Information security within an organization is the major requirement in today’s competitive world. No network is 100% secure and that given the time and incentive it can be hacked into. Thus security of information is valuable to an organization.
Network security: It refers to protection of data and messages that are communicated through the network. Here information passes through a number of nodes and links between the nodes until it arrives at the destination. An attack can take place at any communication link if attacker has physical control over the link. Attack can be of two types, one is active attack and another one is passive attack.
Active attack: It involves some modification of the data stream or creation of a false stream.
Passive attack: It involves overhear something or eavesdropping on transmissions or monitoring transmission to obtain information.
Security threats are in the form of interruption of services or interruption of information. One of the key areas where security is really a must is protection of computer memory. In Wide Area Network communication, it is impossible because many locations of network are not under physical control of end user. Whereas in Local Area Network communication, it is really possible but there are always the threats of the dissatisfied employees.
Risk Assessment:- It is a process of analyzing all risks with respect to level of security.
Types of attacks:
Denial of service: It prevents the normal use or management of communication facilities, this attack may have a specific target.
Change of DNS (Domain Name Server): Attack changes the name of DNS, which prevents the users to access own information. For e.g www: if confidential information is on the same host as that of server, attacking becomes easier.
Conclusion: Protection of information is the major issue in network society. Auditing and interruption detection will cope up with ever-changing network environment, another one is data storage and lasting for a long period with secure. Thus security is not a destination, it is an ongoing journey.
Network security: It refers to protection of data and messages that are communicated through the network. Here information passes through a number of nodes and links between the nodes until it arrives at the destination. An attack can take place at any communication link if attacker has physical control over the link. Attack can be of two types, one is active attack and another one is passive attack.
Active attack: It involves some modification of the data stream or creation of a false stream.
Passive attack: It involves overhear something or eavesdropping on transmissions or monitoring transmission to obtain information.
Security threats are in the form of interruption of services or interruption of information. One of the key areas where security is really a must is protection of computer memory. In Wide Area Network communication, it is impossible because many locations of network are not under physical control of end user. Whereas in Local Area Network communication, it is really possible but there are always the threats of the dissatisfied employees.
Risk Assessment:- It is a process of analyzing all risks with respect to level of security.
Types of attacks:
Denial of service: It prevents the normal use or management of communication facilities, this attack may have a specific target.
Change of DNS (Domain Name Server): Attack changes the name of DNS, which prevents the users to access own information. For e.g www: if confidential information is on the same host as that of server, attacking becomes easier.
Conclusion: Protection of information is the major issue in network society. Auditing and interruption detection will cope up with ever-changing network environment, another one is data storage and lasting for a long period with secure. Thus security is not a destination, it is an ongoing journey.