Introduction to Computer Network Security

Get Started. It's Free
or sign up with your email address
Rocket clouds
Introduction to Computer Network Security by Mind Map: Introduction to Computer Network Security

1. Network Security Definition

1.1. Protection of network & thier services

1.2. consists provision and policies adopted by network administrator

2. Important of Network Security and Concepts

2.1. start from authenticanting the user

2.2. Firewall enforces access policies

2.3. anti-virus and IPS detect and inhibit the action of such malware

2.4. logged for audit purpose

2.5. encrypted to maintain privacy

3. The need for Network Security

3.1. Access - authorized users are provided to communicate

3.2. Confidentiality - Information in the network remains private

3.3. Authentication - Ensure the users of the network

3.4. Intergrity - Ensure the message has not been modified

3.5. Non-repudiation - Ensure the user does not refute that he used the network

3.6. Non-repudiation - Ensure the user does not refute that he used the network

4. Potential Risk to Network Security

4.1. Email attachments - workers opening an attachment could unleash a worm or virus

4.2. Diversionary tactics - Hackers slip on and attack another part of the network when security administrator busy recovering the services

4.3. Blended attacks - worms and viruses may be able to execute itself or even attack more than one platform

4.4. Renaming documents - Company might fail to pick up outgoing message if the subject name has been changed

5. Open Security Model

5.1. easiest to implement

5.2. few security measures

5.3. users are trusted

5.4. foundation: simple passwords and server security

6. Closed Security Model

6.1. most difficult to implement

6.2. all security measures

6.3. all users are not trustworthy

6.4. companies require high number and better trained network administrator

6.5. network administartor require greater skills and more time

7. Legal Issues and Privacy Concerns

7.1. Legal issues: information theft (trademark, trade secret)

7.2. Privacy concernsL confidentiality of transmitted data, spyware program

8. Restrictive Security Model

8.1. more difficult toimplement

8.2. more security measures

8.3. foundation: firewalls and identity servers

8.4. some users are not trustworthy

9. Security Goal

9.1. Asset Identification

9.1.1. network equipment such as routers, switches and firewalls

9.1.2. involve taggiend each physical and intangible asset

9.1.3. use physical (bar code) or a tag with RFID to tag physical assets

9.2. Threat Assessment

9.2.1. possible danger that might exploit a vulnerability

9.2.2. involve listing all possible threat

9.2.2.1. ex-employee who desire revenge

9.2.2.2. cyber-spy looking to accumulate competitive information

9.2.2.3. unauthorized access to resources or information

9.2.2.4. denial of sevice

9.2.3. Type of threat

9.2.3.1. Malicious Code

9.2.3.2. Hacking

9.2.3.2.1. Data Loss

9.2.3.2.2. Disruption of Service

9.2.3.3. Natural Disaster

9.2.3.4. Theft

9.2.3.4.1. Information theft

9.2.3.4.2. Identify theft

9.3. Risk Assessment

9.3.1. Internal Network Risk Assessment

9.3.2. External Network Risk Assessment

9.3.3. Internet Penetration Test

9.3.4. Mobile Device Risk Assessment

9.3.5. Firewall Penetration Test

9.3.6. Database Risk Assessment

9.3.7. Can protect from data leaks, virus, malware, social media risk

10. Restrictive Security Model