1
00:00:00,170 --> 00:00:02,270
Understanding network maps.

2
00:00:02,300 --> 00:00:05,000
Network maps in cybersecurity are.

3
00:00:05,030 --> 00:00:11,810
Network topology graphs that describe the physical and or logical relationship and configuration between

4
00:00:11,810 --> 00:00:17,630
links, which is communication connections and nodes, which is devices in the network.

5
00:00:17,750 --> 00:00:23,330
To better understand the concept, consider road maps or maps in Atlas.

6
00:00:23,720 --> 00:00:31,740
These describe physical locations, geographic features, political borders and the natural landscape.

7
00:00:31,760 --> 00:00:35,150
Information about roads, which is these are the links.

8
00:00:35,150 --> 00:00:41,690
So these their name, orientation length and intersections between other roads.

9
00:00:42,230 --> 00:00:49,460
And these can be used to navigate between different locations, which is nodes.

10
00:00:49,790 --> 00:00:53,810
Now, let's consider the following hypothetical scenario.

11
00:00:53,840 --> 00:01:00,240
Imagine you live in a world where roads and buildings spontaneously appear or vanish in the blink of

12
00:01:00,240 --> 00:01:01,080
an eye.

13
00:01:01,140 --> 00:01:07,050
Gpes exists and you have the coordinates of where you are and where you want to go.

14
00:01:07,050 --> 00:01:13,260
But you must try to get there by following a bewildering network of constantly changing roads.

15
00:01:13,290 --> 00:01:21,390
Fortunately, navigational features, which is routers, are placed at every crossroads to help travelers

16
00:01:21,390 --> 00:01:23,700
like you find their way.

17
00:01:24,000 --> 00:01:33,390
These routers are constantly calling their neighboring routers to learn what routes and locations are

18
00:01:33,390 --> 00:01:39,510
open so they can update their routing table and kept on a clipboard.

19
00:01:39,540 --> 00:01:47,400
You must stop at every intersection and ask the router for directions to the next corner by showing

20
00:01:47,400 --> 00:01:54,690
them your travel card, which has your intended destination coded in the GPS coordinates.

21
00:01:55,140 --> 00:02:02,670
The router checks their clipboard for currently open routes while making some calculations.

22
00:02:02,670 --> 00:02:09,480
Quickly points you in a direction stamps your travel card with a router's address hole punches your

23
00:02:09,480 --> 00:02:16,560
travel card to track the number of routes you have checked in within your journey and sends you off

24
00:02:16,560 --> 00:02:17,820
to the next router.

25
00:02:18,120 --> 00:02:22,740
You repeat this process until you reach your destination.

26
00:02:22,830 --> 00:02:31,800
Now imagine this world's cartographers who would have likely given up on producing accurate maps, unable

27
00:02:31,800 --> 00:02:35,370
to keep up with the ever changing network.

28
00:02:35,640 --> 00:02:42,330
These mapmakers would have to be satisfied with a labeling key landmarks and points of interest, with

29
00:02:42,330 --> 00:02:48,870
generic names and routing through the lines between these points to indicate that the path of some sort

30
00:02:48,870 --> 00:02:50,400
of exists between them.

31
00:02:50,610 --> 00:02:58,440
This hypothetical situation is in fact what exists in cyberspace, and it's why network maps are not

32
00:02:58,440 --> 00:03:04,470
as accurate and their maintenance is not as prioritized as it should be.

33
00:03:04,680 --> 00:03:12,840
The lack of high quality, comprehensive network maps is a recognized challenge for cyber security organizations.

34
00:03:12,870 --> 00:03:20,340
If an organization has a map at all, it's typically provided to the security Operations Center As or

35
00:03:20,340 --> 00:03:29,430
C to illustrate where sensors or security devices are in the flow of data and to better understand packet

36
00:03:29,430 --> 00:03:33,540
captures, firewall rules, alerts and system logs.

37
00:03:33,540 --> 00:03:39,180
However, it's probably also abstract, describing only basic features such as boundaries for the internet,

38
00:03:39,180 --> 00:03:42,210
perimeter network and intranet.

39
00:03:42,510 --> 00:03:50,430
The general location of edge routers or firewalls and unspecified network boundaries and conceptual

40
00:03:50,430 --> 00:03:54,690
arrangements indicated by cloudly bubbles.

41
00:03:54,990 --> 00:04:02,030
An example of underdeveloped yet common network map available to cyber security and IT professionals.

42
00:04:02,040 --> 00:04:04,920
You can see here on the screen.