Each must be at least 150 Words
1) Module 3 Network Security Access Control
Restricted Access to the network devices is achieved through user authentication and authorization control which is responsible for identifying and authenticating different users to the network system. Authorization is the process of granting or denying specific access permissions to a protected resource. Restricting access to the devices on network is a very essential step for securing a network. Since network devices comprise of communication as well as computing equipment, compromising these can potentially bring down an entire network and its resources. An important aspect of network device security is access control and authorization. Many protocols have been developed to address these two requirements and enhance network security to higher levels.
2) Module 3 Network Security Protocols
Network security protocols are primarily designed to prevent any unauthorized user, application, service or device from accessing network data. This applies to virtually all data types regardless of the network medium used. Network security protocols generally implement cryptography and encryption techniques to secure the data so that it can only be decrypted with a special algorithm, logical key, mathematical formula and/or a combination of all of them. The most common method of transferring files is using File Transfer Protocol (FTP). A problem with FTP is that the files are sent in cleartext, meaning that they are sent unencrypted and therefore able to be compromised. Because of the FTP shortcoming, Secure File Transfer Protocol (SFTP), Secure Hypertext Transfer Protocol (HTTPS) and Secure Socket Layer (SSL) have become more popular security protocols.
3) Module 3 Authentication vs Authorization
In previous courses i covered this topic before reinforce of these is essential to have a better understanding of security. The role authentication is when a system attempts to verify the credentials given basicly its user name and password but the process goes into the system to match the information to allow access. The role of authorization however is much different since it is the process of seeing if that person is authorized to view that information a example is Customer service bring up and trying to access accounting system which they would not be allowed and therefore denied access.
4) Module 3 Physical and Technical Access control
Computer security is often divided into three distinct master categories, commonly referred to as controls: Physical, Technical and Administrative.
These three broad categories define the main objectives of proper security implementation. Within these controls are sub-categories that further detail the controls and how to implement them.
The Physical control is the implementation of security measures in a defined structure used to deter or prevent unauthorized access to sensitive material. Examples of physical controls are:
- Closed-circuit surveillance cameras
- Motion or thermal alarm systems
- Security guards
- Picture IDs
- Locked and dead-bolted steel doors
The Technical control uses technology as a basis for controlling the access and usage of sensitive data throughout a physical structure and over a network. Technical controls are far-reaching in scope and encompass such technologies as:
- Smart cards
- Network authentication
- Access control lists (ACLs)
- File integrity auditing software
Administrative controls define the human factors of security. It involves all levels of personnel within an organization and determines which users have access to what resources and information by such means as:
* Training and awareness
- Disaster preparedness and recovery plans
- Personnel recruitment and separation strategies
- Personnel registration and accounting
5) Lynda Common Ports Common Ports and Protocols ED
Video defines protocol as set of rules and procedures to communication.
Liberman speaks of two main transport layer protocols that all our networking protocols operates within. Such as TCP Transmission Control Protocol a connection oriented protocol that establishes connection between systems before communication thorough the use of a three way hand shake and results in reliable delivery.
UDP Transport Layer Protocol which stands for User Datagram Protocol no handshake in this connection it sends a short message that is considered unreliable connectionless.
Web Base protocols such as HTTPS, HTTP is for web content. HTTPS is the secure version of the web content or SSL . Operates on port 443.
HTTP operates on port 80
POP3 and IMAP both are use for receiving email form email server Difference POP3 allows for email to truly be retrieved and stored out on the client. Uses port 110
IMAP leaves the email out on the server. IMAP uses port 143
SMTP used for sending the email between email servers and uses port 25
FTP File Transfer Protocol operates on ports 20 and 21
FTPS is more secure uses port 989 and 990
RDP Remote Desktop Protocol uses port 3389
Telnet uses port 23
6) Discussion Question Protocols
Discuss the relationship between protocols and port numbers. Why is it important? Does a protocol have to use its well-known port
7) DQ Protocols and Port Numbers
A protocol number are used to configure firewalls, routers, and proxies. In an IP headers, the Protocol field identifies the service in the next higher level in the protocol stack to which data is passed. Protocol number is the value contained in the “protocol” field of an IPv4 header. It is used to identify the protocol. This is an 8 bit filed. In IPv6 this field is called “Next header” field. Each protocol service has a number. The following services have the following protocol number:
Internet Control Message Protocol (ICMP) – 1
Transmission Control Protocol (TCP) – 6
User Datagram Protocol (UDP) – 17
General Routing Encapsulation (PPTP data over GRE) – 47
Authentication Header (AH) IPSec – 51
Encapsulation Security Payload (ESP) IPSec – 50
Exterior Gateway Protocol (EGP) – 8
Gateway-Gateway Protocol (GGP) – 3
Host Monitoring Protocol (HMP) – 20
Internet Group Management Protocol (IGMP) – 88
MIT Remote Virtual Disk (RVD) – 66
OSPF Open Shortest Path First – 89
PARC Universal Packet Protocol (PUP) – 12
Reliable Datagram Protocol (RDP) – 27
Reservation Protocol (RSVP) QoS – 46
In TCP/IP, a port is software based end point in an Operating system. Each port is assigned a number. It is called port number. A port number can be 0 to 65535. There are UDP and TCP port numbers in the same range.
A port number is a way to identify a specific process to which an Internet or other network message is to be forwarded when it arrives at a server. For the Transmission Control Protocol and the User Datagram Protocol, a port number is a 16-bit integer that is put in the header appended to a message unit. The port number is passed between client and server transport layers and physically between the transport layer and the Internet Protocol layer and forwarded on. Some services or processes have assigned permanent port numbers. These are known as well-known port numbers. Sometimes a port number is assigned temporarily from a range of assigned port numbers.
8) Learning Team Real World Threat
Hello Professor and Class,
My apologies if this is not the correct section to share this, but since this topic is titled “Real World Threat,” I thought it would be fitting. I follow a few journalism sites and just received a notification for an incident in which Equifax admitted that they were hit with a cyber attack in which information for 143 million customers was exposed. This is something that I find to be extremely alarming, possibly more so than other cyber attacks that I have read about. Equifax, Transunion, and Experian are organizations that have essentially some of the most intimate details about us, and are supposed to help with monitoring fraud for people. The fact that they have been breached in a sense kind of leaves me speechless. I am definitely going to be keeping an eye on this incident, as I would like to know if my information was part of the 143 million that was accessed, and what they plan on doing to try and prevent this from happening again.