Network Security Principles

What is Network Security?
Network security is the protection of information and systems and hardware that use, store, and transmit that information.

Goals of an Information  Security Program
Confidentiality
-Prevent the disclosure of sensitive information from unauthorized people, resources and processes .
Integrity
-The protection of  system information or processes from intentional or accidental modification .
Availability
-The assurance that systems and data are accessible by authorized users when needed .

Risk Management
• The process of assessing and quantifying risk and establishing an acceptable level of risk for the organization .
• Risk can be mitigated, but cannot be eliminated .

Network  Security Threat
• A potential danger to information or a system
• An example: the ability to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt the system or network
• There may be weaknesses that greatly increase the likelihood of a threat manifesting
• Threats may include equipment failure, structured attacks, natural disasters, physical attacks, theft, viruses and many other potential events causing danger or damage .
Network Threats
• Impersonation
• Eavesdropping
• Denial-of-service
• Packet replay
• Man-in-the-middle
• Packet modification

Vulnerability

• A network vulnerability is a weakness in a system, technology, product or policy
• In today’s environment, several organizations track, organize and test these vulnerabilities
• Each vulnerability is given an ID and can be reviewed by network security professionals over the Internet.
Vulnerability Appraisal

• It is very important that network security specialists comprehend the importance of vulnerability appraisal
• A vulnerability appraisal is a snapshot of the current security of the organization as it now stands
• What current security weaknesses may expose the assets to these threats?
Vulnerability scanners are tools available as free Internet downloads and as commercial products
-These tools compare the asset against a database of known vulnerabilities and produce a discovery report that exposes the vulnerability and assesses its severity .

Risk Management Terms
Vulnerability – a system, network or device weakness
Threat – potential danger posed by a vulnerability
Threat agent – the entity that indentifies a vulnerability and uses it to attack the victim
Risk – likelihood of a threat agent taking advantage of a vulnerability and the corresponding business impact
Exposure – potential to experience losses from a threat agent
Countermeasure – put into place to mitigate the potential risk

NEXT . . .

[ Network Attacks]

4 Responses to “Network Security Principles”

  1. Mohammed Kareem Says:

    I like it … Keep it up

  2. snowwhite Says:

    very useful info

    plz keep it up :d

    gazak allah 5ayran

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: