Professional Documents
Culture Documents
Security
Group 7 – Carleen Grace De leon
Michael Vincent Mangili
Network Management
includes the activities, methods, procedures, and tools that pertain to the operation,
administration, maintenance, and provisioning of networked systems.
Network Operation - deals with keeping the network up and running smoothly. It includes
monitoring the network to diagnose and identify problems as soon as possible, ideally before
users are get affected.
Network Administration - deals with keeping track of resources or components in the network
and how these resources are assigned and do necessary steps to keep the network under
control.
- the entire optical network must be tuned carefully each time a new
connection is made. Therefore no one can tap an optical system without detection.
-Optical fiber carries light energy, not electricity. Light does not emanate a
magnetic field as electricity does. Therefore, an inductive tap is impossible on an
optical fiber cable.
POSSIBLE NETWORK SECURITY THREATS
IMPERSONATION – Pretend to be someone (personnel) or something (process)
1. Encryption
Encryption is a double-edged sword. In recent years, organizations have looked to
protect sensitive data by scrambling communications, what we know as encryption.
“End-to-end encryption” can create a false sense of comfort for consumers,
Bloomberg recently reported. The reality is that a hacker can control the device in a
variety of ways, including gaining access to the “full discussion regardless of what
security precautions are built into the app you are using.” Encryption essentially gives
hackers free rein to operate prior to their eventual detection and remediation.
2. Ransomware
Network-based ransomware can cripple systems and data. This threat is particularly
alarming as it does not rely heavily on the human element to execute and bring an
organization to its knees.
RISK TO NETWORK SECURITY
*Preventative measures against ransomware include:
• Using Diverse Backups
• Keeping Antivirus Up-To-Date
• Maintaining Patch Updates
• Installing File and System Integrity Monitoring Software
• Compliance Maintenance
RISK TO NETWORK SECURITY
3. DDoS Attacks
DDoS attacks come at a real cost. The severity and frequency of DDoS attacks have
many network managers concerned. Hackers infiltrate organizations by flooding
websites and networks with questionable traffic. Two avenues are emboldening
criminals in their nefarious endeavors. “DDoS for hire” services are one means through
which hacking/attack skills are offered in exchange for money.
*Ways to help defend against DDoS attacks include:
• Identifying unusual traffic activity
• Using the needed amount of bandwidth
• Avoiding the wrong response to extortion attempts
• Immediate contact with your ISP
• Developing a Comprehensive Approach to DDoS Security
RISK TO NETWORK SECURITY
4. Insider Threats
*Insider abuse can include but is not limited to:
• Remote access to sensitive data
• Unauthorized deletion of data
• Unauthorized access to shared folders
• Unapproved hardware/software
- Utilizing a file integrity monitoring (FIM) software can help reduce the risk of costly
insider breaches, especially a FIM tool with integrity that helps with Zero Trust
Architecture (ZTA) strategy.
RISK TO NETWORK SECURITY
5. Cloud Security
The security behind legitimate cloud services is being co-opted. As more
organizations gravitate toward the cloud for data storage and retrieval, hackers
have found a way in. They use the same legitimate services but may have ulterior
motives and can wreak havoc.
As Software-as-a-Service(SaaS) continues to grow, and services move to the cloud,
organizations still need to be wary of policies and procedures that can lead to a
false sense of responsibility and security for data in the cloud.
RISK TO NETWORK SECURITY
6. SQL Injection
An SQL injection attack occurs when a cyber attacker uses code to access, change,
or destroy private company data. Attackers use vulnerabilities in your application
software to create a fake identity, manipulate company data, and even void
transactions or change balances in the books.
Regularly check your software for vulnerabilities to protect against this type of
attack. You will also want to monitor your file integrity continuously to remediate
changes that occur as a result of SQL injection attacks.
RISK TO NETWORK SECURITY
7. Man-in-the-Middle Attacks
Also known as a MIM attack, a “man-in-the-middle” attack occurs when an attacker
“eavesdrops” on communication that should be private.
In this type of attack, the attacker may intercept an email, chat, or another message
between two parties. They can then use their access to spoof messages, alter data, or
engage in social engineering attacks.
Some examples of MIM attacks include:
• Wi-Fi hacking
• IP spoofing
• SSL hijacking
• DNS spoofing
How To Defend Against Network
Security Risks?
Profiling and Visibility - NAC authenticates, authorizes, and profiles users and devices. It also
denies access to unauthorized users and devices.
Guest Networking Access - NAC enables an organization to manage and authenticate temporary
users and devices through a self-service portal.
Security Posture Check - It evaluates and classifies security-policy compliance by user, device,
location, operating system, and other criteria.
Incidence Response - NAC reduces the number of cyber threats by creating and enforcing
policies that block suspicious activity and isolate devices without the intervention of IT
resources.
Bi-directional integration - NAC can integrate with other security point products and network
solutions through the open/RESTful application programming interface (API).
NETWORK ACCESS CONTROL (NAC)AND
AUTHORIZATION
Authorization is the process of granting or denying access to system resources
based on predefined criteria. Authorization is an important measure in computer
security, as it helps to protect information and systems from unauthorized
access.
- Authorization is often used in conjunction with authentication, which is
the process of verifying the identity of a user or program.
Three Types Of Authorization:
1. Mandatory Access Control (MAC) -where the system determines what access a
user has,
2. Discretionary Access Control (DAC) - where the owner of the data determines
what access a user has,
3. Role-Based Access Control (RBAC) - where an administrator assigns different
roles to users and determines what access those users have to specific data.
- the most common type of Authorization in use today.
What is the use of authorization in
Computer Security or Internet Security?
- Authorization is the function of specifying access rights.
- Authorization is what allows or denies users access to specific files, folders, or applications on the
network.
*Two aspects of authorization that are important in computer security:
1. what is being authorized? and,
-Authorization can be used to control access to specific files, folders, or applications. It can also be
used to control access to specific resources on the network, such as printers or databases.
2. who is doing the authorizing?.
- Authorization can be done by an administrator, or it can be done by the operating system. The
administrator is typically someone who has been given specific permissions to authorized users. The
operating system is the software that controls the computer. It is responsible for enforcing security policies
and for authorizing users.
END………