Computer Science Module: Network Security

Questions and Answers

What is the primary purpose of network security?

• To enhance user experience
• To simplify network configurations
• To increase internet speeds
• To protect vital information (correct)

Which statement accurately describes a firewall?

• It is ineffective against modern security threats
• It allows unlimited access to all ports
• It controls access to a network through specific rules (correct)
• It is solely a hardware solution

What is one of the common security attacks associated with network vulnerabilities?

• Data compression
• Packet sniffing (correct)
• Network optimization
• Data integrity check

Why is it important to keep firewalls updated?

To adapt to new security vulnerabilities (C)

What does a Denial of Service attack aim to achieve?

To render a server unavailable (A)

Which method is commonly used for user authentication in network security?

Biometrics (B)

What characterizes packet filtering firewalls?

They inspect data packets against filtering rules (B)

Which of the following is a vulnerability that can affect network security?

Outdated software having security flaws (C)

What is the purpose of well-known port numbers?

To identify specific service types on a host (B)

Which TCP port is associated with the Hypertext Transfer Protocol (HTTP)?

80 (C)

Which attack type aims to overload a network service to make it unusable?

Denial of Service (A)

What does a Dictionary Attack target?

User passwords (C)

What is a primary function of Packet Sniffing?

To listen to unencrypted data on a network (A)

Which of the following protocols is used for securing IP communications by encrypting packets?

IPSec (B)

How can data be secured against malicious data insertion in TCP streams?

By utilizing secure encryption protocols (C)

What is a method through which individuals can be manipulated to give up information?

Social Engineering (C)

Flashcards

Network Security

Measures taken to protect network resources from unauthorized access, use, disclosure, disruption, modification, or destruction.

Firewall

A security system that controls the flow of network traffic by filtering incoming and outgoing packets based on rules.

Packet Filtering Firewall

A type of firewall that examines and filters individual data packets based on predefined rules.

Denial of Service (DoS) Attack

An attack that attempts to make a computer or network resource unavailable to its intended users.

TCP Attack (Spoofing)

A network attack that involves tricking a system into believing that the attacker is a legitimate user, sometimes used for DoS.

Packet Sniffing

The act of capturing and examining network packets without authorization.

Social Engineering

Manipulating people into revealing sensitive information or performing actions that compromise security.

Network Port

A unique number assigned to a specific network service or application.

What is a port number?

A unique number assigned to a specific service on a host, like HTTP or FTP. It helps identify which service you're trying to connect to.

TCP Ports

Numbers used for common communication services like FTP (21), SSH (22), and HTTP (80). They're like specific channels for data.

What's a dictionary attack?

Trying to guess passwords by attempting every word in a list, like a dictionary.

What is a DoS attack?

Overloading a server or network with requests, making it unavailable to legitimate users.

What is packet sniffing?

Intercepting and examining network packets without permission, allowing attackers to see sensitive data.

What is social engineering?

Manipulating people into revealing confidential information, like passwords or account details.

What is HTTPS?

A secure version of HTTP that encrypts data before transmission, protecting it from snooping.

IPSec

A protocol suite for securing IP communications by authenticating and encrypting each packet.

Study Notes

International & Access Foundation Programmes - Computer Science Module, Semester 2, Part 5: Networks - Network Security

• Overview of Network Security:
  • What is network security?
  • Why is network security needed?
  • Who are the vulnerable parties?
  • Common security attacks and countermeasures
  • Firewalls & Intrusion Detection Systems
  • Denial of Service Attacks
  • TCP Attacks (Spoofing)
  • Packet Sniffing
  • Social Engineering

Why Network Security Is Needed

• Protecting sensitive information, such as trade secrets, medical records, and personal data, while allowing access to authorized users.
• Providing authentication and access control for resources.
• Mechanisms like logins, passwords, and biometrics.
• Maintaining resource availability and reliability (99.995% uptime).

Firewalls

• Basic Problem: Network applications and protocols can have security issues requiring periodic updates.
• Difficulty: Keeping up with these updates for users and keeping their systems secure.
• Solution: Firewall administratort limit access to end hosts by using firewalls. Firewalls kept updated by administrators.
• Analogy: Firewall as a castle with a drawbridge - only one access point. Can have positive and negative aspects.
• Types: Hardware-based (within routers) or software-based (integrated within operating systems like Unix, Windows XP/7/8, and Mac OS X).
• DMZ (De-militarized Zone): A security zone separating the internal network (intranet) from the internet. Web servers, email servers, and web proxies are housed in the DMZ.

Firewalls - Packet Filtering

• Used to filter incoming and outgoing network packets; this filtering happens based on pre-set rules.
• The way a typical default Window's 7 install. filters packets:
  • 135/tcp open loc-srv
  • 139/tcp open netbios-ssn
  • 445/tcp open microsoft-ds
  • 1025/tcp open NFS-or-IIS
  • 3389/tcp open ms-term-serv
  • 5000/tcp open UPnP

Ports

• Ports are endpoints of communication in an operating system within the internet protocol suite.
• 1024 well-known port numbers are reserved to indicate specific service types on a host.
• Each port is always linked to an IP address.

Typical TCP Ports

• 21 File Transfer Protocol (FTP)
• 22 Secure Shell (SSH)
• 23 Telnet remote login service
• 25 Simple Mail Transfer Protocol (SMTP)
• 53 Domain Name System (DNS) service
• 80 Hypertext Transfer Protocol (HTTP)
• 110 Post Office Protocol (POP3)
• 119 Network News Transfer Protocol (NNTP)
• 123 Network Time Protocol (NTP)
• 143 Internet Message Access Protocol (IMAP)
• 161 Simple Network Management Protocol (SNMP)
• 194 Internet Relay Chat (IRC)
• 443 HTTP Secure (HTTPS)

Types of Attacks

• Intrusion Detection: Monitors for suspicious activity using well-known behavioral patterns.

• Dictionary Attack (Brute Force): Tries various passwords from a dictionary to gain unauthorized access.

• Denial of Service (DoS): Overloads a network service to make it unavailable.

• TCP Attacks: Attackers create IP packets for malicious purposes affecting destination addresses or inserting malicious code into TCP streams that appear to come from another source.

• Packet Sniffing: Monitoring network traffic to capture data like passwords. Encryption methods like SSL protect against packet sniffing by encrypting the data.

• Social Engineering: Manipulating people to reveal sensitive information.

• IPSec (Internet Protocol Security): A protocol suite that secures Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session.