SlideShare a Scribd company logo

Introduction to Network Security

Download as PPTX, PDF
John Ely Masculino
John Ely Masculino

This document discusses network security. It defines network security and outlines some key security challenges such as many networks experiencing security breaches. It then discusses why security has become more important over time due to more dangerous hacking tools and the roles of security changing. The document outlines various security issues, goals, components, data classification approaches, security controls, and addressing security breaches. It stresses the importance of a comprehensive security policy and approach.

Technology
1 of 28
What is Network Security?  consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, m odification, or denial of the computer network and network-accessible resources.
Security Challenges  Computer Security Institute (CSI)  Survey: over 70% networks have experienced security breach  From the 70%, 60% have undergone internal breaches and only 40% are external or perimeter breaches.
2 Main reasons why security has became more important as an issue over time  The hacking and attack tools have become more and more dangerous, where an attack can cause serious financial damage to a company  The hacking and attack tools have become easier to use- in most cases, they are automated, allowing even a novice to use them.
Security Roles  Have changed over the years  In the past networks were closed to the outside world, thus attack didn’t cause much damage  Mid 1990s, Internet has exploded which increases the possibility of security breach
Security Issues  Security is a business problem not just a technology problem  The concept of security is an illusion  Managing security means managing the perception of others  There are many different security technologies to choose from  You must create a comprehensive security policy
Security Goals  Create and implement a single, cohesive, company-wide security policy  Don’t allow products to dictate security policies – policies should drive the products that you choose  Centralize security management
Security Components Security is a relative or subjective problem  Authentication  Authorization  Privacy  Integrity  Availability  Nonrepudiation  Accounting
Authentication  Verifying a person’s identity (who they are)
Authorization  Controlling access to resources (what they are trying to do)
Privacy  Protecting confidentiality of information (what the content of the information is)
Integrity  Validating that information was not changed (verifying that the information that was received has not been modified or tampered with)
Availability  Providing redundancy for security (ensuring that you have a fallback solution in the event of failure or security compromise)
Nonrepudiation  Proving that a transaction took place between two entities (when using online transactions, having verifiable proof that the transaction took place between 2 entities)
Accounting  Recording information about an employee’s actions when interacting with data and systems as well as information about the operation (including security events) of your networking devices
Data Classification for Public/Government Agencies  Unclassified data - data has few or no confidentiality requirements.  Sensitive but unclassified (SBU) data - data could prove embarrassing if revealed, but no serious security breach would occur.  Confidential data - Lowest level of classified data, where data protection must meet confidentiality requirements
Data Classification for Public/Government Agencies  Secret data - A significant effort must be made to secure data, limiting access to a small number of people  Top Secret data - Great effort and cost is used to secure data, limiting access to a very small number of people (need to know access)
Data Classification for private companies or nongovernment  Public data - data is publicly available, as on a website  Sensitive data - similar to SBU  Private data – data is important to a company; an effort must be made to secure it and verify that it is accurate  Confidential data – data is very important to a company, like trade secrets and employee records
Classification Criteria  Value  Personal Association  Age  Useful Life
Classification Procedures  Who is responsible for the data?  How should the information be classified, with any exceptions?  How are the controls used for classification policies?  When and how does declassification of data occur?
Classification Roles Role Description Performed By Owner Is ultimately responsible for the Typically a member of the data management staff Custodian Is responsible for the security of Typically a member of the IT the data on a day-to-day basis staff User Is responsible for using the data Your typical user, who can according to defined policies “see the trees, but not the and operating procedures forest” in the company and who has a ground-level view of certain data
Security Controls  Preventive – used to prevent a data compromise  Deterrent – used to scare away a certain number of ill-doers  Detective – used to detect access to data
3 Categories that control the implementation of the security control  Administrative – policy and procedural controls  Technical – electronics, hardware, and software controls  Physical – mechanical controls
Security Breaches: Prosecuting attackers and hackers  Motive  Why did they do it?  Opportunity  Were they available to commit the crime?  Means  Did they have the capability to commit the crime?
Liability: Legal and Governmental Issues  A company should practice due diligence and due care when protecting sensitive data and resources.  A company can be sued by its customers or employees if a breach on sensitive data happens  Deal with government laws that requiring a minimal security level when protecting certain resources.
On the Job  Examine security in your network from endpoint to endpoint, from where traffic enters your network, to where your users connect (switches, access points, and remote access VPN gateways)  Select a product solution that focuses on end-to-end security
Questions  What are the benefits that an organization would get from properly classifying data?  Research about the 10 commandments of computer ethics by the Computer Ethics Institute
Introduction to Network Security

Recommended

Network security
Network securityNetwork security
Network security
quest university nawabshah
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
OECLIB Odisha Electronics Control Library
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
Amandeep Kaur
 

Recommended

Network security
Network securityNetwork security
Network security
quest university nawabshah
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
OECLIB Odisha Electronics Control Library
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
Amandeep Kaur
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
Amos Oyoo
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attack
stollen_fusion
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
Sophos
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
Nitin Bisht
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Vaishak Chandran
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
Hansa Nidushan
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
Shreedevi Tharanidharan
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
Arzath Areeff
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
ShafeeqaFarsana
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 
Network security
Network securityNetwork security
Network security
Gichelle Amon
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
Computing Cage
 

More Related Content

What's hot

Network security
Network securityNetwork security
Network security
Estiak Khan
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
Amos Oyoo
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attack
stollen_fusion
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
Sophos
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
Nitin Bisht
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Vaishak Chandran
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
Hansa Nidushan
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
Shreedevi Tharanidharan
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
Arzath Areeff
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
ShafeeqaFarsana
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Introduction to cyber security amos
Introduction to cyber security amosIntroduction to cyber security amos
Introduction to cyber security amos
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attack
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Security threats
Security threatsSecurity threats
Security threats
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
 

Viewers also liked

Network security
Network securityNetwork security
Network security
Gichelle Amon
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
Computing Cage
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
Mostafa Elgamala
 
The Role Of Java Script
The Role Of Java ScriptThe Role Of Java Script
The Role Of Java Script
Christian Heilmann
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
IGZ Software house
 
Network Security
Network SecurityNetwork Security
Network Security
VIKAS SINGH BHADOURIA
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
shashi712
 
File Compression
File CompressionFile Compression
File Compression
The Univ of Findlay
 
Penalty enforcement & 10 second runoff
Penalty enforcement & 10 second runoff Penalty enforcement & 10 second runoff
Penalty enforcement & 10 second runoff
drs8418
 
Network security
Network securityNetwork security
Network security
Nandini Raj
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name system
webhostingguy
 
ISDD Media Types - File Compression
ISDD Media Types - File CompressionISDD Media Types - File Compression
ISDD Media Types - File Compression
Forrester High School
 
Basics of JavaScript
Basics of JavaScriptBasics of JavaScript
Basics of JavaScript
Bala Narayanan
 
ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10
Irsandi Hasan
 
Transport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP PortTransport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP Port
Netwax Lab
 
Javascript
JavascriptJavascript
Javascript
Nagarajan
 
Data compression
Data compression Data compression
Data compression
Muhammad Irtiza
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
myrajendra
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
swapneel07
 
Web Development with HTML5, CSS3 & JavaScript
Web Development with HTML5, CSS3 & JavaScriptWeb Development with HTML5, CSS3 & JavaScript
Web Development with HTML5, CSS3 & JavaScript
Edureka!
 

Viewers also liked (20)

Network security
Network securityNetwork security
Network security
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
The Role Of Java Script
The Role Of Java ScriptThe Role Of Java Script
The Role Of Java Script
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
 
File Compression
File CompressionFile Compression
File Compression
 
Penalty enforcement & 10 second runoff
Penalty enforcement & 10 second runoff Penalty enforcement & 10 second runoff
Penalty enforcement & 10 second runoff
 
Network security
Network securityNetwork security
Network security
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name system
 
ISDD Media Types - File Compression
ISDD Media Types - File CompressionISDD Media Types - File Compression
ISDD Media Types - File Compression
 
Basics of JavaScript
Basics of JavaScriptBasics of JavaScript
Basics of JavaScript
 
ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10ITE v5.0 - Chapter 10
ITE v5.0 - Chapter 10
 
Transport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP PortTransport Layer Port or TCP/IP & UDP Port
Transport Layer Port or TCP/IP & UDP Port
 
Javascript
JavascriptJavascript
Javascript
 
Data compression
Data compression Data compression
Data compression
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
 
Threats to information security
Threats to information securityThreats to information security
Threats to information security
 
Web Development with HTML5, CSS3 & JavaScript
Web Development with HTML5, CSS3 & JavaScriptWeb Development with HTML5, CSS3 & JavaScript
Web Development with HTML5, CSS3 & JavaScript
 

Similar to Introduction to Network Security

01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf
RiyaSonawane
 
Data security
Data securityData security
Data security
AbdulBasit938
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & process
Information Technology Society Nepal
 
Unit 5 v2
Unit 5 v2Unit 5 v2
Unit 5 v2
ShubhraGoyal4
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
Priyanka Aash
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
Nicholas Davis
 
Information security background
Information security backgroundInformation security background
Information security background
Nicholas Davis
 
Understanding the security_organization
Understanding the security_organizationUnderstanding the security_organization
Understanding the security_organization
Dan Morrill
 
Information security
Information securityInformation security
Information security
Sanjay Tiwari
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
Global Business Events - the Heart of your Network.
 
Ways to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data BreachWays to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data Breach
incmagazineseo
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROL
shinydey
 
Testing
TestingTesting
Testing
lorenceman
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
Caroline Johnson
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
Ganbayar Sukhbaatar
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
Rodrigo Piovesana
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
ciso_insights
 
IAS101_Week 2-3_Introduction to Information Systems and Security.pptx
IAS101_Week 2-3_Introduction to Information Systems and Security.pptxIAS101_Week 2-3_Introduction to Information Systems and Security.pptx
IAS101_Week 2-3_Introduction to Information Systems and Security.pptx
Angela Arago
 
Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)
Huntsman Security
 
Overview
OverviewOverview
Overview
phanleson
 

Similar to Introduction to Network Security (20)

01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf01-introductiontosecurity-111122004432-phpapp02.pdf
01-introductiontosecurity-111122004432-phpapp02.pdf
 
Data security
Data securityData security
Data security
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & process
 
Unit 5 v2
Unit 5 v2Unit 5 v2
Unit 5 v2
 
Proactive information security michael
Proactive information security michael Proactive information security michael
Proactive information security michael
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
 
Information security background
Information security backgroundInformation security background
Information security background
 
Understanding the security_organization
Understanding the security_organizationUnderstanding the security_organization
Understanding the security_organization
 
Information security
Information securityInformation security
Information security
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
Ways to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data BreachWays to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data Breach
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROL
 
Testing
TestingTesting
Testing
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
Convergence innovative integration of security
Convergence innovative integration of securityConvergence innovative integration of security
Convergence innovative integration of security
 
IAS101_Week 2-3_Introduction to Information Systems and Security.pptx
IAS101_Week 2-3_Introduction to Information Systems and Security.pptxIAS101_Week 2-3_Introduction to Information Systems and Security.pptx
IAS101_Week 2-3_Introduction to Information Systems and Security.pptx
 
Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)
 
Overview
OverviewOverview
Overview
 

Recently uploaded

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
Pixlogix Infotech
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 

Recently uploaded (20)

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 

Introduction to Network Security

  • 1.
  • 2. What is Network Security?  consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, m odification, or denial of the computer network and network-accessible resources.
  • 3. Security Challenges  Computer Security Institute (CSI)  Survey: over 70% networks have experienced security breach  From the 70%, 60% have undergone internal breaches and only 40% are external or perimeter breaches.
  • 4. 2 Main reasons why security has became more important as an issue over time  The hacking and attack tools have become more and more dangerous, where an attack can cause serious financial damage to a company  The hacking and attack tools have become easier to use- in most cases, they are automated, allowing even a novice to use them.
  • 5. Security Roles  Have changed over the years  In the past networks were closed to the outside world, thus attack didn’t cause much damage  Mid 1990s, Internet has exploded which increases the possibility of security breach
  • 6. Security Issues  Security is a business problem not just a technology problem  The concept of security is an illusion  Managing security means managing the perception of others  There are many different security technologies to choose from  You must create a comprehensive security policy
  • 7. Security Goals  Create and implement a single, cohesive, company-wide security policy  Don’t allow products to dictate security policies – policies should drive the products that you choose  Centralize security management
  • 8. Security Components Security is a relative or subjective problem  Authentication  Authorization  Privacy  Integrity  Availability  Nonrepudiation  Accounting
  • 9. Authentication  Verifying a person’s identity (who they are)
  • 10. Authorization  Controlling access to resources (what they are trying to do)
  • 11. Privacy  Protecting confidentiality of information (what the content of the information is)
  • 12. Integrity  Validating that information was not changed (verifying that the information that was received has not been modified or tampered with)
  • 13. Availability  Providing redundancy for security (ensuring that you have a fallback solution in the event of failure or security compromise)
  • 14. Nonrepudiation  Proving that a transaction took place between two entities (when using online transactions, having verifiable proof that the transaction took place between 2 entities)
  • 15. Accounting  Recording information about an employee’s actions when interacting with data and systems as well as information about the operation (including security events) of your networking devices
  • 16. Data Classification for Public/Government Agencies  Unclassified data - data has few or no confidentiality requirements.  Sensitive but unclassified (SBU) data - data could prove embarrassing if revealed, but no serious security breach would occur.  Confidential data - Lowest level of classified data, where data protection must meet confidentiality requirements
  • 17. Data Classification for Public/Government Agencies  Secret data - A significant effort must be made to secure data, limiting access to a small number of people  Top Secret data - Great effort and cost is used to secure data, limiting access to a very small number of people (need to know access)
  • 18. Data Classification for private companies or nongovernment  Public data - data is publicly available, as on a website  Sensitive data - similar to SBU  Private data – data is important to a company; an effort must be made to secure it and verify that it is accurate  Confidential data – data is very important to a company, like trade secrets and employee records
  • 19. Classification Criteria  Value  Personal Association  Age  Useful Life
  • 20. Classification Procedures  Who is responsible for the data?  How should the information be classified, with any exceptions?  How are the controls used for classification policies?  When and how does declassification of data occur?
  • 21. Classification Roles Role Description Performed By Owner Is ultimately responsible for the Typically a member of the data management staff Custodian Is responsible for the security of Typically a member of the IT the data on a day-to-day basis staff User Is responsible for using the data Your typical user, who can according to defined policies “see the trees, but not the and operating procedures forest” in the company and who has a ground-level view of certain data
  • 22. Security Controls  Preventive – used to prevent a data compromise  Deterrent – used to scare away a certain number of ill-doers  Detective – used to detect access to data
  • 23. 3 Categories that control the implementation of the security control  Administrative – policy and procedural controls  Technical – electronics, hardware, and software controls  Physical – mechanical controls
  • 24. Security Breaches: Prosecuting attackers and hackers  Motive  Why did they do it?  Opportunity  Were they available to commit the crime?  Means  Did they have the capability to commit the crime?
  • 25. Liability: Legal and Governmental Issues  A company should practice due diligence and due care when protecting sensitive data and resources.  A company can be sued by its customers or employees if a breach on sensitive data happens  Deal with government laws that requiring a minimal security level when protecting certain resources.
  • 26. On the Job  Examine security in your network from endpoint to endpoint, from where traffic enters your network, to where your users connect (switches, access points, and remote access VPN gateways)  Select a product solution that focuses on end-to-end security
  • 27. Questions  What are the benefits that an organization would get from properly classifying data?  Research about the 10 commandments of computer ethics by the Computer Ethics Institute

Editor's Notes

  1. CSI – is an organization that provides education, community, and research for IT security professionals.Survey – not all breaches have been severe, but any type of breach can create loss of data, loss of time, and thus loss of revenue.
  2. For example, a denial of service attack on a business’ e-commerce solution that sells services on the Internet might cause the loss of millions of money because legitimate users cannot access the site.For example, many scanning tools used in reconnaissance attacks are GUI-based and provide detailed, well-explained output of the vulnerabilities that a system has and how to exploit them.
  3. The Internet is commonly used to provide connectivity between locations or for remote access from your small offices or users working from home. Companies rely more and more on e-commerce solutions to increase their profits: today’s networks are much open than they were in the past. On top of this, because networks are becoming more open, there is much larger concern over protecting confidential information: information important to a company’s trade secrets, employee personal files, hospital patient records or financial records of customers. Because of these concerns, companies focused more on security and governments have passed laws and procedures to protect certain type of data.
  4. Breaking it down, there are 3 basic security issues you will need to deal with when coming up with a security solution for your network or company.1.Since people are involved with systems that are networked, you must create a solution that deals with both the people that use the systems and also the technology the systems use. The solution will need to involve procedures and guidelines for your employees. If a business needs security, it should build security into its very core – in its vision and mission. The purpose of vision is to set the expectations and goals of a particular organization. Security adds confidence to the vision.Example: Coca-cola – in many parts of the world, it’s the only beverage which people may feel completely safe to drink. That’s a fact. 2. For example, when talking about VPNs, you have to consider that they come in different types like site-to-site and remote access; different protocols like IPSec, L2TP, PPTP, and SSL; different protection methods like encryption algorithms, and hashing functions; different methods of authentication… 3. The third arises when your company either lacks a security policy or has one that is poorly written or designed. One of the main tools you’ll use to help combat security issues is the development of a comprehensive and detailed security policy. A security policy basically defines what is and is not permissible with the access and use of a company’s networking equipment as well as different types of data and resources that systems use.
  5. This policy should be flexible enough to allow your company to meet its objectives that are detailed in the company’s business plan, but still protect your company’s assets at a reasonable price. even though you are faced with centralizing security solution that encompasses of different devices, you should not let products dictate your security policies.
  6. 1. Which means that what is important to one company is not necessarily important to a different company. Each company has different business plans and goals and thus their security policies and solutions will be different.
  7. Value – most important criterion and indicates how important the data is to the organizationPersonal association – data associated with a person, like an employee file in HRAge – over a period of time the value of the data decreases as events occur, such as changes in technologies being usedUseful life – newer information obsoletes older data; for instance, company products become end-of-file (EOL) and are replaced by newer ones.
  8. Defines who is responsible for the data, how it is classified, the policy that handles the classification, and when and how declassification occurs.
  9. Define the people and their roles when interacting with data
  10. Are mechanisms used to protect data. It falls under 3 types:Question: Of the 3 controls, which do you think is the most secure? Answer: preventive controls but typically cost the most to implement
  11. Administrative – deal with security awareness training, background checks of employees, restrictive hiring practices , auditing the activity occuring on systems, change and configuration management control, and most importantly, the development and enforcement of a security policy.Technical – deal with network devices to implement security controls (VPN gateways, firewalls, IPS appliances, and the like), methods of authentication and authorization (like directory services, authentication, authorization and accounting), security devices (like smart cards, network access control, biometrics) and logical access control mechanisms (like ACL on routers and firewalls).Physical – deal with the use of monitoring equipment to detect intrusions (like an alarm system), physical security devices (like door locks, door key codes, safes, secured rack system for equipment), environmental controls (like UPS systems, sprinkler system, and air conditioning and air flow devices), and security guards and personnel.Tip: a good security implementation to protect data will have a good balance among administrative, technical and physical controls
  12. In an ideal world, if you were wronged, you would receive due justice and the perpetrator would be punished. However, this is not an ideal world. When it comes to computer and network security, if someone hacks into a service, finding and bringing the person to justice can sometimes seem like an almost imposiible process. The following sections will discuss some important topics related to security breaches and bringing justice to those who damage your network and its resources.If you catch someone who breaches your network and/ or data security, you need to be able to prove the following in order to successfully prosecute that person. However, to do that you will face many difficulties. When dealing with the computer world, most of your evidence id “virtual” and you will need to main data integrity, which can be difficult in “virtual” world. For example, evidence you collect, like data and log files, can easily be damaged or modified, like timestamps that indicate when the file was created or modified.When a breach occurs, don’t shut down or reboot a system until you perform a memory dump. Likewise, a disk image should be captured before working with data on the drive. Make sure you photograph the equipment and information before disconnecting it. You need to maintain a strict chain of custody of the equipment and / or information when working on it – who accessed it, when they accesses it, and what they did with it.