5.2 Network Security

Question 1

What is Network Security?

Answer 1

It is the processes, practices, and technologies designed to protect networks from attacks, damages, or unauthorized access.

Question 2

Where do attacks originate from?

Answer 2

It can happen internally and externally.

Question 3

What are the kinds of security do you need to watch out for?

Answer 3

1. Physical Security
   
   1. CCTVs, Case Locks, Disabling USB Ports
2. Cloud Security
   
   1. Ensure the cloud servers you use are safe

Question 4

What should be done when checking security?

Answer 4

1. Validation
   
   1. Ensuring that data is correct and secure before processing
2. Authentication
   
   1. Ensuring that an entity is genuine, like users, product authentications.

Question 5

What are some security threats?

Answer 5

1. Unpatched Software
2. Misconfigured Access Controls
3. Social Engineering
4. Phishing
5. Shoulder Surfing
6. USB devices
7. Portable Digital Devices
8. Eavesdropping
9. Malicious Code, malware basically
10. Commercial Analysis tools

Question 6

What is Unpatched Software?

Answer 6

It is basically just un-updated software, which may have some protection holes.

Question 7

What is Misconfigured Access Control?

Answer 7

It is when an entity has permission to access something that they’re not supposed to.

Question 8

What is Phishing/Pharming?

Answer 8

It is the usage of sending emails from a ‘verified’ entity that contains malicious links that can lead to websites that download malware.

Question 9

What is shoulder surfing?

Answer 9

Someone staring at you when you type in important information.

Question 10

What is Malicious Code?

Answer 10

It is malware like:

1. viruses
2. spyware
3. things like that

Question 11

How can you identify vulnerabilities?

Answer 11

1. Penetration Testing
2. Ethical Hacking

Question 12

What is penetration testing?

Answer 12

It is basically stimulating an attack to find any weaknesses. For example, entering a random username and password just to see if it can access the site. It is normally done by an external entity.

Question 13

What are the kinds of penetration testing?

Answer 13

1. White-box pen test
   
   1. Inside attack, where attacker has some knowledge of the system
2. Black-box pen test
   
   1. Outside attack, hacking

Question 14

What is ethical hacking?

Answer 14

Hacking is finding and exploiting vulnerabilities, it is only ethical when done in a testing context. There are kinds identified by white/black/gray hat hackers. For it to be ethical, it must:

1. Have permission
2. Be worked on securely
3. notify admins when weaknesses are found

Question 15

What are Firewalls?

Answer 15

They monitor network traffic and filter data packets based on agreed rules. Routers and dedicated hardware contain firewalls, they can:

1. Block Packets
2. Connections from certain regions

Question 16

What is the structure of a data packet?

Answer 16

Header

Data

Trailer

Question 17

How do firewalls work?

Answer 17

1. Packet filtering is done by looking at the addresses on the packet header. (first generation)
2. Stateful Inspection is done by looking at the data context. (second generation)

Question 18

What are some security measures (2)?

Answer 18

1. Design Stage Planning
2. Audit Trails
3. Securing Operating Systems
4. Good Programming Practices

Question 19

What is Design Stage Planning?

Answer 19

It is threat modeling, basically just analysing vulnerabilities from a theoretical attacker’s view.

Question 20

What are Audit Trails?

Answer 20

These are system records kept, which can trace security issues.

Question 21

What is Securing Operating Systems?

Answer 21

1. Limit User Accounts
2. Directory Permissions
3. Strong Passwords
4. Limit automatic softwares
5. Install patches and update new versions