Module 01: Network Security Fundamentals- Flashcards
Process of protecting information systems or networks that store sensitive data, to make them available for the end users whenever they request access.
Information Assurance Principle of Availability
Process of authorizing users with credentials provided, by comparing them to those in a database of authorized users on an authentication server, to grant access to the network. It guarantees that the files or data phasing through the network is safe.
Information Assurance Principle of Authentication
Protects data and does not allow modification, deletion, or corruption of data without proper authorization.
Information Assurance Principle of Integrity
A service that validates the integrity of a digital signature’s transmission, starting from where it originated to where it arrived.
Information Assurance Principle of Non-repudiation
Permits only authorized users to access, use or copy information. Authentication is crucial for confidentiality. If an authorized user accesses protected information, it implies that a breach of confidentiality has occurred.
Information Assurance Principle of Confidentiality
This approach consists of methods or techniques that are used to inform decision making for countering future attacks on the target network. Threat intelligence and risk assessment are examples of methods that can be used to assess probable future threats on the organization.
Proactive Approach
Essentially consists of methods or techniques that can easily prevent threats or attacks in the target network. Firewall, NAC and NAP, and IPSec and SSL are examples of this approach.
Preventative Approach
Examines the causes for attacks in the network. These include: Fault finding mechanism such as protocol analyzers and traffic monitors, Security forensics techniques such as CSIRT and CERT, Post-mortem analysis mechanism including risk and legal assessments.
Retrospective Approach
This approach address attacks and threats that the preventative approach may have failed to avert. DoS and DDoS attacks are examples of the reactive approach. It is necessary to implement both preventative and this approach to ensure the security of the network. This includes security monitoring methods such as IDS, SIMS, TRS, and IPS.
What is the Reactive Approach?
Ensures that only users with appropriate privileges can access the system or network resources.
Authentication and Authorization
Used for the restriction of access to data according to sensitivity of data, clearance level of users, user rights, and permissions.
System Access Controls
Refers to the tracking and examining of the actives of network devices in a network. This mechanism helps in identifying weaknesses in the network.
Auditing
Protects the information passing through the network and preserve the privacy and reliability of the data.
Encryption and Protocols
Firewall and IDS are used to filter and detect malicious traffic, thus protecting the organization from threats.
Network Security Devices
Provides access to the resource indirectly. A task is possible after a user receives authorization for a primary resource through which access to the requested resource is possible.
Implicit Authorization
Maintains separate authorization for each resource request. This technique is simpler.
Explicit Authorization
Tracking the actions performed by a user on a network. IT keeps track of who, when, and how the users access the network. This includes verifying the files accessed by the user and functions such as alteration or modification of the files or data.
Accounting
Involves verifying the credentials provided by a user while attempting to connect to a network. Both wired and wireless networks perform this on users before allowing them to access the resources in the network.
Authentication
Deals with confirming the identity of a user, process, or device accessing the network. This is the most commonly used technique for authenticating the users in the network and applications.
Identification
Refers to the process of providing permission to access the resources or perform an action on the network. It can decide the user privileges and access permissions of users on a multiuser system.
Authorization
Ensures secure communications over the IP network. It works at the network layer of the communication model. It makes use of the cryptographic security services to ensure a secure communication. It allows authentication of the IP packets during communication of data. It provides authentication as well as encryption of the data passing through VPN tunnels.
IPsec
Used for sending digitally signed and encrypted messages. It allows you to encrypt email messages and digitally sign them to ensure confidentiality, integrity, and non-repudiation for messages.
S/MIME: Secure/Multipurpose internet mail extensions
Used to distribute TCP/IP configuration information to DHCP-enabled clients in the form of a lease offer.
DHCP
A standard networking protocol used for sharing files over the Internet’s TCP/IP protocols
FTP
A protocol that provides centralized authentication, authorization, and accounting (AAA) for remote access servers to communicate with a central server.
RADIUS
Application layer protocol which provides cryptographic privacy and authentication for network communication. Is an encryption and decryption computer program that is used for providing confidentiality and validation during communication. Enhances the security of emails.
PGP: Pretty Good Privacy
A protocol developed by Cisco, It primary performs AAA separately. It is primary used for device administration
TACAS+: The terminal access controller access control system plus
A TCP/IP protocol used on a LAN that helps a user or administrator to access remote computers over a network.
Telnet: Telecommunications network.
A network authentication protocol that is implemented for authenticating requests in computer networks. It is based on the client-server model, which uses an encryption technology and a “ticket” mechanism to prove the identification you a user on a non-secure network.
Kerberos
an XML-Based messaging protocol used to transmit data between computers
SOAP: The Simple Object Access Protocol
A secure version of FTP and an extension of SSH2 protocol. It is used for secure file transmission and file access over a reliable data stream.
SFTP
An application layer that manages a TCP/IP based network based on client server architecture.
SNMP
