Network Security - ITNETW1 Final Exam - Dec 12, 2024 PDF
Document Details
Uploaded by VirtuousConsciousness6950
2024
Tags
Summary
This document includes a past paper for ITNETW1 Network Security, including the final exam schedule for December 12, 2024. The document discusses various aspects of Network Security, including threats, attacks, and challenges. It also includes example questions.
Full Transcript
NETWORK SECURITY ITNETW1 FINAL Weeks (Dec. 2, 4, 9, 11) Dec 2, 2024 Discussion of Network Security Part 1 Dec 4, 2024 Seatwork Dec 9, 2024 Discussion of Network Security Part 2 Dec. 11, 2024 Last Quiz (Network Security) Final Exam - Dec. 12, 2024 Thursday (IP Address and Subnet, Network Simulatio...
NETWORK SECURITY ITNETW1 FINAL Weeks (Dec. 2, 4, 9, 11) Dec 2, 2024 Discussion of Network Security Part 1 Dec 4, 2024 Seatwork Dec 9, 2024 Discussion of Network Security Part 2 Dec. 11, 2024 Last Quiz (Network Security) Final Exam - Dec. 12, 2024 Thursday (IP Address and Subnet, Network Simulation, Network Security) - Pen and Paper Guide Questions What is Network Security? Why do we need to secure the network? What makes a secured network? What Is Network Security? Network security incorporates various technologies, processes, and devices into a broad strategy that protects the integrity, confidentiality, and accessibility of computer networks. Organizations of all sizes, industries, or infrastructure types require network security to protect against an ever-evolving cyber threat landscape. What Is a Cyber Attack? A cyber attack is a set of actions performed by threat actors, who try to gain unauthorized access, steal data or cause damage to computers, computer networks, or other computing systems. A cyber attack can be launched from any location. The attack can be performed by an individual or a group using one or more tactics, techniques and procedures (TTPs). Why Is Network Security Important? Preventing unauthorized access: Network security protocols protect networks from unauthorized access, ensuring only legitimate users can access critical systems and data. Why Is Network Security Important? Protecting data integrity: Network security measures prevent data tampering and ensure the accuracy and reliability of data. This is particularly important for organizations handling sensitive information such as financial data, personal records, and intellectual property. Why Is Network Security Important? Ensuring business continuity: Cyberattacks such as DDoS attacks can disrupt business operations. Effective network security strategies help in mitigating these risks, ensuring continuous availability of services and operations. Why Is Network Security Important? Compliance with regulations: Many industries are subject to regulatory requirements mandating strict data protection measures. Network security helps organizations comply with standards like GDPR, HIPAA, and PCI-DSS, avoiding legal penalties and maintaining customer trust. Network Security Threats and Attacks Malware Malware is a program that attacks information systems. There are various types of malware, each designed to perform specific malicious activities. For example, ransomware encrypts files and holds it for ransom, spyware covertly spies on victims, and Trojans infiltrate systems. Threat actors use malware to achieve various objectives, such as stealing or secretly copying sensitive data, blocking access to files, disrupting system operations, or making systems inoperable. Network Security Threats and Attacks Phishing Phishing is a type of fraud that occurs when a threat actor impersonates a reputable entity in person, via email, or other communication forms. Threat actors often use phishing emails to spread malicious attachments or links that perform various functions, such as extracting the victim’s account information or login credentials. Network Security Threats and Attacks Bots A bot is a small program that automates web requests with various goals. Bots perform their tasks without any human intervention, for example, scanning website content and testing stolen credit card numbers. A bot attack utilizes automated web requests to defraud, manipulate, or disrupt applications, websites, end-users, or APIs. Bot attacks were originally used primarily for spam and denial of service, but have evolved into complex enterprises with economies and infrastructure that enables waging additional, more damaging attacks. Network Security Threats and Attacks DDoS Attacks A Distributed Denial of Service (DDoS) attack employs multiple compromised computer systems to attack a target and cause a denial of service for the targeted resource’s users. It sends a flood of messages, malformed packets, or connection requests to the target system, forcing it to slow down or entirely shut down, denying service to real systems and users. DDoS attacks can target a website, server, and other network resources. Network Security Threats and Attacks Advanced Persistent Threats (APTs) An advanced persistent threat (APT) is a targeted and prolonged attack during which intruders gain unauthorized access to a network, remaining undetected for an extended time. Threat actors usually launch APT attacks to steal data rather than cause damage to the target’s network. Network Security Threats and Attacks Drive-by Download A drive-by download attack is the unintentional download of malicious code to a computer or mobile device, exposing the victim to a cyberattack. Unlike other cyberattacks, a drive-by does not rely on a user to actively enable the attack. Becoming infected does not require clicking on anything, pressing download, or opening a malicious email attachment. A drive-by download exploits an application, web browser, or operating system containing security flaws, which may occur due to a lack of updates or unsuccessful updates. Network Security Threats and Attacks DNS Attack A DNS attack occurs when a threat actor exploits vulnerabilities in a domain name system (DNS). DNS was designed for usability rather than security. As a result, threat actors can exploit the communication between clients and servers to launch attacks. Threat actors often exploit the plaintext communication between clients and DNS servers. Another attack strategy involves logging in to a DNS provider’s website using stolen credentials and redirecting DNS records. Network Security Threats and Attacks Misconfiguration Exploits Misconfiguration exploits occur when network systems, applications, or devices are improperly configured, leading to vulnerabilities that threat actors can exploit. Common sources of misconfigurations include default settings, lack of timely updates, and human error. For example, many devices and applications come with default settings that are often insecure. If these defaults are not changed, networks remain open to attacks. Additionally, systems that are not regularly updated and patched are left exposed to exploits targeting known vulnerabilities. What Are the Challenges of Network Security? Rapidly Evolving Threat Landscape The first major challenge for network security is the rapid evolution of the cyber threat landscape. Technologies evolve quickly, and attackers find new ways to infiltrate and exploit corporate networks, requiring businesses to implement new defenses to protect their networks. What Are the Challenges of Network Security? Bigger Attack Surface Another factor that makes network security more challenging is the broadening scope of an organization’s security strategy. All network users are responsible for security. Building a strategy everyone can follow is not easy, especially if the organization needs to update it regularly to address emerging threats. What Are the Challenges of Network Security? Bring Your Own Device (BYOD) and Remote Work Many organizations have a Bring Your Own Device (BYOD) policy, resulting in a highly complex, distributed network and a much larger attack surface. Every personal device requires protection. Wireless security is especially important for companies that allow employees to work from home. Remote users often access sensitive corporate resources and data via an unsecured public network (i.e., the Internet). What Are the Challenges of Network Security? Cloud Security When organizations run workloads and services in the cloud, cloud vendors and managed service providers are responsible for ensuring security, but the organization is typically responsible for securing its own data and applications. Organizations must maintain awareness of all access points to the network and implement a unified security strategy across the hybrid environment. FIREWALL (Triad) How Firewall works? Illustrate and discuss the use of firewall in home networks? List the security mechanisms implemented in a typical home network. Why and How? Types of Firewall (Part 2)
