Computer Science Module: Network Security

Questions and Answers

What is the primary purpose of network security?

To enhance user experience

To simplify network configurations

To increase internet speeds

To protect vital information (correct)

Which statement accurately describes a firewall?

It is ineffective against modern security threats

It allows unlimited access to all ports

It controls access to a network through specific rules (correct)

It is solely a hardware solution

What is one of the common security attacks associated with network vulnerabilities?

Data compression

Packet sniffing (correct)

Network optimization

Data integrity check

Why is it important to keep firewalls updated?

To adapt to new security vulnerabilities (C)

What does a Denial of Service attack aim to achieve?

To render a server unavailable (A)

Which method is commonly used for user authentication in network security?

Biometrics (B)

What characterizes packet filtering firewalls?

They inspect data packets against filtering rules (B)

Which of the following is a vulnerability that can affect network security?

Outdated software having security flaws (C)

What is the purpose of well-known port numbers?

To identify specific service types on a host (B)

Which TCP port is associated with the Hypertext Transfer Protocol (HTTP)?

80 (C)

Which attack type aims to overload a network service to make it unusable?

Denial of Service (A)

What does a Dictionary Attack target?

User passwords (C)

What is a primary function of Packet Sniffing?

To listen to unencrypted data on a network (A)

Which of the following protocols is used for securing IP communications by encrypting packets?

IPSec (B)

How can data be secured against malicious data insertion in TCP streams?

By utilizing secure encryption protocols (C)

What is a method through which individuals can be manipulated to give up information?

Social Engineering (C)

Study Notes

International & Access Foundation Programmes - Computer Science Module, Semester 2, Part 5: Networks - Network Security

• Overview of Network Security:
  • What is network security?
  • Why is network security needed?
  • Who are the vulnerable parties?
  • Common security attacks and countermeasures
  • Firewalls & Intrusion Detection Systems
  • Denial of Service Attacks
  • TCP Attacks (Spoofing)
  • Packet Sniffing
  • Social Engineering

Why Network Security Is Needed

• Protecting sensitive information, such as trade secrets, medical records, and personal data, while allowing access to authorized users.
• Providing authentication and access control for resources.
• Mechanisms like logins, passwords, and biometrics.
• Maintaining resource availability and reliability (99.995% uptime).

Firewalls

• Basic Problem: Network applications and protocols can have security issues requiring periodic updates.
• Difficulty: Keeping up with these updates for users and keeping their systems secure.
• Solution: Firewall administratort limit access to end hosts by using firewalls. Firewalls kept updated by administrators.
• Analogy: Firewall as a castle with a drawbridge - only one access point. Can have positive and negative aspects.
• Types: Hardware-based (within routers) or software-based (integrated within operating systems like Unix, Windows XP/7/8, and Mac OS X).
• DMZ (De-militarized Zone): A security zone separating the internal network (intranet) from the internet. Web servers, email servers, and web proxies are housed in the DMZ.

Firewalls - Packet Filtering

• Used to filter incoming and outgoing network packets; this filtering happens based on pre-set rules.
• The way a typical default Window's 7 install. filters packets:
  • 135/tcp open loc-srv
  • 139/tcp open netbios-ssn
  • 445/tcp open microsoft-ds
  • 1025/tcp open NFS-or-IIS
  • 3389/tcp open ms-term-serv
  • 5000/tcp open UPnP

Ports

• Ports are endpoints of communication in an operating system within the internet protocol suite.
• 1024 well-known port numbers are reserved to indicate specific service types on a host.
• Each port is always linked to an IP address.

Typical TCP Ports

• 21 File Transfer Protocol (FTP)
• 22 Secure Shell (SSH)
• 23 Telnet remote login service
• 25 Simple Mail Transfer Protocol (SMTP)
• 53 Domain Name System (DNS) service
• 80 Hypertext Transfer Protocol (HTTP)
• 110 Post Office Protocol (POP3)
• 119 Network News Transfer Protocol (NNTP)
• 123 Network Time Protocol (NTP)
• 143 Internet Message Access Protocol (IMAP)
• 161 Simple Network Management Protocol (SNMP)
• 194 Internet Relay Chat (IRC)
• 443 HTTP Secure (HTTPS)

Types of Attacks

• Intrusion Detection: Monitors for suspicious activity using well-known behavioral patterns.

• Dictionary Attack (Brute Force): Tries various passwords from a dictionary to gain unauthorized access.

• Denial of Service (DoS): Overloads a network service to make it unavailable.

• TCP Attacks: Attackers create IP packets for malicious purposes affecting destination addresses or inserting malicious code into TCP streams that appear to come from another source.

• Packet Sniffing: Monitoring network traffic to capture data like passwords. Encryption methods like SSL protect against packet sniffing by encrypting the data.

• Social Engineering: Manipulating people to reveal sensitive information.

• IPSec (Internet Protocol Security): A protocol suite that secures Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session.

Description

Explore the essentials of network security in this Computer Science module. Learn about common security threats, the importance of protecting sensitive information, and the roles of firewalls and intrusion detection systems. This quiz covers various aspects of network security and countermeasures to safeguard data.