8/3/2019 NS Chapter 1

1/3

1. Why network security is needed and How to maintain?Ans:

Why network security is needed

y The network security is needed to prevent the hackers or outsider to hack into the networkmake adjustment to the files, database, reading the confidential files or informations etc.

y For example: consider a bank without a network security anybody could just log in and look intoyour details, transfer money in or out of your account.

y Almost daily we read about the computer and network viruses either about a new attacks or thedangerous of more potent viruses that are difficult to track and stop. Due to this we are strongly

encouraged install antivirus software if we own a computer.

y For example: the attack on the internet which will prevent not able to access your favoritewebsites for several hours.

How to maintain a network security

y The network security can be maintained by authenticating the user, commonly with a usernameand strong password.

y Once authenticated, a firewall enforces access policies such as what services are allowed to beaccessed by the network users.

y Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action ofsuch malware, worms, Trojans.

y Use an optional network analyzer or network monitor.y Have a back-up policy to recover data in the event of a hardware failure or a security breach

that changes, damages or deletes data.

y Implement physical security management like closed circuit television for entry areas andrestricted zones.

2. Write a short note on Management principle?Ans: The management principles describes the network security policies in a general term what will

be done, but does not deal with the way protection is to be achieved.

y The network security policy needs to clearly state managements position about the importanceof the network security and the information or items that are to be protected.

y The management at all levels, need to support the policies and periodically reinforce it withemployees in various ways.

y For a company to manage information security on the network must have the followings:o A network security policy which clearly defines the reason why the security is important.o Clearly defined roles and responsibilities to ensure that all aspects of security are

performed.

o A security implementation plan which describes the steps needed to implement thepolicy.

o An effective implementation of appropriate security hardware and software.o A plan to deal with the any security threats that occurs.o A management review process that ensures security policies are standards are

adequate, effective.

8/3/2019 NS Chapter 1

2/3

3. Write a short note on Security principles?Ans: The focus of security is to prevent the threats such as gaining access to our computer and

network, if we assure this than we had obtained security.

y Every security technique and technology fall into at least of the three elements.o Preventiono Detectiono Response

y Therefore the security equation can be represented as:o Protection = prevention + (detection + response)

y Where prevention deals with the access controls, firewalls, encryption.y Where detection deals with audit logs, intrusion detection system, honeypots.y Where response deals with backups, intended response teams, computer forensics.y There are three ways a an organization can choose to address the protection of its networks:

o Ignore security issues, provide host security and approach security network.o Hosts security with prevention as well as detection and response components.o Network security with prevention as well as detection and response components.

4. List and explain security attacks?Ans: The security attacks are:

1. Denial of service(DOS):y The DOS attacks take place when availability to a resource is intentionally blocked or degraded

by an attacker.

y These types of attacks can occur through one or two vectors: either on the local system, orremotely from a access network.

y The attack may concentrate on degrading the processes, destroying files to render the resourceunusable or shutting down the part of the system.

2. Information leakage:y Information leakage is typically abused resource that precludes attack.y Information leakage takes place when confidential information is hacked by an attacker.y For example: Information leakage of bank account details of a user.3. Regular file access:y Regular file access can give an attacker several means from which to launch an attack.y Regular file access may allow an attacker to gain access to sensitive information such as the

username or passwords of users on a system.

y Regular file access could also lead to gaining access to other files in a other ways such aschanging a permission or ownership of file.

4. Misinformation:y The misinformation attack takes place when a sender sends a message or information which is

modified by an attacker and incorrect information is sent to the receiver by an attacker.

5. Special file or Database access:y The special file or database access attack takes place when attacker uses special files and

database access to gain access to a system.

8/3/2019 NS Chapter 1

3/3

y These special files although different in structure and function but exists in all systems and allplatforms.

6. Remote arbitrary code execution:y Arbitrary code execution is used to describe an attacker's ability to execute any commands of

the attacker's choice on a target machine or in a target process.

y Remote arbitrary code is serious in nature because it often does not require authentication andtherefore may be exploited by anybody.

7. Elevation of Privileges:y The elevation of privileges is certainly the most common attack.y An elevation of privileges attacks occurs when user gain access to the resources that were not

authorized previously. These resource may be anything from remote access to a system to

administrative access on a host.

5. Describe qualities of good network?Ans: Computer network must respond to many needs. These needs often collide.

y The conflict starts with the incompatibility of access and security needs.y You must protect your most important information, at the same time it should be accessed by

only authorized users.

y Therefore need for security will always conflict with the need for access.y A network must have qualities like followings:

o Network should work together.o Their operation should be transparent to the users.o They must provide a remote access.o They must maintain peak performance.