Anjan Mahanta, profile picture
Uploaded byAnjan Mahanta
437 views

13.02 Network Security

This document discusses various network security issues and methods. It covers topics like unauthorized access, malware, denial of service attacks, security methods like access rights and firewalls, and ways to protect against threats such as encryption, backups, and anti-virus software. Network security is important because when computers are connected, there are increased risks from other devices gaining access without permission. Hackers, viruses, and other threats can read or damage data if networks are not properly secured.

Embed presentation

Downloaded 67 times
Chapter 13 Networks anjan.mahanta@satreephuketipc.com Cambridge A Level IT 13.02 Network security
13.2 Network security Security issues When computers are connected together through networks, there are increased security risks due to access being available from other computers. 2
Unauthorised access ● Commonly known as hacking, unauthorised access takes places when a person or device gains access to a computer network without permission. ● Hackers can guess usernames and passwords to gain access to a network, particularly when users set up weak passwords. ● Once hacker has access, they can read data on the system. This data may be confidential to people or to the organization. ● The hacker may also make changes to the data, such as changing payment details, or the hacker may destroy data deliberately to cause harm to the organization or individual. 3
Malware ● Malware is a word used to describe any software that is designed to cause damage. ● In relation to networks, the main problems are viruses and spyware. ● Viruses copy themselves automatically to other devices and so the connectivity of a network makes the spread of viruses more likely. ● They are designed to cause damage to data or cause problems to the operation of a computer system. 4
Malware ● Parasite viruses attach themselves to files on a computer system and are triggered by certain events such as date and time. ● Macro viruses attach themselves to macros that are part of macro-enabled documents. ● Email viruses arrive as attachments to emails and are triggered by the user opening the attachment. ● Unique to networks are worms which spreads automatically through networks. Worms create their own executable (.exe) files to spread. https://www.youtube.com/watch?v=AfZxUK9U3hE 5
Malware ● Trojan horses are malicious programs that disguise themselves as normal software, but if they are run they will actually cause damage. https://www.youtube.com/watch?v=CvRIZHQMgco ● Trojans are often found on websites when a user tries to download some illegal music or films and they end up download a Trojan instead. ● Spyware is a software that secretly collects information without the user being aware. It can log user activity including credit card information or usernames and passwords. ● If a keylogger is used, then every keystroke made by a user is recorded and this could include confidential data. https://www.youtube.com/watch?v=kcoXJ6NhZ2U 6
Task ● Find out how the Blaster worm infected networked computers in 2003. 7
Denial of service attack ● A denial of service (DoS) attack is designed to send more requests to a server than it can deal with. ● They are carried out to cause a disruption to an organization’s network or website and often result in users not being able to use the network and customers not being able to access the website. ● Website attacks are measured in requests per second (RPS) and it can only take around 50 RPS to cripple a website. ● Network attacks are measured in gigabits per second (Gbps) and it can only take around 20 Gbps of data to make a network unusable. ● DoS attacks are not designed to gain access to data, but purely to cause disruption. A DoS attack could last for hours, days or weeks. https://www.youtube.com/watch?v=DL1eQKkS2nI 8
Task ● Find out how the hacktivist group Anonymous used DoS attacks against ISIS websites and social media in February 2015 https://foreignpolicy.com/2015/11/13/anonymous-hackers-islamic-state-isis-chan-online-war/ 9
Security methods Access rights ● When a user logs onto a network, they are given rights to access different parts of that network. These access rights are usually related to data but can also be related to services that are available, such as accessing the World Wide Web, accessing email accounts and running software. ● The most common access rights that are given are: ○ Create C: users can create new items of data ○ Read R: users can read existing data ○ Update U: users can make changes to data ○ Delete D: users can delete data 10
Security methods 11
Task ● Research what makes a good password. Define set of rules for a password that is not too restrictive on users but also ensures that the password is secure. 12
Choosing a password - the differences between strong and weak passwords There are programs available that are able to crack passwords and if a password is short and contains just letters, then the password is weak and it is very easy to crack. Many people use weak passwords because they find them easy to remember. Here are some examples of weak passwords: mypassword Ahmed Steve1234 13
Choosing a password - the differences between strong and weak passwords A strong password doesn't need to be long provided it contains symbols, capitals, numbers, and letters. Although strong passwords are not impossible to crack, most hackers would quickly move on to a different computer system where a weak password had been used. A strong password should be a combination of letters (capital and lowercase), numbers, and symbols that have no relation to each other, just totally random such as 4Hp!9$R; Here are some examples of strong passwords: S%7c&X £D23&!ul 14
Security measures ● Disable the user accounts at certain times of day so that the users who work from 9 a.m. to 5 p.m. can only access their accounts during that time and this prevents someone from trying to use their account outside those hours. ● Security can also be put into place to ensure that certain user accounts can only be accessed from specific computers. ● Two-factor authentication (2FA) can be used which requires two security components to gain access. This can be simple as using a swipe card and a PIN but it can also include more complex methods. Such as generating one time passwords (OTP). 15
Task 16
Biometric methods ● Biometrics are biological characteristics that can be measured. ● Biometric security uses these biological characteristics to authenticate user’s identity. ● The biological characteristic has to be unique to each user in order to be able to authenticate the user. ● Characteristics used for biometric security include: ○ Retina recognition ○ Facial recognition ○ Finger prints ○ Voice recognition 17
Firewalls ● Networks that have access to a WAN or internet have two-way traffic into and out of the network. ● A firewall controls what data can flow into and out of the network. ● A firewall maybe a part of a router or it may be a software installed on a server that sits between the gateway and the network. ● It is effectively a barrier between the network and external data traffic. https://www.youtube.com/watch?v=kDEX1HXybrU 18
Firewalls ● Firewalls include an Access Control List (ACL) that uses a technique called packet filtering. ● An ACL controls which packets are allowed through the firewall. ● The ACL will include a set of rules that determine which protocol, port numbers, source addresses and destination addresses are allowed or not allowed. ● If data packets are not allowed they will be dropped. ● For example, if the ACL includes a rule to block FTP, then all data packets for port 21 (the FTP listening port) will be dropped. 19
Firewalls 20
Backup ● A backup is a copy of the original data. A backup is required if something goes wrong and the original data is either damaged or lost. ● In the event of a problem with the data then the backup copy can be restored. ● A backup doesn’t stop a hacker from gaining access to data, nor does it stop viruses from causing damage to data, but it is essential when recovering from an attack. ● In a network, backup processes should be set to run automatically and regularly. The more regularly a backup process is run, the more storage that will be required for the backup data. 21
Backup ● Backing up data in cloud, which are effectively internet-based storage might be beneficial which include not having to change tapes each day and the data being away from the original in case of fire and flood. ● However, it also means that the data is connected and a part of a network which could also suffer a security breach. ● Storing data on tapes means that the tapes have to be changed each day and then relocated to a secure location away from the main servers. 22
Encryption 23
Encryption ● If information needs to be sent over the internet or another network and it needs to be kept secure, then encryption should be used. ● Encryption scrambles the data while it is being sent and only the true recipient is able to unscramble it. Should the data be intercepted by a hacker, then the data will be totally meaningless. ● The process of scrambling data, sending it over the internet and then deciphering it when it reaches the true recipient, is called encryption. ● This requires encryption and decryption keys. 24
Encryption should be used for: ● Sending credit card details such as credit card numbers, expiry dates, etc., over the internet. ● Online banking. ● Sending payment details (bank details such as sort-code numbers, account numbers, etc.). ● Confidential emails. ● Sending data between computers when confidentiality is essential. 25
Malware security (anti-virus & anti-spyware) ● Anti-virus software now tends to be referred to as anti-malware software as it deals with other threats, such as adware and spyware, as well as viruses. ● It has two main functions: ● The first is an anti-virus monitor that is continually monitoring the system for malware. If the anti-virus monitor detects any unusual behaviour or tell-tale signs of malware, then it will prevent that malware from being executed so that it can’t cause damage to the files or programs. 26
Malware security (anti-virus & anti-spyware) ● The second function is to check for malware that may already be on a system. This is usually known as scanning the system. ● If any malware is found, then the user will be given the option to disinfect the malware, put it into quarantine or ignore it. ● Disinfecting the malware is the safest option as it completely removes the malware from the system, but it does mean that any data or program that included the malware will be deleted. 27
Physical security methods ● Physical security methods are about protecting computer equipment. This can include standard methods that are used to secure other equipment and buildings or specialist physical devices that are designed to protect computer equipment. ● Security guards can be used to verify every person who enters a building or specific rooms to endure that they are authorised to gain entry. ● Physical locks can be used on server room doors to prevent unauthorized access to these rooms. These can be key locks, swipe card locks or numerical code locks. ● This kind of security should also be applied to back up tapes, which should be stored in a safe that is kept off site. 28
Physical security methods ● Main servers should be protected against electrical surges. This can be done using extension leads that offer surge protection, but most servers will be protected by uninterruptible power supply (UPS). ● UPS are basically battery packs that will provide power in the event of a power cut, but will ensure that the power supply is uniform. 29
Physical security methods ● Server rooms should be located in areas that are protected from fires and floods. ● This should include providing additional fire protection, such as a server room with fireproof doors, carbon dioxide fire extinguishers and putting back up tapes in fireproof safes. ● Server rooms should not be located in ground floor, which can be susceptible to floods, and they should be away from any water pipes that could potentially burst. 30
The principles of a typical data protection act The widespread use of ICT has made the processing and transfer of data much easier and to protect the individual against the misuse of data, many countries have introduced a law called a data protection act. There are a number of problems in organisations holding personal data: ● The personal data might be wrong,which means wrong decisions could be made. ● The organisation may not take care of the personal data it holds so others may find out about it. 31
32
What exactly is personal data? ● Data about an identifiable person (i.e. the data must be about someone who can be identified by name, address, etc.). ● Data about someone who is living. ● Data that is more personal than name and address. For example, medical records, criminal record, credit history, religious or political beliefs, etc., are all classed as personal data. 33
The effects of wrong personal data ● Your medical details could be wrong, meaning you get the wrong treatment - which could be life threatening. ● Wrong decisions might be made; for example, you could be refused a loan. ● Wrong exam results could affect you getting a job. 34
Rights of the data subject and the holder ● The person about whom the personal details are held is called the data subject. ● The person in the organisation who is responsible for the personal data held is called the data holder. ● A data protection act is a law that protects individuals by placing obligations on the organisations who collect and process the data (i.e. the data holders) in the following ways: 35
Data Protection Principles 1. Personal data shall be processed fairly and lawfully. 2. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes. 3. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. 4. Personal data shall be accurate and, where necessary, kept up to date. 5. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. 36
Data Protection Principles 6. Personal data shall be processed in accordance with the rights of data subjects under this act 7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of or damage to personal data. 8. Personal data shall not be transferred to a country or territory unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. https://www.bbc.co.uk/bitesize/guides/z6kj6sg/revision/1 37
38
39
40 DISCUSSION ● What kind of network do you have in your school? ● What possible security issues need to be considered? ● What does the school need to do to prevent these security issues from arising? ● What physical security methods does the school have in place? ● What logical (software based) security methods does the school have in place? ● What could the school introduce to make its network even safer?
41

More Related Content

PDF
Using Network
byAnjan Mahanta
 
PDF
Networks and the effects of using them
byAnjan Mahanta
 
PPTX
2.5 safety and security of data in ict systems 13 12-11
bymrmwood
 
PDF
Emerging Technologies
byAnjan Mahanta
 
PPT
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
byAlchemist095
 
PPTX
Case study on Physical devices used in Computer forensics.
byVishal Tandel
 
PPTX
Access Control - Week 4
byjemtallon
 
KEY
Mis
bymisecho
 
Using Network
byAnjan Mahanta
 
Networks and the effects of using them
byAnjan Mahanta
 
2.5 safety and security of data in ict systems 13 12-11
bymrmwood
 
Emerging Technologies
byAnjan Mahanta
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
byAlchemist095
 
Case study on Physical devices used in Computer forensics.
byVishal Tandel
 
Access Control - Week 4
byjemtallon
 
Mis
bymisecho
 

What's hot

PPTX
PACE-IT: Common Network Security Issues
byPace IT at Edmonds Community College
 
PPTX
Data Network Security
byAtif Rehmat
 
PPTX
cyber forensics
byAmbuj Kumar
 
PPTX
Computer forensics
bydeaneal
 
PDF
CNIT 123: Ch 1 Ethical Hacking Overview
bySam Bowne
 
PPT
Personal Data Protection
byCreatorsCircle
 
PPT
Lecture 9 and 10 comp forensics 09 10-18 file system
byAlchemist095
 
PPTX
Securing embedded systems
byaissa benyahya
 
PPT
Lesson 1 - Technical Controls
byMLG College of Learning, Inc
 
PPT
Honey pots
byDhaivat Zala
 
PPT
Chapter 6 effects of ict on society
byPratik Gupta
 
PPT
Basic security concepts_chapter_1
byabdifatah said
 
PPTX
5 Security Tips to Protect Your Login Credentials and More
byCommunity IT Innovators
 
PPT
Select idps
byInfo-Tech Research Group
 
PPTX
Cyber Incident Response & Digital Forensics Lecture
byOllie Whitehouse
 
ODP
Unlock Security Insight from Machine Data
byNarudom Roongsiriwong, CISSP
 
PDF
12-19-14 CLE for South (P Garrett)
byPatrick Garrett
 
DOCX
CNS599NLEN_RiskAssessment
byTaishaun Owens
 
DOCX
Chapter 6.0
byAdebisi Tolulope
 
PPTX
Computer forensic 101 - OWASP Khartoum
byOWASP Khartoum
 
PACE-IT: Common Network Security Issues
byPace IT at Edmonds Community College
 
Data Network Security
byAtif Rehmat
 
cyber forensics
byAmbuj Kumar
 
Computer forensics
bydeaneal
 
CNIT 123: Ch 1 Ethical Hacking Overview
bySam Bowne
 
Personal Data Protection
byCreatorsCircle
 
Lecture 9 and 10 comp forensics 09 10-18 file system
byAlchemist095
 
Securing embedded systems
byaissa benyahya
 
Lesson 1 - Technical Controls
byMLG College of Learning, Inc
 
Honey pots
byDhaivat Zala
 
Chapter 6 effects of ict on society
byPratik Gupta
 
Basic security concepts_chapter_1
byabdifatah said
 
5 Security Tips to Protect Your Login Credentials and More
byCommunity IT Innovators
 
Select idps
byInfo-Tech Research Group
 
Cyber Incident Response & Digital Forensics Lecture
byOllie Whitehouse
 
Unlock Security Insight from Machine Data
byNarudom Roongsiriwong, CISSP
 
12-19-14 CLE for South (P Garrett)
byPatrick Garrett
 
CNS599NLEN_RiskAssessment
byTaishaun Owens
 
Chapter 6.0
byAdebisi Tolulope
 
Computer forensic 101 - OWASP Khartoum
byOWASP Khartoum
 

Similar to 13.02 Network Security

PDF
What are data networks?
byJames Steele
 
PPTX
Network Security
byManoj Singh
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
byNune SrinivasRao
 
PDF
Network security
byHasham Nabeel
 
PPTX
Network and system administration Chapter 5.pptx
bygadisaadamu101
 
PPTX
Network security presentation
byKudzai Rerayi
 
PPTX
network_security_ppt[1].pptx
byME1923SoumyaSouravNa
 
PPT
Effects of using IT
byMirza Ćutuk
 
PPTX
Computer Security Chapter 1
byTemesgen Berhanu
 
PPTX
Chapter 12 - Securing a Network CompTIA Network+
bydaddodon18
 
PPT
1 network securityIntroduction - MSC.ppt
bybilqesahmed608
 
PPTX
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
byEric Vanderburg
 
PPT
Network security
byMahmoud Abdeen
 
PPTX
Security_Awareness_Primer.pptx
byFaith Shimba
 
PPT
cryptographic security
byPriyamvada Singh
 
PPTX
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
PPT
23 computer security
byhafizhanif86
 
PPT
Computersystemssecurity 090529105555-phpapp01
byMiigaa Mine
 
PPT
Computer Systems Security
bydrkelleher
 
PDF
ch15.pdf
bySami Mughal
 
What are data networks?
byJames Steele
 
Network Security
byManoj Singh
 
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
byNune SrinivasRao
 
Network security
byHasham Nabeel
 
Network and system administration Chapter 5.pptx
bygadisaadamu101
 
Network security presentation
byKudzai Rerayi
 
network_security_ppt[1].pptx
byME1923SoumyaSouravNa
 
Effects of using IT
byMirza Ćutuk
 
Computer Security Chapter 1
byTemesgen Berhanu
 
Chapter 12 - Securing a Network CompTIA Network+
bydaddodon18
 
1 network securityIntroduction - MSC.ppt
bybilqesahmed608
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
byEric Vanderburg
 
Network security
byMahmoud Abdeen
 
Security_Awareness_Primer.pptx
byFaith Shimba
 
cryptographic security
byPriyamvada Singh
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
23 computer security
byhafizhanif86
 
Computersystemssecurity 090529105555-phpapp01
byMiigaa Mine
 
Computer Systems Security
bydrkelleher
 
ch15.pdf
bySami Mughal
 

More from Anjan Mahanta

PDF
Chapter 4 E-Safety and Health & Safety
byAnjan Mahanta
 
PDF
The role and impact of IT in society
byAnjan Mahanta
 
PDF
Spreadsheet lookup functions
byAnjan Mahanta
 
PDF
13.01 Network Components
byAnjan Mahanta
 
PDF
Spreadsheet text functions
byAnjan Mahanta
 
PDF
Chapter 2 Hardware and Software
byAnjan Mahanta
 
PDF
Data, Information, Knowledge and Processing
byAnjan Mahanta
 
PDF
Conditional statistical functions
byAnjan Mahanta
 
PDF
Spreadsheet if and nested if function
byAnjan Mahanta
 
PDF
Expert Systems
byAnjan Mahanta
 
PDF
Storage devices and media
byAnjan Mahanta
 
PDF
Paper 2 – Exam Revision Notes.pdf
byAnjan Mahanta
 
PDF
Scratch Animation
byAnjan Mahanta
 
PDF
The Digital Divide
byAnjan Mahanta
 
PDF
Chapter 3 Monitoring and Control
byAnjan Mahanta
 
PDF
Spreadsheet Date & Time Functions
byAnjan Mahanta
 
PDF
Project management part 1
byAnjan Mahanta
 
PDF
Project management part 2
byAnjan Mahanta
 
PDF
The Seven Chakras
byAnjan Mahanta
 
PDF
13.03 - Satellite communication systems
byAnjan Mahanta
 
Chapter 4 E-Safety and Health & Safety
byAnjan Mahanta
 
The role and impact of IT in society
byAnjan Mahanta
 
Spreadsheet lookup functions
byAnjan Mahanta
 
13.01 Network Components
byAnjan Mahanta
 
Spreadsheet text functions
byAnjan Mahanta
 
Chapter 2 Hardware and Software
byAnjan Mahanta
 
Data, Information, Knowledge and Processing
byAnjan Mahanta
 
Conditional statistical functions
byAnjan Mahanta
 
Spreadsheet if and nested if function
byAnjan Mahanta
 
Expert Systems
byAnjan Mahanta
 
Storage devices and media
byAnjan Mahanta
 
Paper 2 – Exam Revision Notes.pdf
byAnjan Mahanta
 
Scratch Animation
byAnjan Mahanta
 
The Digital Divide
byAnjan Mahanta
 
Chapter 3 Monitoring and Control
byAnjan Mahanta
 
Spreadsheet Date & Time Functions
byAnjan Mahanta
 
Project management part 1
byAnjan Mahanta
 
Project management part 2
byAnjan Mahanta
 
The Seven Chakras
byAnjan Mahanta
 
13.03 - Satellite communication systems
byAnjan Mahanta
 

Recently uploaded

PDF
Road Safety Calendar-2026 Courtesy - IYSO Team India - Safer Indian Roads
byIndian Youth Secured Organisation
 
PDF
Fever & Fragment Uncovering the Plague in The Waste Land
byNidhi Pandya
 
PDF
Cut off for Asst Professor Recruitment by HPSC i.e. Haryana Public Service Co...
byRajesh Verma
 
PPTX
CHAPTER NO. 05 BIOLOGICAL SOURCE,CHEMICAL CONSTITUENTS AND THERAPEUTIC EFFICA...
byGanu Gavade
 
PPTX
What are the Custom lot_serial number in Odoo 19
byCeline George
 
PDF
Gaming Quiz 2025- 27th October 2025, Quiz Club NITW
byQuiz Club NITW
 
PDF
DNA.CEO: DNA-Computing For Kids, Teens, & Dummies (Like Me)
byVladislav Solodkiy
 
PPTX
Non aqueous titration First Year B. Pharm.pptx
byMs. Ashatai Patil
 
PDF
Renewable Energy Resources Unit 2 Easy notes (EduShine Classes).pdf
byaaquib913
 
PPTX
Centrifugation pharmaceutical engineering
byShraddha Bandgar
 
PPTX
Cultivation Practice of Tomato in Nepal.pptx
byUmeshTimilsina1
 
PDF
Digital_Empathy_Toolkit_Netiquette_and_Responsible_Communication
byNidhi Pandya
 
PPTX
4. Nursery raising of vegetable crops.pptx
byUmeshTimilsina1
 
PPTX
Aplastic_Anaemia_PA17.1_Presentation.pptx
byDibyajyoti Prusty
 
PPTX
Cultivation Practice of Potato in Nepal.pptx
byUmeshTimilsina1
 
PPTX
2. Classification of vegetable and spice crops.pptx
byUmeshTimilsina1
 
PPTX
Cultivation Practice of Major Cole crops in Nepal.pptx
byUmeshTimilsina1
 
PPTX
1. Importance, scope and constraints of vegetable and spice crop production i...
byUmeshTimilsina1
 
PPTX
Cultivation practice of Root vegetables.pptx
byUmeshTimilsina1
 
PPTX
Details Study of Joints (articulation).pptx
byAshish Umale
 
Road Safety Calendar-2026 Courtesy - IYSO Team India - Safer Indian Roads
byIndian Youth Secured Organisation
 
Fever & Fragment Uncovering the Plague in The Waste Land
byNidhi Pandya
 
Cut off for Asst Professor Recruitment by HPSC i.e. Haryana Public Service Co...
byRajesh Verma
 
CHAPTER NO. 05 BIOLOGICAL SOURCE,CHEMICAL CONSTITUENTS AND THERAPEUTIC EFFICA...
byGanu Gavade
 
What are the Custom lot_serial number in Odoo 19
byCeline George
 
Gaming Quiz 2025- 27th October 2025, Quiz Club NITW
byQuiz Club NITW
 
DNA.CEO: DNA-Computing For Kids, Teens, & Dummies (Like Me)
byVladislav Solodkiy
 
Non aqueous titration First Year B. Pharm.pptx
byMs. Ashatai Patil
 
Renewable Energy Resources Unit 2 Easy notes (EduShine Classes).pdf
byaaquib913
 
Centrifugation pharmaceutical engineering
byShraddha Bandgar
 
Cultivation Practice of Tomato in Nepal.pptx
byUmeshTimilsina1
 
Digital_Empathy_Toolkit_Netiquette_and_Responsible_Communication
byNidhi Pandya
 
4. Nursery raising of vegetable crops.pptx
byUmeshTimilsina1
 
Aplastic_Anaemia_PA17.1_Presentation.pptx
byDibyajyoti Prusty
 
Cultivation Practice of Potato in Nepal.pptx
byUmeshTimilsina1
 
2. Classification of vegetable and spice crops.pptx
byUmeshTimilsina1
 
Cultivation Practice of Major Cole crops in Nepal.pptx
byUmeshTimilsina1
 
1. Importance, scope and constraints of vegetable and spice crop production i...
byUmeshTimilsina1
 
Cultivation practice of Root vegetables.pptx
byUmeshTimilsina1
 
Details Study of Joints (articulation).pptx
byAshish Umale
 

13.02 Network Security

  • 1.
  • 2.
    13.2 Network security Securityissues When computers are connected together through networks, there are increased security risks due to access being available from other computers. 2
  • 3.
    Unauthorised access ● Commonlyknown as hacking, unauthorised access takes places when a person or device gains access to a computer network without permission. ● Hackers can guess usernames and passwords to gain access to a network, particularly when users set up weak passwords. ● Once hacker has access, they can read data on the system. This data may be confidential to people or to the organization. ● The hacker may also make changes to the data, such as changing payment details, or the hacker may destroy data deliberately to cause harm to the organization or individual. 3
  • 4.
    Malware ● Malware isa word used to describe any software that is designed to cause damage. ● In relation to networks, the main problems are viruses and spyware. ● Viruses copy themselves automatically to other devices and so the connectivity of a network makes the spread of viruses more likely. ● They are designed to cause damage to data or cause problems to the operation of a computer system. 4
  • 5.
    Malware ● Parasite virusesattach themselves to files on a computer system and are triggered by certain events such as date and time. ● Macro viruses attach themselves to macros that are part of macro-enabled documents. ● Email viruses arrive as attachments to emails and are triggered by the user opening the attachment. ● Unique to networks are worms which spreads automatically through networks. Worms create their own executable (.exe) files to spread. https://www.youtube.com/watch?v=AfZxUK9U3hE 5
  • 6.
    Malware ● Trojan horsesare malicious programs that disguise themselves as normal software, but if they are run they will actually cause damage. https://www.youtube.com/watch?v=CvRIZHQMgco ● Trojans are often found on websites when a user tries to download some illegal music or films and they end up download a Trojan instead. ● Spyware is a software that secretly collects information without the user being aware. It can log user activity including credit card information or usernames and passwords. ● If a keylogger is used, then every keystroke made by a user is recorded and this could include confidential data. https://www.youtube.com/watch?v=kcoXJ6NhZ2U 6
  • 7.
    Task ● Find outhow the Blaster worm infected networked computers in 2003. 7
  • 8.
    Denial of serviceattack ● A denial of service (DoS) attack is designed to send more requests to a server than it can deal with. ● They are carried out to cause a disruption to an organization’s network or website and often result in users not being able to use the network and customers not being able to access the website. ● Website attacks are measured in requests per second (RPS) and it can only take around 50 RPS to cripple a website. ● Network attacks are measured in gigabits per second (Gbps) and it can only take around 20 Gbps of data to make a network unusable. ● DoS attacks are not designed to gain access to data, but purely to cause disruption. A DoS attack could last for hours, days or weeks. https://www.youtube.com/watch?v=DL1eQKkS2nI 8
  • 9.
    Task ● Find outhow the hacktivist group Anonymous used DoS attacks against ISIS websites and social media in February 2015 https://foreignpolicy.com/2015/11/13/anonymous-hackers-islamic-state-isis-chan-online-war/ 9
  • 10.
    Security methods Access rights ●When a user logs onto a network, they are given rights to access different parts of that network. These access rights are usually related to data but can also be related to services that are available, such as accessing the World Wide Web, accessing email accounts and running software. ● The most common access rights that are given are: ○ Create C: users can create new items of data ○ Read R: users can read existing data ○ Update U: users can make changes to data ○ Delete D: users can delete data 10
  • 11.
  • 12.
    Task ● Research whatmakes a good password. Define set of rules for a password that is not too restrictive on users but also ensures that the password is secure. 12
  • 13.
    Choosing a password- the differences between strong and weak passwords There are programs available that are able to crack passwords and if a password is short and contains just letters, then the password is weak and it is very easy to crack. Many people use weak passwords because they find them easy to remember. Here are some examples of weak passwords: mypassword Ahmed Steve1234 13
  • 14.
    Choosing a password- the differences between strong and weak passwords A strong password doesn't need to be long provided it contains symbols, capitals, numbers, and letters. Although strong passwords are not impossible to crack, most hackers would quickly move on to a different computer system where a weak password had been used. A strong password should be a combination of letters (capital and lowercase), numbers, and symbols that have no relation to each other, just totally random such as 4Hp!9$R; Here are some examples of strong passwords: S%7c&X £D23&!ul 14
  • 15.
    Security measures ● Disablethe user accounts at certain times of day so that the users who work from 9 a.m. to 5 p.m. can only access their accounts during that time and this prevents someone from trying to use their account outside those hours. ● Security can also be put into place to ensure that certain user accounts can only be accessed from specific computers. ● Two-factor authentication (2FA) can be used which requires two security components to gain access. This can be simple as using a swipe card and a PIN but it can also include more complex methods. Such as generating one time passwords (OTP). 15
  • 16.
  • 17.
    Biometric methods ● Biometricsare biological characteristics that can be measured. ● Biometric security uses these biological characteristics to authenticate user’s identity. ● The biological characteristic has to be unique to each user in order to be able to authenticate the user. ● Characteristics used for biometric security include: ○ Retina recognition ○ Facial recognition ○ Finger prints ○ Voice recognition 17
  • 18.
    Firewalls ● Networks thathave access to a WAN or internet have two-way traffic into and out of the network. ● A firewall controls what data can flow into and out of the network. ● A firewall maybe a part of a router or it may be a software installed on a server that sits between the gateway and the network. ● It is effectively a barrier between the network and external data traffic. https://www.youtube.com/watch?v=kDEX1HXybrU 18
  • 19.
    Firewalls ● Firewalls includean Access Control List (ACL) that uses a technique called packet filtering. ● An ACL controls which packets are allowed through the firewall. ● The ACL will include a set of rules that determine which protocol, port numbers, source addresses and destination addresses are allowed or not allowed. ● If data packets are not allowed they will be dropped. ● For example, if the ACL includes a rule to block FTP, then all data packets for port 21 (the FTP listening port) will be dropped. 19
  • 20.
  • 21.
    Backup ● A backupis a copy of the original data. A backup is required if something goes wrong and the original data is either damaged or lost. ● In the event of a problem with the data then the backup copy can be restored. ● A backup doesn’t stop a hacker from gaining access to data, nor does it stop viruses from causing damage to data, but it is essential when recovering from an attack. ● In a network, backup processes should be set to run automatically and regularly. The more regularly a backup process is run, the more storage that will be required for the backup data. 21
  • 22.
    Backup ● Backing updata in cloud, which are effectively internet-based storage might be beneficial which include not having to change tapes each day and the data being away from the original in case of fire and flood. ● However, it also means that the data is connected and a part of a network which could also suffer a security breach. ● Storing data on tapes means that the tapes have to be changed each day and then relocated to a secure location away from the main servers. 22
  • 23.
  • 24.
    Encryption ● If informationneeds to be sent over the internet or another network and it needs to be kept secure, then encryption should be used. ● Encryption scrambles the data while it is being sent and only the true recipient is able to unscramble it. Should the data be intercepted by a hacker, then the data will be totally meaningless. ● The process of scrambling data, sending it over the internet and then deciphering it when it reaches the true recipient, is called encryption. ● This requires encryption and decryption keys. 24
  • 25.
    Encryption should beused for: ● Sending credit card details such as credit card numbers, expiry dates, etc., over the internet. ● Online banking. ● Sending payment details (bank details such as sort-code numbers, account numbers, etc.). ● Confidential emails. ● Sending data between computers when confidentiality is essential. 25
  • 26.
    Malware security (anti-virus &anti-spyware) ● Anti-virus software now tends to be referred to as anti-malware software as it deals with other threats, such as adware and spyware, as well as viruses. ● It has two main functions: ● The first is an anti-virus monitor that is continually monitoring the system for malware. If the anti-virus monitor detects any unusual behaviour or tell-tale signs of malware, then it will prevent that malware from being executed so that it can’t cause damage to the files or programs. 26
  • 27.
    Malware security (anti-virus &anti-spyware) ● The second function is to check for malware that may already be on a system. This is usually known as scanning the system. ● If any malware is found, then the user will be given the option to disinfect the malware, put it into quarantine or ignore it. ● Disinfecting the malware is the safest option as it completely removes the malware from the system, but it does mean that any data or program that included the malware will be deleted. 27
  • 28.
    Physical security methods ●Physical security methods are about protecting computer equipment. This can include standard methods that are used to secure other equipment and buildings or specialist physical devices that are designed to protect computer equipment. ● Security guards can be used to verify every person who enters a building or specific rooms to endure that they are authorised to gain entry. ● Physical locks can be used on server room doors to prevent unauthorized access to these rooms. These can be key locks, swipe card locks or numerical code locks. ● This kind of security should also be applied to back up tapes, which should be stored in a safe that is kept off site. 28
  • 29.
    Physical security methods ●Main servers should be protected against electrical surges. This can be done using extension leads that offer surge protection, but most servers will be protected by uninterruptible power supply (UPS). ● UPS are basically battery packs that will provide power in the event of a power cut, but will ensure that the power supply is uniform. 29
  • 30.
    Physical security methods ●Server rooms should be located in areas that are protected from fires and floods. ● This should include providing additional fire protection, such as a server room with fireproof doors, carbon dioxide fire extinguishers and putting back up tapes in fireproof safes. ● Server rooms should not be located in ground floor, which can be susceptible to floods, and they should be away from any water pipes that could potentially burst. 30
  • 31.
    The principles ofa typical data protection act The widespread use of ICT has made the processing and transfer of data much easier and to protect the individual against the misuse of data, many countries have introduced a law called a data protection act. There are a number of problems in organisations holding personal data: ● The personal data might be wrong,which means wrong decisions could be made. ● The organisation may not take care of the personal data it holds so others may find out about it. 31
  • 32.
  • 33.
    What exactly ispersonal data? ● Data about an identifiable person (i.e. the data must be about someone who can be identified by name, address, etc.). ● Data about someone who is living. ● Data that is more personal than name and address. For example, medical records, criminal record, credit history, religious or political beliefs, etc., are all classed as personal data. 33
  • 34.
    The effects ofwrong personal data ● Your medical details could be wrong, meaning you get the wrong treatment - which could be life threatening. ● Wrong decisions might be made; for example, you could be refused a loan. ● Wrong exam results could affect you getting a job. 34
  • 35.
    Rights of thedata subject and the holder ● The person about whom the personal details are held is called the data subject. ● The person in the organisation who is responsible for the personal data held is called the data holder. ● A data protection act is a law that protects individuals by placing obligations on the organisations who collect and process the data (i.e. the data holders) in the following ways: 35
  • 36.
    Data Protection Principles 1.Personal data shall be processed fairly and lawfully. 2. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes. 3. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. 4. Personal data shall be accurate and, where necessary, kept up to date. 5. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. 36
  • 37.
    Data Protection Principles 6.Personal data shall be processed in accordance with the rights of data subjects under this act 7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of or damage to personal data. 8. Personal data shall not be transferred to a country or territory unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. https://www.bbc.co.uk/bitesize/guides/z6kj6sg/revision/1 37
  • 38.
  • 39.
  • 40.
    40 DISCUSSION ● What kindof network do you have in your school? ● What possible security issues need to be considered? ● What does the school need to do to prevent these security issues from arising? ● What physical security methods does the school have in place? ● What logical (software based) security methods does the school have in place? ● What could the school introduce to make its network even safer?
  • 41.