Professional Documents
Culture Documents
Network security is one of the essential cybersecurity branches, and protocols play a vital
role in securing the network. Because of its top-notch needs and the internet continues to
evolve at a fast pace, the computer network grows faster, and along with comes the
cybercrime in networks. So, it is essential to know the protocols that govern the data flow in
a network. In this chapter, you will learn about the most prominent network security protocols
and their uses.
Here are the lists of some popular network security protocols that you must know to
implement them as and when required:
1. IPSec protocol is classified by the IETF IPSec Work Group, which offers
authentication of data, integrity, as well as privacy between 2 entities. Manual or
dynamic association of management in cryptographic keys is done with the help of
an IETF-specific key managing protocol named Internet Key Exchange (IKE).
2. SSL, i.e., Secure Sockets Layer, is a standard security mechanism used for
preserving a secure internet connection by safeguarding different sensitive data
which is being sent and receives between 2 systems; which also helps in averting
cybercriminals from reading as well as modifying personal data, packets or details
in the network.
3. Secure Shell (SSH) was invented in 1995, a cryptographic network security
protocol used to secure data communication over a network. It permits the
command-line to login remotely as well as the execution of specific tasks remotely.
Various functionalities of FTP are incorporated in SSH. SSH-1 and SSH-2 are the
latest of its kind.
4. HyperText Transfer Protocol Secure (HTTPS) is a secured protocol used to
secure data communication among two or more systems. It set up an encrypted
link with the help of Secure Socket Layer (SSL), now known as Transport Layer
Security (TLS). Since data transferred using HTTPS is in the encrypted format, it
stops cybercriminals from interpretation and alteration of data throughout the
transfer from browser to the webserver. Even when the cybercriminals capture the
data packets, they will not be able to read them because of the strong encryption
associated with the data packets.
5. Kerberos is another network validation protocol that was intended for
providing a strong authentication between client-server applications with the help of
secret-key cryptography. According to the Kerberos network validation protocol, all
of its services and workplaces correspond to an insecure network, making it more
secure and responsible.
As a security professional, it is essential to know these protocols and where they are
used. There are scenarios where HTTPS becomes HTTP (basically known as
downgrading HTTP attack), or at times where your company page opened without
HTTPS or SSL, you can understand that either the link is opened from a spam mail
or illicit mail or anyone is trying to perform a phishing attack. Or, someone is trying to
compromising the internal network by the downgrading of the HTTP attack.
What is DNS?
The Domain Name System (DNS) is the phonebook of the Internet. Humans access
information online through domain names, like nytimes.com or espn.com. Web
browsers interact through Internet Protocol (IP) addresses. DNS translates domain
names to IP addresses so browsers can load Internet resources.
Each device connected to the Internet has a unique IP address which other machines
use to find the device. DNS servers eliminate the need for humans to memorize IP
addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP
addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).