SlideShare a Scribd company logo

Chapter 4.ppt

Download as PPT, PDF
G
girmawodajo

Computer security

Technology
1 of 47
COMPUTER SECURITY CHAPTER FOUR :NETWORK SECURITY : By Teklay H
Outline Network security basics Threats on network Trust, Weaknesses, Risk and Vulnerabilities TCP/IP Suit Weaknesses and Buffer Overflows Network security protocols Wireless security 2
Network Security Network security has become increasingly important in the current digital era for maintaining the integrity and safety of our networks. The protection of a computer network and its data from illegal access, theft, or damage is referred to as network security. Security precautions must be taken in network systems to protect the network from various forms of assaults, including malware, phishing, denial of service (DoS) attacks, and more. 3
Cont’d… Network security is an important component of network systems. It entails using firewalls, encryption, antivirus and anti- malware software, strong passwords, access control measures, routine network traffic monitoring and analysis, and regular network device and software upgrades and patches. Network administrators can defend the network against different assaults and guarantee the integrity and safety of the network and its data by putting these security measures in place. 4
Threats on network Cyberattacks  Cyberattacks are attacks by a cybercriminal targeting one or multiple computer networks or machines.  Cyber attacks can perform malicious actions such as disabling computers, stealing data, or using infected computers as a pivot to launch further attacks.  Attackers use various methods to execute cyberattacks, including social engineering techniques like phishing, brute force techniques, denial of service (DoS), and injecting malware or ransomware. 5
Phishing  This online scamming technique attempts to obtain sensitive data like credit card details and credentials.  A phishing attack uses fraudulent email messages designed to appear legitimate by impersonating a reputable banking institution, website, or personal contact.  It tricks the user into clicking on a malicious URL or replying to the email by sending financial and credential information. 6 Threats on network…
Misconfiguration Exploits  A security misconfiguration is any incorrect or insecure configuration of security controls that puts the system at risk.  Poor management practices such as inadequate documentation of configuration changes, reliance on defaults, and technical issues affecting endpoint components can lead to misconfiguration. 7 Threats on network…
Denial-of-Service (DoS)  DoS attacks prevent legitimate users from accessing data or services on a target website. They occur when a malicious attacker overloads the website with junk traffic.  Distributed denial-of-service (DDoS) attacks are similar to DoS but are more difficult to overcome.  Attackers launch a DDoS attack from multiple computers distributed worldwide in a network of infected machines. 8 Threats on network…
Malware  Malware is short for malicious software.  Attackers usually use it to take control of the target system, exfiltrate sensitive data, or install unwanted programs on the target device without the victim’s knowledge.  Malware can spread spyware, worms, and Trojan horses via pop-up advertisements, compromised files, fraudulent websites, or phishing emails. 9 Threats on network…
Ransomware  Ransomware is a form of malware that cybercriminals use to lock the target device and demand a ransom in exchange for unlocking it.  It spreads via malicious apps and phishing emails, preventing users from launching apps or encrypting files in some cases, it completely disables the device. 10 Threats on network…
Rogue Security Software  Malware tricks users into believing that their security measures are outdated or that a virus has infected their computer.  It prompts the user to install a security feature or update security settings, often demanding payment for the tool or download.  When users try to remove the suspected virus, they unwittingly install real malware on their device. 11 Threats on network…
 weakness refers to an application error or bug, it may escalate to a vulnerability in cases where it can be exploited to perform a malicious action.  Risk 12 Trust, Weaknesses, Risk and Vulnerabilities
Trust, Weaknesses, Risk and Vulnerabilities  At the broadest level, network vulnerabilities fall into three categories:  hardware-based  software-based, and  human-based. 13
Applications of Network Security  Firewall: Network security uses firewalls to prevent unauthorized access to networks and protect them from external threats.  Intrusion Detection System (IDS): Network security uses IDS to detect and respond to intrusions and attacks on networks.  Virtual Private Network (VPN): Network security uses VPN to create secure connections between remote users and networks, ensuring that data is transmitted securely and confidentially. 14
Cont’d…  Encryption: Network security uses encryption to protect sensitive data and prevent it from being intercepted and read by unauthorized users.  Network Access Control (NAC): Network security uses NAC to control access to networks and resources, ensuring that only authorized users can access them.  Antivirus software: Network security uses antivirus software to detect and remove malware and other malicious programs from networks and devices. 15
Network security controls Administrative security controls  The management implements administrative access controls to ensure the safety of the organization.  Examples  Regulatory compliance frame work  Security policy  Employee monitoring and supervising  Information classification  Security awareness and training 16
TCP/IP Suit Weaknesses and Buffer Overflows 17
 TCP/IP protocol suite was created in 1980 as an internetworking solution with very little concern for security aspects.  It was developed for a communication in the limited trusted network.  However, over a period, this protocol became the de- facto standard for the unsecured Internet communication. 18 TCP/IP…
TCP/IP Suit Weaknesses  It is not generic in nature. ...  It does not clearly separate the concepts of services, interfaces, and protocols. ...  It does not distinguish between the data link and the physical layers, which has very different functionalities.  Internet Protocol provides the packet delivery services for TCP, UDP, and ICMP. The IP layer protocol is unreliable (called a best-effort protocol).  There is no guarantee that IP packets arrive, or that they arrive only once and are error-free. 19
Buffer Overflows  TCP receive buffer becomes full: Commonly caused by the receiving application not being able to extract data from the socket receive buffer quickly enough.  For instance, an overloaded server, i.e. one that is receiving data at a rate greater than the rate at which it can process data, would exhibit this characteristic 20
 For example, introducing additional code into a program could send it new instructions that give the attacker access to the organization's IT systems.  In the event that an attacker knows a program's memory layout, they may be able to intentionally input data that cannot be stored by the buffer. 21 Buffer Overflows…
What if TCP buffer is full?  If the TCP/IP buffers are too large and applications are not processing data fast enough, paging can increase.  The goal is to specify a value large enough to avoid flow control, but not so large that the buffer accumulates more data than the system can process. 22
Buffer Overflow and Web Applications  A buffer overflow attack is a common cyberattack that deliberately exploits a buffer overflow vulnerability where user-controlled data is written to memory.  By submitting more data than can fit in the allocated memory block, the attacker can overwrite data in other parts of memory.  Attackers use buffer overflows to corrupt the execution stack of a web application.  By sending carefully crafted input to a web application, an attacker can cause the web application to execute arbitrary code effectively taking over the machine. 23
Network security protocols  Network security protocols are network protocols that ensure the integrity and security of data transmitted across network connections.  The specific network security protocol used depends on the type of protected data and network connection.  Each protocol defines the techniques and procedures required to protect the network data from unauthorized or malicious attempts to read or exfiltrate information. 24
 Following are some of the most common network security protocols.  They are arranged by the network layer at which they operate, from bottom to top. 25 Network security protocols…
Internet Protocol Security (IPsec) Protocol-OSI Layer 3  IPsec is a protocol and algorithm suite that secures data transferred over public networks like the Internet.  The Internet Engineering Task Force (IETF) released the IPsec protocols in the 1990s.  They encrypt and authenticate network packets to provide IP layer security. 26 Network security protocols…
SSL and TLS OSI Layer 5  The Secure Sockets Layer (SSL) protocol encrypts data, authenticates data origins, and ensures message integrity.  It uses X.509 certificates for client and server authentication.  SSL authenticates the server with a handshake, negotiating security session parameters and generating session keys.  It can then securely transmit the data by authenticating its origin. 27 Network security protocols…
 SSL sessions use cryptographic algorithms similar to the algorithms used by the client and server (determined during the handshake).  Servers may support encryption with algorithms like AES and Triple DES.  Transport Layer Security (TLS) is an SSL-based protocol defined by the IETF (SSL is not). 28 Network security protocols…
Datagram Transport Layer Security (DTLS)- OSI Layer 5  DTLS is a datagram communication security protocol based on TLS.  It does not guarantee message delivery or that messages arrive in order.  DTLS introduces the advantages of datagram protocols, including lower latency and reduced overhead. 29 Network security protocols…
Kerberos Protocol- OSI Layer 7  Kerberos is a service request authentication protocol for untrusted networks like the public Internet.  It authenticates requests between trusted hosts, offering built-in Windows, Mac, and Linux operating system support.  Windows uses Kerberos as its default authentication protocol and a key component of services like Active Directory (AD).  Kerberos uses shared secret cryptography to authenticate packets and protect them during transmission. 30 Network security protocols…
Simple Network Management Protocol (SNMP)- OSI Layer 7  SNMP is a network device management and monitoring protocol that works at the application layer.  It can secure devices on LANs or WANs.  SNMP provides a shared language to allow devices like servers and routers to communicate via a network management system.  SNMP is an original part of the Internet protocol suite defined by the IETF. 31 Network security protocols…
 Components of the SNMP architecture include a manager, an agent, and a management information base (MIB).  The manager is the client, the agent is the server, and the MIB is the database.  The SNMP agent responds to the manager’s requests using the MIB.  While SNMP is widely available, administrators must adjust the default settings to enable communication between the agents and the network management system to implement the protocol. 32 Network security protocols…
HTTP and HTTPS - OSI Layer 7  HTTP is an application protocol that specifies rules for web file transfers. Users indirectly use HTTP when they open their web browser. It runs on top of the Internet protocol suite.  HTTPS is the secure version of HTTP, securing the communication between browsers and websites.  It helps prevent DNS spoofing and man-in-the-middle attacks, which is important for websites that transmit or receive sensitive information.  All websites requiring user logins or handling financial transactions are attractive data theft targets and should be using HTTPS. 33 Network security protocols…
 HTTPS runs over the SSL or TLS protocol using public keys to enable shared data encryption.  HTTP uses port 80 by default, while HTTPS uses port 443 for secure transfers.  With HTTPS, the server and browser must establish the communication parameters before initiating data transfers. 34 Network security protocols…
Wireless security 35
Wireless security  Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks,  Security is a critical concern in wireless sensor networks (WSNs) as these networks are vulnerable to various security threats such as eavesdropping, tampering, and denial of service attacks.  Therefore, various security protocols have been developed to ensure secure data transmission in WSNs.  Here are some examples of security protocols in WSNs: 36
Wireless network vulnerability  Using wireless network can potentially create many security vulnerabilities  No physical access required  Unknown network boundary  Confidentiality  Integrity  Availability  Unsecure wireless network 37
Hijacking a wireless association  SSID broadcasting  Open v closed  MAC spoofing  MAC addresses are not permanent  With an SSID and a spoofed MAD address, an established, unencrypted wireless association can be easily hijacked. 38
Wireless security encryption  The technique of securing wireless networks against unauthorized access and data breaches is known as wireless security encryption.  To ensure that sensitive data carried over wireless networks is safe and protected against eavesdropping, interception, and other sorts of assaults, it entails the use of encryption techniques and protocols. 39
 From home networks to mobile devices, Wi-Fi hotspots at hotels and cafes have become an integral part of our daily lives.  Wireless networks are convenient, but this also leaves them open to security risks.  Hackers and fraudsters may quickly access network traffic, intercept wireless signals, and steal sensitive data including passwords, credit card numbers, and personal information.  Data is encoded and rendered unreadable to unauthorized users to protect wireless networks from such attacks.  Wireless encryption comes in a variety of forms, including WEP, WPA, and WPA2, each with a different level of security and strength. 40 Wireless security encryption
Types of Wireless security encryption  Our daily lives have become increasingly dependent on wireless networks, which give us access to the internet and information from everywhere.  Although wireless networks are convenient, there are security dangers because wireless signals can be intercepted and perhaps exploited by hostile people.  Wireless security encryption techniques are used to encrypt wireless signals and guarantee secure communication in order to safeguard wireless networks and their users.  The many forms of wireless security encryption and their advantages will be covered in this article. 41
1.Wired Equivalent Privacy (WEP): WEP is one of the earliest wireless encryption protocols used to protect wireless networks. It uses a shared key to encrypt data and authenticate users. However, WEP is now considered weak and easily hacked, making it an unreliable encryption technique. 2.Wi-Fi Protected Access (WPA): WPA is a more secure wireless encryption protocol that was introduced to replace WEP. It uses a stronger encryption algorithm, Advanced Encryption Standard (AES), to encrypt wireless signals.  WPA also supports authentication mechanisms like 802.1x and can use a pre-shared key (WPA-PSK) for simpler setups. However, WPA can still be vulnerable to attacks, especially when using a weak pre-shared key. 42 Types of Wireless security encryption
3.Wi-Fi Protected Access II (WPA2): WPA2 is the most widely used wireless security encryption protocol today.  It uses the same AES encryption algorithm as WPA but introduces additional security measures, including stronger key management and better authentication methods.  WPA2 is also backward compatible with WPA, making it easy to upgrade older networks. 43 Types of Wireless security encryption
4. Wi-Fi Protected Access III (WPA3): WPA3 is the latest wireless security encryption protocol that was introduced in 2018.  It introduces several new security features, including Simultaneous Authentication of Equals (SAE), which replaces WPA-PSK(Wi-Fi Protected Access Pre-Shared Key) for easier and more secure authentication.  WPA3 also offers better protection against password guessing attacks and stronger encryption algorithms for more secure communication. 44 Types of Wireless security encryption
5. Transport Layer Security (TLS): TLS is a security protocol used to secure internet communications, including wireless networks.  It encrypts data during transmission, providing end-to- end security.  It uses a combination of symmetric and asymmetric encryption techniques to ensure secure communication between two devices.  TLS is widely used in web applications, email, and instant messaging services. 45 Types of Wireless security encryption
 To sum up, wireless security encryption is essential for maintaining secure communication across wireless networks.  Although WEP and WPA are still in use, WPA2 and WPA3 are the most popular encryption protocols because of their more robust security features.  TLS is another trustworthy security protocol that is used to protect internet connections.  Your wireless network needs to be adequately secured to guard against unauthorized access and potential security breaches. 46 Types of Wireless security encryption
Securing wireless networks 47

Recommended

Network security
Network security Network security
Network security Madhumithah Ilango
 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfinfosec train
 
A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...Erin Moore
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet securityuniversity of mumbai
 
New internet security
New internet securityNew internet security
New internet securityuniversity of mumbai
 
internet security
internet securityinternet security
internet securityJorige Venkatapraveen
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdfSitamarhi Institute of Technology
 
Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Sitamarhi Institute of Technology
 

Recommended

Network security
Network security Network security
Network security Madhumithah Ilango
 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfinfosec train
 
A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...Erin Moore
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet securityuniversity of mumbai
 
New internet security
New internet securityNew internet security
New internet securityuniversity of mumbai
 
internet security
internet securityinternet security
internet securityJorige Venkatapraveen
 
Module 3.pdf
Module 3.pdfModule 3.pdf
Module 3.pdfSitamarhi Institute of Technology
 
Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Module 3.Infrastructure and Network Security:
Module 3.Infrastructure and Network Security:Sitamarhi Institute of Technology
 
Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxInfosectrain3
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhyasandeepsandy75
 
Network security and System Admin
Network security and System AdminNetwork security and System Admin
Network security and System AdminMD SAHABUDDIN
 
Network security
Network securityNetwork security
Network securityfatimasaham
 
Network and Security-2.pptx
Network and Security-2.pptxNetwork and Security-2.pptx
Network and Security-2.pptxDhanvanthkesavan
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsEditor IJCATR
 
Lecture 2
Lecture 2Lecture 2
Lecture 2Education
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...SyvilMaeTapinit
 
Lecture 5
Lecture 5Lecture 5
Lecture 5Education
 
cybersecurity
cybersecuritycybersecurity
cybersecuritymaha797959
 
Computing safety
Computing safetyComputing safety
Computing safetyBrulius
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
COMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptxCOMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptxDebmalyaSingha
 
INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptxbabepa2317
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.RAVI RAJ
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsCSCJournals
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 

More Related Content

Similar to Chapter 4.ppt

Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxInfosectrain3
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptxlochanrajdahal
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhyasandeepsandy75
 
Network security and System Admin
Network security and System AdminNetwork security and System Admin
Network security and System AdminMD SAHABUDDIN
 
Network security
Network securityNetwork security
Network securityfatimasaham
 
Network and Security-2.pptx
Network and Security-2.pptxNetwork and Security-2.pptx
Network and Security-2.pptxDhanvanthkesavan
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsEditor IJCATR
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...SyvilMaeTapinit
 
Computing safety
Computing safetyComputing safety
Computing safetyBrulius
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
COMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptxCOMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptxDebmalyaSingha
 
INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptxbabepa2317
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.RAVI RAJ
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsCSCJournals
 

Similar to Chapter 4.ppt (20)

Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptx
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
 
unit 2 IT security solution.pptx
unit 2 IT security solution.pptxunit 2 IT security solution.pptx
unit 2 IT security solution.pptx
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhya
 
Network security and System Admin
Network security and System AdminNetwork security and System Admin
Network security and System Admin
 
Network security
Network securityNetwork security
Network security
 
Network and Security-2.pptx
Network and Security-2.pptxNetwork and Security-2.pptx
Network and Security-2.pptx
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
 
Computing safety
Computing safetyComputing safety
Computing safety
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
COMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptxCOMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptx
 
INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptx
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
 

Recently uploaded

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Chapter 4.ppt

  • 1. COMPUTER SECURITY CHAPTER FOUR :NETWORK SECURITY : By Teklay H
  • 2. Outline Network security basics Threats on network Trust, Weaknesses, Risk and Vulnerabilities TCP/IP Suit Weaknesses and Buffer Overflows Network security protocols Wireless security 2
  • 3. Network Security Network security has become increasingly important in the current digital era for maintaining the integrity and safety of our networks. The protection of a computer network and its data from illegal access, theft, or damage is referred to as network security. Security precautions must be taken in network systems to protect the network from various forms of assaults, including malware, phishing, denial of service (DoS) attacks, and more. 3
  • 4. Cont’d… Network security is an important component of network systems. It entails using firewalls, encryption, antivirus and anti- malware software, strong passwords, access control measures, routine network traffic monitoring and analysis, and regular network device and software upgrades and patches. Network administrators can defend the network against different assaults and guarantee the integrity and safety of the network and its data by putting these security measures in place. 4
  • 5. Threats on network Cyberattacks  Cyberattacks are attacks by a cybercriminal targeting one or multiple computer networks or machines.  Cyber attacks can perform malicious actions such as disabling computers, stealing data, or using infected computers as a pivot to launch further attacks.  Attackers use various methods to execute cyberattacks, including social engineering techniques like phishing, brute force techniques, denial of service (DoS), and injecting malware or ransomware. 5
  • 6. Phishing  This online scamming technique attempts to obtain sensitive data like credit card details and credentials.  A phishing attack uses fraudulent email messages designed to appear legitimate by impersonating a reputable banking institution, website, or personal contact.  It tricks the user into clicking on a malicious URL or replying to the email by sending financial and credential information. 6 Threats on network…
  • 7. Misconfiguration Exploits  A security misconfiguration is any incorrect or insecure configuration of security controls that puts the system at risk.  Poor management practices such as inadequate documentation of configuration changes, reliance on defaults, and technical issues affecting endpoint components can lead to misconfiguration. 7 Threats on network…
  • 8. Denial-of-Service (DoS)  DoS attacks prevent legitimate users from accessing data or services on a target website. They occur when a malicious attacker overloads the website with junk traffic.  Distributed denial-of-service (DDoS) attacks are similar to DoS but are more difficult to overcome.  Attackers launch a DDoS attack from multiple computers distributed worldwide in a network of infected machines. 8 Threats on network…
  • 9. Malware  Malware is short for malicious software.  Attackers usually use it to take control of the target system, exfiltrate sensitive data, or install unwanted programs on the target device without the victim’s knowledge.  Malware can spread spyware, worms, and Trojan horses via pop-up advertisements, compromised files, fraudulent websites, or phishing emails. 9 Threats on network…
  • 10. Ransomware  Ransomware is a form of malware that cybercriminals use to lock the target device and demand a ransom in exchange for unlocking it.  It spreads via malicious apps and phishing emails, preventing users from launching apps or encrypting files in some cases, it completely disables the device. 10 Threats on network…
  • 11. Rogue Security Software  Malware tricks users into believing that their security measures are outdated or that a virus has infected their computer.  It prompts the user to install a security feature or update security settings, often demanding payment for the tool or download.  When users try to remove the suspected virus, they unwittingly install real malware on their device. 11 Threats on network…
  • 12.  weakness refers to an application error or bug, it may escalate to a vulnerability in cases where it can be exploited to perform a malicious action.  Risk 12 Trust, Weaknesses, Risk and Vulnerabilities
  • 13. Trust, Weaknesses, Risk and Vulnerabilities  At the broadest level, network vulnerabilities fall into three categories:  hardware-based  software-based, and  human-based. 13
  • 14. Applications of Network Security  Firewall: Network security uses firewalls to prevent unauthorized access to networks and protect them from external threats.  Intrusion Detection System (IDS): Network security uses IDS to detect and respond to intrusions and attacks on networks.  Virtual Private Network (VPN): Network security uses VPN to create secure connections between remote users and networks, ensuring that data is transmitted securely and confidentially. 14
  • 15. Cont’d…  Encryption: Network security uses encryption to protect sensitive data and prevent it from being intercepted and read by unauthorized users.  Network Access Control (NAC): Network security uses NAC to control access to networks and resources, ensuring that only authorized users can access them.  Antivirus software: Network security uses antivirus software to detect and remove malware and other malicious programs from networks and devices. 15
  • 16. Network security controls Administrative security controls  The management implements administrative access controls to ensure the safety of the organization.  Examples  Regulatory compliance frame work  Security policy  Employee monitoring and supervising  Information classification  Security awareness and training 16
  • 17. TCP/IP Suit Weaknesses and Buffer Overflows 17
  • 18.  TCP/IP protocol suite was created in 1980 as an internetworking solution with very little concern for security aspects.  It was developed for a communication in the limited trusted network.  However, over a period, this protocol became the de- facto standard for the unsecured Internet communication. 18 TCP/IP…
  • 19. TCP/IP Suit Weaknesses  It is not generic in nature. ...  It does not clearly separate the concepts of services, interfaces, and protocols. ...  It does not distinguish between the data link and the physical layers, which has very different functionalities.  Internet Protocol provides the packet delivery services for TCP, UDP, and ICMP. The IP layer protocol is unreliable (called a best-effort protocol).  There is no guarantee that IP packets arrive, or that they arrive only once and are error-free. 19
  • 20. Buffer Overflows  TCP receive buffer becomes full: Commonly caused by the receiving application not being able to extract data from the socket receive buffer quickly enough.  For instance, an overloaded server, i.e. one that is receiving data at a rate greater than the rate at which it can process data, would exhibit this characteristic 20
  • 21.  For example, introducing additional code into a program could send it new instructions that give the attacker access to the organization's IT systems.  In the event that an attacker knows a program's memory layout, they may be able to intentionally input data that cannot be stored by the buffer. 21 Buffer Overflows…
  • 22. What if TCP buffer is full?  If the TCP/IP buffers are too large and applications are not processing data fast enough, paging can increase.  The goal is to specify a value large enough to avoid flow control, but not so large that the buffer accumulates more data than the system can process. 22
  • 23. Buffer Overflow and Web Applications  A buffer overflow attack is a common cyberattack that deliberately exploits a buffer overflow vulnerability where user-controlled data is written to memory.  By submitting more data than can fit in the allocated memory block, the attacker can overwrite data in other parts of memory.  Attackers use buffer overflows to corrupt the execution stack of a web application.  By sending carefully crafted input to a web application, an attacker can cause the web application to execute arbitrary code effectively taking over the machine. 23
  • 24. Network security protocols  Network security protocols are network protocols that ensure the integrity and security of data transmitted across network connections.  The specific network security protocol used depends on the type of protected data and network connection.  Each protocol defines the techniques and procedures required to protect the network data from unauthorized or malicious attempts to read or exfiltrate information. 24
  • 25.  Following are some of the most common network security protocols.  They are arranged by the network layer at which they operate, from bottom to top. 25 Network security protocols…
  • 26. Internet Protocol Security (IPsec) Protocol-OSI Layer 3  IPsec is a protocol and algorithm suite that secures data transferred over public networks like the Internet.  The Internet Engineering Task Force (IETF) released the IPsec protocols in the 1990s.  They encrypt and authenticate network packets to provide IP layer security. 26 Network security protocols…
  • 27. SSL and TLS OSI Layer 5  The Secure Sockets Layer (SSL) protocol encrypts data, authenticates data origins, and ensures message integrity.  It uses X.509 certificates for client and server authentication.  SSL authenticates the server with a handshake, negotiating security session parameters and generating session keys.  It can then securely transmit the data by authenticating its origin. 27 Network security protocols…
  • 28.  SSL sessions use cryptographic algorithms similar to the algorithms used by the client and server (determined during the handshake).  Servers may support encryption with algorithms like AES and Triple DES.  Transport Layer Security (TLS) is an SSL-based protocol defined by the IETF (SSL is not). 28 Network security protocols…
  • 29. Datagram Transport Layer Security (DTLS)- OSI Layer 5  DTLS is a datagram communication security protocol based on TLS.  It does not guarantee message delivery or that messages arrive in order.  DTLS introduces the advantages of datagram protocols, including lower latency and reduced overhead. 29 Network security protocols…
  • 30. Kerberos Protocol- OSI Layer 7  Kerberos is a service request authentication protocol for untrusted networks like the public Internet.  It authenticates requests between trusted hosts, offering built-in Windows, Mac, and Linux operating system support.  Windows uses Kerberos as its default authentication protocol and a key component of services like Active Directory (AD).  Kerberos uses shared secret cryptography to authenticate packets and protect them during transmission. 30 Network security protocols…
  • 31. Simple Network Management Protocol (SNMP)- OSI Layer 7  SNMP is a network device management and monitoring protocol that works at the application layer.  It can secure devices on LANs or WANs.  SNMP provides a shared language to allow devices like servers and routers to communicate via a network management system.  SNMP is an original part of the Internet protocol suite defined by the IETF. 31 Network security protocols…
  • 32.  Components of the SNMP architecture include a manager, an agent, and a management information base (MIB).  The manager is the client, the agent is the server, and the MIB is the database.  The SNMP agent responds to the manager’s requests using the MIB.  While SNMP is widely available, administrators must adjust the default settings to enable communication between the agents and the network management system to implement the protocol. 32 Network security protocols…
  • 33. HTTP and HTTPS - OSI Layer 7  HTTP is an application protocol that specifies rules for web file transfers. Users indirectly use HTTP when they open their web browser. It runs on top of the Internet protocol suite.  HTTPS is the secure version of HTTP, securing the communication between browsers and websites.  It helps prevent DNS spoofing and man-in-the-middle attacks, which is important for websites that transmit or receive sensitive information.  All websites requiring user logins or handling financial transactions are attractive data theft targets and should be using HTTPS. 33 Network security protocols…
  • 34.  HTTPS runs over the SSL or TLS protocol using public keys to enable shared data encryption.  HTTP uses port 80 by default, while HTTPS uses port 443 for secure transfers.  With HTTPS, the server and browser must establish the communication parameters before initiating data transfers. 34 Network security protocols…
  • 36. Wireless security  Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks,  Security is a critical concern in wireless sensor networks (WSNs) as these networks are vulnerable to various security threats such as eavesdropping, tampering, and denial of service attacks.  Therefore, various security protocols have been developed to ensure secure data transmission in WSNs.  Here are some examples of security protocols in WSNs: 36
  • 37. Wireless network vulnerability  Using wireless network can potentially create many security vulnerabilities  No physical access required  Unknown network boundary  Confidentiality  Integrity  Availability  Unsecure wireless network 37
  • 38. Hijacking a wireless association  SSID broadcasting  Open v closed  MAC spoofing  MAC addresses are not permanent  With an SSID and a spoofed MAD address, an established, unencrypted wireless association can be easily hijacked. 38
  • 39. Wireless security encryption  The technique of securing wireless networks against unauthorized access and data breaches is known as wireless security encryption.  To ensure that sensitive data carried over wireless networks is safe and protected against eavesdropping, interception, and other sorts of assaults, it entails the use of encryption techniques and protocols. 39
  • 40.  From home networks to mobile devices, Wi-Fi hotspots at hotels and cafes have become an integral part of our daily lives.  Wireless networks are convenient, but this also leaves them open to security risks.  Hackers and fraudsters may quickly access network traffic, intercept wireless signals, and steal sensitive data including passwords, credit card numbers, and personal information.  Data is encoded and rendered unreadable to unauthorized users to protect wireless networks from such attacks.  Wireless encryption comes in a variety of forms, including WEP, WPA, and WPA2, each with a different level of security and strength. 40 Wireless security encryption
  • 41. Types of Wireless security encryption  Our daily lives have become increasingly dependent on wireless networks, which give us access to the internet and information from everywhere.  Although wireless networks are convenient, there are security dangers because wireless signals can be intercepted and perhaps exploited by hostile people.  Wireless security encryption techniques are used to encrypt wireless signals and guarantee secure communication in order to safeguard wireless networks and their users.  The many forms of wireless security encryption and their advantages will be covered in this article. 41
  • 42. 1.Wired Equivalent Privacy (WEP): WEP is one of the earliest wireless encryption protocols used to protect wireless networks. It uses a shared key to encrypt data and authenticate users. However, WEP is now considered weak and easily hacked, making it an unreliable encryption technique. 2.Wi-Fi Protected Access (WPA): WPA is a more secure wireless encryption protocol that was introduced to replace WEP. It uses a stronger encryption algorithm, Advanced Encryption Standard (AES), to encrypt wireless signals.  WPA also supports authentication mechanisms like 802.1x and can use a pre-shared key (WPA-PSK) for simpler setups. However, WPA can still be vulnerable to attacks, especially when using a weak pre-shared key. 42 Types of Wireless security encryption
  • 43. 3.Wi-Fi Protected Access II (WPA2): WPA2 is the most widely used wireless security encryption protocol today.  It uses the same AES encryption algorithm as WPA but introduces additional security measures, including stronger key management and better authentication methods.  WPA2 is also backward compatible with WPA, making it easy to upgrade older networks. 43 Types of Wireless security encryption
  • 44. 4. Wi-Fi Protected Access III (WPA3): WPA3 is the latest wireless security encryption protocol that was introduced in 2018.  It introduces several new security features, including Simultaneous Authentication of Equals (SAE), which replaces WPA-PSK(Wi-Fi Protected Access Pre-Shared Key) for easier and more secure authentication.  WPA3 also offers better protection against password guessing attacks and stronger encryption algorithms for more secure communication. 44 Types of Wireless security encryption
  • 45. 5. Transport Layer Security (TLS): TLS is a security protocol used to secure internet communications, including wireless networks.  It encrypts data during transmission, providing end-to- end security.  It uses a combination of symmetric and asymmetric encryption techniques to ensure secure communication between two devices.  TLS is widely used in web applications, email, and instant messaging services. 45 Types of Wireless security encryption
  • 46.  To sum up, wireless security encryption is essential for maintaining secure communication across wireless networks.  Although WEP and WPA are still in use, WPA2 and WPA3 are the most popular encryption protocols because of their more robust security features.  TLS is another trustworthy security protocol that is used to protect internet connections.  Your wireless network needs to be adequately secured to guard against unauthorized access and potential security breaches. 46 Types of Wireless security encryption