Managing Network Security

for an Organization

YOUTH INTERNATIONAL UNIVERSITY

COMPUTING: LEVEL 4 (HND)
THU YA MIN ZIN
Content
• Introduction
• What is CIA
• Security Terminology
• Threat update
• Types of Threats
• Physical Threats
• Internal Threats
• External Threats
• Attack mitigation
• Firewall
• Types of Firewall
• Hardware Firewall
• Software Firewall
• Buffer Overflow Attack
• Man-in-the-middle (MITM)
 Introduction
• There are many types of hackers in the world.

• There are more than 166,000 registered ethical hackers worldwide.

• They can attack Organization for various reasons and steal Organization privacy data.

• So prevent their attack and stealing data on the network.

• What is network security and is important?

What is CIA.
•CIA is not context a specific rule of network security .

•This is a guide for design, implement, and assess the security of computer networks and information
systems.
•This mean C is Confidentiality, I is Integrity, and A is Availability.(CIA)
Confidentiality

Integrity

Availability
The meaning of CIA

Privacy entails the use of pins, passwords, and lock patterns.

Confidentiality
INTEGRITY entails consistently assessing security, identifying
Integrity vulnerabilities, resolving issues, and updating them.

The ability to choose the available security protocols to use the

Availability trusted protocols required for security is called availability..
Security Terminology
Threats:
• Threats in the context of cybersecurity are prospective occurrences or incidents that could endanger the IT infrastructure, data, or
systems of an organization.

• These threats can be intentional (e.g., cyber-attacks, hacking attempts, data breaches) or unintentional (e.g., accidental data loss,
hardware failures).

Vulnerabilities

• Vulnerabilities are weak points or gaps in a company's security measures that a threat could take advantage of.

• These could be insufficient access controls, old software, incorrect settings, or unpatched systems.

Risk

• The potential negative effects or outcomes that could result from successful threats exploiting vulnerabilities are known as risks.

• These effects may include monetary loss, harm to one's reputation, data breaches, and failure to comply with regulations.
Threat Update(DDOS OR DOS)
•The meaning of DDOS or DOS is distributed denial of service (DDOS) or denial of service (DOS).

•A request made to a server by one or more attackers is known as a "DDOS attack" or "dos.“

• These requests have increased the server's CPU burden, making it the last server to fall down.

•As a result, some people lose a lot of money and some people are unable to utilize the impacted device
or service owing to the server going down.
Types of Threats
•Physical Threats

•Internal Threats

•External Threats
Physical Threats
•Access by unauthorized parties to physical devices, such as servers, computers, or networking
equipment, resulting in the loss of confidential information or intellectual property.

•Intentional destruction of hardware elements, which may lead to system faults or downtime.

•Unauthorized hardware modification or alterations that could introduce vulnerabilities or jeopardize

system integrity.
Electrical Threats
Unexpected system shutdowns, data loss, and service interruptions can result from a sudden loss of
electrical power.

Voltage spikes can permanently break hardware components if they are subjected to them.

Fires can start because of defective electrical wiring or overloaded circuits, which could cause
equipment damage and data loss.
Maintenance Threats
Human Errors: mistakes made while performing ordinary maintenance, like configuration errors or
unintentional data erasure.

Lack of Expertise: During maintenance processes, errors and possible security holes might emerge
from inadequate training or understanding.

Unplanned Downtime: Unexpected service interruptions may result from improperly scheduled
maintenance efforts.
Internal Threats
Insider Attacks: Malicious behavior by staff members or insiders with the goal of hurting the company,
stealing confidential information, or interfering with business operations.

Human Error: accidental errors made by personnel that can result in security breaches, such as falling
into phishing schemes or configuration errors.

Data Leakage: sensitive information may be accidentally or unintentionally shared with third parties,
jeopardizing data confidentiality.
External Threats
Cyberattacks: attempts made on purpose to breach networks or systems through malware, hacking
methods, or other types of intrusion.

Social engineering and phishing: Techniques that use deception to induce someone to provide login
information or sensitive data.

Ransomware: Ransomware is malicious software that encrypts data and requests payment to decrypt it.
 Attack mitigation
Firewall

• An essential part of a company's network protection is a firewall.

• It works at the network level and monitors incoming and outgoing traffic to enforce security regulations.
Two type of firewall.
Firewalls with packet filtering: Based on the packet's source, destination, and type, they inspect
each individual data packet and compare it to predetermined rules to decide whether to allow or
block it.

Firewalls with stateful inspection: These function at the application layer and keep track of
connections by maintaining a state table. Since they can comprehend the context of a session,
they are more secure than firewalls using packet filtering.
Physical firewall
A hardware firewall is a tangible object that functions on the network. It is frequently positioned
halfway between a company's internal network (LAN) (local area network) and its external network, or
the Internet. Based on established rules and policies, this firewall analyses both incoming and outgoing
network data.
Physical firewall Feature
Network-level security : It can safeguard all devices on the internal network because it filters traffic at
the router or gateway level.

Dedicated equipment : With hardware created expressly for processing network packets, it performs
and operates more effectively.

Independent device: It functions independently of the various network-connected devices, making it

less susceptible to assaults that target certain devices.

less demanding on resources: The workload of the firewall is distributed among dedicated hardware,
which relieves some of the stress on network devices.
Software firewall
A software firewall is a program or application that operates on unique devices, like desktop or laptop
computers or mobile phones. It works at the kernel or operating system level, regulating incoming and
outgoing traffic in accordance with predetermined regulations.
Software firewall feature
•Device-level security :It defends the particular device on which it is installed and set up.

•Utilizes the resources of the host: Because it uses the operating system of the device, it uses some of
the memory and processing power of the device.

•More adaptable: Software firewalls frequently offer a greater variety of setup choices, enabling users
to create customized rules.

•Can be more economical: Software firewalls are frequently bundled with operating systems or are
freely or open-source accessible.
 Buffer Overflow Attack (SMB)
•A cyberattack known as a buffer overflow occurs when an attacker
delivers more data than a buffer can hold, forcing the extra data to
spill over into nearby memory space.
• An attacker can use this vulnerability in the Server Message Block
(SMB) protocol to execute malicious code or gain unauthorized
access to a machine.
•They can gain control of the targeted system by designing a payload
that exceeds the buffer's capacity and overwrites memory addresses.
•To lessen such attacks, regular updates, adequate input validation,
and intrusion protection systems are crucial.
Man-in-the-middle (MITM)
•A cyberattack known as a "man-in-the-middle" (MITM) attack occurs when an attacker secretly intercepts
and modifies communication between a client and a server.

•An attacker can put themself between the client and the FTP server when using the FTP (File Transfer
Protocol) to covertly transmit data between them.

•The attacker can then alter data, steal files sent during the FTP session, and seize important information.

• MITM attacks can be defended against by implementing secure FTP protocols, utilizing encryption, and
increasing user knowledge.
Conclusion
•Set passwords for the entire server

•Use firewalls

•Up to date systems will be used

•Will always do maintenance

•Will use hardware devices that improve the server system

THANK YOU
Your best quote that reflects your
approach… “It’s one small step for
man, one giant leap for mankind.”

- NEIL ARMSTRONG