Security: Do you need a networking foundation

[ewh006]

Hey please forgive me if I posted in the wrong section, I assumed this was probably the best place.

Anyway I was wanting to see what the community thought about the fact one of my friends is having this mode of thinking where he thinks:
"Security is my major, I don't need to know IP addressing and Binary to Decimal/Hex conversions. The job market is too good where I live. I will last as a security tech without not knowing much networking" -- keep in mind he's doing a online schooling program

Please tell me I am right when I say he is absolutely crazy haha.

Much love,

EwH006

 

[carnageX]

IMO, kind of depends on what kind of security he's wanting to do. If he wants to do network security, having that base networking knowledge is always a good idea.

 

[ewh006]

I'm not totally sure what he's trying to do. I just don't see how a person in security could think something like binary and hex is irrelevant to it. I mean it might not be directly related but in some aspect is what I mean. Computers are made of 1s n 0s I mean come on! I've taken the CCNA courses and am prepping to test now and I used to be like this but not as stubborn and saying screw a main thing like learning binary and hex conversion lol.

 

[DistraughtSysop]

Security is a very broad field. As carnagex mentioned, it depends on which specialization he's going for. If he's going for the application/development side, then he won't really need to know networking - however, I feel that he's going to have to change that attitude of "I don't need any more knowledge" if he's going to succeed in IT. If he doesn't know what specialization he's going for, then he needs to figure that out before he decides what kind of skillset he doesn't need.

The thing about security is that it's a good field to get into, but it's highly unlikely that he's going to land an infosec job right out of school, no matter how good the job market is. There's no such thing as entry level security and in most cases you need years of experience just to get started.

 

[ewh006]

DistraughtSysop: Ya I agree he need to change his attitude. I remember when I thought it didn't matter that I was using a calculator for binary math/subnetting/addressing ect. I found out quick and I sure am hoping something like this happens to him. I asked him last night when I saw your reply about the section of SEC hes interested in and he said probably 'networking'. I shook my head literally. He thought he was tough ******* before he started taking IT courses and he found out with his A+ course that he didn't know everything lol, I actually probably knew more and hes got 10 years on me.

I agree security is a good area no doubt, I just wonder what kind of networking even if its the smallest thing as entering an IP address and subnet mask to block as a 'security measure' is seen in SEC. Thanks for all the replies

 

[DistraughtSysop]

If he wants to get into network security then he's going to need a solid grasp of networking fundamentals, at the very least. Routing, switching, subnetting, the OSI model, etc.

I just wonder what kind of networking even if its the smallest thing as entering an IP address and subnet mask to block as a 'security measure' is seen in SEC.

As an example, these are the exam objectives for the CCNA Security certification. It's mostly proprietary to Cisco devices, but it'll give you a general idea.


Describe the security threats facing modern network infrastructures

• Describe and list mitigation methods for common network attacks
• Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks
• Describe the Cisco Self Defending Network architecture

Secure Cisco routers

• Secure Cisco routers using the SDM Security Audit feature
• Use the One-Step Lockdown feature in SDM to secure a Cisco router
• Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements
• Secure administrative access to Cisco routers by configuring multiple privilege levels
• Secure administrative access to Cisco routers by configuring role based CLI
• Secure the Cisco IOS image and configuration file

Implement AAA on Cisco routers using local router database and external ACS

• Explain the functions and importance of AAA
• Describe the features of TACACS+ and RADIUS AAA protocols
• Configure AAA authentication
• Configure AAA authorization
• Configure AAA accounting

Mitigate threats to Cisco routers and networks using ACLs

• Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets
• Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
• Configure IP ACLs to prevent IP address spoofing using CLI
• Discuss the caveats to be considered when building ACLs

Implement secure network management and reporting

• Use CLI and SDM to configure SSH on Cisco routers to enable secured management access
• Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server

Mitigate common Layer 2 attacks

• Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features

Implement the Cisco IOS firewall feature set using SDM

• Describe the operational strengths and weaknesses of the different firewall technologies
• Explain stateful firewall operations and the function of the state table
• Implement Zone Based Firewall using SDM

Implement the Cisco IOS IPS feature set using SDM

• Define network based vs. host based intrusion detection and prevention
• Explain IPS technologies, attack responses, and monitoring options
• Enable and verify Cisco IOS IPS operations using SDM

Implement site-to-site VPNs on Cisco Routers using SDM

• Explain the different methods used in cryptography
• Explain IKE protocol functionality and phases
• Describe the building blocks of IPSec and the security functions it provides
• Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM

 

[ewh006]

Cool , thanks a bunch guys!

 

[Lexluethar]

Ya needs some networking knowledge, trust me. Even if you are not sitting there chopping up networks based off of public IP's given by an ISP - you still have to have a working knowledge of how it works. Why? Well first off as a security person it is very important that you know the security associated with an IP address. Is it on your DMZ network? Is it internal? Can other devices communicate with it? These are vital questions from a security perspective.

 

[ewh006]

I completely understand what your saying Lexluethar, it baffles me that he doesn't. I still haven't shown him this thread lol. I plan on it but timing is everything

 

[Lexluethar]

Sometimes people have to make mistakes to learn. Blowing money on an unaccredited online school is an expensive lesson to learn, but sometime that's what it takes.

You can't coddle people into conforming, you have to allow people to grow and learn on their own. Offer advice, but the individual has to realize and agree with your perspective before they make any changes. Showing them threads, arguing, etc doesn't help either.