Personal Area Network

A personal area network (PAN) is a computer network organized around an individual person. Personal
area networks typically involve a mobile computer, a cell phone and/or a handheld computing device
such as a PDA. You can use these networks to transfer files including email and calendar appointments,
digital photos and music.

Local Area Network

A Local Area Network (LAN) connects network devices over a relatively short distance. The distance of a
LAN normally spans up to a few kilometers only.

However, most LAN covers a single office building or adjacent buildings. In addition to operating in a
limited space, LANs are also typically owned, controlled, and managed by a single person or
organization.

Metropolitan Area Network

A Metropolitan Area Network (MAN) normally covers a wider area than LAN but less than WAN. It
normally covers an area of up to a city limit.

Wide Area Network

As the term implies, a Wide Area Network (WAN) spans a large physical distance, It can cover the entire
country, or spans across countries. The Internet is the largest WAN, spanning the Earth.

User access with password

Firewalls (can be hardware and software)

User-level security

Share-level security

Data encryption

Anti-virus software

Password

Passwords can be thought as a lock-and-key system. The user account is the lock and the password
associated with that account is the key. If both the lock and the key for the network are obtained, the
user can access to any files or data that the user account has access to.

It is the network administrator job to enforce strong passwords on the network and across the
computing environment. A strong password is a password that is difficult to "crack" or break in to. With
the intelligence, experience, and technology of today's hackers, it's getting easier and easier for them to
gain access to any files.
Firewalls

A firewall is a security system, usually a combination of hardware and software that is intended to
protect an organization's network against external threats coming from another network, including the
Internet.

Firewalls prevent an organization's networked computers from communicating directly with computers
that are external to the network, and vice versa.

Instead, all incoming and outgoing communication is routed through a proxy server outside the
organization's network. Firewalls also audit network activity, recording the volume of traffic and
providing information about unauthorized attempts to gain access.

A proxy server is a firewall component that manages Internet traffic to and from a local area network
(LAN). The proxy server decides whether it is safe to let a particular message or file pass through to the
organization's network. It provides access control to the network, filtering and discarding requests that
the owner does not consider appropriate, including requests for unauthorized access to proprietary
data.

User Level Security

One method of security that is available for use is file and directory level permissions. These permissions
are based upon user or group accounts.

Effectively combining these two types of permissions enables you to delineate what access a particular
user will have when working in Windows NT. You must understand the permissions available and how to
apply them.

File and directory permissions are available on NTFS formatted partitions only. Other file systems
available with Windows NT, such as FAT, do not provide a mechanism to support permissions. In FAT file
systems, only file attributes are available and any user can modify these.

In addition to the predefined permissions, you can custom specify certain access to a file or directory.
Using individual permissions enables you to customize the files and directories to meet your security
requirements.

Predefined permissions use a combination of individual permissions to provide standard templates.

It is important to not become confused between share permissions and share-level security as they are
two totally different items. Share-level security is available on client operating systems such as Windows
95 and Windows 98.

Access to a resource is determined by a password assigned to the resource and is not based on a user
account or group membership. Any user that knows the share password can utilize the resource. Share-
level security is easy to implement and maintain on small peer-to-peer networks, however users must
remember the password for each resource that is shared (unless password caching is in use). Access is
very hard to control since anyone that knows the password can gain access. This is one reason that user-
level access is much more secure than share-level access.

Encryption is the process of encoding so that, without the appropriate unlocking code, the encrypted
data can't be read. Encryption is increasingly being used as a means of protecting data from
unauthorized users. If you have ever used a secure Web site, you have used encryption.

During data transmission, there is plenty of opportunity for someone to take the data from the network
and then read the contents of the packets. This process is often referred to as packet sniffing.

By sniffing packets from the network and reading their contents, unauthorized users can gain access to
private information. But packet sniffing is not possible with encrypted data. Without the necessary code
to decrypt the data, The sniffer is able to see only jumbled code. There is a chance that the sniffer might
be able to work out what the code is, but the stronger the form of encryption used, the harder it is for
the sniffer to work out the code. Therefore, the stronger the encryption method that us used, the better
protected the data is.

Antivirus Software

Computer viruses are becoming an all-too-familiar fact of life. It is not uncommon to see a report on a
local news channel describing the latest virus and warning about its destructive impact. Computer
viruses are bits of computer programming, or code, that hide in computer programs or on the boot
sector of storage devices, such as hard-disk drives and floppy-disk drives. The primary purpose of a virus
is to reproduce itself as often as possible and thereby disrupt the operation of the infected computer or
the program. Once activated, a virus can be a simple annoyance or completely catastrophic in its effect.
Viruses are written by people with intent to do harm.

Viruses are classified into two categories, based on how they propagate themselves. The first type, called
a "boot-sector virus,'" resides in the first sector of a floppy-disk or hard-disk drive. When the computer is
booted, the virus executes. This is a common method of transmitting viruses from one floppy disk to
another. Each time a new disk is inserted and accessed, the virus replicates itself onto the new drive. The
second type of virus is known as a "file infector." Such a virus attaches itself to a file or program and
activates any time the file is used.