0
Computer Network Security
Network security is any form of computer security dealing with multiple computers linked through a network. Questions about everything from firewalls to viruses to denial-of-service attacks belong here.
1,030 Questions
How do you protect your files from unauthorised access or modification?
It would be useful to use a password so people can't freely get into your documents, and don't read any spam emails because that can cause intrusion of hackers.You could put a firewall on the computer system. If hackers get in they could put viruses on your files, copy them or steal your identity/bank accounts/ideas
Everybody knows this. What about a programme to password protect files?
What are the advantages and disadvantages of layered architecture in a network?
The following are the advantages of a layered architecture:
Layered architecture increases flexibility, maintainability, and scalability. In a Layered architecture we separate the user interface from the business logic, and the business logic from the data access logic. Separation of concerns among these logical layers and components is easily achieved with the help of layered architecture.
Multiple applications can reuse the components. For example if we want a windows user interface rather than a web browser interface, this can be done in an easy and fast way by just replacing the UI component. All the other components like business logic, data access and the database remains the same. Layered architecture allows to swap and reuse components at will.
Layered architecture enables teams to work on different parts of the application parallely with minimal dependencies on other teams.
Layered architecture enables develop loosely coupled systems.
Different components of the application can be independently deployed, maintained, and updated, on different time schedules.
Layered architecture also makes it possible to configure different levels of security to different components deployed on different boxes. sO Layered architecture, enables you to secure portions of the application behind the firewall and make other components accessible from the Internet.
Layered architecture also helps you to test the components independently of each other.
The following are the disadvantages of a layered architecture:
There might be a negative impact on the performance as we have the extra overhead of passing through layers instead of calling a component directly.
Development of user-intensive applications can sometime take longer if the layering prevents the use of user interface components that directly interact with the database.
The use of layers helps to control and encapsulate the complexity of large applications, but adds complexity to simple applications.
Changes to lower level interfaces tend to percolate to higher levels, especially if the relaxed layered approach is used.
What is logical communication?
By "logical" communication, we mean that although the communicating application processes are notphysicallyconnected to each other (indeed, they may be on different sides of the planet, connected via numerous routers and a wide range of link types), from the applications' viewpoint, it is as if they were physically connected.ahk
What are three types of wired home networks?
straight through and crossover. of those there is class A and class B.
------
That's not exactly accurate. There are a SIGNIFICANT number of difference in types of ethernet cable, especially when you buy it non-terminated! First off, there is a huge difference between having a solid core and stranded copper core inside the individual eight wires. Solid core wire exhibits less signal loss through attenuation for long, static runs (295' typ.) from port to port. Stranded wire is flexible for use in short (16' typ.) patch cords for connecting equipment to a data port. Using flex wire for long runs can cause signal loss. Using solid, non-flexible wire for connecting equipment to data ports can cause wires to break.
After that, the assembly of the wires and sheathing can be vastly different. Some are simple twisted pairs of the eight wires in a plastic sheath. Some cables are shielded to eliminate interference from adjacent electro-magnetic sources. Some cable assemblies are rated as waterproof, or for direct burial, or for exposure to UV light, such as sunlight. Some have a strong fiber thread running inside so they don't stretch and break the small wires when being pulled through conduit.
BTW, class A and B wiring standards for straight through cables represent a different order of arranging the 8 colored wires. As long as both ends of the cable use the same arrangement, there is no difference to the end user between an A wired cable or B wired cable.
Straight through cables have the same wire arrangement (either A or B) on each end. They are the "standard" or "default" patch cables used for every day hookups. If not specified, you would use a straight through cable. Crossover cables are wired differently on both ends and are specialty cables. If you don't know what they are, you don't need one unless you are specifically instructed to use one.
Chaz
-----------
What are the components of information security?
Availability, Confidentiality, Authentication and Integrity
In multi-hop wireless networks, communication between two end nodes is carried out through a number of intermediate nodes whose function is to relay information from one point to another.
What is piggybacking in computer security?
ACK for the last received packet need not be sent as a new packet, but gets a free ride on the next outgoing data frame(using ACK field in the frame header). The technique is temporarily delaying outgoing ACKs, so that they can be hooked on the next outgoing data frame is called piggybacking. Piggybacking is one of the feature of TCP
How data is transferred between two computers on a network?
The simple answer is that information moves between computers as a data stream. The catch is that there are protocolsthat the computers use to talk to each other, and the ins and outs depend on the network through which they are communicating. To cite just a single example, if a PC or laptop is connected to the Internet, some kind of Internet protocol will be used by the server and that computer so that they can communicate. Certainly there is a lot more to this, and it will, as stated, depend on what network is being used to connect the computers in question.
Firewall is a piece of software that creates a barrier between Internet and your PC.
In short, Firewall analyzes the traffic that goes from and to your computer and blocks such packets (traffic) that could hurt your computer.
Any bidirectional communication channel or link between two or more computers fits into this category. This can be Ethernet port (wired or wireless) directly connected between two machines or associated switch or router which allows more connections to same network. Similarly other wired or wireless serial connections (like serial ports, USB, Bluetooth, Infrared) between computers can also send and receive data instructions and information between computers.
Actually the answer to this question is communication device, stated in the book: Microsoft Office 2007 Introductory Concepts and Techniques
What is the highest transmission speed attainable using the best twisted-pair cable?
The maximum is 1 Gbps (CAT-5e, CAT-6), the maximum distance without attenuation is 100 m.
Without network security, anybody could just hack into the network, make adjustments to files, database's etc... Just think about your bank for example. Without network security anybody could just log in and look at your details, transfer money in or out of your account etc...
How are subnets used to improve network security?
Yes, if you separate the network into different sub-networks, you can then set up rules (for example, through ACLs) that allow certain traffic between subnets, and block other types of traffic.
What constitutes computer risks?
There are a number of risks related to using computers.
1. Sometimes you might not be paying attention. You might wreck if you try to use a computer while driving.
2. Sometimes computers can make people lazy. They might put too much trust in a GPS system, for instance. So people drive off of cliffs, drive into lakes, drive through active construction zones, etc.
3. There may be health risks. Staring too long at a computer can cause eyestrain. If you don't offer proper wrist and back support, you might injure those parts of the body.
4. An irate person may harm themselves or another with a computer. A jealous boyfriend through a girlfriend's computer out the window and maimed a child playing below.
What model is used to provide a common way to describe network protocol?
Typically the OSI model is used, but the older TCP/IP model is also popular.
Is it true that non-repudiation ensures users cannot deny sending and or receiving data?
Non-repudiation only refers to the fact that a sender of a message cannot deny they sent it; since the relationship of the public/private key pairs makes it impossible to deny if they sent a message.
Non-repudiation cannot be used by either a sender or a receiver of a message to deny they ever received it; it only can be used if a message was received.
Why might you need to grant a firewall exception for file and print sharin on a public network?
Its possible that you could have to share an encrypted file
What is the use of having physical security system?
Because an advanced firewall and world class virus checking software doesn't help if someone can just walk into the office, sit down by a computer and do all the stuff the remote attacks or viruses tried and failed to.
Or in a context where a company is concerned about secret data: Stealing a laptop from an employee might work just as well as breaking in over the network. Plus if the employee has a VPN connection and has the password stored in the laptop, cracking the laptop would give you the network for free.
How does network help businesses save money?
Simple: increased user productivity. Instead of every employee having to walk to the person in charge of certain data, get the files from them on removable media, and then walk back to his own desk, the network allows files to be shared without any real effort. Changes to a file are also automatically available to everyone on the network, reducing the chance of different people having different versions of the information in question. Plus, a network allows the IT staff and management to more easily monitor what the users are doing on their computers, reducing wasted time (spent playing games, browsing the internet, etc.).
What are the three types of network security?
There are about 30 types of network security, described at the related link.
These including using firewalls, anti-virus software, encryption, using static IP addresses, using Virtual Private Network, etc.
8510.01M was signed in 2000 was written to go with DITSCAP (DoDI 5200.40 - signed in 1997), which has since been superseded by DIACAP (DODI 8510.01 - signed in 2007)
Ultimately, responsibility for ensuring the training rests with the IAM, but the IAM can, and often does, delegate the responsibility to the IAO.
C3.4.4 requires preparation of the Environment and Threat Description, which, in turn requires:
C3.4.4.2.1.8. Training. Identify the training for individuals associated with the system's operation and determine if the training is appropriate to their level and area of responsibility. This training should provide information about the security policy governing the information being processed as well as potential threats and the nature of the appropriate countermeasures.
C3.4.7 requires identifying C&A Organizations and the Resources Required, which includes:
C3.4.7.2.3. Resources and Training Requirements. Describe the training requirements, types of training, who is responsible for preparing and conducting the training, what equipment is required, and what training devices must be developed to conduct the training, if training is required. Funding for the training must be identified.
C5.1.2 discusses certifying, among other things, "security education, training, and awareness requirements".
C5.2.4.3 requires: The program manager, user representative, and ISSO should ensure that the proper security operating procedures, configuration guidance, and training is delivered with the system. Note that the term ISSO has since been replaced by IASO in current IA terminology.
C5.3.9.2 requires: "that security Rules of Behavior, a Security Awareness and Training Program, and an Incident Response Program are in place and are current."
Appendix 2, the "MINIMAL SECURITY ACTIVITY CHECKLIST" includes the questions:
Table AP2.T11.
10.(h) Do the ISSO duties include the following:
Implementing or overseeing the implementation of the Security and Training
and Awareness Program?
Table AP2.T12.
3.(o) Do employees receive periodic training in the following areas:
(1) Power shut down and start up procedures?
(2) Operation of emergency power?
(3) Operation of fire detection and alarm systems?
(4) Operation of fire suppression equipment?
(5) Building evacuation procedures?
If you examine DoDI 8500.2, you will find requirements dealing with training including:
5.9 Each IA Manager, in addition to satisfying all responsibilities of an Authorized User, shall: (5.9.2) Ensure that all IAOs and privileged users receive the necessary technical and IA training, education, and certification to carry out their IA duties.
E3.3.7. Requires that:
All DoD employees and IT users shall maintain a degree of understanding
of IA policies and doctrine commensurate with their responsibilities. They shall be capable of appropriately responding to and reporting suspicious activities and conditions, and they shall know how to protect the information and IT they access. To achieve this understanding, all DoD employees and IT users shall receive both initial and periodic refresher IA training. Required versus actual IA awareness training shall be a management review item.
E3.4.6. Information Assurance Managers (IAMs) are responsible for establishing,
implementing and maintaining the DoD information system IA program, and for
documenting the IA program through the DoD IA C&A process. The program shall include procedures for:
E3.4.6.6. Tracking compliance with the IA Controls applicable to the DoD information system and reporting IA management review items, such as C&A status, compliance with personnel security requirements, compliance with training and education requirements, and compliance with CTOs, IAVAs, and other directed solutions.
Within the controls of 8500.2, you will find the following controls:
VIIR-1 Incident Response Planning
An incident response plan exists that identifies the responsible CND Service Provider in accordance with DoD Instruction O-8530.2, defines reportable incidents, outlines a standard operating procedure for incident response to include INFOCON, provides for user training, and establishes an incident response team. The plan is exercised at least annually.
VIIR-2 Incident Response Planning
An incident response plan exists that identifies the responsible CND Service Provider in accordance with DoD Instruction O-8530.2, defines reportable incidents, outlines a standard operating procedure for incident response to include INFOCON, provides for user training, and establishes an incident response team. The plan is exercised at least every 6 months.
PETN-1 Environmental Control Training
Employees receive initial and periodic training in the operation of environmental controls.
PRTN-1 Information Assurance Training
A program is implemented to ensure that upon arrival and periodically thereafter, all personnel receive training and familiarization to perform their assigned IA responsibilities, to include familiarization with their prescribed roles in all IA- related plans such as incident response, configuration management and COOP or disaster recovery.
Templates for validation of the controls by system validators include the following instructions:
For PRRB-1:
1. A set of rules that describe the IA operations of the DoD information system and clearly delineate IA responsibilities and expected behavior of all personnel shall be in place.
2. The rules shall include the consequences of inconsistent behavior or non-compliance.
3. Signed acknowledgement of the rules shall be a condition of access.
4. Training or reminder of the IA operations rules and code of conduct shall be performed on an annual basis, or as frequently as in accordance with DoD policy.
For PRTN-1
1. A set of rules that describe the IA operations of the DoD information system and clearly delineate IA responsibilities and expected behavior of all personnel shall be in place.
2. The rules shall include the consequences of inconsistent behavior or non-compliance.
3. Signed acknowledgment of the rules shall be a condition of access.
4. Training or reminder of the IA operations rules and code of conduct shall be performed on an annual basis, or as frequently as in accordance with DoD policy.
Where can a company go to learn more about network security products?
There are a number of options for one to find information about network vulnerability. The site Network World has some valuable information as does the Javvin website.
What does a workgroup switch of a network do?
The Switch by paying attention to the traffic that comes across it, it can "learn" where particular addresses are. For example, if it sees traffic from machine A coming in on port 2, it now knows that machine A is connected to that port and that traffic tomachine A needs to only be sent to that port and not any of the others. The net result of using a switch over a hub is that most of the network traffic only goes where it needs to rather than to every port. On busy networks this can make the network significantly faster.
Where do you find sound drivers for Toshiba Satellite L310 notebook?
You can find them on Toshiba's support site. The L310 is sold primarily in Asian markets, so you have to use the Asian site, not the usual American one. You can find a link to the drivers for the sound card below.
What transmission speed does 100-Mbps or Fast Ethernet support?
Ethernet supports speeds as low as 10 Mbps and as high as 1 Gbps. There are new initiatives to support 10 Gbps in the near future.
