Q;NO;1

Network security defined

Network security is a broad term that covers a multitude of technologies, devices and
processes. In its simplest term, it is a set of rules and configurations designed to protect
the integrity, confidentiality and accessibility of computer networks and data using both
software and hardware technologies. Every organization, regardless of size, industry or
infrastructure, requires a degree of network security solutions in place to protect it from
the ever-growing landscape of cyber threats in the wild today.

Physical Network Security

Physical security controls are designed to prevent unauthorized personnel from gaining
physical access to network components such as routers, cabling cupboards and so on.
Controlled access, such as locks, biometric authentication and other devices, is
essential in any organization.

Technical Network Security

Technical security controls protect data that is stored on the network or which is in
transit across, into or out of the network. Protection is twofold; it needs to protect data
and systems from unauthorized personnel, and it also needs to protect against
malicious activities from employees.

Administrative Network Security

Administrative security controls consist of security policies and processes that control
user behavior, including how users are authenticated, their level of access and also how
IT staff members implement changes to the infrastructure.

Q;NO;2
Database Security
Database security refers to the range of tools, controls, and measures designed to establish and
preserve database confidentiality, integrity, and availability. Database security must address
and protect the following: The data in the database. The database management system
(DBMS).

Database security controls

Database security encompasses multiple controls, including system hardening, access,
DBMS configuration, and security monitoring. These different security controls help to
manage the circumventing of security protocols.

System hardening and monitoring

The underlying architecture provides additional access to the DBMS. It is vital that all
systems are patched consistently, hardened using known security configuration
standards, and monitored for access, including insider threats.

DBMS configuration
It is critical that the DBMS be properly configured and hardened to take advantage of
security features and limit privileged access that may cause a misconfiguration of
expected security settings. Monitoring the DBMS configuration and ensuring proper
change control processes helps ensure that the configuration stays consistent.

Authentication
Database security measures include authentication, the process of verifying if a user’s
credentials match those stored in your database, and permitting only authenticated
users access to your data, networks, and database platform.

Q;NO;3

Hardware security

Hardware security is vulnerability protection that comes in the form of a physical device rather
than software that is installed on the hardware of a computer system. Hardware security can
pertain to a device used to scan a system or monitor network traffic. Common examples
include hardware firewalls and proxy servers.

Why hardware security important

Hardware security primitives play an important role in ensuring trust, integrity, and authenticity
of integrated circuits (ICs) and electronic systems. ... In this chapter, common hardware
security primitives and designs for countermeasures against various threats, and vulnerabilities
are discussed.
Q;NO;4
Software security
Software security is an idea implemented to protect software against malicious attack and other
hacker risks so that the software continues to function correctly under such potential risks.
Security is necessary to provide integrity, authentication and availability.

Types;
 Advanced malware protection software. ...
 Application security software. ...
 Firewall software. ...
 Endpoint security software. ...
 Web security software. ...
 Network security software.

Why is security a software issue

Malicious intruders, and the malicious code and botnets. they use to obtain unauthorized access
and launch attacks, can compromise systems by exploiting software defects. ... The security of
computer systems and networks has become increasingly limited by the quality and security of
their software.

Q;NO;5
Information security;
Information Security is basically the practice of preventing unauthorized access, use, disclosure,
disruption, modification, inspection, recording or destruction of information. Confidentiality
means information is not disclosed to unauthorized individuals, entities and process.

Principle
The fundamental principles (tenets) of information security are confidentiality, integrity,
and availability. Every element of an information security program (and every
security control put in place by an entity) should be designed to achieve one or more of these
principles.

Types
 Application security. Application security is a broad topic that covers software
vulnerabilities in web and mobile applications and application programming
interfaces (APIs). ...
 Cloud security. ...
 Cryptography. ...
 Infrastructure security. ...
 Incident response. ...
 Vulnerability management