From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 3 Endpoint Protection and Secure Access
Unlock this course with a free trial
Join today to access over 22,500 courses taught by industry experts.
NTP
- NTP or Network Time Protocol is another protocol known to be used for data exfiltration. Time synchronization in a network is a critical part of managing, securing, planning and debugging our operations. Without synchronized time we are unable to correlate our logs correctly. Something that is not only a best practice but something that is also regulated by things such as SOX and HIPAA. If NTP packets are exchanged between unprotected clients and an NTP server, these packets have the ability to be dropped or modified which can lead to the degradation of time synchronization in our network. In regard to data exfiltration, the contents of the NTP packets could also be altered and those could be potentially pointed to a rogue server that is under the control of the attacker, creating an avenue for potentially introducing harmful data into our clients. Every enterprise network should be running the NTP protocol and that presents a problem because this leaves a well-known port open in…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
Guest services6m 48s
-
Profiling7m 32s
-
BYOD policies5m 52s
-
802.1X11m 11s
-
MAB4m 56s
-
WebAuth7m 43s
-
DNS tunneling3m 15s
-
HTTPS3m 50s
-
Email3m 12s
-
File transfer protocols3m 54s
-
ICMP4m 8s
-
NTP3m 34s
-
Cisco Stealthwatch6m 58s
-
Cisco Stealthwatch cloud5m 53s
-
Cisco pxGrid4m 10s
-
Cisco CTA and ETA6m 23s
-
Cisco AnyConnect Network Visibility Module (NVM)3m 26s
-
-