I have choosen network security.
Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.
Network security starts with authentication, commonly with a username and a password. Since this requires just one detail authenticating the user name—i.e., the password—this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g., a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is also used (e.g., a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis. Newer systems combining unsupervised machine learning with full network traffic analysis can detect active network attackers from malicious insiders or targeted external attackers that have compromised a user machine or account.
Communication between two hosts using a network may be encrypted to maintain privacy.
Following are common threat vectors attackers can use to penetrate your network.
1. Unauthorized access
Unauthorized access refers to attackers accessing a network without
receiving permission. Among the causes of unauthorized access
attacks are weak passwords, lacking protection against social
engineering, previously compromised accounts, and insider
threats.
2. Distributed Denial of Service (DDoS)
attacks
Attackers build botnets, large fleets of compromised devices, and
use them to direct false traffic at your network or servers. DDoS
can occur at the network level, for example by sending huge volumes
of SYN/ACC packets which can overwhelm a server, or at the
application level, for example by performing complex SQL queries
that bring a database to its knees.
3. Man in the middle attacks
A man in the middle attack involves attackers intercepting traffic,
either between your network and external sites or within your
network. If communication protocols are not secured or attackers
find a way to circumvent that security, they can steal data that is
being transmitted, obtain user credentials and hijack their
sessions.
4. Code and SQL injection attacks
Many websites accept user inputs and fail to validate and sanitize
those inputs. Attackers can then fill out a form or make an API
call, passing malicious code instead of the expected data values.
The code is executed on the server and allows attackers to
compromise it.
5. Privilege escalation
Once attackers penetrate your network, they can use privilege
escalation to expand their reach. Horizontal privilege escalation
involves attackers gaining access to additional, adjacent systems,
and vertical escalation means attackers gain a higher level of
privileges for the same systems.
6. Insider threats
A network is especially vulnerable to malicious insiders, who
already have privileged access to organizational systems. Insider
threats can be difficult to detect and protect against, because
insiders do not need to penetrate the network in order to do harm.
New technologies like User and Even Behavioral Analytics (UEBA) can
help identify suspicious or anomalous behavior by internal users,
which can help identify insider attacks.
Network Protection Best Practices
Segregate Your Network
A basic part of network security is dividing a network into zones
based on security requirements. This can be done using subnets
within the same network, or by creating Virtual Local Area Networks
(VLANs), each of which behaves like a complete separate network.
Segmentation limits the potential impact of an attack to one zone,
and requires attackers to take special measures to penetrate and
gain access to other network zones.
Regulate Access to the Internet via Proxy
Server
Do not allow network users to access the Internet unchecked. Pass
all requests through a transparent proxy, and use it to control and
monitor user behavior. Ensure that outbound connections are
actually performed by a human and not a bot or other automated
mechanism. Whitelist domains to ensure corporate users can only
access websites you have explicitly approved.
Place Security Devices Correctly
Place a firewall at every junction of network zones, not just at
the network edge. If you can’t deploy full-fledged firewalls
everywhere, use the built-in firewall functionality of your
switches and routers. Deploy anti-DDoS devices or cloud services at
the network edge. Carefully consider where to place strategic
devices like load balancers – if they are outside the Demilitarized
Zone (DMZ), they won’t be protected by your network security
apparatus.
Use Network Address Translation
Network Address Translation (NAT) lets you translate internal IP
addresses into addresses accessible on public networks. You can use
it to connect multiple computers to the Internet using a single IP
address. This provides an extra layer of security, because any
inbound or outgoing traffic has to go through a NAT device, and
there are fewer IP addresses which makes it difficult for attackers
to understand which host they are connecting to.
Monitor Network Traffic
Ensure you have complete visibility of incoming, outgoing and
internal network traffic, with the ability to automatically detect
threats, and understand their context and impact. Combine data from
different security tools to get a clear picture of what is
happening on the network, recognizing that many attacks span
multiple IT systems, user accounts and threat vectors.
Achieving this level of visibility can be difficult with traditional security tools. Cynet 360 is an integrated security solution offering advanced network analytics, which continuously monitors network traffic, automatically detect malicious activity, and either respond to it automatically or pass context-rich information to security staff.
Use Deception Technology
No network protection measures are 100% successful, and attackers
will eventually succeed in penetrating your network. Recognize this
and place deception technology in place, which creates decoys
across your network, tempting attackers to “attack” them, and
letting you observe their plans and techniques. You can use decoys
to detect threats in all stages of the attack lifecycle: data
files, credentials and network connections.
Cynet 360 is an integrated security solution with built-in deception technology, which provides both off-the-shelf decoy files and the ability to create decoys to meet your specific security needs. , while taking into account your environment’s security needs.
Network Attacks Detection and Protection with Cynet 360
Cynet 360 is a holistic security solution that protects against threats across the entire network. Cynet uses intelligent technologies to help detect network attacks, correlating data from endpoints, network analytics and behavioral analytics to present findings with near-zero false positives.
Cynet’s features include:
Note: Plzzz don' t give dislike.....Plzzz comment if u have any problem i will try to resolve it.......
Choose one of the below areas in Cybersecurity including network security, software security, web security, operating...
Using your reading and the Internet, provide a one-page response detailing the relevance of physical security in the cybersecurity arena. Write a few short paragraphs and feel free to use bullets. Part 1: Compile Cyber Investigation Guidelines (3 points) Using your reading and the Internet, provide a response detailing the chain of custody considerations to enable you to collect evidence that will useful for a legal prosecution. Write short paragraphs guiding IT employees regarding the need to protect evidence and...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...
Read the case study "Google, Apple, and Facebook Struggle for Your Internet Experience" on page 255. Then discuss the advantages and disadvantages for each company. BUSINESS PROBLEM-SOLVING CASE Google, Apple, and Facebook Battle for Your Internet Experience Apple has a legacy of innovation on its side. In Three Internet titans Google, Apple, and 2011, it unveiled the potentially market disrupting Facebook are in an epic struggle to dominate your Siri (Speech Interpretation and Recognition Internet experience, and caught in the...
Please help! Your task is to select an idea, improvement or opportunity that could be applied in a business operation. Describe the business and the project you might initiate. You will need to describe and define the project in context. Explain why such a project would be beneficial. What procedures might you use to ensure that the project was sponsored and supported by the organisation? Define the project, write a project narrative and develop a project plan, including the processes...
Please help! Your task is to select an idea, improvement or opportunity that could be applied in a business operation. Describe the business and the project you might initiate. You will need to describe and define the project in context. Explain why such a project would be beneficial. What procedures might you use to ensure that the project was sponsored and supported by the organisation? Define the project, write a project narrative and develop a project plan, including the processes...
CASE 8 Unlocking the Secrets of the Apple iPhone in the Name of access the male San Bernardino suspect's iPhone 5c. Cook stated: Antiterrorism We are challenging the FBI's demands with the deepes respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications While we believe the FBI's intentions are good, if would be wrong for the w e nt to force...
First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below Include each of the following in your answer (if applicable – explain in a paragraph) Research problem: what do you want to solve using Delphi? Sample: who will participate and why? (answer in 5 -10 sentences) Round one questionnaire: include 5 hypothetical questions you would like to ask Discuss: what are possible outcomes of the findings from your study? Hint: this is the conclusion....
St. Francis Assisted Living Facility St. Francis Medical Center, a 450 bed rehabilitation non-profit hospital began to see a significant decline in admissions. St. Francis' mission focuses on inpatient and outpatient rehabilitation of the severely injured and catastrophically ill. While the patient census varied from month to month, it appeared to the St. Francis Board of Trustees that the inpatient population was slowly but steadily declining. The hospital's market researchers reported that fewer people were being severely injured due to...
Below is the information: It is important to understand the different leadership styles employed by nursing leaders in healthcare organizations and to understand their significance on nursing practice and patient outcomes, for better or for worse. Objective: Read the articles from Nursing Standard (PDF) and Bradley University (PDF). In -250 words, formulate an opinion on the following: 1. Reflect on an occasion where you experienced ineffective leadership (doesn't have to be in the hospital). What behaviors did they display? What...