Security Basics

What is Network Security?

Network security refers to the measures and practices used to protect computer networks and the data they handle from unauthorized access, misuse, or damage. Think of it as locking your house, setting up an alarm system, and installing security cameras to keep burglars out and protect your valuables. In the digital world, “valuables” are things like personal information, passwords, financial data, and company secrets.

The CIA Triad

The CIA Triad is a model for keeping information safe, focusing on three main principles:

  1. Confidentiality: Keeping information secret and accessible only to those who are authorized. For example, your online banking details should only be known to you and the bank.
  2. Integrity: Ensuring that information is accurate and hasn’t been tampered with. Imagine someone editing a contract you signed without your permission.
  3. Availability: Ensuring that information and services are accessible when needed. For instance, you should be able to log into your email account whenever you need it.

Risk, Threats, and Threat Actors

  • Risk: The possibility that a threat could exploit a vulnerability and harm your network. For instance, not updating your antivirus software increases the risk of malware infection.
  • Threat: Anything that can exploit a vulnerability to damage your network. Threats are of two types:
    • Internal Threats: Come from inside your network, like:
      • Lost or stolen devices (e.g., a stolen work laptop containing sensitive data).
      • Malicious employees (e.g., someone intentionally leaking company data).
      • Accidental misuse (e.g., clicking on a phishing link by mistake).
    • External Threats: Come from outside the network, like:
      • Malware (e.g., viruses, worms, Trojans).
      • Spyware and adware (programs that steal information or show unwanted ads).
      • Identity theft (stealing someone’s personal data to impersonate them).
      • Denial of Service (DoS) attacks (overloading a system so it crashes).
  • Threat Actors: The people or groups behind threats. These include hackers, cybercriminals, or even nation-states.
  • Attack Vector: The method or pathway a threat actor uses to carry out an attack. Examples include phishing emails, infected USB drives, or unpatched software vulnerabilities.

Examples of Threats to the CIA Triad

  • Confidentiality:
    • Snooping/Eavesdropping: Someone listens to your private conversations or reads your emails.
    • Wiretapping/Sniffing: Hackers intercept data traveling over a network.
    • Dumpster Diving: Searching through trash to find sensitive information like passwords.
  • Integrity:
    • Man-in-the-Middle (MITM) Attack: A hacker secretly intercepts and alters communication between two parties.
    • Replay Attack: A hacker captures data (like login credentials) and uses it later to impersonate the user.
  • Availability:
    • DoS/DDoS Attacks: Flooding a website with traffic until it crashes.
    • Service Outage: A company’s servers go down due to power failure.
    • Hardware Failure: A hard drive crash that takes down critical systems.

Purpose of AAA and ACL

  • AAA (Authentication, Authorization, and Accounting):
    • Authentication: Verifies who you are (like logging into your account with a password).
    • Authorization: Determines what you’re allowed to do (e.g., accessing certain files or programs).
    • Accounting: Tracks what you do (e.g., keeping logs of your activity for auditing).
  • ACL (Access Control List): A set of rules that control who can access a network and what they can do. For example, an ACL might block certain devices from connecting to your Wi-Fi.

Both AAA and ACL are necessary to enforce strict control over network access and activity, reducing the risk of unauthorized use.

Devices and Software for Network Security

  • Home Network:
    • Devices: Router with a built-in firewall, antivirus software, and smart home security cameras.
    • Why? Protects against unauthorized Wi-Fi access and malware while securing smart devices.
  • Business Network:
    • Devices: Firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
    • Software: VPNs (Virtual Private Networks) for secure remote access and enterprise-grade antivirus solutions.
    • Why? Businesses handle more sensitive data and need stronger protection against sophisticated attacks.

Why Use Multiple Layers of Security?

Multiple layers of security ensure that even if one layer fails, others can still protect your network. For example, if a hacker bypasses your firewall, your antivirus software or ACL can block them. It’s like having locks, alarms, and cameras at home—you don’t rely on just one measure.

Analogy: Securing Your Home

Think of your network as your home:

  • Locks on doors and windows = Passwords and firewalls.
  • Alarm system = Intrusion detection systems.
  • Security cameras = Monitoring tools like network logs.
  • Neighborhood watch = Educating yourself and your family about online safety.

Just as you wouldn’t leave your house unlocked, you shouldn’t leave your network unprotected. Multiple measures working together keep your digital and physical worlds safe.

Previous Lesson
Back to Lesson
Next Topic