This course introduced the concepts and principles of network security. It provided a good combination of concepts, designs, and component level considerations. Additionally, it provided hands-on exercises to help me become familiar with many of the industry tools used for network visualization and monitoring. This definitely one of my favorite courses.

There are several key lessons I learned from this course. I learned a great deal about the tools of the trade. Not only did I learn how to use these tools, but for a large number of them, I learned how to troubleshoot to get them operational – missing services, permissions, etc. As result of these exercises, my Linux skills greatly increased, especially with regards to network configurations – I am now a master of the ipconfig command :-).

Another lesson was the importance of having a test environment, and ensuring that environment is properly maintained. This lesson did not come easy as I had several system malfunctions (probably user error) that caused tremendous amounts of downtime. Virtual labs are great to experiment exploits and test security tools, it is acceptable to break the systems, however having backup images of the systems is highly recommended – this would have come in handy for me more than once.

Perhaps the most impactful lesson learned is the ease of which network information can be collected and analyzed – with password crackers or packet analyzers (like Wireshark). There is a great deal of network information that can be easily gathered to help an adversary attack the network or its users (e.g. social engineering). All the tools are easily found on internet and can be utilized with very little experience and training. For example, I was able to operate and become fairly proficient with Kismet in just a couple of hours.

Overall, the lesson to take-away is that systems and networks must be continuously protected. In order to do this, they must be continuously monitored. New systems, rogue systems, network access points, or any configuration changes could potentially expose the business to new threats. Security professionals need to be armed with the same tools and techniques that an attacker employs. These, along with enterprise security tools, can help stay vigilant against the cybersecurity threats.

You can see my final project here.