definition :
- protection of network n their services
- protects from : unauthorized modification , destruction n disclosure
- ensure d network performs it function correctly n no harmful side effect. ~
concepts :
-start with authentication (user)
- Firewall enforces access policies (whether allowed or not )
- antivirus or IPS help to detect n inhibit action of such as malware.
-audit (for analysis purpose)
-communication in network must be encrypted.
goal:
- confidentiality - privacy .
- integrity
- availability- ensure that network doesn't down n still up every time.
potential risk :
- email attachment -open attachment n worms or virus will spread on to network
- diversionary tactics - slip in attack another part of network while admin recovering the services
- blended attack - virus or worm may be execute themself and attack more than one platform
- renaming document - subject name changed causing the document can't be open by receiver.
