1. Briefly describe network Security?

Network security is a computer networking system policy to assure the security to its organization assets,
software and hardware resources. The term network security also emphasis on monitoring and controlling
of unauthorized access, misuse and any unwanted modification in the networking system.

The most common authentication process practiced everywhere is to assign an exclusive user ID and
password to the user for authentication and to access the resources of the network.
The term security is inclusive of both private and public domain networks like RTGS or NEFT through
online banking.

Network Security Types

We can shield our networking system in various ways, based on the type of network attack.

Thus, there are many solutions, and out of which few are discussed below.

#1) Antivirus and Anti-malware Software:

The protection software that is used to shield our system from viruses, Trojan attacks, worms etc is an
antivirus and anti-malware software.

This software scans the system and network for malware and Trojan attack every time when a new file is
introduced in the system. It also detects and fixes the problem, if found with any infected data or with a
virus.

#2) Data Loss Prevention (DLP):

The MNC's or large-scale organizations, maintain the confidentiality of data and resources by making
sure that their internal information will not be leaked out by any of the employees to the outside world.

This is done by deploying DLP technology in which the network administrator restricts the employee's
access to the information to prevent it from sharing to the outside world by blocking ports and sites for
forwarding, uploading or even printing information.

#3) Email Security:

The attackers can induce the virus or malware in the network by sending it through an e-mail in the
system.

Therefore a highly skilled email security application which can scan the incoming messages for viruses
and is capable of filtering suspicious data and controlling the outflow of messages to prevent any kind of
information loss to the system is required.

#4) Firewalls:
These are an integral part of the networking system. It acts as a wall between two networks or between
two devices. It is basically a set of pre-defined rules which are used to prevent the network from any
unauthorized access.

Firewalls are of two kinds, i.e. hardware, and software. The software firewall is installed in the systems to
provision shield from various types of attacks as they filter, block and fix the unwanted creatures in the
network.

The hardware firewall acts as a gateway between two networking systems so that only a particular pre-
defined user or traffic can access the network and its resources.

Intrusion prevention system (IPS):

It is the network security system which contains some set of rules and by following them you can easily
figure out the threats and block them as well.

#5) Mobile Security:

The cyber-criminals can easily hack or attack the mobile handsets with the data facility on the handsets,
and they can enter into the device from any unsecured resource link from the website.

Hence it is necessary to install an antivirus on our device and people should download or upload the data
from reliable resources and that too from secured websites only.

#6) Network Segmentation:

For the security point of view, a software-based organization will segment their crucial data into two-or-
three parts and keep them at various locations and on several resources or devices.

This is done, so that in the worst case, if the data at any location is corrupted or deleted by a virus attack,
then it can be again reconstructed from any backup sources.

#7) Web Security:

Web security refers to provisioning limited access to websites and URLs by blocking the sites which are
more vulnerable to viruses and hackers. Thus it is basically concerned with controlling the web-based
threats.

#8) Endpoint Security:

The networking system in which a user present at the remote end, accessing the crucial database of the
organization from a remote device like mobile phones or laptops, endpoint security is required.

Various software which has inbuilt-advanced endpoint security features and is used for this purpose. This
provides seven layers of security inclusive of file reputation, auto-sandbox, web- filtering, antivirus
software, and a firewall.

#9) Access Control:

The network should be designed in a way in which not everyone can access all the resources.
This is done by deploying a password, unique user ID and authentication process for accessing the
network. This process is known as access control as by implementing it we can control the access to the
network.

#10) Virtual Private Network (VPN):

A system can be made highly secure by using VPN networks in association with using encryption
methods for authentication and floating data traffic over the Internet to a remotely connected device or
network. IP Sec is the most commonly used authentication process.

2. List and Describe Network security mechanism?

 Data integrity
Data integrity can be compromised in several ways. Each time data is replicated or transferred, it
should remain intact and unaltered between updates. Error checking methods and validation
procedures are typically relied on to ensure the integrity of data that is transferred or reproduced
without the intention of alteration.

 Access control
Access control is a way of limiting access to a system or to physical or virtual resources. In
computing, access control is a process by which users are granted access and certain privileges to
systems, resources or information.In access control systems, users must present credentials
before they can be granted access
 Traffic padding

traffic padding may be used to hide the traffic pattern, which means to insert
dummy traffic into the network and present to the intruder a different traffic pattern. The
apparent traffic pattern, which is observed by intruder, is referred to as a cover mode that hides
the real operation mode of the system.

 Routing control

A routing control mechanism is composed of hardware and software, which monitors all the
outgoing traffic through its connection with the Internet service providers (ISPs), and helps in
selecting the best path for efficient delivery of the data.

 Encipherment
In cryptography, a cipher is an algorithm for performing encryption or decryption—a series of
well-defined steps that can be followed as a procedure. An alternative, less common term
is encipherment. To encipher or encode is to convert information from plain text into cipher or
code.
 3.Advantage and dis advantage of computer
security?
Advantages:

1) Protects system against viruses, worms, spyware and other unwanted programs.

2) Protection against data from theft.

3) Protects the computer from being hacked.

4) Minimizes computer freezing and crashes.

5) Gives privacy to users

Disadvantages:

1) Firewalls can be difficult to configure correctly.

2) Incorrectly configured firewalls may block users from performing certain actions on the
Internet, until the firewall configured correctly.

3) Makes the system slower than before.

4) Need to keep updating the new software in order to keep security up to date.

5) Could be costly for average user.

4. How to protect our system from unauthorized person?

5. What is Group policy on network? Briefly describe?