KEMBAR78
TBC602 Network Security Notes | PDF | Information Security | Security
Scribd
Upload
25 views5 pages

TBC602 Network Security Notes

fsffs

Uploaded by

adityabartwal0413
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
25 views5 pages

TBC602 Network Security Notes

fsffs

Uploaded by

adityabartwal0413
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

TBC602 Network Security and Cyber

Law - Important Points


Unit 1: Introduction to Network Security

Introduction to Network Security


 - Protects networks from unauthorized access and attacks.
 - Ensures data confidentiality, integrity, and availability.
 - Includes hardware, software, and policy measures.

Goals of Network Security


 - Confidentiality: Ensuring only authorized access to data.
 - Integrity: Preventing unauthorized data modification.
 - Availability: Ensuring systems are accessible when needed.

ISO Security Architecture


 - Defines a standard framework for network security services.
 - Applies to each layer of the OSI model.
 - Helps in implementing consistent security mechanisms.

Attacks & Categories of Attacks


 - Active Attacks: Modify or disrupt data (e.g., DoS).
 - Passive Attacks: Eavesdrop on communications (e.g., sniffing).
 - Classified as internal or external threats.

Network Security Services


 - Authentication: Verifies user identity.
 - Access Control: Restricts access to network resources.
 - Data Confidentiality: Prevents unauthorized disclosure.

Mechanisms
 - Encryption, Digital Signatures, Firewalls.
 - Intrusion detection and prevention systems (IDS/IPS).
 - Security protocols like SSL/TLS.

Authentication Applications (Kerberos)


 - Ticket-based authentication protocol.
 - Uses symmetric key cryptography.
 - Prevents password exposure over network.
X.509 Directory Authentication Service
 - Uses digital certificates for identity verification.
 - Part of the Public Key Infrastructure (PKI).
 - Commonly used in SSL/TLS.

Unit 2: Application Layer & Transport Layer Security

Application Layer Security


 - Protects application-specific data (e.g., emails, web).
 - Applies encryption and digital signatures.
 - Ensures end-to-end secure communication.

Security Threats & Countermeasures


 - Threats include phishing, malware, and spoofing.
 - Countermeasures: antivirus, firewalls, encryption.
 - Security training and awareness are essential.

SET Protocol
 - Secure Electronic Transaction for online payments.
 - Involves cardholder, merchant, and payment gateway.
 - Uses encryption and digital certificates.

Electronic Mail Security


 - Involves PGP and S/MIME technologies.
 - Ensures confidentiality and authenticity of emails.
 - Prevents email tampering and interception.

PGP (Pretty Good Privacy)


 - Encrypts emails using both public and private keys.
 - Supports digital signatures for integrity.
 - Widely used for secure personal communications.

S/MIME
 - Standard for public key encryption of emails.
 - Provides message integrity and authentication.
 - Built into many email applications.

SSL/TLS
 - Secure protocols for web and email communications.
 - Provide encryption and secure data transfer.
 - TLS is the modern replacement for SSL.
Wireless Transport Layer Security
 - TLS adapted for wireless communication.
 - Used in mobile devices and wireless networks.
 - Ensures secure data transmission over air.

Unit 3: IP Security & System Security

IP Security (IPSec)
 - Secures IP packets using encryption and authentication.
 - Used in VPNs for secure remote access.
 - Includes protocols like AH and ESP.

Authentication Header (AH)


 - Provides data integrity and authentication.
 - No encryption, only authenticates the packet.
 - Prevents spoofing attacks.

Encapsulating Security Payload (ESP)


 - Provides both encryption and authentication.
 - Can operate in transport or tunnel mode.
 - Used widely in secure VPNs.

Intruders
 - Unauthorized users trying to access systems.
 - Can be internal or external attackers.
 - Detected using IDS/IPS tools.

Intrusion Detection System (IDS)


 - Monitors network for suspicious activities.
 - Alerts administrators on detecting threats.
 - Types: Host-based and Network-based IDS.

Viruses
 - Malicious code that replicates and spreads.
 - Can damage files, slow systems, or steal data.
 - Requires antivirus tools to detect and remove.

Firewall Design Principles


 - Filters incoming and outgoing traffic.
 - Implements rules to allow or block connections.
 - Acts as the first line of network defense.
Trusted Systems
 - Systems with verified and controlled access.
 - Ensure secure handling of data and operations.
 - Often used in high-security environments.

OS Security
 - Secures operating systems from threats.
 - Includes updates, patches, and access controls.
 - Disables unnecessary services and ports.

Program Security
 - Developing software with security in mind.
 - Avoids buffer overflows and code injection.
 - Follows secure coding practices.

Unit 4: Cyber Law & IT Act

Introduction to Cyber Law


 - Deals with legal issues related to cyberspace.
 - Covers cybercrime, data protection, and privacy.
 - Defines laws for internet-based activities.

Cyber Crime & Cyber Criminals


 - Crimes using computers and networks.
 - Examples: hacking, phishing, cyberstalking.
 - Cyber criminals exploit digital vulnerabilities.

Object and Scope of IT Act


 - Recognizes digital records and signatures legally.
 - Promotes e-governance and secure transactions.
 - Applies to cybercrimes and digital contracts.

Digital Signatures & E-Records


 - Ensure document authenticity and integrity.
 - Legally accepted under the IT Act.
 - Used in emails, contracts, and government services.

E-Governance
 - Use of digital tools for public services.
 - Improves transparency and efficiency.
 - Backed by IT Act provisions.
Unit 5: Advanced Security Concepts

Basics of Network Security


 - IP addresses uniquely identify devices.
 - Port numbers allow app-level communication.
 - Sockets combine IP and port to manage traffic.

IP Hiding & Tracing


 - VPN hides real IP to protect identity.
 - Tools like traceroute trace packet paths.
 - Used in tracking cyber attackers.

Scanning Techniques
 - Ping sweep finds live hosts on network.
 - Port scanning identifies open ports.
 - Used in vulnerability assessment.

Fingerprinting
 - Active: Direct queries to find system info.
 - Passive: Observes traffic to detect systems.
 - Helps in identifying OS and services.

Buffer Overflow Attacks


 - Overflowing memory buffers to inject code.
 - Types: Stack, Heap, String, Integer overflow.
 - Can crash or take control of systems.

Internal Attacks
 - Caused by insiders with access.
 - Examples: Email misuse, mobile data theft.
 - Often harder to detect than external attacks.

Dumpster Diving & Shoulder Surfing


 - Dumpster Diving: Recover data from trash.
 - Shoulder Surfing: Spy on user screen or keyboard.
 - Common low-tech social engineering tactics.

DOS Attacks
 - Denial of Service attacks overload systems.
 - Examples: Ping of Death, Teardrop, SYN Flood.
 - DDoS involves multiple attacking systems.

You might also like