Computer Network Security Overview

Study Notes

Computer network security focuses on protecting all network components from unauthorized access, data theft, misuse, and data modification.
It aims to proactively defend against internal and external threats.
The main objective of network security is to ensure confidentiality, integrity, and availability of data (CIA Triad).

A resource is anything valuable to an organization that needs protection.
A vulnerability is a system weakness that can be exploited by a threat.
A threat is a potential danger to a resource or network function.
An attack is an action taken to harm a resource.
A risk is the potential for resource loss, modification, destruction, or other negative consequences.

Authentication verifies user or system identity.
Authorization grants and denies access based on permissions or privileges.
Non-repudiation provides proof of actions or transactions, preventing denial of involvement.

Data encryption converts data into a coded format for security.
Network segmentation divides networks into smaller segments to limit the impact of breaches.
Intrusion detection monitors systems for unauthorized access and suspicious activities.

Intrusion prevention proactively blocks unauthorized access and malicious activities.
Patch management updates systems and software to address known vulnerabilities.
Vulnerability assessment identifies and evaluates system weaknesses to proactively address security risks.

Access control regulates resource access based on authentication, authorization, and security policies.
Security awareness training educates users about best practices and potential threats.
Data backup and recovery creates and maintains data copies for restoration in case of loss or disaster.

Secure software development integrates security practices into the software development lifecycle.
Penetration testing simulates controlled attacks to identify and address security weaknesses.
Mobile device security protects mobile devices and data from security threats.

Cloud security ensures the security of data and applications in cloud environments, addressing specific cloud risks.
"Hackers" are individuals with technical computer skills often associated with breaching cybersecurity defenses.

White hat hackers perform security audits to test network protection.
Black hat hackers use their skills for illegal activities, like data theft and system infiltration.
Gray hat hackers are a mix of white and black hat hackers.
Blue hat hackers are motivated by revenge or seeking internet fame.
Green hat hackers seek to learn more about the hacking world.
Red hat hackers aim to stop black hat hackers.
Script-kiddies have basic IT security skills and use readily available tools.
Hacktivists are driven by ideological motives.
Phreakers specialize in attacking telephone systems.
Carders specialize in attacking smart card systems.

Malicious code (malware) is software designed to harm or exploit computer systems or networks.
It includes viruses, worms, Trojans, ransomware, spyware, and adware.

Viruses attach to software to perform undesirable functions.
Worms exploit vulnerabilities to slow down networks and can duplicate themselves.
Spyware collects user information and tracks browsing activity.
Adware displays advertisements without user permission.
Scaryware convinces users of false threats to sell software.
Trojan horses appear useful but have hidden malicious behavior.
Ransomware encrypts systems and demands ransom for decryption.