Network security involves preventing and detecting unauthorized access over a network and ensuring that the network is secure. The major elements of Network Security are identification, authentication, access control, confidentiality, integrity, and non-repudiation.
This chapter describes the need for and goals of network security, the functions of Network Security Administrator, and provides a list of Administrative Security Procedural Controls. This chapter explains about the Communication Security (COMSEC), Functions of COMSEC Custodian, Destruction Procedures of COMSEC Material and Functions of Information Security
(INFOSEC) Officer. This chapter also discusses the network security at both public vs. private and Dial-up vs. dedicated levels.
A security policy is an outline that becomes an active part of the organization for the physical, personal, and data security. It has the ability to manage the security of the data network infrastructure and valuable information assets.
This chapter explains what a security policy is, the need for conducting security awareness programs. It defines the goals, designing and classification of the Security Policy. This chapter also describes configuring and implementation of the security policy and explains how to secure assets.
3.Network Security Threats
This chapter explains the various security threats and the types of attacks which include active attacks, passive attacks, internal attacks, and external attacks. It explains the various network attack techniques such as spamming, revealing hidden passwords, war dialing, war chalking and war flying. This chapter also describes the procedures of identifying the network attack detection problems and provides a list network scanning tools.
4.Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs)
An Intrusion Detection System (IDS) monitors all inbound and outbound host activity and identifies the suspicious patterns on network that indicate an attack that could compromise a system. It gathers and analyzes the information regarding the misuse of a particular computer or total network.
This chapter discusses the history of IDS, various intrusion detection concepts, choosing IDS for an organization, the characteristics of IDS, identifying the importance of IDS, Aggregate Analysis with IDS and various types of IDSs and NIDS. This chapter also explains the NIDS Architecture, Traditional Sensor-Based Architecture, NIDS operational concept, Network-Based Detection and lists various network based detection tools.
Troubleshooting is the process of identifying the symptoms of the problem and resolving them. When an error message is displayed in the network, abnormal behavior of the devices and the unexpected results are displayed.
This chapter describes the various trouble shooting strategies and methodologies and lists the trouble shooting network devices such as Windows PC Network Interface Card. This chapter discusses how to troubleshoot IEEE 1394 Bus devices, Universal Serial Bus (USB) devices, Bridges using the Virtualization Engine, diagnosing Repeater, Gateway. This chapter also describes how to troubleshoot network communication, network adapter, and explains how to overcome the connectivity problem.