In this chapter, you learned about the identification of network-related risks and pertinent controls. You explored different components of the network, including repeaters, hubs, switches, routers, and firewalls. You also learned about the basic structure of OSI layers and network physical media. The following are some important topics you covered in this chapter: • Optical fiber is a thin and flexible piece of fiber made of glass or plastic. Fiber-optic cables are considered to be more secure than copper wire. Fiber optics is the preferred choice for managing long-distance networks and handling high volumes of data. They are not impacted or affected by EMI and have very marginal transmission loss. • The most stringent and robust configuration setting in firewall rules is "deny all traffic and allow specific traffic" (as opposed to "allow all traffic and deny specific traffic"). This restricts unknown traffic from entering critical systems and networks. • A screened subnet firewall (demilitarized zone) is regarded as the most secure type of firewall implementation. A screened subnet firewall consists of two packet filtering routers and one bastion host. It provides the greatest security environment. A screened subnet firewall is also used as a demilitarized zone (DMZ). • A VPN uses data encapsulation or the tunneling method to encrypt the traffic payload for secure transmission of data. A VPN uses the IPSec tunnel mode or the IPSec transport mode. The IPSec tunnel mode is used to encrypt the entire packet, including the header, while the IPSec transport mode is used to encrypt only the data portion of the packet. • A digital signature helps to authenticate users in an untrusted network environment. Digital signatures are a good method of securing email transmissions because they cannot be forged as they are encrypted. A digital signature is used to track the sender and helps to detect spam messages. • War driving is a technique used by a hacker to search for wireless networks from a moving car or vehicle using a laptop or other wireless devices with hacking tools or software. The same technique is used by IS auditors to test the wireless security of an organization. In the next chapter, you will study cryptography and other emerging technologies, such as cloud computing, mobile computing, virtualization, and the Internet of Things. In cryptography, you will explore the elements of public key infrastructure and the functions of symmetric as well as asymmetric keys.