Analysis of Secure Network Operations: Chapters 5 and 8 Summary

Verified

Added on 2022/08/21

AI Summary

This assignment provides a comprehensive summary of two chapters from a Secure Network Operations textbook. Chapter 5 focuses on network infrastructure, detailing the roles of routers, network switches, firewalls, and intrusion detection systems. It emphasizes how these components contribute to network connectivity, communication, and management. The chapter also discusses the importance of network infrastructure in enterprise IT environments. Chapter 8 shifts the focus to network security, highlighting methods to protect organizations from various threats. Key topics include access control, anti-malware strategies, network segmentation, and the CIA triad (Confidentiality, Integrity, Availability). The chapter also touches upon the BYOD (Bring Your Own Device) policy and its impact on network security. The assignment addresses discussion questions related to improving network infrastructure and the necessity of employee training for secure network usage.

Running head: SECURE NETWORK OPERATIONS
SECURE NETWORK OPERATIONS
Name of student
Name of university
Author’s note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
SECURE NETWORK OPERATIONS
Summary of chapter 5
This chapter describes the importance of the network infrastructure could be
considered as the software as well as the hardware resources of the complete network that
allows the network connectivity, operations, communication as well as the management of
any enterprise network. It allows the communication path as well as the services among the
processes, users, applications, external network as well as the services. The network
infrastructure is commonly the section of IT infrastructure found within majority of the
enterprise IT environments. The complete network infrastructure has been effectively
interconnected and it could be used for the internal communication, the external
communications or both of them. Any common network infrastructure mainly involves the
networking hardware, networking software and the network services.
A router could be described as the device whose primary task is forwarding the data
packets along the networks. The router has been connected to minimum two of the networks,
typically two LANs or the WANs or any LAN as well as the network of the ISP. The location
of typical router is at the gateway, which is the location where two or even more networks are
interconnected. Forwarding tables and the headers are used by the routers for determining the
most appropriate path for the forwarding of the packets, and it uses the protocols, for
example, ICMP for establishing communication among one another and then configure the
most appropriate router among the two hosts.
The network switch could be described as the switching hub or bridging hub which is
the networking hardware that helps in connecting the devices on any computer network by
the utilisation of the packet switching for receiving as well as forwarding data to intended
destination devices. Network switch could be considered as the multiport network bridge

2
SECURE NETWORK OPERATIONS
where the MAC addresses are used for forwarding the data at data link layer. Some of the
switches could also execute the task of forwarding data at network layer.
The firewall could be described as the device that is used in networking for the
monitoring of the incoming as well as the outgoing network traffic and either block or permit
the data packets on the basis of the set of the security rules. The sole purpose of the firewall is
establishing the barrier among the internal network as well as the incoming traffic from any
external sources for blocking any kind of malicious traffic such as viruses and the hackers.
The intrusion detection system could be described as the device or any software
application that helps in monitoring the systems or the network for any kind of malicious
activity or the policy violations. Any kind of intrusion activity or violations is commonly
reported by the administrator or it is gathered centrally with the help of the security
information as well as the event management system. The systems with the functionality of
response capabilities are commonly denoted as the intrusion prevention system.
Discussion question: What are the methods used in present times for improving the
network infrastructure?

3
SECURE NETWORK OPERATIONS
Summary of chapter 8
This chapter mainly provides the importance of network security for the organisations
and the methods by which the network of any organisation could be secured from the various
threats and vulnerabilities. The aspect of network security could be described as the practice
of protecting and preventing the network of any organisation against any unauthorised
intrusion into the corporate networks. Network security is mainly the procedure of taking the
software and physical prevention methods of protecting the underlying infrastructure of
networking from any kind of unauthorised misuse, access, modification, malfunction
improper disclosure or the destruction.
It helps in the creation of secured platform for the computers, programs and the users
for performing the allowed critical functions within secured environment. For the
implementation of network security extensively, there are various specialised methods and
kind of network security that could be implemented by the organisations. The most effective
method of securing the network of organisations is the access control. The access control
helps in blocking the unauthorised users as well as the devices from illegally accessing the
network. The users in the network are allowed the network access with the condition of
working with the restricted set of the resources that have been authorised. The anti-malware
helps the organisations in ensuring that the network is not affected by any kind of malware
created by the hackers. The worms, viruses as well as Trojans attempts in spreading across
the network and could affect the infected network for significant time period. The security
effort should be implemented for preventing the initial infection and root out the malware.
The insecure application are frequently the main vectors by which access is gained in
the network by the attackers. The companies in the present times are using the method of
network segmentation for securing the network. Network segmentation could be described as

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
SECURE NETWORK OPERATIONS
the division of the computer network into the smaller parts. The main intention is improving
the performance as well as the security of the network. The segmentation functions by the
controlling of how the traffic flows among various parts. The CIA triad is another security
policy that is used by the companies for ensuring that proper rules and regulations are
followed in the organisation. CIA triad includes the Confidentiality, Integrity and the
Availability.
This model has been designed for guiding the policies for implementing information
security within the organisations. In this context, the confidentiality is the collection of rules
that restricts the access to information, integrity could be described as the aspect of assurance
that all the information is accurate and trustworthy and availability is the assurance of
dependable access to information by the authorised people. BYOD policy mainly denotes to
employees who carry their personal computing devices in the companies for working and
using them along with the company provided devices. This policy helps the organisation to
effectively control the utilisation of the devices and boost the productivity of the employees.
Research question: Is training of the employees necessary for ensuring that the
organisational network is being used properly?