Network Security Fundamentals

Network Security

• Definition: Protecting computer networks from unauthorized access, use, disclosure, disruption, modification, or destruction of computer network resources.
• Threats:
  • Malware (viruses, worms, Trojan horses)
  • Unauthorized access (hacking)
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
  • Insider threats
• Security measures:
  • Firewalls
  • Virtual Private Networks (VPNs)
  • Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
  • Network segmentation
  • Secure protocols (HTTPS, SSH)

Cybersecurity

• Definition: Protecting computer systems, networks, and sensitive information from cyber threats and attacks.
• Threats:
  • Phishing and social engineering
  • Ransomware and malware
  • Advanced Persistent Threats (APTs)
  • Insider threats
  • Nation-state attacks
• Security measures:
  • Implementing security policies and procedures
  • Conducting regular security audits and risk assessments
  • Training employees on cybersecurity best practices
  • Implementing incident response and disaster recovery plans
  • Using security information and event management (SIEM) systems

Vulnerability Management

• Definition: Identifying, classifying, prioritizing, and remediating vulnerabilities in computer systems and networks.
• Steps:
  1. Vulnerability identification: Identifying potential vulnerabilities through scanning and testing.
  2. Vulnerability classification: Classifying vulnerabilities based on severity and impact.
  3. Vulnerability prioritization: Prioritizing vulnerabilities based on risk and impact.
  4. Remediation: Implementing fixes, patches, or workarounds to remediate vulnerabilities.
• Tools:
  • Vulnerability scanners (Nessus, OpenVAS)
  • Configuration compliance scanners (OpenSCAP)
  • Penetration testing tools (Metasploit)

Access Control

• Definition: Restricting access to computer systems, networks, and sensitive information to authorized individuals.
• Types:
  • Physical access control: Controlling physical access to systems and data.
  • Logical access control: Controlling access to systems and data through digital means.
• Mechanisms:
  • Authentication (username/password, biometric, token-based)
  • Authorization (role-based access control, mandatory access control)
  • Accountability (logging and auditing)
• Models:
  • Discretionary Access Control (DAC): Access control based on user identity.
  • Mandatory Access Control (MAC): Access control based on system rules.

Data Encryption

• Definition: Converting plaintext data into unreadable ciphertext to protect it from unauthorized access.
• Types:
  • Symmetric encryption: Using the same key for encryption and decryption.
  • Asymmetric encryption: Using a pair of keys (public and private) for encryption and decryption.
• Algorithms:
  • AES (symmetric)
  • RSA (asymmetric)
  • Hash functions (SHA, MD5)
• Uses:
  • Secure data transmission (HTTPS, SFTP)
  • Secure data storage (encrypted files, encrypted databases)
  • Digital signatures and authentication

Network Security

• Protects computer networks from unauthorized access, use, disclosure, disruption, modification, or destruction of computer network resources.
• Threats include malware, unauthorized access, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, and insider threats.
• Security measures include firewalls, Virtual Private Networks (VPNs), Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), network segmentation, and secure protocols (HTTPS, SSH).

Cybersecurity

• Protects computer systems, networks, and sensitive information from cyber threats and attacks.
• Threats include phishing and social engineering, ransomware and malware, Advanced Persistent Threats (APTs), insider threats, and nation-state attacks.
• Security measures include implementing security policies and procedures, conducting regular security audits and risk assessments, training employees on cybersecurity best practices, implementing incident response and disaster recovery plans, and using security information and event management (SIEM) systems.

Vulnerability Management

• Identifies, classifies, prioritizes, and remediates vulnerabilities in computer systems and networks.
• Involves vulnerability identification, classification, prioritization, and remediation.
• Tools include vulnerability scanners (Nessus, OpenVAS), configuration compliance scanners (OpenSCAP), and penetration testing tools (Metasploit).

Access Control

• Restricts access to computer systems, networks, and sensitive information to authorized individuals.
• Types include physical access control and logical access control.
• Mechanisms include authentication (username/password, biometric, token-based), authorization (role-based access control, mandatory access control), and accountability (logging and auditing).
• Models include Discretionary Access Control (DAC) and Mandatory Access Control (MAC).

Data Encryption

• Converts plaintext data into unreadable ciphertext to protect it from unauthorized access.
• Types include symmetric encryption and asymmetric encryption.
• Algorithms include AES (symmetric), RSA (asymmetric), and hash functions (SHA, MD5).
• Uses include secure data transmission (HTTPS, SFTP), secure data storage (encrypted files, encrypted databases), digital signatures, and authentication.