Professional Documents
Culture Documents
04/29/2024
Eng. Mohamed Jaambiir
Computer Network & Security
COS-413
Lecture Five
Eng. Mohamed Jaambiir
2
Network Security
Network security is defined as the activity created to protect the integrity of your
network and data.
Network security is the security designed to protect the integrity of the network from
unauthorized access and threats.
Network security is the protection of the underlying networking infrastructure from
unauthorized access, misuse, or theft. It involves creating a secure infrastructure for
devices, applications, users, and applications to work in a secure manner.
Network security is important because it keeps sensitive data safe from cyber attacks
and ensures the network is usable and trustworthy.
iii. Financial risk for compromised intellectual property. Organizations can also have
their own intellectual property stolen, which is costly. The loss of a company's ideas,
inventions and products can lead to loss of business and competitive advantages.
iv. Regulatory issues. Many governments require businesses to comply with data
security regulations that cover aspects of network security. For example, medical
organizations in the United States are required to comply with the regulations of the
Health Insurance Portability and Accountability Act (HIPAA), and organizations in the
European Union that deal with citizens' data must follow the General Data Protection
Regulation (GDPR).
I. Privacy: Privacy means both the sender and the receiver expects confidentiality. The
transmitted message should be sent only to the intended receiver while the message
should be opaque for other users.
II. Message Integrity: Data integrity means that the data must arrive at the receiver
exactly as it was sent. There must be no changes in the data content during
transmission, either maliciously or accident, in a transit
III. End-point authentication: Authentication means that the receiver is sure of the
sender’s identity, i.e., no imposter has sent the message.
IV. Non-Repudiation: Non-Repudiation means that the receiver must be able to prove that
the received message has come from a specific sender. The sender must not deny
sending
Eng. Mohamed Jaambiira message that he or she send. 04/29/2024
8
Security Features for Networks
13. Zero-trust network access. Similar to network access control, zero-trust network
access only grants a user the access they must have do their job. It blocks all other
permissions.
14. Network segmentation. Organizations with large networks and network traffic
often use network segmentation to break a network into smaller, easier-to-manage
segments. This approach gives organizations more control of and increased
visibility into traffic flow. Industrial network security is a subset of network
segmentation, providing increased visibility into industrial control systems (ICSes).
ICSes are more at risk to cyber threats because of increased integration with the
cloud.
Eng. Mohamed Jaambiir 04/29/2024
17
15. Sandboxing. This approach lets organizations scan for malware by opening a file in
an isolated environment before granting it access to the network. Once opened in
a sandbox, an organization can observe whether the file acts in a malicious way or
shows any indications of malware.
16. Security information and event management (SIEM). This security management
technique logs data from applications and network hardware and monitors for
suspicious behavior. When an anomaly is detected, the SIEM system alerts the
organization and takes other appropriate action.
17. Software-defined perimeter (SDP). An SDP is a security method that sits on top of
the network it protects, concealing it from attackers and unauthorized users. It uses
identity criteria to limit access to resources and forms a virtual boundary around
networked resources.
18. Virtual private network (VPN). A VPN secures the connection from an endpoint
to an organization's network. It uses tunneling protocols to encrypt information that
is sent over a less secure network. Remote access VPNs let employees access their
company network remotely.
19. Web security. This practice controls employee web use on an organization's network
and devices, including blocking certain threats and websites, while also protecting
the integrity of an organization's websites themselves.
20. Wireless security. Wireless networks are one of the riskiest parts of a network and
require stringent protections and monitoring. It's important to follow wireless
security best practices, such as segmenting Wi-Fi users by service set identifiers, or
SSIDs, and using 802.1X authentication. Good monitoring and auditing tools are
also needed to ensure wireless network security.
The End
Eng. Mohamed Jaambiir 04/29/2024