CIA Triad in Network Security

The CIA Triad is a fundamental security model used to guide policies and practices in
network security and cybersecurity. It consists of three core principles:

1. Confidentiality

o Ensures that sensitive information is only accessible to authorized

individuals.

o Protects against unauthorized access, data leaks, and spying.

o Examples:

▪ Encryption (e.g., HTTPS, VPNs)

▪ Access control (e.g., passwords, biometrics)

▪ Data masking (hiding sensitive data)

2. Integrity

o Ensures that data is accurate, reliable, and not altered by unauthorized

parties.

o Protects against data corruption, tampering, and malicious

modifications.

o Examples:

▪ Hashing (e.g., SHA-256, MD5)

▪ Digital signatures

▪ File integrity monitoring

3. Availability

o Ensures that network resources and services are accessible when needed.

o Protects against system failures, DDoS attacks, and network outages.

o Examples:

▪ Redundant systems (backup servers, cloud storage)

▪ DDoS protection mechanisms

▪ Regular system maintenance

Why is the CIA Triad Important?

• It helps organizations build secure networks and protect critical data.

• It ensures business continuity and prevents cyber threats.

• It is a foundation for security policies, compliance, and risk management.

Would you like real-world examples of attacks that violate each part of the CIA triad?

Types of Network Security Measures (Explained with Examples)

1⃣ Firewall

• Controls incoming and outgoing network traffic based on security rules.

• Example: A company’s firewall blocks unauthorized access from external hackers

trying to enter the internal network.

2⃣ Intrusion Detection & Prevention Systems (IDS/IPS)

• IDS (Intrusion Detection System): Monitors network traffic and alerts

administrators of suspicious activities.

• IPS (Intrusion Prevention System): Actively blocks detected threats.

• Example: An IDS detects an attacker scanning the network for vulnerabilities, and
an IPS blocks their IP address.

3⃣ Antivirus & Anti-malware

• Protects against viruses, worms, ransomware, and spyware.

• Example: A user's laptop is protected when antivirus software detects and removes
a Trojan from an email attachment.

4️⃣ Encryption

• Converts sensitive data into an unreadable format to prevent unauthorized access.

• Example: When using HTTPS, credit card details entered on an e-commerce

website are encrypted before transmission.

5⃣ Access Control

• Limits access to authorized users based on authentication and permissions.

 • Example: Employees can access internal systems only after logging in with multi-
factor authentication (MFA).

6⃣ Virtual Private Network (VPN)

• Encrypts internet connections to secure remote access and hide user activities.

• Example: A remote worker securely connects to their company's internal network

using a VPN while working from home.

7️⃣ Security Patches & Updates

• Fixes software and hardware vulnerabilities that hackers could exploit.

• Example: A company updates its operating systems and applications to patch a

newly discovered security flaw.

Common Types of Network Attacks

1. Malware Attack

o Description: Malicious software like viruses, worms, ransomware, or

spyware infects a system.

o Example: A user downloads a file from an email attachment, and it encrypts

all files demanding a ransom (ransomware attack).

2. Phishing Attack

o Description: Attackers trick users into providing sensitive information

through fake emails or websites.

o Example: A user receives an email pretending to be from a bank, asking

them to enter their login credentials.

3. Denial of Service (DoS) & Distributed Denial of Service (DDoS) Attack

o Description: Attackers overload a network or server, making it unavailable.

o Example: A website goes down because of excessive traffic from multiple

sources (botnet attack).

4️. Man-in-the-Middle (MitM) Attack

o Description: A hacker intercepts communication between two parties to

steal data.
 o Example: A hacker creates a fake Wi-Fi hotspot in a coffee shop, capturing
login details from users.

5. SQL Injection Attack

o Description: Attackers insert malicious SQL queries into a website’s input

fields to manipulate the database.

o Example: A hacker enters ' OR '1'='1 in a login field, bypassing

authentication.

6. Brute Force Attack

o Description: Attackers repeatedly try different passwords to gain access.

o Example: An attacker uses an automated tool to guess a user’s weak

password until it succeeds.

7️. Zero-Day Exploit

o Description: Attackers exploit a software vulnerability before a fix is

available.

o Example: A hacker finds a flaw in an app and exploits it before developers

release a security patch.

The Differences Between Viruses, Worms, Trojans, Spyware and Malware

Malware is short for malicious software. That means, any type of software that can harm
your computer, including those we discuss below, is considered a malware.

Virus

Virus is a software program which replicates itself and infects all the computers it
connects to. Viruses usually need to be executed through Autorun, system startup or
manually by the user. The most common sources of virus infections are USB drives, the
Internet and attachments in your emails.

Spyware

As the name implies, spyware steals your information from the computer and sends it
back to its creator. Some of the information captured by spyware includes credit cards
detail, visited websites and their login credentials, email accounts etc.
Spyware will not harm your system. Most of the times, you won’t even notice its
existence.

Trojans/Backdoors

Trojans are one of the most damaging threats to a computer. Trojan is a malicious code
hidden inside another seemingly useful software but will secretly connect to the
malicious server in the background without your knowledge. Trojans are usually used
to take complete control of the computer.

Adware

Adware will serve advertisements on the computer which may or may not be
closed/disabled by the user. Adware are not harmful, but they will keep showing
advertisements on the computer, which can be rather annoying.

Worms

Worms are the most damaging types of computer threat especially for computers
connected in a network. They usually make use of security loopholes in a network to
sneak inside every computer in the network without user intervention. They can
(potentially) destroy all the computers in the network within a few minutes.

Ransomware is a type of malware that encrypts a victim's data, rendering it

inaccessible until a ransom is paid, often in cryptocurrency. It is one of the most
common forms of cyberattacks, with 20% of all cyberattacks recorded involving
ransomware in 2023.
Comparison of Different Network Topologies

Topology Description Pros Cons Real-Life Example

- Data collisions
- Easy to install
All devices share a can occur.
& cost- Early LAN networks,
Bus single backbone - Failure in the
effective. office networks with
Topology cable for main cable
- Requires less a coaxial backbone.
communication. disrupts the
cable.
network.

- If the central
- Easy to set up
hub fails, the
All devices connect to and expand. Home networks,
Star entire network
a central hub or - Failure of one corporate offices,
Topology goes down.
switch. device doesn't schools.
- More cabling is
affect others.
required.

Devices are - Failure of a

connected in a - No data single node can Token Ring
Ring circular structure collisions. break the network networks, SONET
Topology where data travels in - Predictable (unless dual-ring). fiber-optic
one or both performance. - Difficult to networks.
directions. troubleshoot.

- Expensive due
- Highly reliable, to the large
Military
Every device connects as multiple number of
Mesh communication,
to every other device paths exist. connections.
Topology high-reliability IoT
for redundancy. - No single point - Complex to
networks.
of failure. install and
maintain.

- If the backbone
- Scalable and
A hierarchical cable fails, the
flexible. Large enterprise
Tree structure combining entire network is
- Easier networks, university
Topology bus and star affected.
management of campus networks.
topologies. - Expensive due
large networks.
to cabling.
Topology Description Pros Cons Real-Life Example

- Flexible and
Combination of two or - Can be complex
scalable. Large business
Hybrid more topologies for and expensive.
- Customizable networks, ISP
Topology optimized - Requires skilled
for specific infrastructure.
performance. management.
needs.

- Simple and
Direct fiber-optic
Point-to- fast. - Limited to only
A direct connection connections, dial-
Point - No need for two devices.
between two devices. up modem
Topology network - Not scalable.
connections.
switching.