United Nation | Academy of Somalia

Assignments & Papers Correction

For Assignments For Paper
Total marks/Major Subjects - 50 1. Total marks/Major Subjects - 45
(1st Asg =15 Marks)
(2nd Asg =15 Marks)
(3rd Asg =10 Marks)
(4th Asg =10 Marks)

Punctuality Total Subject marks

& Discipline Marks - 5
100

Passing Subject marks

50

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Agenda
 1.0 Network Defense System Introduction

 1.1 Cyber Security

 1.3 Importance of Cyber Security

 1.4 Goals of Cyber Security

 1.5 Components of Cyber Security

 1.5.1 Confidentiality
 1.5.1.1 Encryption
 1.5.1.2 Access control
 1.5.1.3 Authentication
 1.5.1.4 Authorization
 1.5.1.5 Physical Security
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 1.0 Network Defense System Introduction

Network Defense System (NDS) is a form of cyber security

for the securing of military and government computer
systems. Like everyone else in the world, national agencies
also have to secure their systems against malicious cyber
attacks.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Introduction…….
We live in a highly technological era, with computers and
other technology being used for good all over the world.
People use computers to create new things for people
everywhere to enjoy. People use computers to write stories,
make videos, and even build exciting new things online, like
websites and video games

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Introduction…….
Unfortunately, like every other good thing in the world,
computers can also be used to do bad things, like hack into
shared networks and steal customer data and intellectual
property. Hackers have been doing this since the internet was
invented, forcing companies and webmasters to adapt their
security practices with the changing times.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Introduction…….

All over the world, militaries and government agencies are

using computer network defense to secure their systems
and protect their national security by keeping hackers out of
highly important systems. This helps to make critical
infrastructure and other important national systems safe
from those who wish to do them harm.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Introduction…….
“Network Defense System is the protection of Internet-
connected systems, including hardware, software, and data
from cyber attacks. It is made up of two words one is cyber
and other is security. Cyber is related to the technology
which contains systems, network and programs or data.
Whereas security related to the protection which includes
systems security, network security and application and
information security”

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.2 Cyber Security
Cyber security refers to protect the networks from attack
like, damage, or unauthorized access. Cyber security may
also be referred to as Network Defense system.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.3 Importance of Cyber Security
Cyber security is important because government, military,
corporate and medical organizations collect and store huge
amounts of data on computers and other devices.
A significant portion of that data can be sensitive
information, whether that be intellectual property, financial
data, personal information, or other types of data for which
unauthorized access or disclosure could have negative
consequences.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Importance of Cyber Security……
cyber security describes the discipline dedicated to
protecting that information and the systems used to process
or store it.companies and organizations, especially those
that are tasked with safeguarding information relating to
national security, health, or bank records, need to take steps
to protect their sensitive business and personnel
information. (Link:https://digitalguardian.com/blog/biggest-incidents-
cybersecurity-past-10-years-infographic
)
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 1.4 Goals of Cyber Security
The objective of Cyber security is to protect information from being
stolen or attacked. Cyber security can be measured by at least one
of three goals-
1) Protect the confidentiality of data.
2) Preserve the integrity of data.
3) Promote the availability of data for authorized users
These goals form the confidentiality, integrity, availability
(CIA) triad,
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 Goals of Cyber Security……..
The CIA triad is a security model that is designed to guide policies
for information security within the site of an organization or
company. This model is also referred to as the AIC (Availability,
Integrity, and Confidentiality) triad to avoid the confusion with the
Central Intelligence Agency.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Goals of Cyber Security……..
The elements of the CIA
are considered the three
most important
Components of security.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5 Components of Cyber Security
1.5.1 Confidentiality:
 Confidentiality is equivalent to privacy and avoids the
unauthorized leak of information.

 it involves the protection of data, providing access for those

who are allowed to see it while disallowing others from
learning anything about its content.

 It prevents necessary information from reaching the wrong

people while making sure that the right people can get it. Data
encryption is a good example to ensure confidentiality.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 Tools for Confidentiality

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5.1.1 Encryption
Encryption is a method of transforming information to make it
unreadable for unauthorized users by using an algorithm.
The transformation of data uses a secret key (an encryption key) so
that the transformed data can only be read by using another secret
key (decryption key).
It protects sensitive data such as credit card numbers by encoding and
transforming data into unreadable cipher text.
This encrypted data can only be read by decrypting it.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Encryption…….

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Encryption…….

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5.1.2 Access control
Access control defines rules and policies for limiting access to a system or
to physical resources.
It is a process by which users are granted access and certain rights to
systems, resources or information.
In access control systems, users need to present identification before they
can be granted access such as a person's name or a computer's serial
number.
Access control is a security technique that control who or what can
view or use resources in a computing environment. It is a fundamental
concept in security that minimizes risk to the business or organization

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5.1.3 Authentication
An authentication is a process that ensures and confirms a user's identity.

It can be done in a number of different ways, but it is usually based on a

combination of-
1. something the person has (like a smart card ),
2. something the person knows (like a password),
3. something the person is (like a human with a fingerprint).

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Authentication

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5.1.4 Authentication
Authentication is the necessity of every organizations because it
enables organizations to keep their networks secure by permitting
only authenticated users to access its protected resources.

These resources may include computer systems, networks,

databases, websites and other network-based applications or
services.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5.1.5 Authorization
Authorization is a security mechanism which gives permission to
do or have something.
It is used to determine a person or system is allowed access to
resources, based on an access control policy.
 It is normally preceded by authentication for user identity verification.
System administrators are typically assigned permission levels covering
all system and user resources.
During authorization, a system verifies an authenticated user's access
rules and either grants or refuses resource access.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Difference b/w Authorization and Authentication

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 Difference b/w Authorization and Authentication
The terms authentication and authorization are often used
interchangeably.

Most people believe there is only a subtle difference between

authentication and authorization and they basically mean the same.

While you know that authentication and authorization are

excellent ways to secure and protect digital identities.

it is important to understand that they are independent of each

other and serve different purposes.
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 Difference b/w Authorization and Authentication
The two main differences between authentication and authorization are;
 One can determine “who you are” with authentication and “what you
can do” with authorization.
The first step is always the authentication. While authorization is done
only after successful authentication.
Authentication needs a username and password for validation, whereas
for authorization, various other factors such as the role of the user,
necessity of granting the right to access, etc. are taken into consideration.

Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404

 1.5.1.6 Physical Security

Physical security describes measures designed to deny the unauthorized

access of IT assets like facilities, equipment, personnel, resources and
other properties from damage.

Physical security is the protection of personnel, hardware, software,

networks and data from physical actions and events that could cause
serious loss or damage to an enterprise, agency or institution. This
includes protection from fire, flood, natural disasters, burglary, theft,
vandalism and terrorism
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 1.5.1.6 Physical Security…….

Since physical security has technical and administrative elements

Physical security must be implemented correctly to prevent attackers
from gaining physical access and take what they want.
All the firewalls , cryptography and other security measures would be
useless if that were to occur.
The challenges of implementing physical security are much
more problematic now than in previous decades.
Laptops, USB drives, tablets, flash drives and smart phones all have the
ability to store sensitive data that can be lost or stolen
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404
 Thanks
Any
Question?
Email:Ahmedzarif23@gmail.com Presented by Ahmad Zarif Contact Number : 0343-924-9404