A Guide to Computer Network Security - Assignment Example

Network Security Introduction Information is an imperative asset of any business, coming second after thehuman resources1. The communication entities constitute a key section of the information sharing process within any organization, as well as, at the personal level. Therefore, the composition of all entities of communication making up a communications network requires extensive care and protection from threats. Notably, this constitutes the network security, in which varied activities are in place to protect the network. However, in establishing the effective security measures, it is essential to identify the notable threats to network security. The protection of the network has significant benefits to the users of the communication network services. Threats to communication networks There are several threats to the communication network security. These threats in aspects are classified basing on the purposes and the intended goals of the attack on the security network. Establishing a working knowledge of the varied categories of the threats can easily help in organizing the security strategies to undertake in combating the threats. In the context of the attacks, the first security threat is spoofing. Spoofing is a security threat that entails the attack attempting to gain entry into the system by suing a false identity2. The process of spoofing occurs through several means, including the use of stolen user credentials or using a false IP address to access the system3. In this concept of the threat, the attacker successfully gains access to the system as a legitimate user or host. Consequently, in the process, they can easily begin their abuse of the system, causing malicious damages to the system or corrupting the information within the system. Another threat is tampering. Tampering in its simplified approach entails the modification of the data within the communication system4. For instance, in the case where data is flowing between two given computers, the attacker easily gains access to that data and creates modifications, which the receiver will receive the original data. However, in essence, this information is faulty; hence, becoming a threat to the network system. Another threat to the network security is that of repudiation. Notably, repudiation is difficult to prove as it entails the users, both legitimate and illegitimate performing specific transactions with the system, causing changes in the system5. Moreover, the threat of information disclosure is another elemental threat to information security. Information disclosure as a threat occurs when there is unwanted exposure of the private data in the communication system. For instance, over the network, the user may view information or a file that is not authorized for them to open6. In illustration, some other aspects of the disclosure include the use of hidden form files or comments embedded Web pages containing database connection strings, revealing the internal system contents to the attacker. The information the attacker gains may use it to manipulate the client. An attacker may also use the threat of denial of service on the network. In this concept of the threat, the denial of service means that the attacker makes and application or an entire system unavailable for the client to use. For instance, a denial of service can occur when the attacker bombards the server with numerous requests that consume the entire resources of the system by giving it malformed input data, which in effect crashes the application process7. This is particularly a major threat for the web users. The greatest threat to network security in frequency of occurrence is the use of viruses. Viruses in the network are passed in varied forms and from different components, such as infected emails or infected USB devices8. The most common and dangerous of the viruses includes Worms and Trojans, which impose their malignancy on the system causing notable damages to the network security. The after effects of the virus attack are also major threats to the network security. These after effects entail the backdoors left in the wake of the virus. When the system fails to rid the primary attack, a backdoor attack is eminent on the system9. Hacking, particularly the application-specific hacks constitute another core threat to the information systems. The last of the threats to the network security entails the network security omissions. The first of the omissions is the use of weak or faulty passwords are also a threat to the network security as the attacker can easily manipulate the system to gain access. Misconfigured firewalls are also a dangerous element to the security of the network10. This entails the assumption that the firewall configuration is fine, when in actual sense, it is not. The attacker easily digs into the firewall rule base, identifying the configuration weaknesses; hence, posing a threat to the network security. Lastly, the presence of a missing patch in the system gives the attacker or a rogue insider to access unauthenticated command prompt, which can impair the entire network system11. Thus, it is essential to incorporate the updated security patches to avoid these threats on the system. Role of encryption in network security Encryption entails the processes of converting the electronic data to a different form usually called the cyphertext, which is not easy to understand except by the authorized parties12. Notably, in the process of encryption, the primary role is to facilitate the protection of the confidentiality of the digital data that is stored in the computer system or being exchanged with the network system13. The establishment of the modern encryption algorithms is vital to the assurance of the security of the information technology systems and communication, as they facilitate several security measures in addition to confidentiality. While the other security procedures and products seek to detect intrusions and block them or physically backup data, encryption simply renders the most sensitive information unreadable, irrespective of whether the hacker or threat gains access to the information. Encryption works through the procedures of encoding and decoding the files14. It entails applying complex mathematical and logical designs to establish strong encryption of the information. Therefore, for one to understand the information, they must have the decoding procedures for the encrypted data15. The file encryption activity can significantly facilitate network security measures to the computer and the entire network, protecting the individual files or entire information system worth of information. The elemental significance of the encryption process includes that it facilitates authentication to the data. Authentication means that it is easy to verify the origin of the message in transit16. This is the key to securing the information systems. Another role is that it maintains the integrity to the data and information in the network17. Integrity facilitates proof that the message content is accurate, and that is it has not been changed through the transmission channels. Integrity of data is the key aspect of proofing the security of the network system. Therefore, through encryption, the data integrity is easily established. Additionally, the encryption process also has the role of facilitating non-repudiation. In the threat of repudiation, it is remarkably difficult to establish the sender of the message. Thus, it is difficult to establish the source of a threat to the network security. However, with encryption, it simply implies the sender of the message or data cannot deny having sent the message. It is easy to track the message back to its sender. Therefore, encryption mitigates this threat of repudiation, hence, facilitating security to the network system. The benefits of network security In everyday business, the computer networks face an increase in new threats to the security of the systems. In effect, network security provides several benefits to the clients and users of the information system. To begin with, network security facilitates risk mitigation18. Among the most elementals tasks of network security within the technological environment is risk mitigation. The procedures of risk mitigation ensure that there is minimum risk exposed to the data and information in the network systems from the viruses and malware infections, as well as, hacker attacks. Risk mitigation can be expensive and difficult to establish, and most organizations establish an IT department to facilitate the mitigation of the risks entailed in network threats. Thus, mitigation is an elemental benefit of network security. Another benefit of the network security is that it provides an increased network performance. The network security threats in effect cause a decreased performance of the systems, which in return impairs the output and productivity of the given organization or individual efforts. The threats do create a downtime and lag cost money causing losses to the organization. However, with established network security, the issues related to performance are eliminated, increasing the performance of the network. In effect, the managed network security ensures that the peak performance facilitates efficiency in performance for the organization and its network. Moreover, it is stressing for the staff working in an organization with increased network security threats. Therefore, the network security measures do facilitate the evasion of the stresses associated with network failures caused by the network threats. Managing the network services is not easy, and its possibility of failure from the attacks puts the staff of the organization at higher risk of stress. Therefore, network security reduces the stress for the management team of the organization. Further, established network security facilitates faster and more proactive problem resolution. In most approaches to fixing problems, people take the reactive stance, which means they act only in response when the issue arises. Thus, employing the network security measures is rather a more proactive approach, which combats the issue even before it arises19. This notably benefits the organization or the owner of the data as they can easily pinpoint the issues thereof before they cause problems o the network performance. This maintains high stands of performance and stability of the network system. Network security does facilitate a proactive approach to managing the information content of the network system20. Moreover, establishing network security lowers the costs for the owners of the information systems, as they can guard against threats that would cost more to fix when they cause damage to the system. Moreover, cost-effectiveness is an essential aspect of the operation, as money and time are key factors of consideration in applying the network services21. Thus, establishing a network security provides the users with a way of reducing costs and time wastage that would result from the presence of the network threats. For instance, the network threats would cause the task to last longer, and production to decrease; hence, impairing the performance. However, with proper security management of the network, these elements are eliminated22. It also removes the would need for exhaustive investigators and technical experts for troublesome elements within the network system. Notably, in advantage aspects, the network security facilitates protection to the personal data of the client that exists within the network. It facilitates the protection of the information shared between the computers connected to the network. The prevention of the external attacks also protects the physical computers from harm, ensuring proper functioning and more service from the information system components. Authentication and access control Initially, authentication was synonymous with the use of password systems to restrict access. However, in present systems, authentication services for networks entails system actions that provide proof of identity without describing the privileges of any entry process23. The system runs a series of programs that determine the proof of identity, basing on the operations that must be performed. The authentication also uses the verification of the password, by comparing the previously used password to currently input password, additionally, to establish stronger authentication for the network systems, more complex measures are involved, which include the use of cryptography24. Encrypting helps in crediting the user of the system, as the attacker cannot gain access to the information with a false claim of identity25. The objective of authentication and access control measures is to ensure that the appropriate users gain access to the information within the set networks or computers. The use of access control policy is essential to the management of the network system for security. The policies need be set, established, documented and reviewed periodically to keep track with the needs and external influences of the business. The authentication and access control take account of the security threats entailed in the network systems and given security risks for particulate data types26. Further, it also considers the relevant legislative and regulatory requirements, to ensure relevance to the obligations of service within the business environment. Thus, with the establishment of the elemental factors expected, and consistency of policies across the systems, the procedures of authentication and access control achieve their purpose in the network security systems. Modern access control systems incorporate the use of integrated enterprise user and identity databases and strong end-to-end audit of the entire personal attributes, before allowing the user into the information systems. Conclusion In the age of digitization, convergence of physical and computer access control is key to managing the network security. The establishment of the threat to the network security is the key to developing the procedural countermeasures to the threats. Therefore, understanding the importance of the information security facilitates the users of the information systems with knowledge of the need for network security. Network security is immeasurably important. Bibliography ACNS (Conference), Jianying Zhou, and Moti Yung. Applied Cryptography and Network Security: 8th International Conference, ACNS 2010, Beijing, China, June 22-25, 2010 : Proceedings. Berlin: Springer, 2010. EC-Council Press. Security Policy and Threats. Clifton Park, NY: Course Technology Cengage Learning, 2011. Kizza, Joseph Migga. A Guide to Computer Network Security. London: Springer, 2009. Stallings, William. Cryptography and Network Security: Principles and Practices. Delhi: Pearson Education, 2006. Stewart, James Michael. Network Security Firewalls & VPNs. Mississauga, Ont: Jones & Bartlett Learning, 2010. Read More