ICT

Key Unit Competence

explain network security and apply basic security measures.

9.1 Introduction to Network security

network security consists of policies implemented to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

It includes all technologies designed to protect the usability and integrity of computer network and information.

Implementing network security can save a business from malicious hacking and virus attacks that could cause a great data loss.

network security and privacy are major issues in data communications.to deal with internal and external security threats, networks need to be safeguarded with antivirus and firewall solutions. Good computer networks must meet performance levels expected. Good networks should also be reliable, consistent, and meet recovery procedures and security criteria to maintain smooth flow of data in an organization.

Activity 9.1

Research on the internet or library books and answer the following questions.

1. explain the meaning of the term network security.

2. Distinguish between the terms security and threat.

3. Identify security threats that are common with computer networks today.

4. suggest solutions that can be used to safeguard a computer network.

5. What are computer viruses? What risks are involved when a computer virus attacks your system?

6. How do you get to know that your computer is having a virus?

7. explain what you can do to protect computer system from viruses.

Practical

8. scan your computer with installed antivirus. If viruses are found, delete them. turn on your internet connection and allow the antivirus to auto update itself (or if it requests for permission to do so allow it). scan any available external disk e.g. flash drive before use.

9.2 Definitions of terms

• Security:this is a state of feeling safe and protected. something that provides a sense of protection against attack, harm or loss is security.

    ·Computer security means techniques developed to safeguard information stored on        computer network.

• Threat: this is a possible danger that might exploit a vulnerability to breach/break security and therefore can cause damage, pain and loss. Vulnerability is a weakness in a system which allows an attacker to reduce system’s information assurance.
  

• Authentication: this is a process used to identify individuals based on username and password. this process establishes whether;

 ·someone or something is in fact who or what is declared to be.

 ·Authentication ensures that the individual is who he or she claims to be but nothing about access rights of an individual.

  ·Authentication proves that somebody or something is genuine or valid. Authentication is a security measure and uses data encryption to identify the user and verify that the message was not tampered with.

• Authorization: this is permission to perform action.
  
• Encryption: this is the process of encoding messages between two or more parties information such that hackers cannot read the message/information except the authorized parties. Restricted/sensitive information include:
  

• Identity information such as social security numbers, identification card numbers, driving license numbers, etc.
  
• Financial account information i.e. saving and credit card numbers, etc.
• student record information e.g. learner’s grades, financial aid information, etc.
• Medical record information e.g. diagnoses, treatment information, etc.

Note: If your computer is lost or stolen and you have encryption activated, people who try to access information on the computer won’t be able to read it.

Note: Encoding is a method designed to protect the integrity of data as it crosses networks and systems i.e. to keep original message upon arriving at destination.

Importance of encryption

1. encryption protects data in transit i.e. via computer networks like internet, e-commerce, mobile phones, wireless microphones, blue tooth devices and Automated teller machines.

2. It is used today to protect information on computers and storage devices such as flash drives belonging to civilians.

3. It is used by governments and in the military to facilitate secret communication.

Decryption: this is the process of decoding messages information such that authorized parties can read them.sensitive information stored on computer must be encrypted (using encryption key) so that it cannot be understood if it is accessed without using a (decryption key) to decrypt the information.

Additional information for Picture 9.1. above

elements of communicating data on a network include:

(i) Sender:this is a computer where message has been created by the user.

(ii) Encryption:this is the process of converting/encoding the message. the message is encrypted into cypher text form that cannot easily be understood.

(iii) the information is transmitted into cypher text to the receiver

(iv) Decryption:this is the process of decoding or reconverting cypher text to original message so that it is easily understood by the receiver.

(v) Receiver:this is a computer where the reader accesses the message.

Firewall: A firewall is a security software designed for preventing/blocking unauthorized access to data and system software on a computer network.

Note: A firewall is a piece of software or hardware. Firewall acts as a protection line between your network and the external threats from internet or other networks.

the firewall keeps track of every file that enters or leaves the local network so as to detect the sources of viruses and other problems that might enter the network.

9.3 Importance of computer security

Computer security is the protection of computer systems from threat that can damage software, hardware, and information and from disruption and misdirection of the services they provide.

the major importance of computer security is:

• protect the computer
• protect data
• protect user’s identification

this is mainly because data present in the computer can be misused by unauthorized intrusions.

Purpose of computer security is to:

• keep your information on computer protected
• maintain your computer’s overall health
• help prevent viruses and malware
• help programs run more smoothly.

9.4 Security threats

A security threat is anything that has the potential to cause serious harm to a computer system. threats can lead to attacks on computer systems and networks.

9.4.1 Origins of threats

Deliberate: I.e. aiming at information asset, for instance spying and illegal processing of data. Deliberate threat is planned intentionally.

Accidental: e.g. equipment failure or software failure. this occurs unexpectedly.

Negligence:I.e. known but neglected factors that can compromise network safety. negligence comes from paying less attention on a serious issue at hand.

Environmental:I.e. natural event and loss of power supply. this is generated by nature or condition of service.

9.4.2 Threats can be classified into two main categories

Intended threats:Include people within the organization. this is the most dangerous threat.

External threat:Include people outside the organization such as thieves, hackers.

The following are the threats in general that commonly affect systems:

• Physical damage such as fire, water, and pollution.
• natural disasters such as volcanic eruptions, climatic changes.
• Loss of essential services such as electrical power, air conditioning and telecommunication.
• Compromise of information e.g. hacking, theft of media.
• technical failures; equipment, software or capacity saturation.
• Compromise of functions i.e. error in use, abuse of rights and denial of actions.

9.4.3 Computer networks attacks

• Computer Viruses: Viruses are malicious programs that can corrupt your data on hard disk, delete most important operating system files, slow your computer operations and can make the system to crash. Viruses can also allow hackers to run programs on your computer or allow access to your files.

• Spyware: A big threat to online computers. Spyware is a software code installed on a computer without user’s knowledge to monitor or supervise user activities.
  

·Gather personal information and can transmit it without your knowledge.

·Change computer settings.

·Corrupt windows Registry files.

·slow down internet connection speeds and the machine itself.

·steal your privacy.·take up memory and space on your computer.

·Can make a computer to malfunction or totally crash.

• Trojan horse (or Trojan): this is malware (malicious software) that is disguised as legitimate software. In computing, a trojan is any malicious computer program which misrepresents itself as useful, routine, or interesting in order to persuade a victim to install it on computer. trojans do not replicate themselves and appear harmless but in fact malicious.

• Social Engineering:this is a method used by hackers to gain access to computer systems by exploiting human behavior.In computer networking and security; social engineering is a collection of methods used to trick internal computer users to carry out specific actions or revealing confidential information thus breaking normal security procedures.
  

• Identity Theft: this occurs when personal information is obtained by unauthorized individuals who then use the information to commit a crime such as fraud or theft.everyone is at risk of identity theft. therefore, be careful managers of personal information, identification, and passphrases to help minimize your risk.

• Sabotage by employees:sabotage is malicious damage done usually by annoyed employees. An employee can intentionally enter data incorrectly, destroy hardware or delete sensitive data, changing known passwords and disappearing with customer information. the major solution is to regularly monitor employees’ activities and limit their access to certain sensitive systems or resources.

• Denial of Services Attack (D o SA): this is a method used by hackers to send too many requests to a specific server thereby using all available resources. this leads the server to become unavailable for internet users or crash down.
  

• to protect physical equipment against fire and burglary, put in place fire extinguishers against fire, use metallic doors and windows with strong padlocks against theft. security cameras and burglar alarms and security guards are used to detect theft.
• Use UPS (Uninterruptible Power supply) to protect system failure and data loss due to the power failure. A UPS is a power backup device. UPS keeps power for about 15 minutes after power loss.
• Use power surge protector to protect your computer against voltage spikes that can harm your system.

• Control access rights. Unauthorized access must be stopped immediately.
• Don’t expose your SSID server password for your wireless network or login password to wired network.
• encrypt your Wi-Fi network.
• Use encryption method i.e. converting data into unreadable format during transmission using an encryption algorithm and encryption key.
• Disconnect your PC from the network when you are not using it.
• enable firewall and the antivirus software on each computer.

• Control direct physical access to network devices and avoid unauthorized access.
• Use strong passwords that must be regularly changed.
• Disconnect your PC from the network when it is not in use.
• Use hardware firewall for access to external network and internet.
• secure loose cables.