IT402: Network Security Course Overview

Study Notes

Course Overview

The course is IT402: Network Security, taught by Prof. Dr. Walid Khedr at the Department of Information Technology, Faculty of Computers & Informatics, Zagazig University.
The course covers information and network security concepts, cryptography, and network security topics.
The course has prerequisites of Computer Networks and Internet Programming.

Information Security, Cybersecurity, and Network Security

Information security refers to the preservation of confidentiality, integrity, and availability of information, as well as other properties like authenticity, accountability, nonrepudiation, and reliability.
Cybersecurity deals with measures and actions taken to prevent unauthorized access or manipulation of cyber resources within cyberspace.
Network security refers to the protection of networks and their services from unauthorized modification, disclosure, or destruction, and protecting data during transmission.

Security Objectives

The three key objectives of information and network security are:
Confidentiality: protecting data from unauthorized access or disclosure
Integrity: ensuring data and system integrity and authenticity
Availability: ensuring systems and services are accessible and usable when needed
Additional objectives include:
Authenticity: ensuring the identity of a digital object or entity
Nonrepudiation: providing proof of data origin and receipt
Accountability: tracing actions to individual entities for security breaches

Security Architecture

The ITU-T Recommendation X.800 defines a security architecture for OSI, which includes security attacks, threats, security services, and security mechanisms.
Security attacks can be passive (e.g., eavesdropping) or active (e.g., tampering).
Security services include authentication, access control, data confidentiality, data integrity, and nonrepudiation.
Security mechanisms include cryptography and other processes to detect, prevent, or recover from security attacks.

Security Violations

Examples of network security violations include:
Unauthorized access to sensitive information
Interception and alteration of messages
Unauthorized modification of authorization files
Delaying or intercepting messages to gain unauthorized access

Cryptography

Cryptography is a critical component of network and communications security, used to protect data confidentiality, integrity, and authenticity.
Cryptography involves the use of algorithms and secret keys to transform plaintext into ciphertext.

Topics Covered in the Course

The course covers topics including:
Classical encryption techniques
Block ciphers and the Data Encryption Standard (DES)
Advanced Encryption Standard (AES)
Symmetric ciphers, stream ciphers, and public-key cryptography
Hash and MAC algorithms, digital signatures, and key management
Network security topics, including transport-level security, blockchain protocol, Tor protocol, wireless network security, IP security, and SET protocol.

Description

This quiz is about the course overview of Network Security (IT402) at Zagazig University's Faculty of Computers & Informatics. It covers the introduction to the course, lecturer details, and course information.