Petshop Advertisement
Network Security Principles
[pic]
What is Network Security?
Network security is the protection of information and systems and hardware that use, store, and transmit that information.
Goals of an Information Security Program
• Confidentiality
-Prevent the disclosure of sensitive information from unauthorized people, resources and processes .
• Integrity
-The protection of system information or processes from intentional or accidental modification .
• Availability
-The assurance that systems and data are accessible by authorized users when needed .
Risk Management
• The process of assessing and quantifying risk and establishing an acceptable level of risk for the organization .
• Risk can be mitigated, but cannot be eliminated .
Network Security “Threat“
• A potential danger to information or a system
• An example: the ability to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt the system or network
• There may be weaknesses that greatly increase the likelihood of a threat manifesting
• Threats may include equipment failure, structured attacks, natural disasters, physical attacks, theft, viruses and many other potential events causing danger or damage .[pic]
Network Threats
• Impersonation
• Eavesdropping
• Denial-of-service
• Packet replay
• Man-in-the-middle
• Packet modification
[pic]
Vulnerability
• A network vulnerability is a weakness in a system, technology, product or policy
• In today’s environment, several organizations track, organize and test these vulnerabilities
• Each vulnerability is given an ID and can be reviewed by network security professionals over the Internet.
Vulnerability Appraisal
• It is very important that network security specialists comprehend the importance of vulnerability appraisal
• A vulnerability appraisal is a snapshot of the current security of the organization as it now stands
• What
[pic]
What is Network Security?
Network security is the protection of information and systems and hardware that use, store, and transmit that information.
Goals of an Information Security Program
• Confidentiality
-Prevent the disclosure of sensitive information from unauthorized people, resources and processes .
• Integrity
-The protection of system information or processes from intentional or accidental modification .
• Availability
-The assurance that systems and data are accessible by authorized users when needed .
Risk Management
• The process of assessing and quantifying risk and establishing an acceptable level of risk for the organization .
• Risk can be mitigated, but cannot be eliminated .
Network Security “Threat“
• A potential danger to information or a system
• An example: the ability to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt the system or network
• There may be weaknesses that greatly increase the likelihood of a threat manifesting
• Threats may include equipment failure, structured attacks, natural disasters, physical attacks, theft, viruses and many other potential events causing danger or damage .[pic]
Network Threats
• Impersonation
• Eavesdropping
• Denial-of-service
• Packet replay
• Man-in-the-middle
• Packet modification
[pic]
Vulnerability
• A network vulnerability is a weakness in a system, technology, product or policy
• In today’s environment, several organizations track, organize and test these vulnerabilities
• Each vulnerability is given an ID and can be reviewed by network security professionals over the Internet.
Vulnerability Appraisal
• It is very important that network security specialists comprehend the importance of vulnerability appraisal
• A vulnerability appraisal is a snapshot of the current security of the organization as it now stands
• What