Network Security Fundamentals

Definition of Computer Network:

A computer network is a group of two or more computing devices connected together either by
cables or wirelessly.
Network Terminologies:
- IP Address: and internet protocol address is a unique identification address that identifies
a computing device on the internet or a local network.
- Port: the port is a logical construct used to uniquely identify a transaction over a network
and the type of network service.
- Internet: a globally connected network of computing devices available to everyone for
communication and sharing information.
- Intranet: the intranet is limited and private to some specific computing devices in the
same location. For instance, the organizations use the intranet to store and share
information.
- Network Traffic: network traffic is the amount of data moving across a computer network
at any given time.
- Packets: packets are smaller units of data sent across a computer network.
Network Security Fundamentals:
- LAN (Local Area Network): a group of computing device that are connected in the same
physical location.
- WAN (Wide Area Network): WANs is a group of computing devices that extends to a
larger geographical area. WANs consist of several LANs.
- OSI (Open System Interconnection Model): a model that provides a standard for different
computing devices to communicate together and also it describes the functions of a
networking system.
o Application: the user interface
o Presentation: presents data and provides decryption and encryption
o Session: maintains distinction between data of separate applications and provides
dialog control between hosts.
o Transport: provides end-to-end connections and provides reliable and unreliable
delivery of flow control.
o Network: provides logical addressing and provides path determination using
logical addressing.
o Data Link: provides media access and physical addressing.
o Physical: converts digital data so that it can be sent over the physical medium and
moves data between hosts.
- Network Protocol: a network protocol is an agreement on how computer networks will
work. Protocol stacks are a set of network protocol layers that work together to
implement communications.
 - Encapsulation: to be able to send any data across a network we need to encapsulate the
data with some frames and headers.

o From transport layer to network layer: add a header that contains the transport
protocol.
o From network layer to data link layer: add the header that contains the IP
addresses of source and destination.
o From link to physical layer: add frame layer which might contain MAC addresses.
- Firewall: a computer firewall monitors and controls incoming and outgoing network
traffic based on some predefined security rules. It blocks malicious software from
infecting your computer.
o A firewall could be a software, hardware, or cloud-based firewall.
o Software firewalls are installed on your computers and they work through port
numbers and applications.
o Hardware firewalls are physical devices that sit between the server and the
external network. Hardware firewalls requires configuration.
o Cloud-based firewalls are hosted by 3rd part service providers in the cloud that
doesn’t require installation or configurations.
- Routers
o Responsible for receiving, analyzing, and forwarding packets across a network.
o Routers are devices that operate in the network layer of the OSI model.
o Routers are used in LANs and WANs.
- Switches
o Network switches connect devices directly through their physical ports.
o They operate at the data link of the OSI model.
o It provides packet switching among connected devices.
o Uses MAC addresses to identify the source and destination of the packets being
transferred.
o It is used to construct VLANs (virtual local area networks).
o Switches that support VLAN capabilities can be configured to define multiple
virtual LANs over a single physical LAN infrastructure.
Common Vulnerabilities in Networks
- Malicious Software: sometimes called malware, malicious software that includes viruses,
worms, ransomware, and trojans.
- Social Engineering Attacks: the art of manipulating people into compromising their
security or giving out sensitive information.
- Outdated or Unpatched Software
- Misconfigured Firewalls/Operating Systems