I am sharing 'Networking (1)' with you.pdf

Full Transcript

Standalone device - a self-contained device or a system that can perform its functions without
the assistance of any other device or connection. These devices do not need to communicate
with any other device.

Networks are a collection of computers and devices connected by communication channels
that facilitate user communication and allow users to share resources.

Networks can be internal to an organisation or used by users to connect the world to the
Internet. The main reason for a network's existence is to share information, such as
spreadsheet files, database records, email feeds, and anything that helps someone get their job
done. Sharing resources such as servers, printers, and software makes networks valuable.

For successful communications to occur a network needs:
A sending device, such as a notebook computer, initiates an instruction to transmit
data, instructions or information.
A communications device, such as a wireless adaptor inside a notebook computer to
forward packets of data, instructions or information from a sending device via signals
carried by a communications channel.
A communications channel or transmission media, such as a cable or radio waves,
through which the digital signals travel.
A communications device such as a wireless router, receives the signals from the
communications channel and forwards the packets to the receiving device.
A receiving device such as a printer that accepts the data, instruction or information

Devices such as personal computers, tablets and mobile phones are types of sending devices
that can also be receiving devices. These types of devices usually have a built-in
communications device.

Data, instructions, and information travel along a communications channel in the form of a
digital signal.

Digital signal - consists of individual electrical pulses that represent the bits grouped into
bytes.

Advantages of networks:
Sharing data and information - when devices are connected, they are then able to
share information and data as a file on one device can be accessed by another device.
Communication - Users can connect through emails, video conferencing, and online
chatting through the connection of network devices.
Hardware and software sharing - When devices are connected and can communicate,
they can also share other digital system resources.

Types of networks
Networks can be categorised into two groups which are either the Local Area Network
(LAN) or a Wide Area Network. The type of network refers to the area over which the
network provides connectivity.

Local Area Network

This type of network can connect computers and devices in a limited geographical area, such
as a home, school, or office building. Each device on the network is referred to as a node.
These nodes in LAN are connected through cables. Newer networks now use wireless
transmission media. A wireless local area network also known as a WLAN uses no physical
wires or cables but rather uses wireless media such as radio waves. However, if a computer or
a device attempt to use a WLAN it must have a wireless capability whether is it built-in or ad
hoc using a USB wireless receiver. A WLAN will communicate with a wired LAN for access
to its resources such as software, hardware, and the internet.

A network architecture contains logical designs of the components of the network and
includes the number and types of servers, workstations, and network resources. This includes
the communications devices and the types of physical and wireless transmission media used
to connect components.

Home networks:

Multiple devices can connect with a home network. The advantages of a home network
include the following:

Desktop computers, notebooks, tablets and smartphones can all communicate with
each other.
All computers can be connected to the internet at the same time.
All computers can share peripherals such as a scanner, printer, or a network-attached
storage device.
Each networked computer can play multiplayer games with players on other
computers in the house.
Smart TVs can connect to the internet.

Wide Area Network (WAN)
This type of network is situated in more than one geographical location. This often consists of
two Local Area Networks in different locations that can communicate with each other using
an internet connection.

Example:

Two offices, with its own Local Area Network, can communicate with each other using an
internet connection.

Difference between Local Area Network and Wide Area Network
A Wide Area Network uses Third-party transmission media are transmission media that
belong to another organisation. This will often be a telecommunication organisation such as
Telstra or Optus. Once an organisation uses third-party transmission, it starts to lose some
control over the network and the potential for data threats increases.

This is what a home network looks like:

Network Architecture
This refers to the layout of the network, including the hardware, software, protocols and
transmission media used. Each type of network can be categorised further by its architecture.
There are two common types of network architecture a peer-to-peer network and a client-
server network.

Peer-to-peer network

This is a simple, inexpensive network that is typically used to connect organisations or
groups of people with fewer than 10 computers. Each computer on a peer-to-peer network
can share hardware (such as a printer) data or information that is located on any other
computer in the network. Each computer can store files on its storage device or another
computer. Within each computer, the network contains both a client operating system like the
“Home” versions of Windows) with basic networking capabilities and application software.
All computers on the network share any peripheral device attached to any computer.

For example: one computer may have a laser printer and a scanner, whereas another may
have an ink-jet printer. They may also share a network-attached storage device (NAS) with a
movie and music repository. Peer-to-peer networks are popular in homes where a login server
is neither necessary nor practical.

Client-server network

This server is sometimes called a host computer and controls the access to the hardware and
software on the network and provides a centralised storage area for programs, data and
information. Besides storage capacity, a server allows for file sharing, website hosting, email
management and access to shared printers. The other computers of the network would be
called clients and rely on the server for these resources.

For example:

A server in a school’s administration might store a database of student details. Every client on
the network can access this database on the server.

The costs related to a server-based network are significantly higher than those for a peer-to-
peer network. This equipment is not only necessary to construct u networks more expensive
but a client-server network also requires ongoing technical support to maintain the
sophisticated hardware and software. However, there is a positive side which is that there are
clear economies of scale as the cost of adding clients that share the server’s resources
becomes relatively less.

There is one major difference between the server computer and the client computer is that the
server has more storage space and power. There are some servers called dedicated servers.
Dedicated servers perform specific tasks. For example, a file server stores and manages files.
Each user on the Local Area Network can share files or program steps on a file server.

A print server manages printers and print jobs. Print hobs received from
Print
users on the LAN are queued on the print server in the order of their
Server
arrival and fed to the various network printers on one document at a time.
Database
A database server stores and provides access to a database.
server
Network
A network server manages network traffic.
server

Several servers are often configured in a type of rack which makes it easier to manage the
cables and the power supplies. The server rack is often located in a specialised room where
the temperature is kept cool to offset the amount of heat generated by the power-hungry
servers.

In the past, network administrators were used to dedicate each server to a particular task. The
use of one application per serve made it easy to track administrators down any problems that
arose. However, this does not take advantage of the processing power of modem servers. A
large storage room is also required as the number of servers is increased.

In the present many servers in networks are virtual rather than physical. Specifically designed
software is used to convert one physical server into many virtual servers, each responsible for
a particular purpose.

A client-server LAN can connect a smaller number of computers, it is typically most efficient
for it to connect 10 or more computers. Most client-server LANs have a network
administrator due to their large size.

administrator

Network Administrator — is the operations person in charge of the network.

Many schools have a client-server network installed. This allows staff and students to store
data on shared drives.

Wireless Personal Area Networks (WPANs)
Personal Area Network (PAN) - is a computer network for connecting an individual’s devices
within a limited range.
A Wireless Personal Area Network (WPAN) - is a type of personal network that uses
wireless transmission media to transfer data between a user’s devices. It allows a person to
connect their devices and access the Internet on a local network using wireless
communication techniques. A WPAN is also known as a short-range wireless network.

Some common types of devices that are found within a WPAN are desktops, laptops, smart
televisions, wearable technology, smartphones and speakers.

A WPAN may use these wireless communication standards:

802.11(x)
Bluetooth
infra-red (IR)
satellite
microwave

Networking hardware and software
Hardware and software are required for data to communicate between devices on a network.
Hardware is the physical components of a network while software contains the instructions to
the hardware, enabling it to complete specific tasks.

Network Hardware
Each network hardware component provides a different function to manage, control, and
secure data and information to be communicated on a network.

Hardware used to manage, control, and secure data includes:

Network interface card (or wireless adaptor)
server
wireless access point
router
switch
modem

Network interface card (or wireless adaptor)

Each device needs to have a network interface card (or wireless adaptor) installed to allow
access to the network or information system. A network interface card slots into the
motherboard of a device and then provides ports to allow the device to connect to a network.

A wireless adaptor is connected to the motherboard and allows the device to send and receive
wireless signals. Many devices come with both a wired network interface card and a wireless
adaptor installed. This allows the device to communicate with other devices.
Server

Server — a device that is used to provide services to other devices connected to a network.

For example; Many networks have a file service. All of the files of the organisation may be
stored on one or multiple servers and users operating other devices also known as clients can
then access the data from these servers.

Most of the time data and information related to an online or browser-based information
system will be stored on a web server. When a user wants to access the information system
they will be directed to the web server, where they will be able to access the data and the
information required.

Servers can be set up on a network to control and manage specific tasks on the network.

The below are all types of servers:

FILE SERVER — this is used to store files in a main location and manage the files so
that authorised network users can access them from the main location. This type of
server does not require to perform any tasks such as processing tasks and does not
need to run on any application or software. Its main purpose is to enable users to store
and retrieve data.
WEB SERVER — this type of server is used to store the files related to a website, a
group of websites or an online browser-based information system. When a user wants
to go onto a web page, the request is sent to the web server, which then sends the web
page and the related files to the user using Hypertext Transfer Protocol or HTTP. The
Universal Resource Locator or the URL of each web page is converted o an IP
address that directs the request to the specific web server.
PROXY SERVER — this type of server manages all network requests for resources
from the internet. Any request by a network user for resources from the internet will
first be sent to the proxy server. The proxy server then sends the request for resources
to the internet. When the proxy server receives the resources, it directs them to the
correct user.
DATABASE SERVER — this type of server stores database application and the data
used by the application. The user is able to access the data stores on a database server
through “front end” software, installed on their device, that collects the required data.
In addition to storing data, the database server can perform analysis on the data.
PRINT SERVER — this type of server receives requests for printing from network
users and sends these requests to the printers installed on the network. It allows
requests to be centrally stored to be managed and controlled.
EMAIL SEVER — This type of server sends and receives all emails for users on a
network. Each time a network user sends an email, it will be sent to the email server,
which will then forward it on to the recipient. When an email is sent to a user it will
be first sent to the email server which will then deliver it to the user. A copy of all
emails sent and received is normally stored on the email server.

Wireless Access Point

A wireless Access point also known as a WAP is a communications device used on wireless
Local Area Networks. It acts like a central transmitter and a receiver of wireless radio signals.
A wireless access point is normally connected to a wired network backbone for a faster
transmission of data back to the network server.

Wireless access points are used in business networks where larger buildings and spaces need
wireless coverage. Home networks are generally small enough that a wireless router can
provide sufficient coverage without the need for an access point.

If and area is too large to be covered by a single wireless access point, then multiple access
points can be used. There can be momentary loss of connectivity when a user movie from the
located of once access point to another access point.

Overlapping access points provide a seamless area for users to move around in and uses a
feature called roaming. When a user moves from one area to another the wireless networking
hardware automatically jumps to the access point that gives the strongest signal.

Router

A router is a device that connects different networks, such as (LANs) or a LAN and the
internet (WAN). A router is able to link all these networks regardless the type of hardware or
communication protocols within the network.

For example, when data is sent over the internet or a big company network, routers receive
data packets. They check the packet to find the source and destination IP addresses and send
the data to its correct location. Unlike switches, which use MAC addresses to decide where to
send data, routers use IP addresses.

Companies, such as Vodafone, offer 4G modem sticks that can connect laptops or mobile
devices through a phone network so they can connect to the internet. These sticks are portable
and easy to use for mobile internet access.

Broadband routers

A broadband router is typically used for home networks and is able to join multiple networks.
These routers are designed specifically to join the home (LAN) to the internet (WAN) to
share internet connections.

A wireless broadband router combines the functions of a basic router such as connecting the
LAN to the internet, a switch which allows devices such as a computer to be connected by a
cable, a firewall which is a security measure, and a wireless access point which allows
wireless connectivity.

The type of broadband router used to act as a bridge between a LAN and the internet depends
on the type of connection provided by the internet service provider (ISP). A cable connection
uses the high bandwidth which is available through the same broadband connection that
provides information to a television via a provider such as Foxtel.

An asymmetric digital subscriber line, also known as ADSL, is a connection which provides
internet access using copper wiring in telephone lines. The cost of an ADSL broadband router
is in the range of $150 to $200. A cable broadband router is usually sourced from an ISP
since it has to be registered on the ISP's network before it will work.
Switch

A switch is a device used to connect different devices within a local network (LAN). It keeps
track of the addresses of all devices connected to it. When data which is in packets is sent
through the network, the switch checks where the packet is supposed to be and sends it only
to the cable that leads to the correct device. This ensures that the data reaches its destination
quickly without interfering with other devices.

When a switch sends data directly between two devices, it works as if those devices are
directly linked. On a 100 Mbps switch, all devices can send and receive data at full speed
without interruptions.

To improve security in wireless networks, it's important to encrypt data and use strong
passwords for file sharing, routers, and access points. This makes it harder for
unauthorized users to

Modem

A Moden is a device that is used to connect LAN to the internet by converting digital signals
(binary) into analogy (audio) signals and then back again so data can be transmitted over a
telephone line. In the past most organisations had a connection to the internet though using a
telephone line for data communication. The advantage of this was that most homes and
organisations would already have a telephone connection and so there would be no need o
install a nerd connection at each location.

The National Broadband Network (NBN) has introduced a fibre-optic network across much
of Australia. Many homes are connected via 'fibre to the curb' (FTS), meaning that fibre-optic
cables run to the street, and from there, copper cables (called unshielded twisted pair) connect
the fibre network to the house.

In these setups, a modem (also known as an NBN connection box) is still needed to manage
and control the internet data. However, unlike older modems, it doesn't need to convert
signals from analogy to digital in this case.

Merging Technology

Many of the devices discussed in the preceding pages have now been merged into a single
device as technology has improved.

These devices include:

Modem/router
router/wireless access point
router/switch
modem/wireless access point/router

Network Software
Software is used to control, manage, and secure data in a network.
Network operating system

Each network needs a network operating system. A network operating system also known as
a network OS or NOS is the system software that organises, controls, and managed the
activities on a Local Area Network. A NOS controls the attached computer systems, any
factors, and the communication between the, the tasks that NOS performs include:

administration - adding, deleting and organising users and performing maintenance
tasks, such as backup
file management - locating and transferring files
device management - coordinating print jobs and reports sent to specific printer on the
network, ensuring resources are used correctly and efficiently.
security - monitoring and, when necessary restricting access to network resources.

Wired, Wireless and Mobile communication
technology
Wired cabling, wireless transmission and the use of exiting mobile or cellular networks are
communication methods which can be used to transmit data and information over a network.
The method used to transmit data depends on the needs of the user of the network even
though each method has strengths and weaknesses in terms of cost, data storage options, data
transfer rates, reliability, and security.

Wired communication technology
A wired network is a type pf mapwork in which devices are connected through the use of a
physical cable.

Some advantaged of wired networks compared to wireless networks include:

faster data transfer speeds — While wireless speeds are improving, wired networks
still generally offer faster and more consistent data transfer, especially on average.
better security — Wired networks are harder for hackers to access because it’s
difficult to intercept data. There's also less risk of data loss due to signal interference.
more reliable connection — Wired networks have more stable data transfer rates and
are less prone to interference, unlike wireless networks, where signal strength and
speed can fluctuate.

Some disadvantages of wired networks compared to wireless networks include:

lack of mobility — Devices connected to wired networks have to stay near fixed
connection points, making it harder for users to move around while staying connected.
installation — Setting up a wired network is more expensive and time-consuming
than installing a wireless network, as it involves buying and laying cables.
maintenance — Wired networks can require regular maintenance, like fixing cables or
adding new data points, which can also be costly and time-consuming.
Twisted-pair cable

Commonly in transmission media for network cabling and telephone systems a twisted-pair
cable is used. This cable contains one or more twisted-pair wired bundles together.

Each twisted-pair wire is made up of two sperate insulated copper wired that are twisted
together and this is because it reduces noise. Any noise in an electrical disturbance can
degrade communications.

Fibre-optic cable

A fibre-optic cable is a wired transmission media that contains shard of glass, which reflect
pulses of light generated by small lasers or light-emitting diodes or also known as LED.

The core of these cables is made of dozens to hundreds of thin strands of glass or plastic that
use light to transmit signals. Each of these strands is called optical fibre which is as thin as
human hair. Inside this cable an insulating glass cladding and a protective coating surround
each optical fibre.

Fibre-optic cables offer several advantages over twisted-pair cables:

They can carry many more signals.
They provide faster data transmission.
They are less affected by interference from devices like copy machines.
They offer better security since they are less prone to interference.
They are smaller, thinner, and lighter.

Fibre-optic cables work by reflecting light internally, preventing it from escaping. This makes
them immune to electrical noise, allowing data to travel over much longer distances
compared to twisted-pair cables.

However, fibre-optic cables are more expensive and harder to install or modify. Despite this,
many telecom companies and businesses are switching to fibre-optic cables for their high-
traffic or main network connections.

National Broadband Network

The National Broadband is designed to provide the infrastructure to deliver affordable and
reliable high-speed internet and telephone access to all Australians. The National Broadband
Network (NBN) aims to provide all Australians with affordable, reliable, high-speed internet
and telephone access. Due to Australia's large size, different technologies are used to deliver
the NBN. Initially, the plan was to provide speeds of 100 Mbps, with fibre-optic cables
connecting most homes directly to the internet.

However, the plan has changed. Now, fibre-optic cables are run to a node in the street (called
a 'street cabinet'). From there, hybrid cables or existing copper telephone lines are used to
connect homes and businesses. Other technologies used for the NBN include coaxial cables,
fixed wireless, and Skymaster satellite connections.
Households where fibre-optic cables cannot be used will connect to the NBN through fixed
wireless and satellite technologies and this is up to 10 per cent of homes that need wireless or
satellite connections.

Wireless communication technology
A wireless network is a computer network that connects devices without using physical
cables, relying on wireless data transfer, usually via radio communication.

Wireless networks can include:

Wireless Local Area Networks (WLANs)
Mobile networks
Satellite networks
Microwave networks

Wireless transmission is useful when installing cables is inconvenient or impossible. The
latest wireless standard, 802.11ax, provides speeds comparable to wired networks. Common
wireless transmission methods include broadcast radio, cellular radio, microwaves,
communications satellites, and infrared.

An 802.11ac wireless router typically operates on the 5 GHz frequency but can also function
on the 2.4 GHz network simultaneously. Some manufacturers advertise these routers with a
combined speed of 1.75 Gbps, which comes from adding 1.3 Gbps from the 5 GHz band and
450 Mbps from the 2.4 GHz band.

Wi-Fi Communications

For Wi-Fi communication, a transmitter sends radio signals, and a receiver accepts them. The
receiver has an antenna that needs to be within the signal range. Some networks use a
transceiver, which can both send and receive signals from wireless devices. Although Wi-Fi
communication is generally slower and more susceptible to interference compared to wired
connections, it offers flexibility and portability.

Wireless networks typically operate on two frequency ranges: 2.4 GHz and 5 GHz. The 5
GHz network can carry more data but has a shorter range, meaning it doesn’t penetrate
obstacles like walls as well as the 2.4 GHz network. However, the 2.4 GHz band can be
affected by interference from household devices like cordless phones. The 5 GHz band has
less competition from these devices. Many modern devices now support dual-band
capabilities to take advantage of both frequency ranges.

Bluetooth

Bluetooth technology uses short-range radio waves to transmit data between Bluetooth-
enabled devices. Each device has a small chip that allows it to communicate with others
within a specific range—typically around *10 meters, which can be extended to *100 meters
with additional equipment. Common Bluetooth-enabled devices include desktop computers,
laptops, handheld devices, mobile phones, fax machines, and printers.
Bluetooth is popular for hands-free calling on mobile phones and streaming music to
speakers or car audio systems. Most new cars come equipped with built-in Bluetooth,
allowing users to sync their mobile phones easily. Both Bluetooth and Wi-Fi use radio signals
for communication.

Near-field communication (NFC) is a technology that allows for contactless communication
between devices, such as smartphones and tablets. Users can simply wave their NFC-enabled
smartphone over an NFC-compatible receiver to share information without physically
touching the devices or needing a formal connection. This technology is commonly used for
making payments in stores or for paying parking meters, which can even send messages to
the smartphone about the remaining time.

An NFC-enabled device can work with a small, unpowered chip called a tag. This tag draws
power from the NFC device that reads it through a process called electromagnetic induction.
Smartphones can be paired with NFC tags, which can be programmed with apps to perform
automated tasks.

For instance, if you tap your smartphone on an NFC tag embedded in a movie poster, it can
transfer information from the poster to your phone. This might include details like
showtimes, actor biographies, and reviews. Similarly, tapping on a restaurant's menu tag
could load the menu onto your phone, along with nutritional information and cooking notes.

NFC tags are small and inexpensive to produce, making them ideal for various applications,
particularly in mobile payments and innovative marketing strategies. As awareness of NFC
technology grows, more creative uses are expected to emerge.

Examples of NFC technology in action include PayWave transactions and Victoria's Myki
transportation system. With these systems, users can simply wave their NFC-enabled card
near a card reader to transfer data quickly and easily, completing transactions in almost no
time.

Microwaves

Microwaves are a type of radio wave that enables high-speed signal transmission. Microwave
transmission involves sending signals between microwave stations. This method can be a
practical alternative to cabling, especially when an organization has facilities on opposite
sides of a road. Digging tunnels for cables can be expensive and time-consuming, so
microwave technology offers a more efficient solution.

A microwave station typically consists of an Earth-based reflective dish that contains
antennas and other necessary equipment for communication. The dish collects signals and
directs them to a central collector.

Microwave transmission is line-of-sight, meaning that the microwaves must travel in a
straight line without any obstructions, such as buildings or trees, between the antennas. To
minimize potential obstructions, microwave stations are often placed on top of buildings,
towers, or mountains.

Electromagnetic radiation, including light and radio waves, travels nearly as fast in the air as
it does in a vacuum (approximately *300,000 km per second). This means that microwave
communication is significantly faster than fibre-optic transmissions, which send laser light
pulses through glass strands. The glass can slow down the light by *50 to 40 per cent.

Microwave transmission is ideal for situations where installing physical transmission media
is difficult or impractical, especially in large sites where line-of-sight transmission is
available.

Communications Satellites

A communications satellite is a space station that receives microwave signals from an Earth-
based station, amplifies (strengthens) these signals, and broadcasts them back over a wide
area to multiple Earth-based stations. These stations are often microwave stations, but other
devices like handheld computers and GPS receivers can also serve as Earth-based stations.

Uplink: This refers to the transmission of signals from an Earth-based station to a
satellite.
Downlink: This is the transmission of signals from a satellite back to an Earth-based
station.

Mobile Communication Technology

A mobile network, also known as a cellular network, enables communication through mobile
devices using a series of mobile phone towers, or base stations, that send and receive signals.
The coverage area of these towers often overlaps, allowing users to stay connected as they
move within a region.

The range of each mobile phone tower can vary based on its location and the number of
nearby towers. In large cities, towers are often close together, allowing for minimal gaps in
coverage. In more isolated areas, a tower might cover a range of 2 to 3 kilometres, but
typically these towers still overlap to maintain connectivity.

When a user is in range, their mobile device connects to the nearest base station. Each base
station connects to a digital exchange that facilitates communication. Mobile networks
support voice calls, data transmission, text messages, and multimedia messaging.

However, there may be costs associated with data transmission, particularly when users
exceed their plan limits. This can lead to additional charges, especially when roaming or
using data-heavy applications.

Internet of things
The Internet of Things is a network formed by “smart devices” such as mobile phones,
wearable devices, headphones, heating systems, refrigerators and other devices that have an
on-and-off switch to the Internet and or other Internet of Thing’s devices.

There are many ways in which devices can communicate data with each other.
Device-to-device

This is a communication that happens when two devices communicate directly with one
another without the help of any other device. These devices communicate with each other
using the same communication protocol such as Bluetooth. Device-to-device is more
commonly used in systems that require the transfer of small data packets between devices at a
low data transfer rate. This could be a virtual assistant, smart speakers or light dimmers that
send small amounts of information to each other.

Device-to-gateway

This type of communication involves an IoT device that connects to a “gateway” that
forwards the signals to another device in the local area. The gateway can be a router or a
smartphone with the right software installed. The router or the smartphone normally had
internet connectivity to allow data to be sent and received over the internet. The software
installed on a smartphone typically acts as a gateway could be a software application. This
application would have security measures to help in the protection of data and information
communicated and assist in managing the transfer of data from the device to other devices.

Device-to-cloud

This type of communication involves an Internet of Things device that connects directly to the
Internet or the cloud. Devices that transmit data directly to the cloud require a component that can
transmit data to the internet directly. This could be through a wired, wireless, or cellular connection.

Cloud connectivity is usually used with devices that do not require any human interaction or the
ability to communicate with other devices locally.

For example:

A smart electricity meter that is used to upload to the cloud the amount of electricity consumed in a
house each month.

Technical underpinnings of networks
Intranets

An intranet is a private network that only has access to uses within an organisation.

For example:

The MGC network is only accessible to those who go to the school or work there and contains
resources to help and guide both students and staff.
An organisation's internal intranet is not like the Internet and contains information and services such
as calendars, policies, procedure manuals, and technical support files that are unavailable to the
public. An intranet also allows access to documents needed within the organisation. Many intranets
also have search engines, user profiles, blogs, notifications, and event planning functionality.

An intranet is a website-based information system that is made up of several HTML pages that are
stored on a web server and this is similar to many websites. Users of the intranet access the
information using a web browser such as Chrome, Safari, or Firefox. An intranet will often include a
connection to the internet, allowing employees access to information from the web. Intranet pages
will often include links to internet sites with information relevant to the organisation.

An intranet offers the following efficiencies:

- Facilitates group collaboration among employees.

- Speeds up data access and loading of graphics and images, as information doesn't pass through a
router.

- Reduces paper waste by digitizing documents and processes.

- Improves ease of use through point-and-click technology for accessing hyperlinked documents.

Effectiveness benefits include:

- Provides restricted access to company information for security.

- Enables easy and fast updates to company documents compared to hard copies.

- Supports communication across different network platforms (Windows, Mac, UNIX) using universal
HTML code.

- Allows authorized users to access intranet data from anywhere via the internet.

- Supports communication through audio and video files, in addition to text and images.

Internet

The Internet is a worldwide network in which billions of devices are connected for communication
and data exchange.

The internet uses common communication protocols to link the network devices with each other.
Two major concepts that allow devices to communicate on the internet are IP addresses and the
protocol TCP/IP.

IP addresses

Every device that is connected to the Internet must have a unique address. This address is called the
IP address. The IP addressing standard is four numbers, each between 0 and 255 separated by full
stops. IP stands for Internet Protocol.
IP stands for Internet Protocol, a set of rules that allow devices to communicate over the Internet. An
IP address is like a street address, helping to direct data to the correct destination online, similar to
how a letter is delivered to a house.

A public IP address is globally unique and assigned by an Internet Service Provider (ISP) either
dynamically or statically.

There are two types of IP addresses: public and private. A private IP address, typically in the range
192.168.1.1 to 192.168.1.254, is assigned by the user and is not globally unique, as it’s used within a
private network.

TCP/IP

The Transmission Control Protocol/Internet Protocol (TCP/IP) is a set of rules that allow
communication between two networked devices. TPCA is a combination of two protocols (TCP and
IP). It ensures that the messages travelling over the internet reach the destination IP address. TCP/IP
can also be used on Local Area Networks (LANs).

Transmission Control Protocol

When data is sent over the internet, TCP:

- converts the data into packets
- sends each packet towards the destination
- arranges the packets in the correct order when they arrive
- reassembles the packets back into the correct format at the destination.

TCP is also responsible for resending any packets lost during the communication process.

Internet Protocol

IP is responsible for addresses and the routing of the packets to the correct destination. It uses
packet switching to do this.

Packet switching

When data is sent across the internet, TCP breaks it down into small packets. When IP directs each
packet across the internet, each packet may travel by a different route to the destination. As each
packet is sent, IP identifies the most efficient route to the destination: at that time. As the next
packet is sent, the most efficient route.

Accessing websites

A website is made up of several web pages that be accessed over the internet by entering the site’s
domain name or internet address. All the resources of the website such as pages or files are stored
on a web server. Behind each domain name is an IP address that directs the request to the location
of the web browser where the resources are stored.

Virtual private network (VPN)

A VPN stands for a virtual private network and allows users to use public networks such as the
Internet to send and receive data and information as if they were using a private network like an
intranet. VPNs were developed to allow users to access an organisation's application and resources
securely from remote locations. Security is maintained by adding protection strategies such as
requiring users to authenticate their identity with passwords or other techniques when they attempt
to log in to the VPN.

A VPN can be used to avoid geo-restrictions and censorship to protect users' anonymity and conceal
their location while they are surfing the internet.

For Example:

There are many shows on Netflix and many of them are international shows that cannot be viewed in
other countries. To view this material the user would need to use a VPN so that they can view this
media in another organisation.

Network Diagrams
A layout diagram is a common tool used to visually represent a network's appearance. It helps create
a network diagram that shows the topology of the network.

A network diagram displays the nodes (such as desktops, laptops, and mobile devices), network
hardware (servers, routers, switches, modems), and communication methods (wired, wireless,
mobile). It can also include security controls like authentication techniques, firewalls, and system
protection protocols.

The diagram focuses on network components and work areas (e.g., dispatch, and marketing
departments) rather than the physical layout of the buildings, which could make it harder to read.

Security Threats
A threat to a network is anything that has the potential to cause harm to data and information stored
and communicated between information systems. A threat may or may not occur but it has the
potential to result in the loss, theft or damage of data and information. Several measures can be
used to minimise the chances of a security threat.

Credential management

Credential management involves verifying a user's identity to ensure they are who they claim to be,
which is crucial for managing data and networks. Techniques like usernames, passwords, biometric
security, and swipe cards help prevent unauthorized access. Additional verification methods, such as
asking for personal details (date of birth, driver’s license number, etc.), are also used, especially in
online systems. Two-factor authentication, which requires two forms of identification, is increasingly
common.

Credential management must be well-maintained, especially with staff turnover or role changes
requiring adjustments to access rights. Users may forget their credentials, leading to resets, which
should include strategies to ensure the requesting person is the legitimate user.

Malicious software

Malware is short for malicious software and is software that is designed to damage and disrupt or
even gain unauthorised access to an information system. This term is used to group a range of
software threats to data and information.

Viruses

A virus is a software application that is written to cause some type of negative effect on a device or a
network. When a virus is executed, it normally duplicates itself in a range of locations on a device. A
virus may be designed to damage, steal, modify or corrupt data.

Worms

A worm is software that when it is installed self-replicates. A worm continues to replicate itself over
and over again which causes the system of a device or a network to degrade and slow down over
time as the software starts to drain all of the system resources.

Spyware

Spyware is software that collects data about a user’s activity and sends that data to another location
without the user knowing. Spyware can also include functions that allow network or security settings
on a user’s device to be changed. Like other malware, spyware can be downloaded inside a Trojan
horse a type of virus or after clicking on a link in an email.

Denial-of-service attacks
A denial-of-service (DoS) attack occurs when hackers attempt to prevent legitimate users from
accessing a service by overwhelming a network or server with a large number of authentication
requests. These requests often come from fake or non-existent addresses. When the network or
server tries to authenticate and respond to these requests, it cannot find the return addresses,
causing the server to wait before closing the connection.

Once the server closes the connection, the attacker sends more invalid requests, keeping the server
busy and preventing legitimate users from accessing the service. Hackers can also send fake data
packets to all computers on a network or initiate SYN (synchronization) flood, where connection
requests are sent to all open ports without completing the handshake process, leaving no ports open
for legitimate users.

A distributed denial-of-service (DDoS) attack is similar to a DoS attack but originates from multiple
sources, significantly increasing traffic on the network. This makes the attack more effective and
harder to shut down or trace back to its source.

Username and password

A combination of a username and password is one of the most widely used security controls. Each
user is assigned a unique username, and typically, they create their password. Together, these are
known as the login.

Some systems require passwords that meet specific criteria. Common requirements include:

- At least eight characters

- At least one upper-case letter

- At least one lower-case letter

- At least one symbol

- No spaces

- Cannot be "password"

- Cannot be the same as the username

Short or single-word passwords are a security risk, as they are vulnerable to brute-force attacks.
Obvious passwords, such as "password", or reusing the same password across multiple systems,
increase this vulnerability.

A brute force attack involves repeatedly attempting to guess a password using different variations of
usernames and passwords. Attackers often target known usernames, like an email addresses. Bots
are commonly used in these attacks, starting with simple password attempts like "a", "b", and "c",
and continuing through more complex combinations like "aa", "ab", and so on. This method
systematically tries every possible combination until the correct one is found.

Access rights
Access rights are a form of permission that has been granted to a user, or to an application to read
write and delete files on a network. By failing to apply access rights, or by not managing access rights
correctly, an organisation will fail to restrict the number of users that have rights to access data and
information. This increases the chance of both user error and deliberation tampering with the data
and information.

Out of date Software

Out-of-date software can cause several issues, as updates and upgrades are crucial for maintaining
security and functionality.

A software update, often called a patch, is a small file that fixes bugs, improves functionality, and
addresses minor issues in existing software, such as security threats. Operating system updates and
smartphone apps rely on these regular updates.

A software upgrade, however, is a new version of the software that includes significant changes, such
as improvements to security, functionality, and the user interface. For example, upgrading from
Windows 8.1 to Windows 10 involves major improvements.

Version numbers help differentiate updates and upgrades. They typically follow the format XYZ:

- X: Major changes (e.g., version 2.0)

- Y: Minor functionality changes (e.g., version 2.1)

- Z: Bug fixes (e.g., version 2.1.1)

Failing to update or upgrade software can lead to:

- Vulnerability to new security threats

- Missing out on new features

- Poor battery performance or slower processing

- Lower productivity

- Reduced functionality due to bugs or errors

Data and network protection strategies
Using a variety of security measures is crucial to prevent unauthorized access to networks and data.

Encryption

Encryption is a key security control used to protect data during transmission and while stored. It
involves encoding data so that only authorized recipients with the correct decryption key can access
and understand it. Unauthorized users may gain access to encrypted data, but without the proper
key, they cannot decipher it.

For example, a credit card number used for online purchases is sensitive data that benefits
significantly from encryption, ensuring that it remains secure during transmission and storage.

Private and Public Keys

To encrypt and decrypt data, a *key* is essential. A key, represented as a series of bits (0s and 1s),
applies an algorithm to scramble (encrypt) and unscramble (decrypt) the data, effectively "locking"
and "unlocking" it. Encryption software generates these keys.

Examples of Keys: *

- 4356 0241

- 0009 18DF

- CUBED

- EB2D FEDS

- FD37 8989

- FC20

Common key sizes include *128, 192, and 256 bits*; larger keys provide stronger encryption.

Types of Encryptions

1. *Symmetric Encryption*

- *Definition*: Uses the same private key for both encryption and decryption.

- *Key Characteristics*: The private key is only known to the user and installed on their device. The
sender encrypts the data packet with this key, and the receiver uses the same key to decrypt it.

- *Also Known As*: Private key or secret key.

2. *Asymmetric Encryption*

- *Definition*: Involves two keys: a public key and a private key.

- *Key Characteristics*:

- The *public key* is shared with others and used to encrypt data packets sent to the user.
 - The *private key* is kept secret and used to decrypt the data on the receiving device.

- *Relationship*: The algorithms for the two keys are related, allowing data encrypted with the
public key to be decrypted only by the corresponding private key.

This dual-key system enhances security by ensuring that only the holder of the private key can access
the encrypted information, even if the public key is widely distributed.

Authentication Techniques

Authentication is the process of verifying that a user of an information system is who they claim to
be. Beyond usernames and passwords, there are several other techniques used for authentication:

Biometrics

*Definition*: Biometric authentication leverages an individual's unique biological characteristics to
confirm their identity.

*Types of Biometric Authentication*:

- *Face Recognition*

- *Fingerprint Recognition*

- *Iris Recognition*

- *Signature Recognition*

- *Voice Recognition*

*Process*:

1. Users initially submit their biological data, which is stored in a database.

2. When attempting to access a secure area or device, users provide their biological data again.

3. The input data is compared to the stored data. If there is a match, authentication is successful.

*Advantages*:

- Offers greater security compared to traditional usernames and passwords.

*Limitations*:

- Not 100% reliable; errors may occur, leading to legitimate users being denied access or
unauthorized users gaining access.

Digital Signatures
*Definition*: A digital signature is an authentication technique used to verify the authenticity of
electronic documents (such as emails, data files, or web pages).

*Functionality*:

- Confirms the identity of the sender.

- Ensures that the sender has ownership of the document.

- Verifies that the document has not been altered during transmission.

*Process*:

1. A hashing algorithm generates a value from the data contained in the data packet.

2. The data packet is encrypted using the sender's private key.

3. The encrypted data is transmitted.

4. Upon receipt, the data is decrypted using the sender's public key.

5. A hashing algorithm is used again to convert the value back to its original form.

*Verification*:

- The combination of the hash value and encryption creates a unique format (the digital signature),
enabling the recipient to verify the sender's identity and check for any alterations to the document
during transit.

By utilizing these authentication techniques, organizations can enhance their security measures,
ensuring that only authorized users gain access to sensitive information.

Preventative practices to reduce risks
Preventative practices are intended to reduce data loss or theft due to security risks. Some practices
may be software-based, process-based, or hardware-based which attempt to reduce the chance of
different types of risks. Presentative practices aim to reduce the risk of data loss or theft but they
cannot absolutely guarantee security.

Software maintenance

"Software maintenance involves updating software applications after they have been
installed to fix faults, improve performance, or add new features. This process includes
making changes to the programming code used to create the application. There are four types
of software maintenance:

1. Adaptive Maintenance: Adjusting the software to changes in the operating
environment.
2. Perfective Maintenance: Enhancing the functionality of the application.
3. Corrective Maintenance: Fixing bugs or errors in the application.
4. Preventative Maintenance: Improving the reliability of the application to reduce the
need for future maintenance.

Regular software updates and upgrades are examples of software maintenance. These updates
are usually available for download from the software developer. Maintaining software helps
address new security threats and improves the reliability of the software, reducing the chance
of data loss and enhancing functionality. This allows users to be more productive when using
the application."

Operating system updates

"Operating system updates are a type of software update released by organizations like
Apple, Google, and Microsoft. These updates aim to improve the usability, functionality, and
security of the operating system. When a new version of an operating system is released,
users provide feedback on areas that need improvement. Cybercriminals and hackers also
find vulnerabilities, so developers constantly update the code to address these issues.

Operating system updates can include updates to associated applications installed on the
device. These updates aim to improve:

1. Protection against spyware, viruses, and other malware: Enhancing security
measures to protect the system from malicious software.
2. Protection against cyberattacks: Strengthening defences against unauthorized
access and attacks.
3. Overall performance of the device: Improving the efficiency and functionality of
the operating system, making the device run more smoothly.
Regular updates help keep the operating system secure and efficient, reducing the risk of data
loss and improving user experience."

Virus definitions

A virus is a type of software designed to cause harm to a device or network by damaging, stealing,
modifying, or corrupting data. When a virus runs, it duplicates itself across multiple locations on the
device.

Antivirus software, part of system protection tools, scans a device or network to find viruses. To do
this, the antivirus software uses virus definitions, which are collections of binary code that identify
specific viruses. The definition for each known virus is stored in a database linked to the antivirus
software. During a scan, the software compares files against the virus definitions. If a virus is found,
the software either deletes it or quarantines it.

However, if the antivirus software doesn't have a definition for a virus, it won’t be able to detect that
virus. Since new viruses are created daily, antivirus software must be constantly updated to stay
effective. This often involves downloading new virus definitions, which usually happens
automatically, often every day.

Firmware

Firmware is software programmed onto hardware devices like TVs, DVD players, hard drives, mice,
and keyboards, providing instructions for communication within a system. It is semipermanent,
meaning it remains unchanged unless updated, and cannot be uninstalled. Firmware is vulnerable to
security threats, so regular updates from the manufacturer are essential for protection and optimal
performance.

Disaster recovery plans

A disaster recovery plan is a set of procedures for an organization to follow in the event of a disaster,
aimed at restoring normal operations and minimizing data loss. The plan typically includes step-by-
step instructions and various sub-plans:

1. *Emergency Sub-Plan*: Provides detailed instructions for emergencies, including evacuation
procedures and contact information for emergency services. For example:

- Operate the nearest fire alarm.

- Leave the building by the nearest exit.

- Report to the designated assembly point.

2. *Backup Sub-Plan*: Outlines how to restore backups, including:

- Locations of backups.

- Backup types and restoration times.

- Step-by-step restoration instructions.

- Contact details for key personnel regarding backups.
3. *Recovery Sub-Plan*: Contains procedures for recovery after a disaster, such as:

- Restoring power to the building.

- Replacing damaged equipment.

- Restarting hardware and reinstalling software.

- Restoring backups.

4. *Test Sub-Plan*: Details the steps to test the disaster recovery plan, often through drills that
simulate a disaster. Testing helps identify necessary changes or improvements to the plan.

Overall, a disaster recovery plan is essential for ensuring that an organization can quickly resume
operations and safeguard its data in the face of a disaster.

Staff protocols

Staff procedures are a set of steps that employees must follow when handling data and information
within an organization. These procedures help ensure proper data management and security and
typically cover:

- Leaving devices unattended

- Password requirements

- File naming conventions

- Acceptable use of the system

- Email protocols

- Internet usage and downloading guidelines

Training staff to adhere to these procedures minimizes the risk of data loss or security threats.

Common signs of intrusion

Many unauthorised users are able to gain access to devices, information systems and networks
which causes threats to arise. These unauthorised users are known as hackers and have many
reasons to gain access without authorisation. These reasons are simply for enjoyment, for a
challenge, curiosity, or to steal, data and cause damage.

Some sings of unauthorised intrusions to device or a network includes:

- Increased use of system resources
- New software installed
- Changes passwords
- Sending spam email
- Unknown applications requesting access
- System protection software uninstalled
- A device completing task by itself
- Changes to a web browser home page.
There could be many reasons why these behaviours might occur with unauthorised intrusion
being one of them. If any signs are present then a range of tests should be applied to
attempt to identify the causes of the issue.

Increased use of system resources

When an unauthorized user gains access to a device or network, they must first establish a
connection, which increases the usage of the system's resources. Once connected, the
unauthorized user can perform tasks that further consume system resources. This activity
can negatively impact data transfer rates, processing speeds, memory usage, and graphics
performance.

New software installed

The installation of new applications on a device or network without the user's knowledge is a
strong sign of unauthorized intrusion. Such software often includes malware components,
such as viruses, Trojans, spyware, adware, or keylogging software.

Changed passwords

A common indicator of unauthorized intrusion is the alteration of passwords. Intruders often
change passwords to maintain control over a digital system, giving them more time to carry
out their activities. To counter this threat, many organizations have implemented two-factor
authentication, making it more difficult for unauthorized users to modify accounts.

Sending of spam email

After an unauthorized intrusion, hackers often gain access to an email system and start
sending spam emails to all contacts in the user's address book. These emails appear to come
from the authorized user and typically contain malicious content, such as phishing attempts
or adware promoting services or products. Recipients may not be vigilant since they believe
the emails are from a trusted source, which can harm the hacked user's reputation among
friends and colleagues.

Unknown Applications Requesting Access

A firewall's role is to scan incoming data packets to ensure they have been requested.
Following an unauthorized intrusion, the firewall may detect unrequested packets from
unknown applications. The intruder may have installed software that requests data from
external sources. If these applications are unfamiliar, the firewall will alert the user to this
suspicious activity.
System Protection Software Uninstalled

If security software is found to be disabled without the user's knowledge, it may indicate an
unauthorized intrusion. This can include antivirus software or specific security functions. An
intruder may disable these protections to avoid detection. Without functioning security
software, there may be delays in identifying the intrusion, allowing the hacker to continue
malicious activities undetected.

Device Completing Tasks by Itself

If a device begins to perform tasks autonomously, it may indicate the presence of remote
access software. This type of software allows a user to control a device from a remote
location via an internet or network connection, without needing physical access. Signs of
unauthorized control include the mouse cursor moving on its own, applications opening and
closing, or documents and emails being typed without any user interaction.

Changes to Web Browser Home Page

Unexpected changes to a web browser's default home page can signal an unauthorized
intrusion, known as home page hijacking. Hackers use this tactic for various reasons, such as:

- Increasing traffic to a specific website.
- Redirecting users to sites that contain malware or other security threats.
- Collecting and transmitting personal data from users through the altered home page.
- Displaying unwanted advertisements or adware pop-ups.
- Prompting users to click on links claiming to fix the hijacked home page, which often leads
to fake websites filled with viruses.

Systems Used to Detect Intrusions

To minimize the risk to data and information from intrusions, organizations use *intrusion
detection systems (IDS)* and *intrusion prevention systems (IPS)*.

Intrusion Detection Systems (IDS)
An IDS monitors network traffic to detect potential intrusions and can be either hardware-
based or software-based. There are two main types:
- *Host Intrusion Detection Systems (HIDS)*: Installed on individual devices, HIDS monitors
and analyses all data packets sent to or from the device. It alerts users if suspicious activity is
detected by comparing current system files with previous ones and identifying any changes.
- *Network Intrusion Detection Systems (NIDS)*: Installed at key points in a network, NIDS
monitors network traffic, analyses data packets, and checks them against a library of known
intrusion attacks.

While both HIDS and NIDS serve to identify threats, an IDS primarily focuses on data packets
traveling within the network, whereas a firewall primarily examines packets passing through
the organization's firewall connection.
Intrusion Prevention Systems (IPS)

An IPS is considered an extension of an IDS. While an IDS identifies potential intrusions and
alerts network staff, an IPS actively attempts to block or stop threats without human
intervention. It can:

- Delete suspicious data packets.
- Reset network connections.
- Block data packets from specific IP addresses.

An IPS can be configured to follow predefined rules to automatically respond to certain types
of identified activities.

Ethical Hacking

A *hacker* is a skilled computer expert who uses their abilities to gain unauthorized access
to data and information on devices or networks. Hackers can be categorized as:

- *Black Hat Hackers*: Individuals who exploit systems to steal data for sale or ransom.
- *Grey Hat Hackers*: Those who hack for the challenge or prestige, without malicious
intent.

*Ethical hacking* involves a *white hat hacker* who has authorization to test a device or
network. The goal is to identify weaknesses in the current security strategy, enabling
organizations to improve their security measures.

Organizations often seek individuals with limited inside knowledge of their networks to
uncover vulnerabilities, operating under the belief that if a white hat hacker can gain access,
so can a black hat hacker. Identifying and addressing these vulnerabilities is crucial for
enhancing security.

Common techniques in ethical hacking include:

- *Penetration Testing*: Attempting to access a network with permission, such as testing
network ports.
- *Phishing*: Sending deceptive emails to members of the organization to test their
susceptibility.

Ethical hackers must respect the privacy of the organizations and individuals involved and
report all identified vulnerabilities to the network owner.
Using Networks in a Global Environment

The use of networks has become widespread as the technology it requires has become more
widely available, and the use of the internet and social media has become a seamless part of
our lives. There are many clear benefits to using a network, from sharing hardware and
software to accessing the internet. However, there are also risks associated with using
networks, particularly in a global environment. This section looks at the benefits to
individuals and organizations of using a network and the risks that may be encountered.

#### Benefits

Establishing a network has several advantages over running standalone computers and
resources, including access to peripherals (e.g., printers), lower set-up costs (terminals are
cheaper than standalone computers), and faster communications. Further advantages of
using a network are discussed below.

1. *Sharing Hardware*:
Each networked computer can access and use hardware on the network. For example,
suppose several personal computers on a network each require the use of a laser printer. If
the personal computers and a laser printer are connected to a network, the personal
computer users can access the laser printer when needed. Businesses and home users
network their hardware mainly because it may be too costly to provide each user with the
same piece of hardware, such as a printer.

2. *Sharing Data and Information*:
In a networked environment, any authorized computer user can access data and
information stored on other computers in the network. For example, a large company might
have a database of customer information that any authorized person, including a mobile user
using a smartphone to connect to the network, can access. The capability to provide access
to and store data on shared storage devices is an important feature of many networks.
Project teams can share data, even if they are geographically remote, by using an
organization’s virtual private network (VPN), which uses the internet for global connections.
Networks support collaborative work practices through services such as cloud computing,
email, and file transfer.

3. *Sharing Software*:
Users connected to a network can access software (programs) on the network. To support
multiple-user access of software, most software vendors sell network versions of their
software. In this case, software vendors issue a site license, a legal agreement that allows
multiple users to run the software package simultaneously. The site license fee is usually
based on the number of users or the number of computers attached to the network. Sharing
software via a network typically costs less than buying individual copies of the software for
each computer.

4. *Transferring Funds*:
Electronic funds transfer (EFT) allows users connected to the internet (an example of a
Wide Area Network) to transfer money from one bank account to another via transmission
media. Consumers can use credit cards or online payment systems such as PayPal to make
 purchases over the internet. Businesses can use the internet to deposit employees’ salaries
directly into their bank accounts. Both businesses and consumers pay bills online, which
allows them to use EFT payments to pay creditors. Global networks also allow online retailers
to trade continuously, without interruption.

#### Conclusion

In summary, networks provide numerous benefits, including hardware and software sharing,
data access, and efficient financial transactions, making them essential for individuals and
organizations operating in a global environment. However, the associated risks must be
carefully managed to ensure the security and integrity of networked systems.

### Health Records Act 2001 (Victoria)

The *Health Records Act 2001* regulates the confidentiality of patients' healthcare
information in Victoria, as discussed in Chapter 6. The 11 Health Privacy Principles are summarized in
Table 6.2 on page 238.

#### Key Provisions:

- *Confidentiality Protection*: The Act ensures that patients' healthcare information can only
be used for the primary purpose for which it was collected. This means medical test results and
medical history can only be accessed by healthcare providers (e.g., doctors, hospitals) for immediate
or ongoing care.

- *Consent Requirement*: Personal healthcare information cannot be disclosed to third
parties (such as medical insurance companies or other hospitals) for secondary purposes without the
patient's consent.

- *Limited Circumstances for Disclosure Without Consent*: Health information may be
shared without consent under specific, strictly limited circumstances, including:

- Emergency requests from family members when the patient cannot consent and their life
is in danger.

- Serious threats to public health and welfare.

- Research in the public interest.

- Investigations of unlawful activity.

- Legal claims.
 - *Complaints Process: Individuals who believe their rights under the Health Records Act
have been violated can file a complaint with the **Health Services Commissioner*. The
Commissioner will facilitate discussion between the parties to resolve the issue. If a satisfactory
resolution is not achieved, the Commissioner may issue a compliance notice to the organization that
breached the Act, specifying the violation and requiring corrective action.

- *Penalties*: The maximum penalty for organizations that violate the Act is 3,000 penalty
units, while non-corporate cases may incur a penalty of 600 penalty units.

### Ethical Issues in Computer Networking

Access to computer networks allows individuals to access substantial confidential data, yet training
for computer specialists often lacks emphasis on privacy and ethical considerations, unlike fields such
as medicine and law.

#### Key Ethical Questions for Computer Professionals:

1. Should you read users' emails?

2. Should you monitor websites visited by users?

3. Should you install keyloggers to capture user input?

4. Should you read documents stored on users' computers or file servers?

5. Should you view graphics stored on users' computers or file servers?

### Professional Responsibility

Computer professionals with network access bear significant responsibility. The computing
profession, still developing, lacks a universally accepted code of ethics, making it essential to address
these ethical dilemmas to maintain trust and integrity in the field.