Hardware and Network Servicing: LO4: Determine Network Security
Hardware and Network Servicing: LO4: Determine Network Security
Hardware and Network Servicing: LO4: Determine Network Security
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 1 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Security refers to the measures taken to protect certain things or elements of information. There are three main
elements.
Confidentiality
This means keeping information secret and safe. It means controlling access to information so that only the
people with authorisation will access the information. No one else should have access to the information.
With Network Security this means keeping all information stored in a network environment confidential and
safe. This means keeping unauthorised people off the network and preventing them from browsing around and
accessing thing they have no authority to access.
Integrity
This refers to the correctness of information. It means making sure that the information is kept as it should be
and not altered or changed by unauthorised people. It also means protecting the information from changes or
corruption by other things like system or program failures or external events.
With Network Security this means keeping all information stored in a network environment as it should be.
Information includes user generated data, programs, computer services and processes (email, DNS, etc). This
means protecting information from unauthorised changes and deletion by people, network devices or external
influences.
Availability
This refers to the ability to access and use information. It means making sure that the information can be
accessed whenever it’s required. If information is not available it is useless.
With Network Security this means keeping all information stored in a network environment ready and
accessible to those who need it when they need it. Information includes user-generated data, programs,
computer services and processes (email, word processing application, etc).
Creating a security policy doesn't have to be a difficult task. Breaking down all necessary components can turn
an overwhelming task into one that is easily manageable and executable Planning. It is common for many
companies to notice a security problem and then immediately look for technology solutions to plug up the hole.
In the end, companies wonder why they have an abundance of solutions that do not efficiently secure company
assets. This is where planning becomes a necessity.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 2 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Planning your security policy requires a close analysis of employee behavior in different job roles and is also
the time for company security goals to be articulated. Having problems and goals evaluated simultaneously
makes it easier to come up with all-inclusive solutions that will be effective and advantageous for all. A good
rule of thumb when planning a security policy is to base the policy around risks rather than technology. A
policy should not change as the technology changes. A security policy should contain some important function
The security policy must be understandable
The security policy must be realistic
The security policy must be consistent
The security policy must be enforceable
The security policy must be documented, distributed and communicated properly.
A successful security policy needs to be flexible
A successful security policy must be reviewed.
The Planning Stage helps to address this, by focusing on employee behavior. This is crucial because, changes in
policy often start with changes in procedure. "Organizations need to understand that much of information
security and privacy work that needs to be done are people-based policies, procedures, training, and awareness
response activities.
There are three factors to keep in mind when planning your policy. The first requires you to express the goals of
your policy. What are you trying to accomplish? What are you trying to protect? The second step requires you
to scan the work environment and identify vulnerabilities that exist within current processes. The final step asks
you to create a plan of action that will help alleviate the faults. All are equal contributors to planning success.
Your security policy goals should run parallel with the goals set for your company. For example, if your
company is customer oriented, then a goal of your security policy should be to protect your customer and their
data through use of encryption and network security.
Furthermore, all parties should play a role in goal setting. This is crucial because if a security breach was to
occur, each department plays a different role in the recovery process, as well as in re-evaluating procedures for
policy improvement. Global involvement allows each department time to invest in the policy, ensuring a higher
level of cooperation when the time comes to implement the policy.
A company must examine existing procedures and identify all processes that pose a security risk. For example,
policies regarding data management; how data is protected during storage, how long it is kept and proper
methods for data deletion are common pains in the corporate world. Some questions that may help identify such
vulnerability include:
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 3 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Such questions should spur some thought as to what changes need to be made in order to begin alleviating the
risks that accompany current processes within departments.
Step 3: Creating a Plan of Action
After identifying which processes require change, create a plan of action for mitigating these risks. Each plan
should consider how long it will take for the each change to occur, what type of training is necessary for each
individual/department to meet the newly adopted standards and also what responsibilities each
individual/department can be held accountable for (i.e. how often are gap analyses regarding security
conducted and who conducts them.
Other challenges include budget limitations and optimizing upon security measures while still adhering to
auditing standards. Such measures "should be traceable from one document to another so that audits can easily
verify that policies are being enforced.
After procedures have been established, decision makers should be able to identify "which personnel roles are
responsible for which activities, which activities need to be logged, how often inspections and reviews are
done internally. They should also have followed up with a procedure for making additional changes to the
policy in the future.
Today’s security risks are diverse and overflowing — botnets, database breaches, phishing
Attacks, targeted cyber and others Security paradigm
Security Solutions
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 4 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Many network design, implementation, and operational choices can have a large impact on the cost
effectiveness of increasing security. The predominant costs associated with these options are the changes in
network implementation and operations.
• Password policy
• Regular audits
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 5 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
• Security Guards
A Virus is a “program or piece of code that is loaded onto your computer without your knowledge and
runs against your wishes.
An example of a virus would be if you opened an email and a malicious piece of code was downloaded
onto your computer causing your computer to freeze.
In relation to a network, if a virus is downloaded then all the computers in the network would be affected
because the virus would make copies of itself and spread itself across networks.
A worm is similar to a virus but a worm can run itself whereas a virus needs a host program to run.
Solution: Install a security suite, such as Kasper sky Total Protection that protects the computer against
threats such as viruses and worms.
1. Trojan Horses:
A Trojan horse is “a program in which malicious or harmful code is contained inside it appears that
harmless programming or data in such a way that it can get control and do its chosen form of damage,
such as corrupted the file allocation table on your hard disk.
In a network if a Trojan horse is installed on a computer and tampers with the file allocation table it
could cause a massive amount of damage to all computers of that network.
Solution: Security suites, such as Norton Internet Security, will prevent you from downloading Trojan
Horses.
2. SPAM:
SPAM is “flooding the Internet with many copies of the same message, in an attempt to force the
message on people who would not otherwise choose to receive it.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 6 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
SPAM may not be the biggest risk to a network because even though it may get maddening and plentiful
it still doesn’t destroy any physical elements of the network.
Solution: SPAM filters are an effective way to stop SPAM, these filters come with most of the e-mail
providers on line. Also you can buy a variety of SPAM filters that work effectively.
3. Phishing:
Phishing is “an e-mail fraud method in which the performer sends out legitimate-looking emails in an
attempt to gather personal and financial information from recipients.
phishing is one of the worst security threats over a network because a lot of people that use computers
linked up to a network are unpaid and would be very vulnerable to giving out information that could
cause situations such as theft of money or identity theft.
Solution: Similar to SPAM use Phishing filters to filter out this unwanted mail and to prevent threat.
4. Packet Sniffers:
A packet sniffer is a device or program that allows listen on traffic traveling between networked
computers. The packet sniffer will capture data that is addressed to other machines, saving it for later
analysis.
In a network a packet sniffer can filter out personal information and this can lead to areas such as
identity theft so this is a major security threat to a network.
Solution: “When strong encryption is used, all packets are unreadable to any but the destination address,
making packet sniffers useless. So one solution is to obtain strong encryption.
Malicious code is “Programming code that is capable of causing harm to availability, integrity of code or data, or
confidentiality in a computer system.
Solution: Using a security suite, such as AVG, can detect infected sites and try to prevent the user from
entering the site.
6. Password Attacks:
Password attacks are attacks by hackers that are able to determine passwords or find passwords to different
protected electronic areas.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 7 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Many systems on a network are password protected and hence it would be easy for a hacker to hack into the
systems and steal data.
This may be the easiest way to obtain private information because you are able to get software online that
obtains the password for you.
Hardware loss and residual data fragments are a growing worry for companies, governments etc.
An example this is if a number of laptops get stolen from a bank that have client details on them, this would
enable the thief’s to get personal information from clients and maybe steal the clients identities.
This is a growing concern and as of present the only solution is to keep data and hardware under strict
surveillance.
8. Shared Computers:
The following are a series of tips to follow when sharing computers: “Do not check the “Remember my ID
on this computer” box
Never leave a computer unattended while signed-in … Always sign out completely …Clear the browsers
cache … Keep an eye out for “shoulder surfers” … Avoid confidential transactions … Be wary of spy
ware … Never save passwords … Change your password often.
A zombie computer or “drone” is a computer that has been secretly compromised by hacking tools which
allow a third party to control the computer and its resources remotely.
A hacker could hack into a computer and control the computer and obtain data.
Solution: Network Intrusion Prevention (NIP) systems can help prevent botnets
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 8 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Note: A cracker is someone who breaks into someone else's computer system, often on a network; bypasses
passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker
can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there.
Some breaking-and-entering has been done ostensibly to point out weaknesses in a site's security system.
A security policy is a document that states in writing how a company plans to protect the company's physical
and information technology (IT) assets. A security policy is often considered to be a "living document",
meaning that the document is never finished, but is continuously updated as technology and employee
requirements change. A company's security policy may include an acceptable use policy, a description of how
the company plans to educate its employees about protecting the company's assets, an explanation of how
security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of
the security policy to ensure that necessary corrections will be made.
4.4 Security configuration with group policy object
One of the first security areas that you need to deal with when you deploy AD is account policy. Account policy
is the portion of a GPO's security settings that lets you set required password length, password complexity, and
intruder lockout for domain user accounts. To set account policy on a GPO, open the Microsoft Management
Console (MMC) Group Policy Object Editor, locate the GPO, and navigate to Computer
Configuration\Windows Settings\Security Settings\Account Policies under that GPO.
When you need an account policy to apply to AD domain logons (i.e., user accounts defined in AD), you need
to define that policy within a GPO that's linked to the domain because the domain controllers (DCs) in an AD
domain process only account policies that are contained in GPOs that are linked to the domain. DCs also ignore
three other security policies unless these policies are linked to the domain:
These three policies are located in Computer Configuration\Windows Settings Security Settings\Local
Policies\Security Options under the GPO.
You might wonder why Microsoft requires account policies and these three security policies to be in a domain-
linked GPO. When you promote a member server to a DC in an AD domain, AD stores the DC in the Domain
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 9 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Controllers OU by default. However, if you move a DC to another OU, the DC can then receive different
security policies. Account policies and the three specified security policies need to be consistent across all DCs,
so Microsoft designed the GPO processing code to ignore these policies unless they're linked to the domain,
thus ensuring that all DCs, regardless of location, receive the same policies. (Microsoft permits other security
policies, such as audit policy and restricted groups, to be different on DCs in different OUs.
The most misleading thing about Group Policy is its name—Group Policy is simply not a way of applying
policies to groups! Instead, Group Policy is applied to individual user accounts and computer accounts by
linking Group Policy Objects (GPOs
Security filtering is based on the fact that GPOs have access control lists (ACLs) associated with them. These
ACLs contain a series of ACEs for different security principals (user accounts, computer accounts, security
groups and built-in special identities), and you can view the default ACL on a typical GPO as follows:
More specifically, if you want a GPO to be processed by a security principal in a container linked to the GPO,
the security principal requires at a minimum the following permissions:
Allow Read
Allow Apply Group Policy
The actual details of the default ACEs for a newly created GPO are somewhat complex if you include advanced
permissions, but here are the essentials as far as security filtering is concerned:
Note that Domain Admins, Enterprise Admins and the SYSTEM built-in identity have additional permissions
(Write, Create, Delete) that let these users create and manage the GPO. The fact that Authenticated Users have
both Read and Apply Group Policy permission means that the settings in the GPO are applied to them when the
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 10 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
GPO is processed, that is, if they reside in a container to which the GPO is linked. But who exactly are
Authenticated Users? The membership of this special identity is all security principals that have been
authenticated by Active Directory. In other words, Authenticated Users includes all domain user accounts and
computer accounts that have been authenticated by a domain controller on the network. So what this means is
that by default the settings in a GPO apply to all user and computer accounts residing in the container linked to
the GPO.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 11 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Windows Firewall is a software component of Microsoft Windows that provides firewalling and packet filtering
functions. windows Firewall provides host-firewall protection on computers running Windows Server 2003
with Service Pack 1 (SP1) and Windows XP with Service Pack 2 (SP2). As a host firewall, Windows Firewall
runs on each of your servers and clients, providing protection from network attacks that pass through your
perimeter network or originate inside your organization, such as Trojan horse attacks, worms, or any other type
of malicious program spread through unwanted incoming traffic.
The following figure shows how Windows Firewall works in conjunction with perimeter network firewalls.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 12 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Windows Firewall inspects and filters all IP version 4 (IPv4) and IP version 6 (IPv6) network traffic. It is a
stateful firewall, which means it tracks the state of each network connection and determines whether incoming
traffic is allowed or blocked. Windows Firewall blocks incoming traffic unless it is in response to a request by
the host (in which case, it is asked for traffic) or has been specifically allowed (in which case, it has been added
to the Windows Firewall exceptions list). Aside from a few Internet Control Message Protocol (ICMP)
messages, Windows Firewall allows all outgoing traffic.
Windows Firewall is designed to be a supplemental security solution. You cannot use Windows Firewall as a
perimeter firewall. Windows Firewall should be part of a comprehensive security architecture that implements a
variety of security technologies, such as border routers, perimeter firewalls, interference detection systems,
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 13 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
virtual private networking (VPN), IEEE 802.1X authentication for wireless and wired connections, and Internet
Protocol security (IPsec).
Prevent virus infections: Anti-virus software is one of the main defenses against online problems. It
continually scans for viruses, including Trojans and worms. To be effective it must be kept up-to-date.
Without anti-virus software you are very vulnerable to computer viruses, including:
Identity theft.
Fraud.
Loss of data.
A slow or unusable computer.
Programs that you choose to install that may contain unwanted features.
Spam.
Against any kind of fraud or criminal activity online.
A hacker trying break into your computer over the internet.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 14 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
It is less effective (and mostly useless) if it is not kept up-to-date with the latest virus signatures.
A virus signature is like a criminal’s mug hot. Each time a new virus is released, security firms analyze it and
create a new signature that lets anti-virus software block the new virus.
For personal and home office use there are a number of basic choices that you can take to decide which anti-
virus software to buy.
Most anti-virus software companies sell a standalone program that only scans for viruses as well as security
suite packages that include other protective software such as a firewall, spam filtering, anti-spyware and so on.
Advantages of a suite: a suite should cover all the bases, share a single user interface and be easier and
cheaper than buying each individual program separately.
Drawbacks: while the anti-virus component should be good, sometimes the other elements in a suite
aren’t as good as the best of breed software from other suppliers. Also, some of the other components
may be available for free.
There are a number of anti-virus products that are free for personal or non-commercial use.
In most cases, these ‘free’ products are scaled-back versions of commercial products to which the software
manufacturer hopes you will, one day, upgrade. Unless getting free software is critical, it is preferable to buy a
fully-supported commercial product.
Several software developers offer free downloadable trial versions of their software that range from 3 to 12
months.
Price.
Review on reputable technical websites such as Cnet.
How easy it is to set up and use.
Level and quality of technical support, including the support website.
Frequency and responsiveness of signature updates. This is hard for most people to evaluate but well-
known and reputable software companies should be okay.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 15 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Then it is a matter of buying it or downloading it. Suppliers include: high street retailers, online retailers or
direct purchase and download from the software developers over the internet.
For networks of five or more computers and for business use, you should consider business versions of popular
anti-virus software that are designed to make installation, updating and management easier on multiple
computers.
Trend Micro.
Sophos.
Symantec.
F-Secure.
Kaspersky.
McAfee
Do not open any files attached to an email from an unknown, doubtful or untrustworthy source, no
matter how charming it may seem.
Switch on macro protection in Microsoft Office applications like Word and Excel.
You don’t have to use the anti-virus program that came with your new computer but if you decide to
stick with it, don’t forget to subscribe once the free trial period is over so that you stay up-to-date.
Only use one anti-virus program at a time. Uninstall one anti-virus program before you install another.
Providing you update virus signatures regularly, as a general rule, you don’t need to buy every single
new release of the anti-virus software to stay protected.
Free online scans are useful diagnostic tools but they are not a substitute for a proper anti-virus program
that is installed on your PC. Prevention is better than cure.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 16 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17
HARAR POLYTECHNIC COLLEGE
Written Test
Self-Check 1
Name:____________________ Date:_________________
Instruction: Answer all the questions listed below, if you have some clarifications- feel free to ask your teacher.
Learning Guide For Hardware and Version 1 Date: July: 2019 Page 17 of
Network Servicing Author: Harar Polytechnic College/ICT Department 17