Network Security

1
Introduction to Network Security

Module 1 INTRODUCTION TO NETWORK

SECURITY

At the end of this chapter, students will:

1. Learn the importance of Network Security
2. Have knowledge about the security trinity, CIA Triad and AAA of
Information Security
3. Understand the need to implement security measures within an
organization

Introduction to Network Security

In today’s generation, people often use internet as a means of communication and is
highly use to transfer information or data either for personal or business use. As we rely on
technology where it keeps on innovating, it is necessary that we should secure or protect
every aspect of information that we have. As the internet and computer networks become
wider and grows fast, the most important aspect for every organizations to consider is the
data integrity; how to protect and secure each online information and data from intruders
or hackers who plans to destroy or steal confidential information. This chapter will give a
brief introduction and the importance of Network Security

What is Network Security

According to the SANS Institute, Network security is the process of taking
preventative measures to keep the underlying networking infrastructure from
unauthorized access, misuse, malfunction, modification, destruction or improper
disclosure. Implementing these measures allows computers, users and programs to
perform their permitted critical functions within a secure environment.

Importance of Computer and Network Security

Security is a critical part of information systems and the need for IT professionals who
are proficient and capable in configuring systems in a secure manner and are able to measure
security is on the rise. Keeping a secured network helps us to determine the integrity of our
data and keeps confidential information away from unauthorized access or alteration.
Network security is important for the following reasons.
1. To secure company asset
Network security’s primary goal is to secure and protect the asset of an
organization. An asset means a useful or valuable thing for a company. It
includes both software and hardware that the company owns and most
important, the information. Hackers doesn’t care about what software does
one company owns or use, they care much about the information that an
Course Module
 organization have. The most important and vital aspect for a network security
to consider is the protection of information to keep its integrity and
availability.
2. To gain a competitive advantage
Competition among businesses aims to boost for innovation. It can lead
them to invent new or better products for their consumers or even create
more efficient processes in providing good quality of service. By this,
developing and maintaining an effective safety security procedure can provide
with an advantage over its competitors. Network security is particularly
important in the field of Internet financial services and e-commerce. It is
crucial for a customer to identify the difference between one’s company and
determine the security essentials that one’s organization have. For example, if
one bank’s mobile internet banking keeps on getting hacked, most probably
the users will not use it again and might transfer to a more secured bank
company where mobile banking is more reliable.
3. To keep your job
As a network administrator, it is your job to protect the organizations
information. It is so important to have and implement a very secured network
to avoid intruders damaging or having an unauthorized access from your
network. Your main job is to keep the security of the company’s computer and
network system, failure to do so might result for termination.

The Security Trinity

Every organization is at risk of security threats, thus
providing and implementing a secured network is very important
to protect an unauthorized access to a confidential information.
This security trinity will help a company to provide a better
strategy in keeping a data secured while avoiding intruders to
alter or steal such information. It is the foundation of for all
security policies and measures that an organization should
consider.
Prevention
It is the foundation of the security trinity. In order for our
network to be more secure, it is necessary to implement good measures
to prevent the organization from hackers to abuse the system’s
vulnerabilities. In developing network security structures, they need to
invest more in preventing security breach over detecting and
responding to any form of cyber-attack or an intruder since it is easier,
more efficient and much more cost-effective than to detect or respond
and to overcome such issues. Though, it is very hard and so impossible
to develop a security schemes that will avoid and prevent all the
possible attacks or cyber threats in the network from being exploited,
organization must come up with and implement plans and strategies to
achieved high security over their network.
Detection
Even before the widespread of Internet use, network anomalies
already exist and since today, most organizations are now using a
 Network Security
3
Introduction to Network Security

computer-based data storage and other services over the internet, it is

now the target of most malwares.
Network Detection is a security solution by organization to
detect any malicious activity in a network. In times that preventative
measure fails, detections can help an institution to protect their
network or system against malware threats, attacks made not only by
outsiders but including insiders as well, credential abuse, and data
exfiltration. Detection helps the network administrator identify any
suspicious network activity and enables them to detect any problem
because it is very important to detect such activity immediately and
correct it as soon as possible.
Response
During a cyber or network security incidents, network
administrator whose job is to provide a good security measures will
face many unknown activities inside the network. Thus, organizations
need to develop a plan that identifies the most appropriate response to
any security breach. In order for them to implement good security
measure, they need to understand first what they are trying to protect
and how they can fix any form of cyber-attacks.
Response means a structured procedure for handling security
incidents, breaches, and cyber threats. A well-defined incident
response plan allows you to effectively identify, minimize the damage,
and reduce the cost of a cyber-attack, while finding and fixing the cause
to prevent future attacks.
It also allows an organization to be prepared for any unknown
or malicious activities inside their network and it is reliable method for
identifying a security incident immediately when it occurs. It enables
them to create incident response plans or establish a sequence of best
practices to stop an intrusion before it causes more damage.
According to the SANS Technology Institute, there are six key
phases of an incident response plan:
1. Preparation: Preparing all the users and IT staff to handle
potential incidents should arise.
2. Identification: Determining whether an event qualifies as a
security incident or a security threat.
3. Containment: Reducing the damage of the incident and
isolating affected systems to avoid further damage.
4. Eradication: Discover the root cause of the event and
eliminating affected systems from the production
environment.
5. Recovery: Allowing affected systems back into the
production environment and ensuring that there are no
threat remains.
Course Module
 6. Lessons learned: Completing incident documentation,
execution of analysis to learn from the incident and possibly
improving future response efforts to avoid such attacks from
causing any damage in the network.
Any form of security incident that is not properly handled can
and eventually will turn into a bigger problem that will lead to a
damaging data breach and will cause large amount of expense or it will
collapse the whole system. Immediate respond to a security attacks will
help an organization minimize their losses, lessen exploited
vulnerabilities and restore their services/process and will definitely
reduce the risk for future attacks.

The Information System

Information system is a combined set of components for collecting/gathering, storing
and processing data and for providing information, facts, knowledge and digital products.
Information system plays a very important role in Network security since it is the data or
information that an organization is trying to protect from those intruders that will cause
damage from it. Many organizations are now using computer-based information system
since the technology and Internet continue to grow.
Computer-based Information system has a big impact not only in an organization but
to their employees as well. Information system makes their job easier especially when
gathering or even storing important information thus requires a better solution on how to
protect these.
Components of Information System
There are 5 main components of Information system and these are computer
software, computer hardware, databases, network/ telecommunication and people.

Figure 1. Components of Computer-based Information System

1. Hardware
The term hardware denotes to machinery. It includes all the
components of a tangible parts of a system unit including CPU and its
 Network Security
5
Introduction to Network Security

equipment or computer peripherals such as input and output devices, storage

devices and communications devices. Input devices is a piece of computer
hardware equipment used to provide data and can be a signal controller to an
information processing system like mouse, keyboard, scanners, microphone,
controllers and cameras. While output devices such as monitor, projector,
printer and speaker are computer hardware that sends data from a computer
to another device or user which converts information into human-readable
form.
2. Software
Software is a set of instructions or data that program used to operate
computer and execute specific task which falls into two types; the system and
application software.
a. System software are the programs that are dedicated to manage the
computer itself such as the OS or operating system, file management
utilities and disk operating system or DOS. The operating system
plays an important role in this type of software since it is the once
managing the computer hardware resources in addition to
applications and data. Without this system, software installed in our
computer will not work.
b. Application Software App for short and it is often called
productivity programs or end-user programs. It allows user to
complete their tasks such as creating documents, sending emails,
browsing the internet, graphics designing or even play games.
3. Networks
Network means two or more computer interconnected to each other
that share its resources. Network plays a vital role in information system since
it is the one who allows organizations to link computer and its users. Hubs,
router, ethernet cables, repeater or even cellphones are examples of network
or what we sometimes called telecommunication.
4. Database
Database play a very crucial in maintaining or collecting information.
Database is an organize collection of facts and information which is very
important in an organization. In old times, we organize information with the
use of filling cabinets which becomes more difficult to manage when the
information that an organization becomes bigger and bigger where they need
to have a warehouse to store all the physical information that they need to keep.
But with the help of the technology such as SQL, MySQL and other software use
to store information, organizations way of keeping and storing information will
be lot easier and these data are always available for someone who have an
access to it.
5. People
Every information system needs to have someone to use it for it to be
useful. People are often the most over-looked component of an information
Course Module
 system. Users are essential for the operation of all information systems and
these people resources include end users and Information system specialist.
• End users and sometimes called users or clients. These are the
individuals who are using the information system or the
information it produces.
• Information (IS) Specialists are the people who develop, operate
and maintain the information system. They may be a system
analyst, programmers, computer operators and network
administrators. Each person plays different role in information
system. Like the systems analysts which built information
system design based on the requirements of its end users.
Programmers are the one who prepares computer programs
based on the system analyst’s specification. Computer operators
operates large computer systems within an organization while
Network Administrators maintains the security of information
system to protect all the confidential and important information.
Core Security Concepts
Having a knowledge and deep understanding about security concepts are
necessary and so important in every aspects of transmission and storing information.
It enables users or administrators to be aware about the security risks and protect its
environment.
CIA Triad of Information Security
CIA Triad or Confidentiality, Integrity and Availability of information.
CIA is very well-known for information security which serves as a security
model that have been established to help people think about several parts of
IT security. It is also use in the development of security policies used in
detecting problem areas along with the solutions in the arena of information
security.
Confidentiality
Refers to the protection of information from any unauthorized
disclosure. It ensures that an information is only accessed by
authorized person. Keeping a confidential file or information will only
be achieved by restricting or limiting access to the information or
either encrypting the information so that it will become less meaningful
or useful to any unauthorized individuals or entities.
Integrity
It refers to the ability to protect data or information from any
unauthorizes, uncontrolled or accidental alterations. It assures that the
data or the information stored in an information system can be or fully
trusted. It ensures that this information is only edited or altered by an
authorized person and remains in its original state when not in use to
make sure the its accuracy
Availability
Availability refers to any network, system, hardware and
software reliable and can recover rapidly and totally in the event of an
interruption in service. Information must be available at all times
 Network Security
7
Introduction to Network Security

especially when needed. Most of the big corporation nowadays uses

two different internet service providers. Other people will think that it
is just a waste of money in paying two different ISP but the main
purpose of this technique is simply to make sure that in case there will
be an internet outage in any of the ISPs, the operation will not be
affected since the other internet is still working. It will be such a waste
of money if the network administrator doesn’t know how to use or
combine two different ISP in one network. Combining the speed and
bandwidth of two ISP will result to a more faster internet connection
within the network
AAA or Triple A’s of Information
This AAA or Authentication, Authorization and Accountability or AAA
is a term used for monitoring and controlling the access to the system
resources, auditing usage, enforcing policies and offering the details need to
charge for services.
Authentication
Authentication generally serves as a proof that you are the
person you say you are or what you claim to be. It verifies the identity
of the subject. It consists of an instrument for validating the incoming
request against certain identifying credentials. Authentication is a must
when communicating over a network or logging onto a network. There
are two questions that you need to ask yourself when communicating
over a network.
1. With whom am I communicating?
2. Why do I believe this person or entity is who s/he or it claims
to be?
If you don’t know how to answer the 2nd question, there will be
a high chance that you are wrong with the 1st question.
There are three basic schemes that are used for authentication
specially when logging onto a network; something you know,
something you have and something you are which described as follows.
Authentication generally serves as a proof that you are the
person you say you are or what you claim to be. It verifies the identity
of the subject. It consists of an instrument for validating the incoming
request against certain identifying credentials. Authentication is a must
when communicating over a network or logging onto a network. There
are two questions that you need to ask yourself when communicating
over a network.
1. With whom am I communicating?
2. Why do I believe this person or entity is who s/he or it claims
to be?

Course Module
 If you don’t know how to answer the 2nd question, there will be
a high chance that you are wrong with the 1st question.
There are three basic schemes that are used for authentication
specially when logging onto a network; something you know,
something you have and something you are which described as follows
• Something you know
It is the most commonly employed scheme.
Typically, the one that authenticates your identity is your
password, code or a sequence. Security is based on the
idea that if you know the secret password or code then
you must be who you claim to be and be authorized to
gain access to the network. Although it is not very secure
because it is easy to compromise.
• Something you have
It is based on the ownership of a user. It requires
a key, identification card or a badge, or even a token card
or “thing” that provides you with an access. We all know
that most security is based on the concept that it is only
the authorized person or individuals will only have the
ability to gain access to a specific device or information.
But this scheme has its own drawback as these “thing”
can be stolen or loss.
• Something you are
It depends on some physical or behavioral
characteristics of a person. It is referred to as a Biometric
authentication. Biometrics can validate one’s identity
based on their fingerprints, a voice print or even an iris
scan. These types of system can be extremely difficult to
compromise when designed properly.
Authorization
It occurs after the successful authentication. Authorization
ensures that user includes the permission or privilege to perform
specific action in a network. Your level of authorization determines
what you are allowed to do once you already gain access to a network,
system or other useful resources such as data or information. Access
control determines the level of authorization to a system or network.
This feature is mainly used against any unauthorized disclosure of
confidential files, modification or altering once data and even the
destruction of it. It includes a set of controls that restrict access to
resources based on the group membership or identity.
Accountability
It allows administrators the ability to monitor, track or audit the
activities that users performed at a certain situation. In general,
accountability is being enforced by performing audits as well as
stabling systems to make and keep audit trails. This log management
can be useful in the prospect of IT accountability and data security. It
implements that any action can be determined and traced back.
 Network Security
9
Introduction to Network Security

References and Supplementary Materials

Online Supplementary Reading Materials
1. What is Network Security and Why it is important;
https://www.herzing.edu/blog/what-network-security-and-why-it-important; Dec
2019
2. Fundamentals of IT Security Lesson;
https://www.coursehero.com/file/37094337/Fundamentals-of-IT-security-Lesson-
10pptx/; Dec 2019
3. Information System; https://www.britannica.com/topic/information-system; Dec
2019
4. What makes up an Information;
https://eternalsunshineoftheismind.wordpress.com/2013/02/20/what-makes-up-
an-information-system/; Dec 2019
5. CIA Triad of Information Security;
https://www.techopedia.com/definition/25830/cia-triad-of-information-security;
Dec 2019

Course Module