Data and Network Security

LECTURE 02
SPRING 2023

Syeda Wajiha Zahra

(CISSP, CISM, OCA, ENSA, SRWE)

INSTRUCTOR: SYEDA WAJIHA ZAHRA 1

 Data Security
• Data security means keeping information safe and protected from people who shouldn't have
access to it.
• It's like putting a lock on your diary so that only you can read what's inside, and nobody else
can sneak a peek without your permission.
• In the digital world, it involves using special techniques and tools to make sure that sensitive
information, like personal details or important documents, doesn't fall into the wrong hands.
• Three Types of Data Security
• Hardware Security
• Software security
• Legal security

INSTRUCTOR: SYEDA WAJIHA ZAHRA 2

Network Security
•Network security consists of the policies, processes and practices adopted to prevent, detect
and monitor unauthorized access, misuse or modification of a computer network and network-
accessible resources.
•Network security is like having strong locks and guards for the pathways that data takes when it
travels between computers and devices. Just like you wouldn't want strangers peeking at your
personal information, network security stops unauthorized people from sneaking a look at the
data you send and receive over the internet.
•It uses special tools and tactics to keep your online activities private and protected from hackers
and bad actors.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 3

Why Data and Network Security Important?
Data and network security are essential to protect sensitive information, ensure its accuracy and
availability, comply with regulations, maintain a positive reputation, and prevent financial losses.
In today's interconnected world, breaches can lead to unauthorized access, manipulation, and
disruption, affecting individuals, businesses, and even critical infrastructure. Robust security
measures are crucial to thwart cyber threats, maintain trust, and uphold the integrity of digital
systems.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 4

Security Mechanisms
•Firewalls
•Encryption
•Authentication and Authorization
•Access Control Systems
•Intrusion Detection and Prevention Systems (IDPS)
•Backup and Disaster Recovery Plans
•Antivirus and Antimalware Software

INSTRUCTOR: SYEDA WAJIHA ZAHRA 5

Firewalls
Firewalls act as a barrier between a trusted internal network and external networks, monitoring
and controlling incoming and outgoing traffic based on predefined rules. They prevent
unauthorized access, malicious attacks, and unwanted data transmission. Firewalls can be
hardware or software-based.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 6

Encryption
Encryption transforms data into a secure, unreadable format using cryptographic algorithms.
This ensures that even if intercepted, the data remains confidential and secure unless decrypted
with the appropriate key. Encryption is vital for safeguarding sensitive information during
storage and transmission, reducing the risk of data breaches and unauthorized access.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 7

Authentication and Authorization
Authentication confirms the identity of users, processes, or devices attempting to access
a system. Authorization determines the level of access granted based on user roles and
permissions. Together, they ensure that only authorized individuals can access
resources, enhancing data privacy and security while preventing unauthorized actions.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 8

Access Control Systems
Access control systems manage and restrict user access to specific resources, files, or areas
within a network. By enforcing the principle of least privilege, these systems limit user
permissions to only what is necessary for their tasks. This minimizes the potential impact of
security breaches by reducing the potential attack surface and limiting the damage that
unauthorized users can cause.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 9

Intrusion Detection and Prevention Systems
(IDPS)
IDPS tools continuously monitor network traffic for signs of suspicious activities or potential
breaches. Detection systems identify anomalies and raise alerts, while prevention systems can
take automated actions to block or mitigate threats. IDPS enhances the ability to detect and
respond to attacks, providing real-time protection against various cyber threats.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 10

Backup and Disaster Recovery Plans
Backup and recovery plans involve regular data backups and strategies for restoring data in case
of data loss, breaches, or disasters. This ensures business continuity and minimizes downtime.
By having well-defined plans in place, organizations can recover critical data and systems
effectively, mitigating the impact of security incidents.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 11

Antivirus and Antimalware Software
Antivirus and antimalware tools detect, block, and remove malicious software such as viruses,
worms, and trojans from systems and networks. They provide a defense against a wide range of
malware threats, safeguarding data integrity and system functionality. Regular updates ensure
the software can identify and combat new and evolving threats.

INSTRUCTOR: SYEDA WAJIHA ZAHRA 12