Scribd Logo
Upload

Welcome to Scribd!

  • Introduction

    Uploaded by

    ELDER LAGGAH
    20 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    20 views3 pages

    Introduction

    Uploaded by

    ELDER LAGGAH

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    INTRODUCTION

    NETWORK SECURITY PROTOCOL

    Network security is one of the essential cybersecurity branches, and protocols play a vital
    role in securing the network. Because of its top-notch needs and the internet continues to
    evolve at a fast pace, the computer network grows faster, and along with comes the
    cybercrime in networks. So, it is essential to know the protocols that govern the data flow in
    a network. In this chapter, you will learn about the most prominent network security protocols
    and their uses.

    WHAT ARE NETWORK SECURITY PROTOCOL


    There are various categories of protocols like routing protocols, mail transferring protocols,
    remote communication protocols, and many more. Network security protocols are one such
    category that makes sure that the security and integrity of the data are preserved over a
    network. Various methodologies, techniques, and processes are involved in these protocols
    to secure the network data from any illegitimate attempt to review or extract the actual
    content of data.

    SOME NETWORK SECURITY PROTOCOL

    Here are the lists of some popular network security protocols that you must know to
    implement them as and when required:

    1. IPSec protocol is classified by the IETF IPSec Work Group, which offers
    authentication of data, integrity, as well as privacy between 2 entities. Manual or
    dynamic association of management in cryptographic keys is done with the help of
    an IETF-specific key managing protocol named Internet Key Exchange (IKE).
    2. SSL, i.e., Secure Sockets Layer, is a standard security mechanism used for
    preserving a secure internet connection by safeguarding different sensitive data
    which is being sent and receives between 2 systems; which also helps in averting
    cybercriminals from reading as well as modifying personal data, packets or details
    in the network.
    3. Secure Shell (SSH) was invented in 1995, a cryptographic network security
    protocol used to secure data communication over a network. It permits the
    command-line to login remotely as well as the execution of specific tasks remotely.
    Various functionalities of FTP are incorporated in SSH. SSH-1 and SSH-2 are the
    latest of its kind.
    4. HyperText Transfer Protocol Secure (HTTPS) is a secured protocol used to
    secure data communication among two or more systems. It set up an encrypted
    link with the help of Secure Socket Layer (SSL), now known as Transport Layer
    Security (TLS). Since data transferred using HTTPS is in the encrypted format, it
    stops cybercriminals from interpretation and alteration of data throughout the
    transfer from browser to the webserver. Even when the cybercriminals capture the
    data packets, they will not be able to read them because of the strong encryption
    associated with the data packets.
    5. Kerberos is another network validation protocol that was intended for
    providing a strong authentication between client-server applications with the help of
    secret-key cryptography. According to the Kerberos network validation protocol, all
    of its services and workplaces correspond to an insecure network, making it more
    secure and responsible.

    As a security professional, it is essential to know these protocols and where they are
    used. There are scenarios where HTTPS becomes HTTP (basically known as
    downgrading HTTP attack), or at times where your company page opened without
    HTTPS or SSL, you can understand that either the link is opened from a spam mail
    or illicit mail or anyone is trying to perform a phishing attack. Or, someone is trying to
    compromising the internal network by the downgrading of the HTTP attack.

    TCP AND DNS ATTACK AND DEFENSE


    What is TCP/IP?
    TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a
    suite of communication protocols used to interconnect network devices on
    the internet. TCP/IP is also used as a communications protocol in a private
    computer network (an intranet or extranet).

    The entire IP suite -- a set of rules and procedures -- is commonly referred


    to as TCP/IP. TCP and IP are the two main protocols, though others are
    included in the suite. The TCP/IP protocol suite functions as an abstraction
    layer between internet applications and the routing and switching fabric.

    What is DNS?
    The Domain Name System (DNS) is the phonebook of the Internet. Humans access
    information online through domain names, like nytimes.com or espn.com. Web
    browsers interact through Internet Protocol (IP) addresses. DNS translates domain
    names to IP addresses so browsers can load Internet resources.

    Each device connected to the Internet has a unique IP address which other machines
    use to find the device. DNS servers eliminate the need for humans to memorize IP
    addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP
    addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

    You might also like