Network Security
- Understand the need for, and importance of, network security.
-
Explain the following methods of network security:
-
authentication
-
encryption
-
firewall
-
MAC address filtering.
-
Network Security
Networks must be kept secure
- If a hacker is able to access a network, they can gain access to many devices.
- This may allow the hacker to: steal data, install malware.
- Authentication, encryption, firewalls and MAC address filtering work together to maintain network security.
Network Security
-
Authentication ensures only authorised users can log into the network.
-
Encryption ensures only users with the decryption key can view the real.
-
MAC address filtering ensures only trusted devices can connect to the network, or ensures non-trusted devices cannot connect to the network.
-
Firewalls monitor and filter out traffic to and from undesirable locations.
Authentication
The process of confirming that a user is who they say they are.
Authentication
- First level of authentication are: usernames and passwords.
- Users have to enter their username and secret password.
- Multiple failed logins may result in a locked account.
Authentication
Better systems use two-factor authentication, which adds a second level of security to overcome after the user has entered their username and password.
- email/text, hardware key
- bio-metric data
- fingerprint
- face recognition
- voice recognition (banks)
Encryption
- Used to prevent data from being of any use if it is intercepted and read.
- Any transmitted data could potentially be intercepted.
- Sensitive data is encrypted to disguise its content.
Encryption
A key of 5 means shift 5 places.
plaintext | A | B | C | D | E | F | G | K | L |
ciphertext | F | G | H | I | J | K | L | M | N |
Caesar cypher with a key of 5.
Encrypting and decrypting data needs a key.
So LEAD becomes NJFI.
The computer would send NJFI and the key 5.
NOTE: Computers use a far more complicated system feel free to go research
Firewall
- A network security device.
- Monitors incoming and outgoing network traffic.
- Mainly to stop unwanted internet traffic gaining access to the network.
- Uses a set of rules to decide whether to allow or block traffic.
Firewall
- Executable files or data from a specific IP address may be blocked to prevent malware being installed on a system.
- Can be used to stop users getting access to certain websites or social media sites, that are not needed for work purposes.
Firewall
- Uses ports to let data in or out and these can be opened or closed as needed (e.g. port 80 is used for html).
- Many operating system include a software firewall, but firewalls can also be a hardware device. Routers often have a firewall built in.
MAC Address Filtering
- Media Access Control (MAC) is a unique number that identifies the actual device that is connected to a network.
- The MAC address is part of the network interface controller (NIC) inside the device.
- It is assigned when the device is manufactured and cannot be changed.
- The MAC address is made up of 48 bits, shown as six sets of two hexadecimal digits (e.g. b8:f3:54:98:c7:01).
MAC Address Filtering
- MAC address filtering is used to allow specific devices to access, or be blocked, from a network.
- A white list of MAC addresses is used to allow devices access to a network.
- A black list of MAC addresses is used to deny devices access to a network.
Questions
- Identify three methods which can be used to help keep networks secure.
- Give an example of how two-factor authentication may be used when signing up to a website.
- Explain why sensitive data is encrypted before it is sent on the internet.
- Explain the purpose of an IP address.
- Explain the purpose of a MAC address.
Answers
- Authentication
- Encryption
- Firewall
- MAC address filtering
- Identify three methods which can be used to help keep networks secure.
Answers
- A user enters their username and password.
- They then enter an email address or phone number (or both).
- A code is sent to the email address or phone.
- The user then enters the code they have been sent to gain access to the site.
- Give an example of how two-factor authentication may be used when signing up to a website.
Answers
Encryption disguises the content of the data so that it cannot be read if it is intercepted.
- Explain why sensitive data is encrypted before it is sent on the internet.
Answers
- An IP address identifies a network or a device on the internet.
- An IP address is added to identify the source and destination for data.
- The IP address is used to determine where to send the data.
- Explain the purpose of an IP address.
Answers
A MAC address uniquely identifies each device that is connected to a network.
- Explain the purpose of a MAC address.
5e Network Security
By David James
5e Network Security
Computer Science - Computer Networks - Network Security
- 626