Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
8 views15 pages

Lecture 5

Network security encompasses measures to protect computer networks from unauthorized access and threats, focusing on confidentiality, integrity, and availability. Key components include understanding common attacks, implementing security mechanisms like encryption and firewalls, and recognizing the importance of secure communication protocols. Additionally, human factors and organizational policies play a crucial role in maintaining cybersecurity.

Uploaded by

Abdullah Opadeji
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views15 pages

Lecture 5

Network security encompasses measures to protect computer networks from unauthorized access and threats, focusing on confidentiality, integrity, and availability. Key components include understanding common attacks, implementing security mechanisms like encryption and firewalls, and recognizing the importance of secure communication protocols. Additionally, human factors and organizational policies play a crucial role in maintaining cybersecurity.

Uploaded by

Abdullah Opadeji
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

Network Security

Definitions, examples, key concepts, and discussion points


Learning objectives

Understand Understand the basic concepts and goals of network security.

Identify Identify common types of network attacks and threats.

Describe Describe basic security mechanisms such as firewalls, encryption, and authentication.

Understand Understand the importance of protocols like SSL/TLS, IPsec, and HTTPS.

Appreciate Appreciate the human and organizational aspects of cybersecurity.


What is network security?

Network security refers to the


measures and practices put in
place to protect a computer
network and its data from
unauthorized access, misuse,
modification, or disruption.
Goals of network security (The CIA triad)

CONFIDENTIALITY INTEGRITY AVAILABILITY


Common network threats and attacks
Passive attacks (eavesdropping)

• Example: Packet sniffing.


• Goal: Steal information without detection.

Active attacks

• Man-in-the-Middle
• Denial of Service (DoS)
• Distributed DoS (DDoS)
• Spoofing
• Phishing & Social Engineering
Network security mechanisms
Encryption

• Scrambles data so only the intended recipient can read it.


• Symmetric encryption
• Asymmetric encryption

Authentication

• Verifies the identity of a user or device.


• Examples: passwords, digital certificates, biometrics.

Firewalls

• Filters incoming and outgoing traffic.

Intrusion detection & prevention systems

• IDS: Monitors traffic for suspicious activity.


• IPS: Actively blocks detected threats.
Secure communication protocols

SSL/TLS IPsec HTTPS

• Used for HTTPS. • Secures IP • HTTP + TLS =


• Encrypts traffic by Encrypted web
communication authenticating communication.
between and encrypting • Example: Online
browser and each IP packet. banking, e-
server. commerce.
Security in practice: real-world scenarios
Case 1: A university's
Case 2: A student clicks a
network is hit by a DDoS
phishing link in an email
attack
• Symptoms: Slowed • Symptoms: Stolen
internet, inaccessible credentials, strange activity.
portals. • Solution: Two-factor
• Solution: Use anti-DDoS authentication, awareness
services, firewalls, and training, endpoint
traffic filtering. protection.
Organizational and Human Aspects

Security policies Human factor


Rules that define how users and systems The weakest link in security is often the user.
should behave. Training and awareness programs are
Example: Password policy, acceptable use essential.
policy, access control policy, firewall policy,
data encryption policy, incident response
policy, vendor management policy
Lab/Practical Ideas (for follow-up session)

Use Wireshark to Configure a simple


capture and analyze firewall using pfSense
packets. or iptables.

Demonstrate TLS Run a simulation of a


handshake using a phishing attack and
web browser. response.
1. Client Hello:

• Your browser (the client) initiates the handshake by


sending a "Client Hello" message to the website's
server.
Demonstrate • This message includes the highest TLS version your
browser supports, a random string of bytes (client
TLS handshake random), and a list of supported cipher suites
(encryption methods).
using a web
browser 2. Server Hello:

• The server responds with a "Server Hello" message.


• It selects the highest TLS version and a cipher suite that
both the client and server support.
• The server also sends its own random string of bytes
(server random).
• The server then sends its digital certificate, which
includes its public key.
3. Certificate verification:
• Your browser verifies the server's certificate against
a list of trusted Certificate Authorities (CAs). This
Demonstrate ensures the website is who it claims to be.
• The browser also checks if the certificate is valid (not
TLS handshake expired, revoked, etc.).
using a web 4. Key exchange:
browser • If the certificate is verified, the browser and server
use the server's public key (from the certificate) to
securely exchange a pre-master secret.
• Both the client and server then use this pre-master
secret to generate the session keys (symmetric keys)
that will be used for encrypting the rest of the
communication during the session.
Demonstrate TLS handshake using a web browser

5. Finished messages: 6. Secure communication:


The client sends a "Finished" message, Once both parties have sent their "Finished"
encrypted with the session key, to signal the messages, the TLS handshake is complete,
end of the handshake for the client. and a secure, encrypted connection is
The server sends a corresponding "Finished" established. All further communication
message to the client, also encrypted with the between the client and server is encrypted
session key. using the session keys.
Summary & Key Takeaways
Network security is essential for protecting data in transit.

Understand the types of threats: passive vs active.

Implement layers of defense: encryption, firewalls, IDS/IPS.

Stay updated: security is not "set it and forget it."

Human behavior plays a critical role in keeping systems safe.


Discussion Questions
1. Why is encryption alone not
enough to secure a network?
2. How can social engineering be
more dangerous than
technical attacks?
3. What are the limitations of
firewalls?

You might also like