Network Security and Types of Security Threats and Attacks in Information Technology

Verified

Added on  2023/06/15

|8
|2577
|274
AI Summary
This report provides an overview of information security, cryptography, types of security threats and attacks, and network security. It discusses the importance of securing web servers and provides advice on how to protect them from cyberattacks. The report also covers different types of firewalls used for network security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Information Tech

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Contents
INTRODUCTION...........................................................................................................................1
MAIN BODY...................................................................................................................................1
Question 3 Types of security threats and attacks..............................................................1
Question 4 Network security...............................................................................................3
CONCLUSION................................................................................................................................5
References:.......................................................................................................................................6
Document Page
INTRODUCTION
The networking is specific branch of information technology and fastest growing in area
of IT. This includes the procedure of developing, using and maintaining of computer networks
that involves hardware, software and protocols for sharing data from multiple computing
devices. The networking may involve home or business network of computers or wireless
computer networks. Information technology is development, maintenance or use of systems - in
particular computer systems, software and networks- for storing, retrieving and sending
information (Brophy, J.M., 2018). Computer networks are the process of electronically
connecting two or more technology devices to exchange information over data links. The main
goal of the information technology system is to help people carry out the work in a simple and
quick way so that goals can be achieved help staff troubleshoot issues with their mobile devices
and computers, and do the job to ensure the security and efficiency of business information is
maintained. This report covers overview of information security, cryptography, types of security
threats and attacks. Further it discusses about network security.
MAIN BODY
Question 3 Types of security threats and attacks
The cyberattack defines to an attempt to disable computers, steal data, or use a damaged
computer system for launching additional attacks. The Cyber security threat defines to any
malicious attack which seeks to unlawfully accessing data, damage information. Different
methods are used cybercriminals foe launching cyber-attack that involves malware, phishing,
ransomware and other methods. The web server defines to a computer software which accepts
through HTTP. It is a computer which helps in running websites (Christodoulou, D., 2020). To
run the web server a hardware is used which varies according to volume of requests that is
needed to handle. In the organisation the server has an important role as they hold the
confidential data and information of organisation. The insecure server is vulnerable to all kinds
of security threats and cyber-attacks. It has been seen that cyber-attacks hits business and private
systems every day which are increasing day-by-day. The motives of cyber-attacks are many as
one is money. The cyber attackers take offline systems and demand payments for restoring its
functionality. The followings are the cybersecurity threats which is been discussed below-
1
Document Page
Malware- In cyberattack it is of common type which is related to malicious software,
involving spyware, ransomware, viruses and worms that is installed into system when
dangerous email or threat is clicked by user. It blocks access to critical components and
system is damaged along with this confidential information is gathered.
Phishing- In these malicious emails are send which seems to be coming from legitimate
resources. Te user is tricked for clicking the malicious link in email and leads to malware
installation such as details of credit cards & login credentials.
Ransomware- It is a kind of malware attack in which attacker locks or encrypts victim
data and leads to publish or blocks access to data until ransom is paid (Direction, S.,
2019).
SQL Injection- It is a type of cyberattack those results from injecting malicious code
into a server using SQL. In the event of an infection, the server releases information.
Submitting the malicious code can be as simple as typing it into a search box on a
vulnerable website.
It is very important for ensuring that web server is secured properly for minimising the
risk of data losing from hacks and breaches. The secure web server comes in two categories. It is
a server on the public web that upholds security conventions like SSL, implying that delicate
information communicated to and from the server is encoded for the client's insurance. On the
other hand, it can mean a web server utilized exclusively by a group of workers inside a nearby
organization, got against outer danger. It is important for staying up to date with evolving
security landscape for maintaining security of web servers.
Various advice is being provided to protect the web server from cyberattacks which are as
follows-
Constant update of software and operating system- It is essential in server security to
stay up date on all software and operating systems as the server systems and technologies
are so complicated which carries some vulnerabilities that go unnoticed. The hackers try
for developing new and innovative ways for gaining unauthorised entries into system.
The constant working of vendors and cybersecurity ensures to have secure software and
operating systems and needs to install immediately (Gnatenko, V and et.al., 2019).
Configure computers for file backups- It is requited to keep file backup and having
restoration strategy as it is unknown when hacker can succeed in breaching the servers. In
2

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
such situation the backup file can be savoir. The regular backup of data allows in
restoring all information resources which server held before the data breach take place. In
developing an backup plan the following analysis needs to be considered such as cost of
backup plan, efficiency and speed, speed of backup process etc.
Installation of SSL- The secure layer certificates is security protocols which safeguards
communication among two systems through internet. This is an crucial element for server
security which ensures that data transferring is encrypted between server and clients
browsers. It also have effective role in user authentication. SSL certificates encrypt data
in transit so that sensitive and confidential information such as health information, credit
card information, and financial information remains secure. A hacker who succeeds in
accessing the data cannot decipher what it means (Hirota, O., 2020).
Private networking- The private networking is based on internet protocol address space
which is private because no internet protocol packets addressed are transmitted through
public network. This creates connection among different computer devices located in
diverse places. This virtual private network helps in saving web server by installing it.
The reason for providing advices was to secure web server and securing of web
applications so that organisation might not face any hazard of losing information. The use and
installation of such software helps in avoiding data breach from hackers.
Question 4 Network security
The network security is a wide term which covers multitude of technologies,
devices and processes. This is a set of rules and configurations which is designed for
protecting the integrity, confidentiality and accessibility of computer networks by taking
used of software and hardware technologies. This helps in protecting network and data
from breaches, intrusions and other threats. Network security comprises of the
approaches, cycles and practices embraced to forestall, identify and screen unapproved
access, misuse, alteration, or refusal of computer network and organization open
resources. Network security includes the approval of admittance to information in an
organization, which is constrained by the organization manager (Koike, M. and Mizuno,
O., 2018).
The firewall is a tool which helps in preventing unauthorised access and keeps
computers, data safe & secure. A firewall can be characterized as a unique sort of network
3
Document Page
security gadget or a software program that screens and channels approaching and active
organization traffic dependent on a characterized set of safety rules. It goes about as a hindrance
between inside private organizations and outer sources (like the public Internet). The main role
of a firewall is to permit harmless traffic and forbid malicious or undesirable information traffic
for shielding the PC from attacks and viruses. The firewall is cybersecurity tool that channels
network traffic and assists clients with hindering malignant programming from getting to the
Internet in infected PCs. There are various types of firewall filtering mechanisms which are as
follows-
Packet filtering firewall- This work inline at nodes where devices such as routers and
switches do their work. However, these firewalls do not forward packets; Instead, they
compare each packet they receive against a set of set criteria, such as: B. the allowed IP
addresses, the packet type, the port number and other aspects of the packet protocol
headers. Packets marked as disruptive are generally discarded without further ado, ie they
are not forwarded and therefore no longer exist (Mawalim, C.O. and Unoki, M., 2020).
It monitors network traffic by filtering incoming packets based on the information they
contain. As explained above, each data packet consists of a header and the data it
transmits. This type of firewall uses the header information to decide whether access is
allowed or denied to a packet. To do this, it checks the protocol, the source IP address,
the destination IP, the source port and the destination port.
Circuit-level gateway- Circuit-level doors screen TCP handshakes and other
organization convention meeting commencement messages over the organization as they
are set up between the neighbourhood and remote hosts to decide if they started meeting
is genuine - regardless of whether the far off framework can be trusted (Merigó, J.M
et.al., 2018). It gives significant degree of safety. Their primary capacity is to guarantee
that the associations made are secure. By and large, circuit-level firewalls are
incorporated into some kind of programming or a current firewall. Like pocket channel
firewalls, they don't check the real information, yet rather data about the exchange.
What's more, line-level entryways are advantageous, simple to set up, and don't need a
different intermediary server.
Application-level gateway- This kind of gadget in fact an intermediary and at times
called an intermediary firewall - goes about as the main section and leave point on the
4
Document Page
organization. Application-level doors not just channel bundles dependent on the
assistance for which they are expected- as demonstrated by the objective port - yet
additionally dependent on different qualities, like information security. They can
drastically influence network execution and make them hard to make due. It works at the
application level. Different application passages can run on a similar host; however,
every door is a different server with its own cycles (Socci, M et.al., 2021). These
firewalls, otherwise called application intermediaries, give the most solid type of
information association since they can analyse each layer of correspondence, including
application information.
Stateful inspection firewall- State-aware devices not just inspect every parcel, they
additionally monitor whether or not that bundle is important for a set up TCP or other
organization meeting. This gives more security than bundle sifting or line checking alone,
yet negatively affects the organization execution Open Systems Interconnection (OSI)
model. Most associations benefit from utilizing a stateful review firewall. These gadgets
go about as a more intensive door among PCs and different resources inside the firewall
and assets outside the organization. They can likewise be exceptionally powerful in
shielding network gadgets against specific assaults like DoS (Tomohiro, H. furthermore
Hattori, K., 2020). This makes it conceivable to follow the whole association beginning
to end and just permit the normal approaching traffic. This sort of firewall is utilized for
extra security. It implements more checks and is safer contrasted with stateless channels.
Notwithstanding, not at all like stateless/parcel separating, stateful firewalls analyze the
genuine information sent over numerous bundles, rather than simply the headers. Along
these lines, they additionally require more framework assets.
CONCLUSION
From the above examination it has been presumed that network security is a significant
region that is getting expanding consideration as the Internet spreads. The security dangers and
web convention ought to be examined to decide the necessary security innovation. The security
innovation chiefly comprises of programming based and different equipment gadgets. Likewise,
network security comprises of the safeguards that are taken in a hidden PC network framework,
the strategies embraced by the organization head to ensure the organization and assets available
over the organization from unapproved access, and the viability (or absence of) these actions. A
5

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
compelling organization security plan ought to be formed considering the security issues,
possible assailants, the degree of safety required, and the variables that make an organization
helpless against assault. Instruments to lessen the weakness of the PC to the organization
incorporate encryption, confirmation components, interruption discovery, security the
executives, and firewalls
References:
Books and Journals
Brophy, J.M., 2018. Food for thought: a “low-tech” road to improved primary cardiovascular
prevention: adherence to dietary guidelines. Canadian Journal of Cardiology, 34(12),
pp.1551-1552.
Christodoulou, D., 2020. Teachers vs Tech?: The case for an ed tech revolution. Oxford
University Press-Children.
Direction, S., 2019. Driving innovation strategy in new hi-tech SMEs: Techniques for success.
Gnatenko, V and et.al., 2019. The Role of Foreign Market Knowledge in Internationalization of
B2B Born Global SMEs: A Case Study of Deep Tech Companies.
Hirota, O., 2020. Fisher information and quantum gyro sensor--Ikehara's interpretation of
quantum probability theory. IEICE Technical Report; IEICE Tech. Rep., 119(376),
pp.191-196.
Koike, M. and Mizuno, O., 2018. Rerouting between cluster heads in information-centric
networking-based wireless sensor network. IEICE Technical Report; IEICE Tech.
Rep., 117(460), pp.231-236.
Mawalim, C.O. and Unoki, M., 2020. Cochlear delay based audio information hiding with
segment selection optimization. IEICE Technical Report; IEICE Tech. Rep., 119(396),
pp.11-16.
Merigó, J.M et.al., 2018. Fifty years of Information Sciences: A bibliometric
overview. Information Sciences, 432, pp.245-268.
Socci, M et.al., 2021. Impact of working situation on mental and physical health for informal
caregivers of older people with Alzheimer’s disease in Italy. Results from the UP-TECH
longitudinal study. Aging & mental health, 25(1), pp.22-31.
Tomohiro, H. and Hattori, K., 2020. A Study of Reinforcement Learning-Based Automatic
Driving Control Using Information of Neighboring Vehicles through Inter-vehicle
Communication. IEICE Technical Report; IEICE Tech. Rep., 120(261), pp.75-75.
6
1 out of 8
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]