology and business continuity planning.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor