Information security and network security each serve a specific purpose in your security infrastructure.
Differentiate information security and network security in terms of confidentiality, integrity and availability and give a suitable example of both securities
Information security in terms of Confidentiality,
Integrity, and Availability (CIA) with a suitable example of this
security:
As a basic of Information security and in this context,
confidentiality is a set of rules limiting access to information
safeguarding secrecy of the information; integrity being the
assurance of the information being trustworthy, original, and
accurate; and availability is a guarantee of the information to be
accessed reliably by authorized people. For example for
confidentiality, encryption services protect one's data at rest or
in transit and prevent any unauthorized access to the protected
data. An example of availability would be a hacker who has deleted
an important file and the file is no more available for the actual
innocent user to access and work on it. Also, as example encryption
protects information's integrity from a hacker modifying the data
in a file containing information.
Network security in terms of Confidentiality, Integrity, and
Availability (CIA) with a suitable example of this security:
In network security, availability is the ability of authorized
users to freely access the systems, networks, and data required to
perform their daily tasks. Example: To keep systems up and
available it is required and is important to resolve hardware and
software conflicts, along with regular maintenance. An example of
an attack hampering the availability of a network is through a
Distributed Denial-of-Service (DDoS) attack malicious attempt
disrupting normal traffic of a targeted network overwhelming the
target with illegitimate or spam network or Internet traffic
requests or connections. Confidentiality example is protecting the
password of Wi-Fi networks and LAN network (Ethernet) router.
Integrity is the consistency of networks. It addressed mitigation and proactive measures for restricting unapproved changes and at the same time can recover data that has been lost or compromised. Any discrepancies indicate the network integrity has been compromised by hardware or software failure, network intrusion, or other factors. Example: DNS spoofing and or DNS cache poisoning, where corrupt Domain Name System (DNS) data is introduced into the DNS resolver's cache resulting in the name server returning an incorrect result record.
Confidentiality, Integrity, and Availability (CIA) are the principles of Cyber or IT security, which includes network security as well in protecting an organization from unintentional disclosures. Anyone of these when compromised will compromise the entire security of a network or system. There have been cases where a single and a very small miss in either of these three pillars- Confidentiality, Integrity, and Availability (CIA) has resulted in security breaches, attacks, hacks, password cracking, network intrusion, network malfunction, network unavailability, data theft, unavailability of data, altered data, and data disclosures, causing huge money and data loss, and other damages to the IT infrastructure, data, people, reputation, revenue, business, etc.
Confidentiality in network security makes sure sensitive information on a network is accessed only by authorized people or users and kept away from those who are not authorized who want to possess or access them. Confidentiality ensures that only authorized individuals or systems are able to view and access sensitive or classified information. The data sent over a network should not be accessed by unauthorized individuals. Thus, encryption techniques and Virtual Private Network (VPN) tunnels (encapsulation) are used to safeguard data sent over a network.
Integrity makes sure information is in a format true and correct
to its original purposes, without it being altered, modified, or
manipulated.
An example of a threat to network integrity is corruption of data
sent over a network, which is a failure in maintaining data
integrity. An example security measure that can be taken is using a
hash function.
Data integrity, in the context of networking, refers to the overall completeness, accuracy, and consistency of data. Data integrity must be imposed when sending data through a network. As a network security measure, This is achieved using error checking and correction protocols.
Network integrity security should be applied to the entire network with network-discoverable resources. Examples of network security attacks as a whole: Network intrusions, Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. Examples of how integrity can be implemented in network security are through network optimization, data encryption, hardware maintenance, and software patching.
Availability makes sure information and systems on a network, the network itself, its configurations, settings, etc., and network resources are available to those authorized people or users who need them for access. Hence, all these three conditions must be met directly or indirectly for the security and safety of IT infrastructure, systems, servers, computers, software, hardware, network, applications, services, accounts, data, devices, components, etc. Availability issues examples are faulty hardware, no upgrades, updates, or patches applied, or at least not applied recently, no plan for fail-over, presence of bottleneck, or single point of failure.
Availability guarantees systems, networks, applications, and data are available to users when they need them to access. An example of the most common attack that impacts the availability of a network is Denial-of-Service in which the attacker or hacker interrupts access to information on the network, system, devices, or other network resources.
Availability problems in networking can be avoided, as an example of network security measures and it is necessary to include redundancy paths and failover strategies in the design stage, as well as to include Intrusion Prevention Systems (IPSs) that can monitor network traffic pattern, determine if there is an anomaly and block network traffic when needed.
Information security and network security each serve a specific purpose in your security infrastructure. Differentiate information...
Network Security Consider an automated teller machine (atm) in which users provide a personal identification number (pin) and a card for account access. Give examples of confidentiality, integrity, and availability requirements associated with the system and, in each case, indicate the degree of importance of the requirement.
Given the network security applications and countermeasures in the first column of the table below, explore answers to the following questions: Where does the application or countermeasure belong in the seven domains of a typical IT infrastructure? An application or countermeasure may span two or more domains. What confidentiality, integrity, and availability (CIA) function(s) does the countermeasure provide? Provide your answers in the table below. Network Security Applications and Domain(s) CIA Function(s) Countermeasures Intrusion detection system/intrusion prevention system (IDS/IPS) Cryptography...
The pyramid of security objectives are: Confidentiality, Integrity , Availability. Discuss what each term means and provide an example to support your discussion
The pyramid of security objectives are: Confidentiality, Integrity , Availability. Discuss what each term means and provide an example to support your discussion.
For this discussion, find a recent news story that details a breach in information security. The breach could have occurred in a government organization or in a private company. Give a high-level summary to provide context to your peers (including a link to the article), then, in your posting, include the following: What kinds of policies would have helped to prevent this breach? Why would the policies you suggest help the organization? What can the organization do differently (in regards...
Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control assessor Information System Owner (ISO) Information Owner/Steward When making determinations regarding the adequacy of common controls for their respective systems, Information System Owner (ISO) refer to the Common Control Providers’ (CCP) Privacy Impact Assessment (PIA) Business Impact Analysis (BIA) Authorization Packages Vulnerability Scans An organization-wide approach to identifying common controls early in the Risk Management Framework (RMF) process does which of the following? Considers...
CCD2- In your own words, explain what the following terms mean to you as they apply to information security and safe computing: Confidentiality, Integrity, and Availability. Why are these factors so important to businesses?
List the three major classes of carbohydrates and give a specific example of each. 2. Write the reaction (using words, not formulas) for the hydrolysis of sucrose. 3. Cellulose and amylose are both polysaccharides. What specific test can be used to differentiate between the two compounds? 4. What is the definition of a reducing sugar? 5. What purpose does the control test tube of water serve for the carbohydrate tests? Reminder: there is one more problem on the next page]
HOMEWORK 1: CS 386 (Cryptography) Due Date: January 25, 2018 1. Write short answers for each one of them a) Method of concealing data including messages, files, keys and passwords is known as: b) Method to protect blocks of data from being altered is known as c) What are three parts of CIA triad? d) What is the main difference between accountability and availability e) What is the ITU-T recommended security architecture for OSI called? 2. Explain the differences between...
Network Security Class Questions Which statement best describe the term “Network Enumeration”? (NOT SURE) Network Enumeration means by hackers scout target leverage techniques over the phone to make the target reveal critical information such as SSN, credit information Network Enumeration means “case the joint” this is another form of intelligence gathering Enumeration identifies and poorly protected resource shares are exploited to gain access Network Enumeration describe the motivation of a hacker and the level of ingenuity of the hackers All...