Please enable JavaScript.
Coggle requires JavaScript to display documents.
INTRODUCTION TO NETWORK SECURITY (SECURITY ORGANIZATIONS ROLES (CERT/CC …
INTRODUCTION TO NETWORK SECURITY
DEFINE
The authorization of access to data in a network.
Controlled by the network administrator.
MALAYSIAN CYBER LAW
COMPUTER CRIMES ACT 1997
-Gives protection against the misuse of the computers and criminal activities such as unauthorised use of programmes, illegal transmission of data and hacking or cracking of computer system and network.
DIGITAL SIGNATURE ACT 1997
-An identify verification standard that uses encrypted code consists of the user's name and all the parts of the messages
TELEMEDICINE ACT 1997
-Ensures that only qualified medical practitioners can practice telemedicine ( their patient's rights and interests are protected.)
COMMUNICATION AND MULTIMEDIA ACT 1998
-Ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
THREAT ANALYSIS OF NETWORK SECURITY
1.Asset Identification
-To identify the resources used in network for various applications.
2.Vulnerability Assessment .
-The process of identifying the vulnerabilities in the system .
3.Threat Identification
-To identify a threat in the system .
NETWORK SECURITY IS NEEDED TO
:
Prevent unauthorized access to the network
-Hackers or corporate competitors
-Criminal elements
-Terrorist
- Potential risk to network security:
SECURITY MODEL
:
1.Open Security Model :
-easiest to implement
-simple password becomes the foundation of this model .
2.Restrictive Security Model:
-more difficult to implement .
-firewalls become the foundation of this model
3.Closed Security Mode
l
-most difficult to implement
-all available security measures are implement in this design
NETWORK SECURITY TRENDS:
WIRELESS ACCESS
-The increasing use of wireless LAN connections and the rapid rise of internet access from cell phones in Europe and Asia.
THE NEED FOR SPEED
-The number of broadband connections to the Internet from homes is exceeding projections.
IT STAFFING SHORTAGES
-To solve this problem, many enterprises are increasingly outsorcing day-to-day security management tasks.
ISO/IEC 17799
-Code for practice for information security standard that is published by the International Organization for Standardization(ISO) and the International Electrotechnical Commision (IEC).
SECURITY ORGANIZATIONS ROLES
CERT/CC
-The CERT Coordination Center (CERT/CC) is a reporting center for Internet security issues
-The CERT/CC is located at the Software Engineering Institute (SEI) operated by Carnegie Mellon University.
US-CERT
-The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors
US-CERT is responsible for the following
-Analyzing and reducing cyber threats and vulnerabilities
-Disseminating cyber threat warning information
-Coordinating incident-response activities
SANS INSTITUTE
-The SysAdmin, Audit, Network, Security (SANS) Institute was established in 1989 as a cooperative research and education organizatio
ISC2
-The International Information Systems Security Certification Consortium, Inc. (ISC2) is a nonprofit organization that maintains a collection of industry best practices for information security.
COMMON CRITERIA
-The Common Criteria is an international standard for evaluating IT security
-Although there are seven security levels defined for the Common Criteria evaluation process, Evaluation Assurance Level 4 (EAL4) is the highest universal evaluation level implemented under the Common Criteria today
FIPS
-The Federal Information Processing Standard (FIPS) 140 is a U.S. and Canadian government standard
-FIPS 140 has four levels of assurance: Level 1 is the lowest, and Level 4 is the most stringent
ICSA
-ICSA Labs tests firewalls against a standard set of functional and assurance criteria elements
-ICSA Labs is presently testing firewalls and VPN devices on security measures
SECURITY METHODS
Logon
File system
Data communication
Administration
INTERNET SERVICES
Email and news
Data transfer
Remote access to hosts
Real time conferencing services
THREAT TERMINOLOGY
Information theft
Unauthorized Disclosure
Information Warfare
Accidental Data Loss
SECURITY THREATS
Insecure architectures( misconfigured network)
Broadcast network( using hardware without implement protection)
Centralized Servers(can allow access to the entire networks
Categories (Data Disclosure, Data Modification ,Data Availability)
Activities (Hacking, Cracking, Spoofing, Sniffing)
METHODS OF ATTACKS
Authentication Compromises
Improper input validation
Sniffing Activities
Daniel of service
Exploiting physical access
Virus,worms and trojans
CAUSE OF SUCCESSFUL ATTACK
Lack of basic password security
Lack of basic firewall port blocking
Lack of updating
.