Network Security Principles

What is Network Security?

Network security is the protection of information and systems and hardware that use, store, and transmit that information.

Goals of an Information  Security Program

• Confidentiality

-Prevent the disclosure of sensitive information from unauthorized people, resources and processes .

• Integrity

-The protection of  system information or processes from intentional or accidental modification .

• Availability

-The assurance that systems and data are accessible by authorized users when needed .

Risk Management

• The process of assessing and quantifying risk and establishing an acceptable level of risk for the organization .

• Risk can be mitigated, but cannot be eliminated .

Network  Security “Threat“

• A potential danger to information or a system

• An example: the ability to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt the system or network

• There may be weaknesses that greatly increase the likelihood of a threat manifesting

• Threats may include equipment failure, structured attacks, natural disasters, physical attacks, theft, viruses and many other potential events causing danger or damage .

Network Threats

• Impersonation

• Eavesdropping

• Denial-of-service

• Packet replay

• Man-in-the-middle

• Packet modification

Vulnerability

• A network vulnerability is a weakness in a system, technology, product or policy

• In today’s environment, several organizations track, organize and test these vulnerabilities

• Each vulnerability is given an ID and can be reviewed by network security professionals over the Internet.

Vulnerability Appraisal

• It is very important that network security specialists comprehend the importance of vulnerability appraisal

• A vulnerability appraisal is a snapshot of the current security of the organization as it now stands

• What current security weaknesses may expose the assets to these threats?

• Vulnerability scanners are tools available as free Internet downloads and as commercial products

-These tools compare the asset against a database of known vulnerabilities and produce a discovery report that exposes the vulnerability and assesses its severity .

Risk Management Terms

• Vulnerability – a system, network or device weakness

• Threat – potential danger posed by a vulnerability

• Threat agent – the entity that indentifies a vulnerability and uses it to attack the victim

• Risk – likelihood of a threat agent taking advantage of a vulnerability and the corresponding business impact

• Exposure – potential to experience losses from a threat agent

• Countermeasure – put into place to mitigate the potential risk

NEXT . . .

[ Network Attacks]