Network Security

  • Understand the need for, and importance of, network security.
  • Explain the following methods of network security:

    • authentication

    • encryption

    • firewall

    • MAC address filtering.

Network Security

Networks must be kept secure

  • If a hacker is able to access a network, they can gain access to many devices.
  • This may allow the hacker to: steal data, install malware.
  • Authentication, encryption, firewalls and MAC address filtering work together to maintain network security.

Network Security

  • Authentication ensures only authorised users can log into the network.

  • Encryption ensures only users with the decryption key can view the real.

  • MAC address filtering ensures only trusted devices can connect to the network, or ensures non-trusted devices cannot connect to the network.

  • Firewalls monitor and filter out traffic to and from undesirable locations.

Authentication

The process of confirming that a user is who they say they are.

Authentication

  • First level of authentication are: usernames and passwords.
  • Users have to enter their username and secret password.
  • Multiple failed logins may result in a locked account.

Authentication

Better systems use two-factor authentication, which adds a second level of security to overcome after the user has entered their username and password.

  • email/text, hardware key
  • bio-metric data
    • fingerprint
    • face recognition
    • voice recognition (banks)

Encryption

  • Used to prevent data from being of any use if it is intercepted and read.
  • Any transmitted data could potentially be intercepted.
  • Sensitive data is encrypted to disguise its content.

Encryption

A key of 5 means shift 5 places.

plaintext A B C D E F G K L
ciphertext F G H I J K L M N

Caesar cypher with a key of 5.

Encrypting and decrypting data needs a key.

So LEAD becomes NJFI.

The computer would send NJFI and the key 5.

NOTE: Computers use a far more complicated system feel free to go research

Firewall

  • A network security device.
  • Monitors incoming and outgoing network traffic.
  • Mainly to stop unwanted internet traffic gaining access to the network.
  • Uses a set of rules to decide whether to allow or block traffic.

Firewall

  • Executable files or data from a specific IP address may be blocked to prevent malware being installed on a system.
  • Can be used to stop users getting access to certain websites or social media sites, that are not needed for work purposes.

Firewall

  • Uses ports to let data in or out and these can be opened or closed as needed (e.g. port 80 is used for html).
  • Many operating system include a software firewall, but firewalls can also be a hardware device. Routers often have a firewall built in.

MAC Address Filtering

  • Media Access Control (MAC) is a unique number that identifies the actual device that is connected to a network.
  • The MAC address is part of the network interface controller (NIC) inside the device.
  • It is assigned when the device is manufactured and cannot be changed.
  • The MAC address is made up of 48 bits, shown as six sets of two hexadecimal digits (e.g. b8:f3:54:98:c7:01).

MAC Address Filtering

  • MAC address filtering is used to allow specific devices to access, or be blocked, from a network.
  • A white list of MAC addresses is used to allow devices access to a network.
  • A black list of MAC addresses is used to deny devices access to a network.

Questions

  1. Identify three methods which can be used to help keep networks secure.
  2. Give an example of how two-factor authentication may be used when signing up to a website.
  3. Explain why sensitive data is encrypted before it is sent on the internet.
  4. Explain the purpose of an IP address.
  5. Explain the purpose of a MAC address.

Answers

  • Authentication
  • Encryption
  • Firewall
  • MAC address filtering
  1. Identify three methods which can be used to help keep networks secure.

Answers

  • A user enters their username and password.
  • They then enter an email address or phone number (or both).
  • A code is sent to the email address or phone.
  • The user then enters the code they have been sent to gain access to the site.
  1. Give an example of how two-factor authentication may be used when signing up to a website.

Answers

Encryption disguises the content of the data so that it cannot be read if it is intercepted.

  1. Explain why sensitive data is encrypted before it is sent on the internet.

Answers

  • An IP address identifies a network or a device on the internet.
  • An IP address is added to identify the source and destination for data.
  • The IP address is used to determine where to send the data.
  1. Explain the purpose of an IP address.

Answers

A MAC address uniquely identifies each device that is connected to a network.

  1. Explain the purpose of a MAC address.

5e Network Security

By David James

5e Network Security

Computer Science - Computer Networks - Network Security

  • 626