10

ICT – CSS
Third Quarter – Week 9 - Module 9
NETWORK SECURITY

1
OBJECTIVES:
1. Understand computer and network security.
2. Differentiate computer viruses
Network Security
As a future Computer Technician you need to understand
computer and network security. Failure to implement proper
security procedures can affect users, computers, and the
general public. Private information, company secrets,
financial data, computer equipment, and items about national
security are placed at risk if proper security procedures are not
followed.
The Importance of Security in Computer System and
Networks
Computer and network security help keep data and
equipment safe by giving only the appropriate people access.
Everyone in an organization should give high priority to
security, because everyone can be affected by a lapse in
security.
Theft, loss, network intrusion, and physical damage are
some of the ways a network or computer can be harmed.
Damage or loss of equipment can mean a loss of productivity.
Repairing and replacing equipment can cost the company time
and money. Unauthorized use of a network can expose
confidential information and reduce network resources.
An attack that intentionally degrades the performance of
a computer or network can also harm an organization’s
production. Poorly implemented security measures that allow
unauthorized access to wireless network devices demonstrate
that physical connectivity is not necessary for security
breaches by intruders.
2
 A technician’s primary responsibilities include data and
network security. A customer or an organization may depend
on you to ensure that their data and computer equipment are
secure. You will perform tasks that are more sensitive than
those assigned to the average employee. You may have to
repair, adjust, and install equipment. You need to know how
to configure settings to keep the network secure, but still keep
it available to those who need to access it. You will ensure
that software patches and updates are applied, antivirus
software is installed, and antispyware software is used. You
may also be asked to instruct users on how to maintain good
security practices with computer equipment.

Security Attacks
To successfully protect computers and the network, a
technician must understand both of the following types of
threats to computer security:
 Physical: Events or attacks that steal, damage, or destroy
such equipment as servers, switches, and wiring.
 Data: Events or attacks that remove, corrupt, deny
access to, allow access to, or steal information.
Threats to security can come from inside or outside an
organization, and the level of potential damage can vary
greatly. Potential threats include the following:
 Internal: Employees who have access to data,
equipment, and the network. Internal attacks can be
characterized as follows:
 Malicious threats are when an employee intends to
cause damage.
 Accidental threats are when the user damages data or
equipment unintentionally.

3
  External: Users outside an organization who do not
have authorized access to the network or resources.
External attacks can be characterized as follows:
 Unstructured attacks, which use available resources,
such as passwords or scripts, to gain access to and run
programs designed to vandalize.
 Structured attacks, which use code to access operating
systems and software.
Physical loss or damage to equipment can be expensive,
and data loss can be detrimental to your business and
reputation. Threats against data are constantly changing as
attackers find new ways to gain entry and commit their
crimes.
Viruses, Worms, and Trojan Horses
Computer viruses are created with malicious intent and
sent by attackers. A virus is attached to small pieces of
computer code, software, or document. The virus executes
when the software is run on a computer.
If the virus spreads to other computers, those computers
could continue to spread the virus.
A virus is transferred to another computer through e-
mail, file transfers, and instant
messaging. The virus hides by attaching
itself to a file on the computer. When
the file is accessed, the virus executes
and infects the computer. A virus has
the potential to corrupt or even delete
files on your computer, use your e-mail
to spread itself to other computers, or
even erase your hard drive. Some viruses can be exceptionally
dangerous. The most damaging type of virus is used to record
keystrokes. Attackers can use these viruses to harvest
sensitive information, such as passwords and credit card
numbers. Viruses may even alter or destroy information on a
computer. Stealth viruses can infect a computer and lay
dormant until summoned by the attacker.
4
 A worm is a self-replicating program that is harmful to
networks. A worm uses the network to duplicate its code to
the hosts on a network, often without any user intervention. It
is different from a virus because a worm does not need to
attach to a program to infect a host. Even if the worm does not
damage data or applications on the hosts it infects, it harms
networks because it consumes bandwidth.
A Trojan horse technically is a worm. It does not need
to be attached to other software. Instead, a Trojan threat is
hidden in software that appears to do one thing, and yet
behind the scenes it does another.
Trojans often are disguised as useful software. The
Trojan program can reproduce or replicate like a virus and
spread to other computers. Computer data damage and
production loss could be significant. A technician may be
needed to perform the repairs, and employees may lose or
have to replace data. An infected computer could be sending
critical data to competitors while at the same time infecting
other computers on the network.

Security Procedures
You should use a security plan to determine what will be
done in a critical situation. Security plan policies should be
constantly updated to reflect the latest threats to a network.
A security plan with clear security procedures is the
basis for a technician to follow. Security plans should be
reviewed each year. Part of the process of ensuring security is
conducting tests to determine areas where security is weak.
Testing should be done on a regular basis. New threats are
released daily.
Regular testing provides details of any possible
weaknesses in the current security plan that should be
addressed. A network has multiple layers of security,
including physical, wireless, and data. Each layer is subject to
security attacks. The technician needs to understand how to
implement security procedures to protect equipment and data.
5
 Source: www.computerflu.com
Most Commonly Known Anti Virus Software
Virus protection software, known as antivirus software,
is software designed to detect, disable, and remove viruses,
worms, and Trojans before they infect a computer. Antivirus
software becomes outdated quickly, however. The technician
is responsible for applying the most recent updates, patches,
and virus definitions as part of a regular maintenance
schedule. Many organizations establish a written security
policy stating that employees are not permitted to install any
software that is not provided by the company. Organizations
also make employees aware of the dangers of opening e-mail
attachments that may contain a virus or worm.

Data Encryption
Encrypting data involves using codes and ciphers. Data
encryption can help prevent attackers from monitoring or
recording traffic between resources and computers. It may not
be possible to decipher captured data in time to make any use
of it. A security alert may inform you that you are using an
encrypted connection.
6
 A virtual private network (VPN) is an encryption system
that protects data as though it resides on a private network.
The data actually travels over the Internet or another
unsecured public network.

Port Protection
Every communication using TCP/IP is associated with a
port number. HTTPS, for instance, by default uses port 443. A
firewall is a way of protecting a computer from intrusion
through the ports.
With port protection, the user can control the type of
data sent to a computer by selecting which ports will be open
and which will be secured. Data being transported on a
network is called traffic.

Enabling Windows 7 Firewall

1. Open Windows Firewall by clicking the Start button ,
and then clicking Control Panel. In the search box, type
firewall, and then click Windows Firewall.
2. In the left pane, click Turn Windows Firewall on or
off. If you're prompted for an administrator password or
confirmation, type the password or provide confirmation.
Turn Windows Firewall on or off link in Windows
Firewall.
3. Click Turn on Windows Firewall under each network
location that you want to help protect, and then click OK.
If you want the firewall to prevent all programs from
communicating, including programs that you have previously
allowed to communicate through the firewall, select the Block
all incoming connections, including those in the list of
allowed programs check box.

7
 Wireless Security Techniques
Traffic flows through radio waves in wireless networks,
so it is easy for attackers to monitor and attack data without
having to connect to a network physically. Attackers gain
access to a network by being within range of an unprotected
wireless network. A technician needs to know how to
configure access points and wireless network interface cards
(WNIC) to an appropriate level of security.
When installing wireless services, you should apply the
following wireless security techniques immediately to prevent
unwanted access to the network:
 Wired Equivalent Privacy (WEP) was the first-generation
security standard for wireless network. Attackers quickly
discovered that 64-bit WEP encryption was easy to break.
Monitoring programs could detect the encryption keys used to
encode the messages.
After the keys were obtained, messages could be easily
decoded. In an attempt to overcome this weakness, most users
employ a 128-bit key for WEP.
 Change the default administration password.
 Disable the broadcasting of the Service Set Identifier
(SSID) to hide it from other users.
 Use MAC filtering to protect the network from other
users.
 Change the default values of the SSID by entering the
setup program for the access point and renaming the
SSID.
 Update to the latest available firmware.
 Install or activate a firewall, and adjust the settings to
eliminate all traffic except the desired network settings.
 Update to the latest available firmware.

8
  Install or activate a firewall, and adjust the settings to
eliminate all traffic except the desired network settings.
An attacker can access data as it travels over the radio
signal. However, you can use a wireless encryption system to
encode data and thereby prevent unwanted capture and use of
the data. Both ends of every link must use the same
encryption standard. The following list describes the different
levels of wireless security, from most secure to least secure:
 Lightweight Extensible Authentication Protocol
(LEAP): Also called EAP-Cisco, LEAP is a wireless
security protocol created by Cisco to address the
weaknesses in WEP and WPA.
LEAP is a good choice when using Cisco equipment
in conjunction with operating systems such as
Windows and Linux.
 Wi-Fi Protected Access (WPA): An improved version
of WEP. It was created as a temporary solution until
802.11i (a security layer for wireless systems) was
fully implemented. Now that 802.11i has been ratified,
WPA2 has been released. It covers the entire 802.11i
standard.
 WEP 128: An enhanced encryption protocol
combining a 104-bit key and a 24-bit initialization
vector.
 WEP 64: The first-generation security standard for
wireless network. It could be exploited because of an
encryption key that was vulnerable to decoding.
 No security: Although you can elect to implement no
security whatsoever, you leave your wireless network
completely vulnerable to attack.
In addition, Wireless Transport Layer Security (WTLS)
is a security layer used in mobile devices that employ the
Wireless Applications Protocol (WAP). Mobile devices do
not have a great deal of spare bandwidth to devote to security
protocols. WTLS was designed to provide security for WAP
devices in a bandwidth-efficient manner.
9
 To manually create a network profile using WEP
shared key authentication:
1. Open Network and Sharing Center by clicking
the Start button , and then clicking Control Panel. In
the search box, type network, and then click Network
and Sharing Center.
2. Click Set up a new connection or network.
3. Click Manually connect to a wireless network, and
then click Next.
4. On the Enter information for the wireless network
you want to add page, under Security type, select WEP.
5. Complete the rest of the page, and then click Next.
6. Click Change connection settings.
7. Click the Security tab, and then, under Security type,
click Shared.
8. Click OK, and then click Close.
Short Quiz
Test I. Modified true or false
Directions: Write SECURITY if the underlined word on the
subsequent statement makes it true and VIRUS if it is makes
the statement a false one then write the correct term/word to
correct it. (2 points each). Write your answer in a separate
sheet of paper.
1. Computer and network security help keep data and
equipment safe.
2. A technician’s secondary responsibilities include data and
network security.
3. Threats to security can come from inside and outside the
organization.
4. Computer viruses are created and sent by attackers who
have malicious intent.
5. A virus is transferred to another computer through e-mail,
file transfer and instant messaging.

10
Test II. Matching Type
Directions: Match column A with column B in order to
identify the term / word being described.
A B
1. when an employee intends to cause a. Accidental
damage threats
2. when user damages data or b. Antivirus
equipment unintentionally software
3. attached to small pieces of computer c. Data
code, software and documents encryption
4. a self-replicating program that is d. Firewall
harmful to network e. Malicious
5. it is technically a worm threats
6. software designed to detect, disable f. Traffic
and remove viruses g. Trojan horse
7. it involves using codes and ciphers h. Virus
8. a way of protecting a computer from i. VPN
intrusion through the ports j. WPA
9. an encryption system that protects k. WEP
data l. Worm
10. data being transported on a network
Test IV. Acrostic
Direction: Give the meaning of the acronyms given below:
1. VPN-
____________________________________________
2. SSID-
___________________________________________
3. WEP-
___________________________________________
4. WPA-
___________________________________________
5. WTLS-
__________________________________________

11
Research Firewalls
Directions: In this activity, you will use the Internet,
newspaper, or a local store to gather information about
hardware and software firewalls.
1. Using the Internet, research two different hardware
Subscription
Company/
Website Length Hardware
Hardware Cost
URL (Month/Year/ Features
Name
Lifetime)

2. firewalls. Based on your research, complete the table

below.

3. Which hardware firewall would you purchase? List

reasons for your choice.
4. Using the Internet, research two different software
firewalls. Based on your research, complete the table
below.

Subscription
Company/ Website Length Software
Cost
Software Name URL (Month/Year/ Features
Lifetime)

5. Which software firewall would you purchase? List

reasons for your choice.

12