Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
10 views3 pages

Section A

Uploaded by

thesunhunk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views3 pages

Section A

Uploaded by

thesunhunk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Section 1: Network Security Essentials

1. Firewalls and VPNs

Firewalls

• Purpose:

Firewalls act as a security barrier that monitors and controls incoming and outgoing network
traffic based on predetermined security rules. They prevent unauthorized access while
allowing legitimate communication.

• Types of Firewalls:

• Packet-Filtering Firewalls: Analyze network packets based on headers like IP


address, port, and protocol but lack deep content inspection.

• Proxy-Based Firewalls: Operate at the application layer and act as


intermediaries between users and external systems, providing deep packet inspection.

• Stateful Inspection Firewalls: Monitor the state of active connections and


make decisions based on context, such as the flow of traffic or packet order.

Virtual Private Networks (VPNs)

• Definition:

VPNs create a secure, encrypted tunnel for data transmission over public networks, ensuring
confidentiality and integrity.

• How VPNs Protect Data:

VPNs use encryption protocols like IPsec or SSL/TLS to secure data, making it unreadable
to attackers intercepting the communication.

Combined Use of Firewalls and VPNs:

• A firewall ensures only legitimate traffic reaches the internal network, while a
VPN secures data transmission over untrusted networks. Together, they provide robust
security by preventing unauthorized access and encrypting sensitive data.

2. Intrusion Detection Systems (IDS)

Role of IDS

• IDS are designed to detect and alert administrators of malicious activity, policy
violations, or security breaches on a network or host.

Types of IDS
• Network-Based IDS (NIDS):

Monitors traffic across an entire network and detects malicious activity using packet analysis.

Example: Snort.

• Host-Based IDS (HIDS):

Runs on individual devices to monitor file changes, system logs, and processes.

Example: OSSEC.

IDS vs. IPS

• Intrusion Detection Systems (IDS): Identify threats and send alerts but do not
actively block malicious activities.

• Intrusion Prevention Systems (IPS): Take immediate action, such as blocking


malicious traffic, to prevent intrusions.

Detection Methods

• Signature-Based Detection:

Relies on predefined attack patterns or signatures. It is effective for known threats but
cannot detect new attacks.

• Anomaly-Based Detection:

Identifies deviations from normal behavior. It is effective against zero-day attacks but prone
to false positives.

3. Access Control Mechanisms

Access Control Models

1. Discretionary Access Control (DAC):

• Access is assigned based on the discretion of the data owner.

• Example: File permissions in Windows or Linux where users grant read/write


access.

• Significance: Flexible but susceptible to insider threats.

2. Mandatory Access Control (MAC):

• Enforces strict access controls based on classification levels.

• Example: Military systems where data is labeled as “Confidential” or “Top


Secret.”
• Significance: Highly secure, ideal for environments requiring stringent access
rules.

3. Role-Based Access Control (RBAC):

• Access is assigned based on user roles and responsibilities.

• Example: An HR system where only HR staff can access employee data.

• Significance: Streamlines management and minimizes the risk of


over-provisioning.

You might also like