Network security Flashcards
What is network security
Activities designed to protect a network and its data from threats such as viruses, hacker attacks, denial of service attacks, data interception and theft and equipment failure
These activities protect data from threats to its confidentiality, correctness (integrity) and availability
What is confidentiality
A situation where you would expect something to be kept a secret
What are ways to protect data confidentiality
Ensuring only authorized users can access the parts of a network and its resources that they have reason to require, such as data (storage), internet connection
Stopping misuse- even users who have been given permission to access to a network might deliberately or accidently access data without proper permission
Encrypting data- encrypted data cannot be read without the encryption key
What is correctness/integrity
Data stored should not be changed without proper authorization
Availability, why might a network fail
Hardware failure
Program code might get corrupted
Virus attack
Denial of Service (DOS) attakcs
What can DOS attacks do?
Slowdown network performance or stop it all together
Delete data
Alter data or program code
Allow data to be stolen or eavesdropped on
What are the reasons why security is important
Required for the smooth and efficient running of a organization
Private and confidential- data that people or business would not want to make public. There is legal requirement to keep personal data secure and if data is leaked the company can be sued
Financially valuable
What are methods used to secure a network
Authentication
Access control
Firewall
Physical security
What is authentication
Process of checking the identify of a user of a computer system or network often done by validating a username and password against details stored on a central computer/server
What are some methods of authentication
PIN (personal identification number)
Fingerprint recognition
Two-factor authentication
What is two-factor authentication
A security check where users have to type in the code from a portable hardware device called ‘secure token’ or from an SMS message sent to their mobile phones
What is access control
This is a method that control whether a particular user will gain access to a particular file
This will decide if user gets
-Read only access- only read the contents of the file but not modify or delete
-Modify access- read, alter, or modify and write/save the changes to the file
This prevents accidental or deliberate erasing or modifying of data
Access controls are set up by an organistion’s system administrators according to the management’s requirements- according to the user’s duties and responsibilities
What is Firewall
Monitors and controls data that is moving from one network to another. It sits between the internet and the local internal network
This can be software or hardware or a combination of both
It inspects incoming and outgoing data and uses a set of rules (often known as firewall policy) to decide whether to allow the data or not
The organisations can customize the rules do the firewall is suitable for their particular circumstances
These rules can
-Stop certain protocols from being used e.g. FTP to prevent data being copied from an external server
-Block data coming from or going to certain network addresses
-Stop hacking the internal server
Individual computers are likely to have software firewalls installed with some default riles to protect from common threats
LAN and internet connection likely to have hardware based firewall because these are much more flexible in terms of the rules that can be applied and allow faster throughput of data
What is Physical security
Ensures that critical parts of a network can only be physically accessed by authorized people
What is cloud storage security
Cloud storage provider needs to ensure
-that data is accessible and they maintain the system
-availability of extra storage
-Data is protected
-Maintain backups
